[CI/CD] dev 브랜치 최신화 반영하여 배포 #96
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD | |
| on: | |
| push: | |
| branches: [ "main" ] | |
| pull_request: | |
| branches: [ "main" ] | |
| jobs: | |
| build: | |
| # Workflow가 실행되는 vm의 OS 지정 | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| # Repository 코드를 Workflow 환경으로 가져오기 | |
| - uses: actions/checkout@v4 | |
| # Java 17 설정 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| # yml 파일의 환경변수 설정 | |
| - name: Set yml file | |
| uses: microsoft/variable-substitution@v1 | |
| with: | |
| files: ./src/main/resources/application.yml | |
| env: | |
| spring.datasource.url: ${{ secrets.DB_MYSQL_URL }} | |
| spring.datasource.username: ${{ secrets.DB_MYSQL_USERNAME }} | |
| spring.datasource.password: ${{ secrets.DB_MYSQL_PASSWORD }} | |
| aladin.api.ttbkey: ${{ secrets.ALADIN_TTB_KEY }} | |
| swagger.server.http-url: ${{ secrets.SERVER_HTTP_URL }} | |
| swagger.server.https-url: ${{ secrets.SERVER_HTTPS_URL }} | |
| jwt.secret: ${{ secrets.JWT_SECRET }} | |
| jwt.access-token-validity: ${{ secrets.JWT_ACCESS_VALIDITY }} | |
| jwt.refresh-token-validity: ${{ secrets.JWT_REFRESH_VALIDITY }} | |
| spring.security.oauth2.client.registration.google.client-id: ${{ secrets.OAUTH_GOOGLE_ID }} | |
| spring.security.oauth2.client.registration.google.client-secret: ${{ secrets.OAUTH_GOOGLE_SECRET }} | |
| spring.security.oauth2.client.registration.google.redirect-uri: ${{ secrets.SERVER_HTTPS_URL }}/login/oauth2/code/google | |
| spring.security.oauth2.client.registration.apple.client-id: ${{ secrets.OAUTH_APPLE_CID }} | |
| spring.security.oauth2.client.registration.apple.client-secret: ${{ secrets.OAUTH_APPLE_P8 }} | |
| spring.security.oauth2.client.registration.apple.redirect-uri: ${{ secrets.SERVER_HTTPS_URL }}/login/oauth2/code/apple | |
| apple.key-content: ${{ secrets.OAUTH_APPLE_P8_KEY_CONTENT }} | |
| apple.cid: ${{ secrets.OAUTH_APPLE_CID }} | |
| apple.tid: ${{ secrets.OAUTH_APPLE_TID }} | |
| apple.kid: ${{ secrets.OAUTH_APPLE_KID }} | |
| # 실행 속도 향상을 위한 Gradle 종속성 캐싱 | |
| - name: Setup Gradle | |
| uses: gradle/actions/setup-gradle@af1da67850ed9a4cedd57bfd976089dd991e2582 # v4.0.0 | |
| # gradlew 파일에 실행 권한 부여 | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x gradlew | |
| # Spring Boot 애플리케이션 빌드 | |
| - name: Build with Gradle Wrapper | |
| run: ./gradlew build | |
| # Docker 이미지 빌드 | |
| - name: docker image build | |
| run: docker build --build-arg TZ=Asia/Seoul -t ${{ secrets.DOCKERHUB_USERNAME }}/mercury-server . | |
| # DockerHub 로그인 | |
| - name: docker login | |
| uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
| # DockerHub 이미지 푸시 | |
| - name: docker Hub push | |
| run: docker push ${{ secrets.DOCKERHUB_USERNAME }}/mercury-server | |
| deploy: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| # EC2에 배포 | |
| - name: Deploy to EC2 | |
| uses: appleboy/ssh-action@master | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USERNAME }} | |
| key: ${{ secrets.EC2_SSH_KEY }} | |
| script: | | |
| docker pull ${{ secrets.DOCKERHUB_USERNAME }}/mercury-server | |
| docker stop $(docker ps -q) || true | |
| docker rm $(docker ps -a -q) || true | |
| # 사용하지 않는 이미지 정리 | |
| docker image prune -f | |
| docker run -d -e TZ=Asia/Seoul -p 8080:8080 ${{ secrets.DOCKERHUB_USERNAME }}/mercury-server |