-
Notifications
You must be signed in to change notification settings - Fork 0
133 lines (112 loc) · 4.36 KB
/
dev.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
name: Java CI with Gradle
on:
push:
branches: [ "dev" ]
pull_request:
branches: [ "dev" ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout the repository
uses: actions/checkout@v3
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'temurin'
# 환경별 yml 파일 생성(1) - application.yml
- name: make application.yml
if: |
contains(github.ref, 'dev') ||
(github.event_name == 'pull_request')
run: |
mkdir ./src/main/resources # resources 폴더 생성
cd ./src/main/resources # resources 폴더로 이동
touch ./application.yml # application.yml 생성
echo "${{ secrets.YML }}" > ./application.yml # github actions에서 설정한 값을 application.yml 파일에 쓰기
shell: bash
# 환경별 yml 파일 생성(2) - dev
- name: make application-dev.yml
if: |
contains(github.ref, 'dev') ||
(github.event_name == 'pull_request')
run: |
cd ./src/main/resources
touch ./application-dev.yml
echo "${{ secrets.YML_DEV }}" > ./application-dev.yml
shell: bash
# 환경별 yml 파일 생성(3) - oauth
- name: make application-oauth.yml
if: |
contains(github.ref, 'dev') ||
(github.event_name == 'pull_request')
run: |
cd ./src/main/resources
touch ./application-oauth.yml
echo "${{ secrets.YML_OAUTH }}" > ./application-oauth.yml
shell: bash
# 환경별 yml 파일 생성(3) - jwt
- name: make application-jwt.yml
if: |
contains(github.ref, 'dev') ||
(github.event_name == 'pull_request')
run: |
cd ./src/main/resources
touch ./application-jwt.yml
echo "${{ secrets.YML_JWT }}" > ./application-jwt.yml
shell: bash
# Gradle Build (test는 제외)
- name: Build with Gradle
run: ./gradlew build -x test
# 도커 허브에 로그인
- name: Docker Hub Login
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_USER_NAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build Docker image
run: docker build -t ${{ secrets.DOCKER_USER_NAME }}/eatmate .
- name: Push Docker image
run: docker push ${{ secrets.DOCKER_USER_NAME }}/eatmate
deploy:
runs-on: ubuntu-latest
needs: build
if: github.event_name == 'push'
steps:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ap-northeast-2
- name: Get Public IP
id: ip
uses: haythem/public-ip@v1.3
- name: Add GitHub Actions IP to Security Group
run: |
aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32
- name: Deploy to EC2
uses: appleboy/ssh-action@v1.0.3
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.EC2_USER }}
key: ${{ secrets.SSH_PRIVATE_KEY }}
port: 22
script: |
EXISTING_CONTAINER_ID=$(sudo docker ps -q -f "publish=8080" -f "status=running")
if [ ! -z "$EXISTING_CONTAINER_ID" ]; then
sudo docker stop $EXISTING_CONTAINER_ID
sudo docker rm $EXISTING_CONTAINER_ID
fi
EXISTING_CONTAINER_ID=$(sudo docker ps -q -f "status=exited")
if [ ! -z "$EXISTING_CONTAINER_ID" ]; then
sudo docker rm $EXISTING_CONTAINER_ID
fi
sudo docker pull ${{ secrets.DOCKER_USER_NAME }}/eatmate
sudo docker run --name spring -d -p 8080:8080 -e TZ=Asia/Seoul ${{ secrets.DOCKER_USER_NAME }}/eatmate
sudo docker image prune -a -f
debug: true # Enable debugging output
- name: Remove GitHub Actions IP From Security Group
run: |
aws ec2 revoke-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32