[#2]๐Fix: ํ ํฐ ๋ฐ๊ธ ๋ฐฉ์ ์์ #67
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# ํ์ํ Repo Secret ์ค์ | |
#### CI | |
# ${{ secrets.SUBMODULE_ACCESS_TOKEN }} : ๊นํ๋ธ ์ก์ธ์ค ํ ํฐ | |
#### CD | |
# ${{ secrets.DOCKER_ID }} : ๋์ปคํ๋ธ id | |
# ${{ secrets.DOCKER_PASSWORD }} : ๋์ปคํ๋ธ pw | |
# ${{ secrets.REMOTE_HOST_DEV }} : ๋ฐฐํฌ ์๋ฒ HOSTNAME | |
# ${{ secrets.REMOTE_PORT_DEV }} : ๋ฐฐํฌ ์๋ฒ PORT | |
# ${{ secrets.REMOTE_USERNAME_DEV }} : ๋ฐฐํฌ ์๋ฒ USERNAME | |
# ${{ secrets.REMOTE_SSH_KEY_DEV }} : ๋ฐฐํฌ ์๋ฒ ์ฐ๊ฒฐ์ ์ํ SSH KEY | |
name: Backend CI & CD (dev) | |
on: | |
pull_request: | |
branches: [main] | |
push: | |
branches: [main] | |
env: | |
CONTAINER_NAME: yesummit | |
jobs: | |
Continuous-Integration: | |
env: | |
PR_NUMBER: ${{ github.event.pull_request.number }} | |
# CI ์คํ (ํ๊ฒฝ์ github ์ ๊ณต) | |
runs-on: ubuntu-20.04 | |
steps: | |
# ์์ค์ฝ๋ ์ฒดํฌ์์ | |
- name: Checkout source code | |
uses: actions/checkout@v4 | |
with: | |
submodules: true | |
token: ${{ secrets.ACTION_TOKEN }} | |
ref: ${{ github.head_ref }} | |
- name: Install JDK 17 | |
uses: actions/setup-java@v4 | |
with: | |
java-version: '17' | |
distribution: 'zulu' | |
cache: 'gradle' | |
# Gradle Package Caching | |
- name: Caching Gradle packages | |
uses: actions/cache@v3 | |
with: | |
path: | | |
~/.gradle/caches | |
~/.gradle/wrapper | |
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
- name: Grant execute permission for gradle | |
run: chmod +x ./gradlew | |
# develop ๋ธ๋์น์ผ ๊ฒฝ์ฐ dev ํ๊ฒฝ ๋น๋ | |
# ํ์ฌ ํ ์คํธ ์ฝ๋๋ฅผ ๋ฐ๋ก ์์ฑํ์ง ์์. test ์์ด ๋น๋ํจ | |
- name: create build file | |
run: ./gradlew clean build -x test -i --no-daemon -Dspring.profiles.active=prod | |
# push event์ผ ๊ฒฝ์ฐ CD job์ jar file ์ ๋ก๋ | |
- name: (Push) Archive production artifacts | |
if: github.event_name == 'push' | |
uses: actions/upload-artifact@v4 | |
with: | |
name: build | |
path: build/libs/*.jar | |
Continuous-Deploy: | |
# push ํ๋ ๊ฒฝ์ฐ์๋ง ๋ฐฐํฌ JOB ์คํ | |
if: github.event_name == 'push' | |
needs: Continuous-Integration | |
runs-on: ubuntu-latest | |
steps: | |
# ์์ค์ฝ๋ ๊ฐ์ ธ์ค๊ธฐ | |
- name: Checkout source code | |
uses: actions/checkout@v4 | |
# ์ด์ Job์์ ์ ๋ก๋ํ Jar file ๋ค์ด๋ก๋ | |
- name : Download a built Jar File | |
uses: actions/download-artifact@v4 | |
with: | |
name: build | |
path: build/libs | |
# Docker Buildx Setting | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
# Docker Login | |
- name: Docker Login | |
uses: docker/[email protected] | |
with: | |
# Username used to log against the Docker registry | |
username: ${{ secrets.DOCKER_ID }} | |
# Password or personal access token used to log against the Docker registry | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
# Docker Build & Push | |
- name: Docker Build and push | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
file: ./Dockerfile-dev | |
platforms: linux/amd64 | |
push: true | |
tags: | | |
${{ secrets.DOCKER_ID }}/${{ env.CONTAINER_NAME }}:${{github.run_number}} | |
${{ secrets.DOCKER_ID }}/${{ env.CONTAINER_NAME }}:latest | |
cache-from: type=gha # gha=Github Action Cache | |
cache-to: type=gha,mode=max | |
- name: Create and execute deploy script | |
run: | | |
echo '#!/bin/bash' > deploy.sh | |
echo 'sudo docker rm -f ${{ env.CONTAINER_NAME }}' >> deploy.sh | |
echo 'sudo docker rmi ${{ secrets.DOCKER_ID }}/${{ env.CONTAINER_NAME }}' >> deploy.sh | |
echo 'sudo docker pull ${{ secrets.DOCKER_ID }}/${{ env.CONTAINER_NAME }}' >> deploy.sh | |
echo 'sudo docker run -d -p 8080:8080 --add-host host.docker.internal:host-gateway --restart=unless-stopped --log-opt max-size=10m --log-opt max-file=3 --name ${{ env.CONTAINER_NAME }} ${{ secrets.DOCKER_ID }}/${{ env.CONTAINER_NAME }}' >> deploy.sh | |
- name: Transfer Deploy Script use SCP | |
uses: appleboy/scp-action@master | |
with: | |
host: ${{ secrets.REMOTE_HOST_DEV }} | |
port: ${{ secrets.REMOTE_PORT_DEV }} | |
username: ${{ secrets.REMOTE_USERNAME_DEV }} | |
key: ${{ secrets.REMOTE_SSH_KEY_DEV }} | |
source: deploy.sh | |
target: /home/${{ secrets.REMOTE_USERNAME_DEV }}/deploy | |
# SSH Connect | |
- name: Execute Server Init Script | |
uses: appleboy/ssh-action@master | |
with: | |
host: ${{ secrets.REMOTE_HOST_DEV }} | |
port: ${{ secrets.REMOTE_PORT_DEV }} | |
username: ${{ secrets.REMOTE_USERNAME_DEV }} | |
key: ${{ secrets.REMOTE_SSH_KEY_DEV }} | |
script_stop: true | |
script: | | |
chmod +x /home/${{ secrets.REMOTE_USERNAME_DEV }}/deploy/deploy.sh && sh /home/${{ secrets.REMOTE_USERNAME_DEV }}/deploy/deploy.sh |