-
Notifications
You must be signed in to change notification settings - Fork 2
145 lines (125 loc) · 4.93 KB
/
deploy-prod.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
# 필요한 Repo Secret 설정
#### CI
# ${{ secrets.SUBMODULE_ACCESS_TOKEN }} : 깃허브 액세스 토큰
#### CD
# ${{ secrets.DOCKER_ID }} : 도커허브 id
# ${{ secrets.DOCKER_PASSWORD }} : 도커허브 pw
# ${{ secrets.REMOTE_HOST_DEV }} : 배포 서버 HOSTNAME
# ${{ secrets.REMOTE_PORT_DEV }} : 배포 서버 PORT
# ${{ secrets.REMOTE_USERNAME_DEV }} : 배포 서버 USERNAME
# ${{ secrets.REMOTE_SSH_KEY_DEV }} : 배포 서버 연결을 위한 SSH KEY
name: Backend CI & CD (dev)
on:
pull_request:
branches: [main]
push:
branches: [main]
env:
CONTAINER_NAME: yesummit
jobs:
Continuous-Integration:
env:
PR_NUMBER: ${{ github.event.pull_request.number }}
# CI 실행 (환경은 github 제공)
runs-on: ubuntu-20.04
steps:
# 소스코드 체크아웃
- name: Checkout source code
uses: actions/checkout@v4
with:
submodules: true
token: ${{ secrets.ACTION_TOKEN }}
ref: ${{ github.head_ref }}
- name: Install JDK 17
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'zulu'
cache: 'gradle'
# Gradle Package Caching
- name: Caching Gradle packages
uses: actions/cache@v3
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
- name: Grant execute permission for gradle
run: chmod +x ./gradlew
# develop 브랜치일 경우 dev 환경 빌드
# 현재 테스트 코드를 따로 작성하지 않아. test 없이 빌드함
- name: create build file
run: ./gradlew clean build -x test -i --no-daemon -Dspring.profiles.active=prod
# push event일 경우 CD job에 jar file 업로드
- name: (Push) Archive production artifacts
if: github.event_name == 'push'
uses: actions/upload-artifact@v4
with:
name: build
path: build/libs/*.jar
Continuous-Deploy:
# push 하는 경우에만 배포 JOB 실행
if: github.event_name == 'push'
needs: Continuous-Integration
runs-on: ubuntu-latest
steps:
# 소스코드 가져오기
- name: Checkout source code
uses: actions/checkout@v4
# 이전 Job에서 업로드한 Jar file 다운로드
- name : Download a built Jar File
uses: actions/download-artifact@v4
with:
name: build
path: build/libs
# Docker Buildx Setting
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
# Docker Login
- name: Docker Login
uses: docker/[email protected]
with:
# Username used to log against the Docker registry
username: ${{ secrets.DOCKER_ID }}
# Password or personal access token used to log against the Docker registry
password: ${{ secrets.DOCKER_PASSWORD }}
# Docker Build & Push
- name: Docker Build and push
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile-dev
platforms: linux/amd64
push: true
tags: |
${{ secrets.DOCKER_ID }}/${{ env.CONTAINER_NAME }}:${{github.run_number}}
${{ secrets.DOCKER_ID }}/${{ env.CONTAINER_NAME }}:latest
cache-from: type=gha # gha=Github Action Cache
cache-to: type=gha,mode=max
- name: Create and execute deploy script
run: |
echo '#!/bin/bash' > deploy.sh
echo 'sudo docker rm -f ${{ env.CONTAINER_NAME }}' >> deploy.sh
echo 'sudo docker rmi ${{ secrets.DOCKER_ID }}/${{ env.CONTAINER_NAME }}' >> deploy.sh
echo 'sudo docker pull ${{ secrets.DOCKER_ID }}/${{ env.CONTAINER_NAME }}' >> deploy.sh
echo 'sudo docker run -d -p 8080:8080 --add-host host.docker.internal:host-gateway --restart=unless-stopped --log-opt max-size=10m --log-opt max-file=3 --name ${{ env.CONTAINER_NAME }} ${{ secrets.DOCKER_ID }}/${{ env.CONTAINER_NAME }}' >> deploy.sh
- name: Transfer Deploy Script use SCP
uses: appleboy/scp-action@master
with:
host: ${{ secrets.REMOTE_HOST_DEV }}
port: ${{ secrets.REMOTE_PORT_DEV }}
username: ${{ secrets.REMOTE_USERNAME_DEV }}
key: ${{ secrets.REMOTE_SSH_KEY_DEV }}
source: deploy.sh
target: /home/${{ secrets.REMOTE_USERNAME_DEV }}/deploy
# SSH Connect
- name: Execute Server Init Script
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.REMOTE_HOST_DEV }}
port: ${{ secrets.REMOTE_PORT_DEV }}
username: ${{ secrets.REMOTE_USERNAME_DEV }}
key: ${{ secrets.REMOTE_SSH_KEY_DEV }}
script_stop: true
script: |
chmod +x /home/${{ secrets.REMOTE_USERNAME_DEV }}/deploy/deploy.sh && sh /home/${{ secrets.REMOTE_USERNAME_DEV }}/deploy/deploy.sh