Merge pull request #375 from woowacourse-teams/develop #11
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Backend Prod CD | |
on: | |
workflow_dispatch: | |
push: | |
branches: ['main'] | |
jobs: | |
detect-changes: | |
runs-on: ubuntu-latest | |
permissions: | |
pull-requests: read | |
outputs: | |
backend: ${{ steps.filter.outputs.backend }} | |
frontend: ${{ steps.filter.outputs.frontend }} | |
manual: ${{ steps.manual-check.outputs.manual }} | |
steps: | |
- id: manual-check | |
if: ${{ github.event_name == 'workflow_dispatch' }} | |
run: echo "manual=true" >> "$GITHUB_OUTPUT" | |
- uses: actions/checkout@v4 # Push 이벤트이기 때문에 checkout 해야 함 | |
with: | |
ref: main | |
submodules: recursive | |
token: ${{ secrets.PAT_TOKEN }} | |
- uses: dorny/paths-filter@v3 | |
if: ${{ github.event_name != 'workflow_dispatch' }} | |
id: filter | |
with: | |
base: 'main' # 해당 브랜치의 last commit과 변경점 비교 | |
filters: | | |
backend: | |
- 'backend/**' | |
frontend: | |
- 'frontend/**' | |
be-build: | |
needs: detect-changes | |
if: ${{ needs.detect-changes.outputs.backend == 'true' || needs.detect-changes.outputs.manual == 'true' }} | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
shell: bash | |
working-directory: ./backend | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: main | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v4 | |
with: | |
java-version: '17' | |
distribution: 'temurin' | |
cache: gradle | |
- name: Setup Gradle | |
uses: gradle/actions/setup-gradle@v3 | |
- name: Grant gradlew execute permission | |
run: chmod +x ./gradlew | |
- name: Build with Gradle (clean) | |
run: ./gradlew clean bootJar | |
# Docker 이미지 빌드 | |
- name: Docker image build | |
run: docker build -t ${{ secrets.DOCKERHUB_USERNAME }}/momo-api-prod . | |
# DockerHub 로그인 | |
- name: Docker login | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
# Docker Hub 이미지 푸시 | |
- name: Docker Hub push | |
run: docker push ${{ secrets.DOCKERHUB_USERNAME }}/momo-api-prod | |
be-depoly: | |
needs: be-build | |
runs-on: [self-hosted, linux, ARM64, prod] | |
defaults: | |
run: | |
shell: bash | |
working-directory: ./ | |
steps: | |
- name: checkout security submodule | |
uses: actions/checkout@v4 | |
with: | |
repository: woowacourse-teams/2024-momo-config | |
token: ${{ secrets.PAT_TOKEN }} | |
- name: copy security config | |
run: mkdir -p $HOME/security; \cp -f *.yml ~/security | |
# 1. 최신 도커 이미지 pull | |
- name: docker pull | |
run: docker pull ${{ secrets.DOCKERHUB_USERNAME }}/momo-api-prod | |
# 2. 기존 컨테이너 중지 | |
- name: docker stop container | |
run: docker stop $(docker ps -q) 2>/dev/null || true | |
# 3. 도커 컨테이너 실행 | |
- name: docker run new container | |
run: >- | |
docker run --name momo-api-prod | |
--rm -d -p 8080:8080 | |
--volume=$HOME/security:/momo/security:ro | |
--volume=$HOME/logs:/momo/logs | |
--env SPRING_PROFILE=prod | |
${{ secrets.DOCKERHUB_USERNAME }}/momo-api-prod | |
# 4. 미사용 이미지를 정리 | |
- name: delete old docker image | |
run: docker system prune -f |