Skip to content

feat: 권한 설정 수정 #25

feat: 권한 설정 수정

feat: 권한 설정 수정 #25

Workflow file for this run

# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle
name: Java CI with Gradle
on:
push:
branches: [ "main" ]
jobs:
ci:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v4
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'temurin'
# 1. .env 파일 생성 (여러 줄을 한번에 파일에 작성)
- name: Create .env file
run: |
cat <<EOF > .env
DB_URL=${{ secrets.DB_URL }}
DB_USERNAME=${{ secrets.DB_USERNAME }}
DB_PASSWORD=${{ secrets.DB_PASSWORD }}
OAUTH_CLIENT_ID=${{ secrets.OAUTH_CLIENT_ID }}
OAUTH_CLIENT_SECRET=${{ secrets.OAUTH_CLIENT_SECRET }}
BASE_URL=${{ secrets.BASE_URL }}
JWT_SECRET=${{ secrets.JWT_SECRET }}
JWT_EXPIRATION=${{ secrets.JWT_EXPIRATION }}
REDIRECT_URL=${{ secrets.REDIRECT_URL }}
JWT_COOKIE_DOMAIN=${{ secrets.JWT_COOKIE_DOMAIN }}
JWT_COOKIE_SECURE=${{ secrets.JWT_COOKIE_SECURE }}
EOF
# Configure Gradle for optimal use in GitHub Actions, including caching of downloaded dependencies.
# See: https://github.com/gradle/actions/blob/main/setup-gradle/README.md
- name: Setup Gradle
uses: gradle/actions/setup-gradle@af1da67850ed9a4cedd57bfd976089dd991e2582 # v4.0.0
- name: Build with Gradle Wrapper
run: ./gradlew build
# 3. Docker 이미지 빌드
- name: docker image build
run: docker build -t ${{ secrets.DOCKERHUB_USERNAME }}/groomthon-univ .
# 4. DockerHub 로그인
- name: docker login
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
# 5. Docker Hub 이미지 푸시
- name: docker Hub push
run: docker push ${{ secrets.DOCKERHUB_USERNAME }}/groomthon-univ
cd:
needs: ci
runs-on: self-hosted
steps:
# 1. 기존의 컨테이너를 중지시킵니다
- name: Stop existing containers
run: sudo docker stop $(sudo docker ps -q) 2>/dev/null || true
# 2. 기존의 컨테이너를 제거합니다
- name: Remove existing containers
run: sudo docker rm $(sudo docker ps -a -q) 2>/dev/null || true
# 3. 기존의 이미지를 제거합니다
- name: Remove existing images
run: sudo docker rmi $(sudo docker images -q) 2>/dev/null || true
# 4. 사용하지 않는 볼륨을 제거합니다
- name: Remove unused volumes
run: sudo docker volume prune -f
# 5. Git 최신 상태로 업데이트 (git pull)
- name: Pull latest changes
run: |
cd /home/ec2-user/Backend
git pull origin main
# 6. 최신 이미지를 컨테이너화하여 실행시킵니다
- name: Run new containers with docker-compose
run: sudo docker-compose -f /home/ec2-user/Backend/docker-compose.prod.yml up --build -d
# 7. 미사용 이미지를 정리합니다
- name: Delete old docker images and resources
run: sudo docker system prune -f
# dependency-submission:
# runs-on: ubuntu-latest
# permissions:
# contents: write
# steps:
# - uses: actions/checkout@v4
# - name: Set up JDK 17
# uses: actions/setup-java@v4
# with:
# java-version: '17'
# distribution: 'temurin'
# # Generates and submits a dependency graph, enabling Dependabot Alerts for all project dependencies.
# # See: https://github.com/gradle/actions/blob/main/dependency-submission/README.md
# - name: Generate and submit dependency graph
# uses: gradle/actions/dependency-submission@af1da67850ed9a4cedd57bfd976089dd991e2582 # v4.0.0