Skip to content

prod: test33 (#prod) #33

prod: test33 (#prod)

prod: test33 (#prod) #33

Workflow file for this run

name: Deploy to PROD
on:
workflow_dispatch:
push:
branches: [ "prod" ]
jobs:
ip-setup:
runs-on: ubuntu-latest
steps:
- name: Github Actions 호스트 IP 가져오기
id: ip
uses: haythem/public-ip@bdddd92c198b0955f0b494a8ebeac529754262ff
- name: IP 설정
run: |
echo "AWS_DEFAULT_REGION=${{ secrets.AWS_DEFAULT_REGION }}" >> $GITHUB_ENV
echo "AWS_SECURITY_GROUP_NAME=${{ secrets.AWS_SECURITY_GROUP_NAME }}" >> $GITHUB_ENV
- name: AWS 로그인
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
- name: IP 허용
run: |
aws ec2 authorize-security-group-ingress --group-name ${{ secrets.AWS_SECURITY_GROUP_NAME }} --protocol tcp --port ${{ secrets.PROD_EC2_PORT }} --cidr ${{ steps.ip.outputs.ipv4 }}/32
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
- name: IP를 파일로 저장
run: echo "${{ steps.ip.outputs.ipv4 }}" > ip_address.txt
- name: IP 주소를 아티팩트로 업로드
uses: actions/upload-artifact@v3
with:
name: ip-address
path: ip_address.txt
deploy:
needs: [ ip-setup ]
runs-on: ubuntu-latest
steps:
- name: 아티팩트에서 IP 주소 읽어 저장하기
uses: actions/download-artifact@v3
with:
name: ip-address
path: .
- name: IP 주소 읽기
run: |
IP_ADDRESS=$(cat ip_address.txt)
echo "IP_ADDRESS=${IP_ADDRESS}" >> $GITHUB_ENV
- name: 저장소 Checkout
uses: actions/checkout@v4
- name: 자바 17 셋업
uses: actions/setup-java@v4
with:
java-version: '17'
cache: 'gradle'
distribution: 'corretto'
- name: 설정 파일 추가
run: |
cd ./src/main/resources/
cat <<EOF > application-prod.yml
${{ secrets.APPLICATION_PROD_YML }}
EOF
cat <<EOF > application-oauth.yml
${{ secrets.APPLICATION_OAUTH_YML }}
EOF
cat <<EOF > application-storage.yml
${{ secrets.APPLICATION_STORAGE_YML }}
EOF
- name: 애플리케이션 빌드
run: |
cd /home/runner/work/ListyWave-back/ListyWave-back/
./gradlew bootJar
- name: Gradle 캐시
uses: actions/cache@v4
with:
path: ~/.gradle/caches
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
restore-keys: |
${{ runner.os }}-gradle-
- name: 도커 이미지 빌드
run: docker build -t ${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.IMAGE_NAME }}:${{ secrets.PROD_TAG }} ./
- name: 도커 허브에 로그인
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
- name: 도커 허브에 Push
run: docker push ${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.IMAGE_NAME }}:${{ secrets.PROD_TAG }}
- name: 인스턴스 접속 및 배포 스크립트 실행
uses: appleboy/[email protected]
with:
host: ${{ secrets.PROD_EC2_HOST }}
username: ${{ secrets.PROD_EC2_USERNAME }}
key: ${{ secrets.PROD_EC2_PRIVATE_KEY }}
script_stop: true
script: |
docker stop "${{ secrets.PROD_CONTAINER_NAME }}"
docker rm -f "${{ secrets.PROD_CONTAINER_NAME }}"
docker rmi "${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.IMAGE_NAME }}:${{ secrets.PROD_TAG }}"
docker pull "${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.IMAGE_NAME }}:${{ secrets.PROD_TAG }}"
docker run -d -p 8080:8080 --name "${{ secrets.PROD_CONTAINER_NAME }}" "${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.IMAGE_NAME }}:${{ secrets.PROD_TAG }}"
- name: IP 제거
if: ${{ always() }}
run: |
aws ec2 revoke-security-group-ingress --group-name ${{ secrets.AWS_SECURITY_GROUP_NAME }} --protocol tcp --port ${{ secrets.PROD_EC2_PORT }} --cidr ${{ env.IP_ADDRESS }}/32
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}