Merge pull request #282 from Modagbul/main #37
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CD-prod | |
on: | |
push: | |
branches: [ "release" ] | |
permissions: | |
contents: read | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
env: | |
working-directory: ./ | |
APPLICATION: ${{ secrets.APPLICATION_PROD }} | |
GOOGLE_APPLICATION_CREDENTIALS: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS_PROD }} | |
APPLE_KEY: ${{ secrets.APPLE_KEY_PROD }} | |
steps: | |
# 소스 코드 체크아웃 | |
- uses: actions/checkout@v2 | |
# JDK 11 설정 | |
- name: Set up JDK 11 | |
uses: actions/setup-java@v2 | |
with: | |
java-version: '11' | |
distribution: 'adopt' | |
# Gradle 패키지 캐시 | |
- name: Cache Gradle packages | |
uses: actions/cache@v2 | |
with: | |
path: | | |
~/.gradle/caches | |
~/.gradle/wrapper | |
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
restore-keys: | | |
${{ runner.os }}-gradle- | |
# 설정 파일 생성 | |
- run: | | |
cd ./src/main/resources | |
touch ./application.yml | |
echo "${{env.APPLICATION}}" > ./application.yml | |
touch ./firebase-key.json | |
echo "${{env.GOOGLE_APPLICATION_CREDENTIALS}}" | base64 --decode > ./firebase-key.json | |
touch ./apple-key.p8 | |
echo "${{env.APPLE_KEY}}" > ./apple-key.p8 | |
# 설정 파일을 작업공간에 저장 | |
- uses: actions/upload-artifact@v2 | |
with: | |
name: application.yml | |
path: ./src/main/resources/application.yml | |
- uses: actions/upload-artifact@v2 | |
with: | |
name: firebase-key.json | |
path: ./src/main/resources/firebase-key.json | |
- uses: actions/upload-artifact@v2 | |
with: | |
name: apple-key.p8 | |
path: ./src/main/resources/apple-key.p8 | |
# gradlew 권한 설정 | |
- name: Grant execute permission for gradlew | |
run: chmod +x gradlew | |
working-directory: ${{ env.working-directory }} | |
# Gradle로 빌드 | |
- name: Build with Gradle | |
run: ./gradlew build | |
working-directory: ${{ env.working-directory }} | |
# Gradle 캐시 정리 | |
- name: Cleanup Gradle Cache | |
if: ${{ always() }} | |
run: | | |
rm -f ~/.gradle/caches/modules-2/modules-2.lock | |
rm -f ~/.gradle/caches/modules-2/gc.properties | |
# Docker 이미지 빌드 및 푸시 | |
- name: Docker build | |
run: | | |
docker build --no-cache -f ./.deploy/prod_dockerfile -t ${{ secrets.DOCKER_USERNAME_PROD }}/moing_prod:green . | |
docker build --no-cache -f ./.deploy/prod_dockerfile -t ${{ secrets.DOCKER_USERNAME_PROD }}/moing_prod:blue . | |
- name: Docker Hub Login | |
uses: docker/login-action@v1 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME_PROD }} | |
password: ${{ secrets.DOCKER_PASSWORD_PROD }} | |
- name: Docker push | |
run: | | |
docker push ${{ secrets.DOCKER_USERNAME_PROD }}/moing_prod:green | |
docker push ${{ secrets.DOCKER_USERNAME_PROD }}/moing_prod:blue | |
# EC2로 deploy.sh 전송 | |
- name: Deploy deploy.sh to EC2 | |
uses: appleboy/scp-action@master | |
with: | |
host: ${{ secrets.EC2_SERVER_HOST_PROD }} | |
username: ec2-user | |
key: ${{ secrets.PRIVATE_KEY_PROD }} | |
source: "./.deploy/deploy_prod.sh" | |
target: "/home/ec2-user/" | |
# 배포 스크립트 실행 | |
- name: Deploy on EC2 | |
uses: appleboy/ssh-action@master | |
with: | |
host: ${{ secrets.EC2_SERVER_HOST_PROD }} | |
username: ec2-user | |
key: ${{ secrets.PRIVATE_KEY_PROD }} | |
envs: GITHUB_SHA | |
script: | | |
chmod +x /home/ec2-user/deploy_prod.sh | |
/home/ec2-user/deploy_prod.sh |