Update main.yml

hackersground-kr · Aug 26, 2024 · 1588859 · 1588859
1 parent 46eeab1
commit 1588859
Showing 1 changed file with 21 additions and 25 deletions.
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -7,7 +7,6 @@ on:
       - master
 
 permissions:
-  id-token: write
   contents: read
 
 jobs:
@@ -17,7 +16,7 @@ jobs:
       AZURE_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }}
       AZURE_TENANT_ID: ${{ vars.AZURE_TENANT_ID }}
       AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
-      AZURE_RESOURCE_GROUP: ${{ vars.AZURE_RESOURCE_GROUP }}
+      AZURE_RESOURCE_GROUP: ${{ secrets.AZURE_RESOURCE_GROUP }}
       AZURE_LOCATION: ${{ vars.AZURE_LOCATION }}
       AZURE_ENV_NAME: ${{ vars.AZURE_ENV_NAME }}
 
@@ -39,50 +38,47 @@ jobs:
           spring.datasource.url: ${{ secrets.DB_URL }}
           spring.datasource.username: ${{ secrets.DB_USERNAME }}
           spring.datasource.password: ${{ secrets.DB_PASSWORD }}
+          app.jwt.secretKey: ${{ secrets.TOKEN_SECRET_KEY }}
+          app.jwt.accessExpire: ${{ secrets.ACCESS_EXPIRE }}
+          app.jwt.refreshExpire: ${{ secrets.REFRESH_EXPIRE }}
 
       - name: Grant execute permission for gradlew
         run: chmod +x gradlew
 
       - name: Build with Gradle
         run: ./gradlew build
 
+      - name: List build/libs contents
+        run: ls -la build/libs
+
       - name: Docker build
         run: |
-          echo ${{ secrets.DOCKER_PASSWORD }} | docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin
-          docker build -t ${{ secrets.DOCKER_USERNAME }}/uiseong-come-on .
-          docker push ${{ secrets.DOCKER_USERNAME }}/uiseong-come-on:latest
+          docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }}
+          docker build -t ${{ secrets.DOCKER_USERNAME }}/sodam .
+          docker push ${{ secrets.DOCKER_USERNAME }}/sodam:latest
 
       - name: Install azd
         uses: Azure/[email protected]
 
       - name: Log in with Azure (Federated Credentials)
         if: ${{ env.AZURE_CLIENT_ID != '' }}
         run: |
-          azd auth login \
-            --client-id "${{ env.AZURE_CLIENT_ID }}" \
-            --federated-credential-provider "github" \
-            --tenant-id "${{ env.AZURE_TENANT_ID }}"
+          azd auth login `
+            --client-id "$Env:AZURE_CLIENT_ID" `
+            --federated-credential-provider "github" `
+            --tenant-id "$Env:AZURE_TENANT_ID"
+        shell: pwsh
 
       - name: Log in with Azure (Client Credentials)
         if: ${{ env.AZURE_CREDENTIALS != '' }}
         run: |
-          $info = $Env:AZURE_CREDENTIALS | ConvertFrom-Json -AsHashtable
+          $info = $Env:AZURE_CREDENTIALS | ConvertFrom-Json -AsHashtable;
           Write-Host "::add-mask::$($info.clientSecret)"
-          
-          azd auth login \
-            --client-id "$($info.clientId)" \
-            --client-secret "$($info.clientSecret)" \
+
+          azd auth login `
+            --client-id "$($info.clientId)" `
+            --client-secret "$($info.clientSecret)" `
             --tenant-id "$($info.tenantId)"
         shell: pwsh
         env:
-          AZURE_CREDENTIALS: ${{ env.AZURE_CREDENTIALS }}
-
-      # - name: Provision Infrastructure
-      #   run: |
-      #     azd provision --environment ${{ env.AZURE_ENV_NAME }} --no-prompt
-      #   env:
-      #     AZD_INITIAL_ENVIRONMENT_CONFIG: ${{ secrets.AZD_INITIAL_ENVIRONMENT_CONFIG }}
-
-      - name: Deploy Application
-        run: |
-          azd deploy --environment ${{ env.AZURE_ENV_NAME }} --no-prompt
+          AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}