chore: PR시 secrets에 접근 가능하도록 수정 #27
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI/CD Github Action | |
on: | |
push: | |
branches: [ "Master", "Weekly/*" ] | |
pull_request_target: | |
branches: [ "Master", "Weekly/*" ] | |
permissions: | |
contents: read | |
jobs: | |
## 1단계: 프로젝트 빌드 | |
Build: | |
runs-on: ubuntu-22.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up JDK 21 | |
uses: actions/setup-java@v4 | |
with: | |
java-version: '21' | |
distribution: 'corretto' | |
- name: Gradle Caching (for faster build) | |
uses: actions/cache@v3 | |
with: | |
path: | | |
~/.gradle/caches | |
~/.gradle/wrapper | |
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
restore-keys: | | |
${{ runner.os }}-gradle- | |
- name: Build With Gradle (exclude test) | |
run: | | |
chmod +x gradlew | |
./gradlew clean build -x test | |
- name: Docker Hub Login | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_TOKEN }} | |
- name: Docker Build | |
run: docker build -f Dockerfile --build-arg DEPENDENCY=build/dependency -t ${{ secrets.DOCKER_REPO_FULLNAME }} . | |
- name: Docker Push | |
run: docker push ${{ secrets.DOCKER_REPO_FULLNAME }} | |
## 2단계: 서버에 배포 | |
Deploy: | |
runs-on: ubuntu-22.04 | |
needs: Build | |
steps: | |
- name: Pull New Docker Image | |
uses: appleboy/ssh-action@master | |
with: | |
host: ${{ secrets.SSH_HOST }} | |
username: ${{ secrets.SSH_USERNAME }} | |
key: ${{ secrets.SSH_PRIVATE_KEY }} | |
port: ${{ secrets.SSH_PORT }} | |
envs: GITHUB_SHA | |
script: sudo docker pull ${{ secrets.DOCKER_REPO_FULLNAME }} | |
- name: Stop Old Docker Image | |
uses: appleboy/ssh-action@master | |
with: | |
host: ${{ secrets.SSH_HOST }} | |
username: ${{ secrets.SSH_USERNAME }} | |
key: ${{ secrets.SSH_PRIVATE_KEY }} | |
port: ${{ secrets.SSH_PORT }} | |
envs: GITHUB_SHA | |
script: sudo docker stop would-you-in | |
- name: Run New Docker Image | |
uses: appleboy/ssh-action@master | |
with: | |
host: ${{ secrets.SSH_HOST }} | |
username: ${{ secrets.SSH_USERNAME }} | |
key: ${{ secrets.SSH_PRIVATE_KEY }} | |
port: ${{ secrets.SSH_PORT }} | |
envs: GITHUB_SHA | |
script: sudo docker run --rm -d -p 80:8080 --env-file ~/.env --name would-you-in ${{ secrets.DOCKER_REPO_FULLNAME }} | |
- name: Clean-Up Docker Image | |
uses: appleboy/ssh-action@master | |
with: | |
host: ${{ secrets.SSH_HOST }} | |
username: ${{ secrets.SSH_USERNAME }} | |
key: ${{ secrets.SSH_PRIVATE_KEY }} | |
port: ${{ secrets.SSH_PORT }} | |
envs: GITHUB_SHA | |
script: sudo docker image prune -f |