fix: docker login 방식 변경 #3 #7
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy | |
| on: | |
| push: | |
| branches: ['develop', 'feature/issue-3/deploy'] | |
| env: | |
| ACTIVE_PROFILE: "prod" | |
| DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} | |
| DOCKERHUB_IMAGE_NAME: ${{ secrets.DOCKERHUB_IMAGE_NAME }} | |
| DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }} | |
| permissions: | |
| contents: read | |
| jobs: | |
| build_and_push: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| kotlin-version: [ "1.8.22" ] | |
| java-version: [ "17" ] | |
| steps: | |
| - name: Check Out The Repository | |
| uses: actions/checkout@v3 | |
| - name: Set up Kotlin | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: ${{ matrix.java-version }} | |
| kotlin-version: ${{ matrix.kotlin-version }} | |
| distribution: 'adopt' | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x ./gradlew | |
| - name: Build with Gradle | |
| run: ./gradlew build --no-daemon | |
| - name: Make image tag | |
| run: echo "IMAGE_TAG=$ACTIVE_PROFILE-${GITHUB_SHA::7}" >> $GITHUB_ENV # activeProfile-커밋 hash 값 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v2 | |
| - name: Docker build and push | |
| run: | | |
| docker login -u $DOCKERHUB_USERNAME -p $DOCKERHUB_PASSWORD | |
| docker build -t $DOCKERHUB_USERNAME/$DOCKERHUB_IMAGE_NAME . | |
| docker push $DOCKERHUB_USERNAME/$DOCKERHUB_IMAGE_NAME:${{env.IMAGE_TAG}} | |
| # - name: Login to Docker Hub | |
| # uses: docker/login-action@v2 | |
| # with: | |
| # username: $DOCKERHUB_USERNAME | |
| # password: $DOCKERHUB_PASSWORD | |
| # | |
| # - name: Docker Build and push | |
| # uses: docker/build-push-action@v3 | |
| # with: | |
| # context: ./ | |
| # push: true | |
| # tags: $DOCKERHUB_USERNAME/$DOCKERHUB_IMAGE_NAME:${{env.IMAGE_TAG}} | |
| deploy: | |
| needs: build_and_push | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Get Public IP | |
| id: publicip | |
| run: | | |
| response=$(curl -s canhazip.com) | |
| echo "ip='$response'" >> $GITHUB_OUTPUT | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| - name: Add GitHub IP to AWS | |
| run: | | |
| aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port ${{ secrets.EC2_SSH_PORT }} --cidr ${{ steps.publicip.outputs.ip }}/32 | |
| - name: Deploy | |
| uses: appleboy/ssh-action@master | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USERNAME }} | |
| key: ${{ secrets.EC2_KEY }} | |
| port: ${{ secrets.EC2_SSH_PORT }} | |
| timeout: 60s | |
| script: | | |
| cd susu | |
| sudo touch .env | |
| echo "${{ secrets.ENV_VARS }}" | sudo tee .env > /dev/null | |
| sudo docker stop $(sudo docker ps -a -q) | |
| sudo docker rm $(sudo docker ps -a -q) | |
| sudo docker rmi $(sudo docker images -q) | |
| sudo docker pull $DOCKERHUB_USERNAME/$DOCKERHUB_IMAGE_NAME:${{env.IMAGE_TAG}} | |
| sudo docker run --build -d \ | |
| --restart unless-stopped \ | |
| --name server \ | |
| --hostname server \ | |
| --env-file .env \ | |
| -e TZ=Asia/Seoul \ | |
| --expose 8080 \ | |
| --log-driver=awslogs \ | |
| --log-opt awslogs-group=susu \ | |
| --log-opt awslogs-region=ap-northeast-2 \ | |
| --log-opt awslogs-stream=server \ | |
| $DOCKERHUB_USERNAME/$DOCKERHUB_IMAGE_NAME:${{env.IMAGE_TAG}} | |
| sudo docker system prune --all -f | |
| - name: Remove IP FROM security group | |
| run: | | |
| aws ec2 revoke-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port ${{ secrets.EC2_SSH_PORT }} --cidr ${{ steps.publicip.outputs.ip }}/32 |