[CICD] 기존 포트 확인 및 종료 후 재시도 스크립트 추가 #15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to Amazon EC2 with Docker | ||
| on: | ||
| push: | ||
| branches: | ||
| - main | ||
| env: | ||
| AWS_REGION: ap-northeast-2 | ||
| ECR_REPOSITORY: movelog-server | ||
| DOCKER_IMAGE_NAME: latest | ||
| permissions: | ||
| contents: read | ||
| jobs: | ||
| deploy: | ||
| name: Docker Deploy | ||
| runs-on: ubuntu-latest | ||
| environment: production | ||
| steps: | ||
| # 소스 코드 체크아웃 | ||
| - name: Checkout source code | ||
| uses: actions/checkout@v4 | ||
| # JDK 17 설정 | ||
| - name: Set up JDK 17 | ||
| uses: actions/setup-java@v4 | ||
| with: | ||
| distribution: 'temurin' | ||
| java-version: '17' | ||
| # Gradle 캐싱 | ||
| - name: Gradle Caching | ||
| uses: actions/cache@v4 | ||
| with: | ||
| path: | | ||
| ~/.gradle/caches | ||
| ~/.gradle/wrapper | ||
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | ||
| restore-keys: | | ||
| ${{ runner.os }}-gradle- | ||
| # Gradle 빌드 (테스트 제외) | ||
| - name: Build with Gradle | ||
| run: ./gradlew clean build -x test | ||
| # 설정 파일 생성 | ||
| - name: Create configuration files | ||
| run: | | ||
| mkdir -p ./src/main/resources/chatgpt | ||
| echo "${{ secrets.APPLICATION_CHATGPT_YML }}" | base64 --decode > ./src/main/resources/chatgpt/application-chatgpt.yml | ||
| mkdir -p ./src/main/resources/database | ||
| echo "${{ secrets.APPLICATION_DATABASE_YML }}" | base64 --decode > ./src/main/resources/database/application-database.yml | ||
| mkdir -p ./src/main/resources/oauth2 | ||
| echo "${{ secrets.APPLICATION_OAUTH2_YML }}" | base64 --decode > ./src/main/resources/oauth2/application-oauth2.yml | ||
| mkdir -p ./src/main/resources/s3 | ||
| echo "${{ secrets.APPLICATION_S3_YML }}" | base64 --decode > ./src/main/resources/s3/application-s3.yml | ||
| mkdir -p ./src/main/resources/webclient | ||
| echo "${{ secrets.APPLICATION_WEBCLIENT_YML }}" | base64 --decode > ./src/main/resources/webclient/application-webclient.yml | ||
| # Docker 이미지 빌드 | ||
| - name: Build Docker image | ||
| run: | | ||
| docker build -t ${{ env.DOCKER_IMAGE_NAME }} . | ||
| # AWS 인증 (IAM 사용자 Access Key, Secret Key 활용) | ||
| - name: Configure AWS credentials | ||
| uses: aws-actions/configure-aws-credentials@v1 | ||
| with: | ||
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }} | ||
| aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }} | ||
| aws-region: ${{ env.AWS_REGION }} | ||
| # AWS ECR에 로그인 | ||
| - name: Log in to Amazon ECR | ||
| uses: aws-actions/amazon-ecr-login@v1 | ||
| # Docker 이미지를 ECR로 푸시 | ||
| - name: Push Docker image to ECR | ||
| run: | | ||
| REPOSITORY_URI=$(aws ecr describe-repositories --repository-names ${{ env.ECR_REPOSITORY }} --query "repositories[0].repositoryUri" --output text) | ||
| docker tag ${{ env.DOCKER_IMAGE_NAME }} $REPOSITORY_URI:${{ github.sha }} | ||
| docker push $REPOSITORY_URI:${{ github.sha }} | ||
| # SSH 키 추가 | ||
| - name: Add SSH key | ||
| run: | | ||
| mkdir -p ~/.ssh | ||
| echo "${{ secrets.EC2_PRIVATE_KEY }}" > ~/.ssh/id_rsa | ||
| chmod 600 ~/.ssh/id_rsa | ||
| ssh-keyscan -H ${{ secrets.EC2_PUBLIC_IP }} >> ~/.ssh/known_hosts | ||
| # 디버깅: SSH 키 파일 확인 | ||
| - name: Debug SSH key setup | ||
| run: | | ||
| ls -l ~/.ssh | ||
| cat ~/.ssh/id_rsa | ||
| # EC2에서 컨테이너 실행 | ||
| - name: Deploy Docker container on EC2 | ||
| run: | | ||
| ssh -o StrictHostKeyChecking=no -T -i ~/.ssh/id_rsa ubuntu@${{ secrets.EC2_PUBLIC_IP }} << 'EOF' | ||
| aws ecr get-login-password --region ${{ env.AWS_REGION }} | sudo docker login --username AWS --password-stdin $(aws ecr describe-repositories --repository-names ${{ env.ECR_REPOSITORY }} --query "repositories[0].repositoryUri" --output text) | ||
| # 기존 프로세스 확인 및 종료 | ||
| if sudo lsof -i:8080; then | ||
| echo "Port 8080 is in use. Stopping process..." | ||
| sudo kill -9 $(sudo lsof -t -i:8080) || true | ||
| else | ||
| echo "Port 8080 is free." | ||
| fi | ||
| # Docker 이미지 Pull | ||
| sudo docker pull $(aws ecr describe-repositories --repository-names ${{ env.ECR_REPOSITORY }} --query "repositories[0].repositoryUri" --output text):${{ github.sha }} | ||
| # 기존 컨테이너 중지 및 제거 | ||
| sudo docker stop ${{ env.DOCKER_IMAGE_NAME }} || true | ||
| sudo docker rm ${{ env.DOCKER_IMAGE_NAME }} || true | ||
| # 새 컨테이너 실행 | ||
| sudo docker run -d -p 8080:8080 --name ${{ env.DOCKER_IMAGE_NAME }} $(aws ecr describe-repositories --repository-names ${{ env.ECR_REPOSITORY }} --query "repositories[0].repositoryUri" --output text):${{ github.sha }} | ||
| EOF | ||
