Merge pull request #41 from prgrms-web-devcourse-final-project/hotfix… #10
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Main Branch CI Pipeline | |
| on: | |
| push: | |
| branches: | |
| - main | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| env: | |
| # 데이터베이스 환경변수 (RDS) | |
| DB_URL: ${{ secrets.DB_URL }} | |
| DB_USERNAME: ${{ secrets.DB_USERNAME }} | |
| DB_PASSWORD: ${{ secrets.DB_PASSWORD }} | |
| # FCM 환경변수 | |
| BOTTLER_FCM_BASE64: ${{ secrets.BOTTLER_FCM_BASE64 }} | |
| # AWS 환경변수 | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| AWS_REGION: ${{ secrets.AWS_REGION }} | |
| # ECR 환경변수 | |
| ECR_URI: ${{ secrets.ECR_URI }} | |
| # S3 환경변수 | |
| BUCKET_NAME: ${{ secrets.BUCKET_NAME }} | |
| BASE_URL: ${{ secrets.BASE_URL }} | |
| # gpt 환경변수 | |
| OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} | |
| steps: | |
| - name: 코드 가져오기 | |
| uses: actions/checkout@v4 | |
| - name: JDK 17 설정 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: 17 | |
| distribution: temurin | |
| - name: Gradle 의존성 캐싱 | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.gradle/caches | |
| ~/.gradle/caches/build-cache | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: | | |
| ${{ runner.os }}-gradle- | |
| - name: Gradle 권한 부여 | |
| run: chmod +x ./gradlew | |
| shell: bash | |
| - name: Gradle 테스트 | |
| run: ./gradlew clean build | |
| - name: AWS Resource에 접근할 수 있게 AWS credentials 설정 | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| - name: Docker 이미지 빌드 | |
| run: docker build -t bottler-backend:${{ github.sha }} . | |
| - name: Docker 이미지 태그 | |
| run: docker tag bottler-backend:${{ github.sha }} ${{ secrets.ECR_URI }}/bottler-backend:${{ github.sha }} | |
| - name: AWS ECR 로그인 | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Docker 이미지 Push | |
| run: docker push ${{ secrets.ECR_URI }}/bottler-backend:${{ github.sha }} | |
| - name: .env 파일 작성 | |
| run: | | |
| mkdir -p docker-compose | |
| echo "DB_URL=${{ secrets.DB_URL }}" >> docker-compose/.env | |
| echo "DB_USERNAME=${{ secrets.DB_USERNAME }}" >> docker-compose/.env | |
| echo "DB_PASSWORD=${{ secrets.DB_PASSWORD }}" >> docker-compose/.env | |
| echo "BOTTLER_FCM_BASE64=${{ secrets.BOTTLER_FCM_BASE64 }}" >> docker-compose/.env | |
| echo "AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }}" >> docker-compose/.env | |
| echo "AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }}" >> docker-compose/.env | |
| echo "AWS_REGION=${{ secrets.AWS_REGION }}" >> docker-compose/.env | |
| echo "BUCKET_NAME=${{ secrets.BUCKET_NAME }}" >> docker-compose/.env | |
| echo "BASE_URL=${{ secrets.BASE_URL }}" >> docker-compose/.env | |
| echo "ECR_URI=${{ secrets.ECR_URI }}" >> docker-compose/.env | |
| echo "OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}" >> docker-compose/.env | |
| echo "TAG=${{ github.sha }}" >> docker-compose/.env | |
| - name: .env 파일 EC2로 복사 | |
| run: | | |
| echo '${{ secrets.EC2_SSH_KEY }}' > bottler-keypair.pem | |
| chmod 600 bottler-keypair.pem | |
| scp -o StrictHostKeyChecking=no -i bottler-keypair.pem docker-compose/.env ubuntu@${{ secrets.EC2_PUBLIC_IP }}:~/docker-compose/.env | |
| - name: EC2로 Docker Compose 배포 | |
| run: | | |
| ssh -o StrictHostKeyChecking=no -i bottler-keypair.pem ubuntu@${{ secrets.EC2_PUBLIC_IP }} <<EOF | |
| docker pull ${{ secrets.ECR_URI }}:${{ github.sha }} | |
| cd ~/docker-compose | |
| TAG=${{ github.sha }} docker-compose -f docker-compose.yml down | |
| TAG=${{ github.sha }} docker-compose -f docker-compose.yml up -d | |
| EOF |