Merge pull request #224 from prgrms-web-devcourse-final-project/hotfiโฆ #40
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Main Branch CD Pipeline | |
| on: | |
| push: | |
| branches: | |
| - main | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| env: | |
| # ๋ฐ์ดํฐ๋ฒ ์ด์ค ํ๊ฒฝ๋ณ์ (RDS) | |
| DB_URL: ${{ secrets.DB_URL }} | |
| DB_USERNAME: ${{ secrets.DB_USERNAME }} | |
| DB_PASSWORD: ${{ secrets.DB_PASSWORD }} | |
| # Email ์ธ์ฆ | |
| EMAIL_USERNAME: ${{ secrets.EMAIL_USER_NAME }} | |
| EMAIL_PASSWORD: ${{ secrets.EMAIL_PASSWORD }} | |
| # JWT | |
| JWT_SECRET_KEY: ${{ secrets.JWT_SECRET_KEY }} | |
| ## Redis ํ๊ฒฝ๋ณ์ | |
| REDIS_HOST: ${{ secrets.REDIS_HOST }} | |
| REDIS_PORT: ${{ secrets.REDIS_PORT }} | |
| # FCM ํ๊ฒฝ๋ณ์ | |
| BOTTLER_FCM_BASE64: ${{ secrets.BOTTLER_FCM_BASE64 }} | |
| # AWS ํ๊ฒฝ๋ณ์ | |
| AWS_ACCESS_KEY: ${{ secrets.AWS_ACCESS_KEY }} | |
| AWS_SECRET_KEY: ${{ secrets.AWS_SECRET_KEY }} | |
| AWS_REGION: ${{ secrets.AWS_REGION }} | |
| # ECR ํ๊ฒฝ๋ณ์ | |
| ECR_URI: ${{ secrets.ECR_URI }} | |
| # S3 ํ๊ฒฝ๋ณ์ | |
| BUCKET_NAME: ${{ secrets.BUCKET_NAME }} | |
| BASE_URL: ${{ secrets.BASE_URL }} | |
| # gpt ํ๊ฒฝ๋ณ์ | |
| OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} | |
| # Kakao ํ๊ฒฝ๋ณ์ | |
| KAKAO_CLIENT_ID: ${{ secrets.KAKAO_CLIENT_ID }} | |
| KAKAO_CLIENT_SECRET: ${{ secrets.KAKAO_CLIENT_SECRET }} | |
| KAKAO_REDIRECT_URL: ${{ secrets.KAKAO_REDIRECT_URL }} | |
| # Slack ํ๊ฒฝ๋ณ์ | |
| SLACK_TOKEN: ${{ secrets.SLACK_TOKEN }} | |
| steps: | |
| - name: ์ฝ๋ ๊ฐ์ ธ์ค๊ธฐ | |
| uses: actions/checkout@v4 | |
| - name: JDK 17 ์ค์ | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: 17 | |
| distribution: temurin | |
| - name: Gradle ์์กด์ฑ ์บ์ฑ | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.gradle/caches | |
| ~/.gradle/caches/build-cache | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: | | |
| ${{ runner.os }}-gradle- | |
| - name: Gradle ๊ถํ ๋ถ์ฌ | |
| run: chmod +x ./gradlew | |
| shell: bash | |
| - name: Gradle ํ ์คํธ | |
| run: ./gradlew clean build -x test | |
| - name: ๋น๋ ๊ฒฐ๊ณผ ํ์ธ | |
| run: ls build/libs/ | |
| - name: Docker Hub ๋ก๊ทธ์ธ | |
| run: echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin | |
| - name: Docker ์ด๋ฏธ์ง ๋น๋ | |
| run: docker build -t ${{ secrets.DOCKER_USERNAME }}/bottler:${{ github.sha }} . | |
| - name: Docker ์ด๋ฏธ์ง ํธ์ | |
| run: docker push ${{ secrets.DOCKER_USERNAME }}/bottler:${{ github.sha }} | |
| - name: .env ํ์ผ ์์ฑ | |
| run: | | |
| mkdir -p docker-compose | |
| echo "DB_URL=${{ secrets.DB_URL }}" >> docker-compose/.env | |
| echo "DB_USERNAME=${{ secrets.DB_USERNAME }}" >> docker-compose/.env | |
| echo "DB_PASSWORD=${{ secrets.DB_PASSWORD }}" >> docker-compose/.env | |
| echo "EMAIL_USER_NAME=${{ secrets.EMAIL_USER_NAME }}" >> docker-compose/.env | |
| echo "EMAIL_PASSWORD=${{ secrets.EMAIL_PASSWORD }}" >> docker-compose/.env | |
| echo "JWT_SECRET_KEY=${{ secrets.JWT_SECRET_KEY }}" >> docker-compose/.env | |
| echo "REDIS_PORT=${{ secrets.REDIS_PORT }}" >> docker-compose/.env | |
| echo "REDIS_HOST=${{ secrets.REDIS_HOST }}" >> docker-compose/.env | |
| echo "BOTTLER_FCM_BASE64=${{ secrets.BOTTLER_FCM_BASE64 }}" >> docker-compose/.env | |
| echo "BUCKET_NAME=${{ secrets.BUCKET_NAME }}" >> docker-compose/.env | |
| echo "BASE_URL=${{ secrets.BASE_URL }}" >> docker-compose/.env | |
| echo "OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}" >> docker-compose/.env | |
| echo "KAKAO_CLIENT_ID=${{ secrets.KAKAO_CLIENT_ID }}" >> docker-compose/.env | |
| echo "KAKAO_CLIENT_SECRET=${{ secrets.KAKAO_CLIENT_SECRET }}" >> docker-compose/.env | |
| echo "KAKAO_REDIRECT_URL=${{ secrets.KAKAO_REDIRECT_URL }}" >> docker-compose/.env | |
| echo "SLACK_TOKEN=${{ secrets.SLACK_TOKEN }}" >> docker-compose/.env | |
| echo "DOCKER_USERNAME=${{ secrets.DOCKER_USERNAME }}" >> docker-compose/.env | |
| echo "TAG=${{ github.sha }}" >> docker-compose/.env | |
| - name: docker-compose.yml, .env ํ์ผ EC2๋ก ๋ณต์ฌ | |
| run: | | |
| echo "${{ secrets.EC2_SSH_KEY }}" > bottler-keypair.pem | |
| chmod 600 bottler-keypair.pem | |
| scp -o StrictHostKeyChecking=no -i bottler-keypair.pem docker-compose/docker-compose.yml ubuntu@${{ secrets.EC2_PUBLIC_IP }}:~/docker-compose/docker-compose.yml | |
| scp -o StrictHostKeyChecking=no -i bottler-keypair.pem docker-compose/.env ubuntu@${{ secrets.EC2_PUBLIC_IP }}:~/docker-compose/.env | |
| - name: Docker ์ด๋ฏธ์ง Pull ๋ฐ ๋ฐฐํฌ | |
| run: | | |
| ssh -o StrictHostKeyChecking=no -i bottler-keypair.pem ubuntu@${{ secrets.EC2_PUBLIC_IP }} <<EOF | |
| docker login -u "${{ secrets.DOCKER_USERNAME }}" -p "${{ secrets.DOCKER_PASSWORD }}" | |
| cd ~/docker-compose | |
| docker-compose down || true | |
| docker-compose pull | |
| docker-compose up -d | |
| EOF |