chore: #19 docker + aws 배포 연습 #60
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Java CI with Gradle | |
| on: | |
| push: | |
| branches: [ "release-test" ] | |
| pull_request: | |
| branches: [ "develop" ] | |
| jobs: | |
| build: | |
| runs-on: ubuntu- | |
| env: | |
| DATABASE_PASSWORD: ${{ secrets.JUNHO_DB_PASSWORD }} | |
| DATABASE_URL: ${{ secrets.JUNHO_DB_URL }} | |
| DATABASE_USERNAME: ${{ secrets.JUNHO_DB_USERNAME }} | |
| GIT_HUB_PAGES_URL: ${{ secrets.GIT_HUB_PAGES_URL }} | |
| AWS_ACCESS_KEY: ${{ secrets.AWS_ACCESS_KEY }} | |
| AWS_SECRET_KEY: ${{ secrets.AWS_SECRET_KEY }} | |
| AWS_REGION_AUTO: ${{ secrets.AWS_REGION_AUTO }} | |
| AWS_REGION_STATIC: ${{ secrets.AWS_REGION_STATIC }} | |
| AWS_STACK_AUTO: ${{ secrets.AWS_STACK_AUTO }} | |
| MAIL_USERNAME: ${{ secrets.MAIL_USERNAME }} | |
| MAIL_PASSWORD: ${{ secrets.MAIL_PASSWORD }} | |
| REDIS_HOST: ${{ secrets.REDIS_HOST }} | |
| REDIS_PASSWORD: ${{ secrets.REDIS_PASSWORD }} | |
| REDIS_PORT: ${{ secrets.REDIS_PORT }} | |
| REFRESH_EXPIRATION_TIME: ${{ secrets.REFRESH_EXPIRATION_TIME }} | |
| REFRESH_KEY: ${{ secrets.REFRESH_KEY }} | |
| # S3 환경변수 | |
| AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }} | |
| GOOGLE_CLIENT_ID: ${{ secrets.GOOGLE_CLIENT_ID }} | |
| GOOGLE_CLIENT_SECRET: ${{ secrets.GOOGLE_CLIENT_SECRET }} | |
| KAKAO_CLIENT_ID: ${{ secrets.KAKAO_CLIENT_ID }} | |
| KAKAO_CLIENT_SECRET: ${{ secrets.KAKAO_CLIENT_SECRET }} | |
| KAKAO_REDIRECT_URL: ${{ secrets.KAKAO_REDIRECT_URL }} | |
| OAUTH_GITHUB_CLIENT_ID: ${{ secrets.OAUTH_GITHUB_CLIENT_ID }} | |
| OAUTH_GITHUB_CLIENT_SECRET: ${{ secrets.OAUTH_GITHUB_CLIENT_SECRET }} | |
| OAUTH_GITHUB_REDIRECT_URI: ${{ secrets.OAUTH_GITHUB_REDIRECT_URI }} | |
| JWT_KEY: ${{ secrets.JWT_KEY }} | |
| JWT_ACCESS_EXPIRATION_TIME: ${{ secrets.JWT_ACCESS_EXPIRATION_TIME }} | |
| JWT_REFRESH_EXPIRATION_TIME: ${{ secrets.JWT_REFRESH_EXPIRATION_TIME }} | |
| steps: | |
| - name: Set environment variables | |
| run: | | |
| echo "DATABASE_PASSWORD=${{ secrets.JUNHO_DB_PASSWORD }}" >> .env | |
| echo "DATABASE_URL=${{ secrets.JUNHO_DB_URL }}" >> .env | |
| echo "DATABASE_USERNAME=${{ secrets.JUNHO_DB_USERNAME }}" >> .env | |
| echo "GIT_HUB_PAGES_URL=${{ secrets.GIT_HUB_PAGES_URL }}" >> .env | |
| echo "AWS_ACCESS_KEY=${{ secrets.AWS_ACCESS_KEY }}" >> .env | |
| echo "AWS_SECRET_KEY=${{ secrets.AWS_SECRET_KEY }}" >> .env | |
| echo "AWS_REGION_AUTO=${{ secrets.AWS_REGION_AUTO }}" >> .env | |
| echo "AWS_REGION_STATIC=${{ secrets.AWS_REGION_STATIC }}" >> .env | |
| echo "AWS_STACK_AUTO=${{ secrets.AWS_STACK_AUTO }}" >> .env | |
| echo "MAIL_USERNAME=${{ secrets.MAIL_USERNAME }}" >> .env | |
| echo "MAIL_PASSWORD=${{ secrets.MAIL_PASSWORD }}" >> .env | |
| echo "REDIS_HOST=${{ secrets.REDIS_HOST }}" >> .env | |
| echo "REDIS_PASSWORD=${{ secrets.REDIS_PASSWORD }}" >> .env | |
| echo "REDIS_PORT=${{ secrets.REDIS_PORT }}" >> .env | |
| echo "REFRESH_EXPIRATION_TIME=${{ secrets.REFRESH_EXPIRATION_TIME }}" >> .env | |
| echo "REFRESH_KEY=${{ secrets.REFRESH_KEY }}" >> .env | |
| echo "AWS_S3_BUCKET=${{ secrets.AWS_S3_BUCKET }}" >> .env | |
| echo "GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID }}" >> .env | |
| echo "GOOGLE_CLIENT_SECRET=${{ secrets.GOOGLE_CLIENT_SECRET }}" >> .env | |
| echo "KAKAO_CLIENT_ID=${{ secrets.KAKAO_CLIENT_ID }}" >> .env | |
| echo "KAKAO_CLIENT_SECRET=${{ secrets.KAKAO_CLIENT_SECRET }}" >> .env | |
| echo "KAKAO_REDIRECT_URL=${{ secrets.KAKAO_REDIRECT_URL }}" >> .env | |
| echo "OAUTH_GITHUB_CLIENT_ID=${{ secrets.OAUTH_GITHUB_CLIENT_ID }}" >> .env | |
| echo "OAUTH_GITHUB_CLIENT_SECRET=${{ secrets.OAUTH_GITHUB_CLIENT_SECRET }}" >> .env | |
| echo "OAUTH_GITHUB_REDIRECT_URI=${{ secrets.OAUTH_GITHUB_REDIRECT_URI }}" >> .env | |
| echo "JWT_KEY=${{ secrets.JWT_KEY }}" >> .env | |
| echo "JWT_ACCESS_EXPIRATION_TIME=${{ secrets.JWT_ACCESS_EXPIRATION_TIME }}" >> .env | |
| echo "JWT_REFRESH_EXPIRATION_TIME=${{ secrets.JWT_REFRESH_EXPIRATION_TIME }}" >> .env | |
| - uses: actions/checkout@v4 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| - name: Setup Gradle | |
| uses: gradle/actions/setup-gradle@af1da67850ed9a4cedd57bfd976089dd991e2582 # v4.0.0 | |
| - name: Grant for gradlew | |
| run: chmod +x ./gradlew | |
| shell: bash | |
| - name: Build with Gradle Wrapper | |
| run: ./gradlew :RevUp-api:bootJar | |
| # - name: Generate YAML Configuration Files | |
| # run: | | |
| # mkdir -p ./RevUp-api/src/main/resources | |
| # echo "${{ secrets.APPLICATION_YML }}" > ./RevUp-api/src/main/resources/application.yml | |
| # | |
| # mkdir -p ./RevUp-domain/src/main/resources | |
| # echo "${{ secrets.APPLICATION_DOMAIN_YML }}" > ./RevUp-domain/src/main/resources/application-domain.yml | |
| # | |
| # mkdir -p ./RevUp-infra/src/main/resources | |
| # echo "${{ secrets.APPLICATION_INFRA_YML }}" > ./RevUp-infra/src/main/resources/application-infra.yml | |
| # | |
| # mkdir -p ./RevUp-common/src/main/resources | |
| # echo "${{ secrets.APPLICATION_COMMON_YML }}" > ./RevUp-common/src/main/resources/application-common.yml | |
| # | |
| # mkdir -p ./RevUp-security/src/main/resources | |
| # echo "${{ secrets.APPLICATION_SECURITY_YML }}" > ./RevUp-security/src/main/resources/application-security.yml | |
| - name: Install Docker Compose | |
| run: | | |
| sudo curl -L "https://github.com/docker/compose/releases/download/v2.22.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose | |
| sudo chmod +x /usr/local/bin/docker-compose | |
| - name: Docker build | |
| run: | | |
| docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} | |
| docker build -t ${{ secrets.DOCKER_USERNAME }}/revup:latest . | |
| docker push ${{ secrets.DOCKER_USERNAME }}/revup:latest | |
| - name: Deploy | |
| uses: appleboy/ssh-action@master | |
| with: | |
| host: ${{ secrets.SSH_KNOWN_HOSTS }} # EC2 인스턴스 퍼블릭 DNS | |
| username: ${{ secrets.SSH_USER }} | |
| key: ${{ secrets.SSH_PRIVATE_KEY }} # pem 키 | |
| # 도커 작업 | |
| script: | | |
| docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} | |
| sudo docker pull ${{ secrets.DOCKER_USERNAME }}/revup:latest | |
| sudo docker-compose -f ./docker-compose.yml up -d | |
| sudo docker image prune -f |