Merge pull request #21 from CSID-DGU/feat/course #85
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: spring-actions | |
on: | |
push: | |
branches: [ "backend" ] | |
paths: | |
- '**/*.java' | |
- '**/build.gradle*' | |
- '**/settings.gradle*' | |
- '**/application*.yml' | |
- '**/*.yaml' | |
- '**/docker-compose.yml' | |
- '**/Dockerfile' | |
- '**/*.conf' | |
pull_request: | |
branches: [ "backend" ] | |
paths: | |
- '**/*.java' | |
- '**/build.gradle*' | |
- '**/settings.gradle*' | |
- '**/application*.yml' | |
- '**/*.yaml' | |
- '**/docker-compose.yml' | |
- '**/Dockerfile' | |
- '**/*.conf' | |
permissions: | |
contents: write | |
jobs: | |
build: | |
runs-on: ubuntu-22.04 | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 # 전체 히스토리 받아오기 | |
- name: Set up JDK 11 | |
uses: actions/setup-java@v3 | |
with: | |
java-version: '11' | |
distribution: 'corretto' | |
# yml 파일 prod 버전으로 변경 | |
- name: Set YML | |
run: | | |
echo "${{ secrets.APPLICATION_YML }}" | base64 --decode > backend/src/main/resources/application.yml | |
find backend/src/main/resources | |
## gradle caching push | |
- name: Gradle Caching | |
uses: actions/cache@v3 | |
with: | |
path: | | |
~/.gradle/caches | |
~/.gradle/wrapper | |
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
restore-keys: | | |
${{ runner.os }}-gradle- | |
- name: Grant execute permission for gradlew | |
run: chmod +x ./gradlew | |
working-directory: ${{ secrets.WORKING_BACKEND }} | |
# sentry | |
- name: Install Sentry CLI | |
run: curl -sL https://sentry.io/get-cli/ | bash | |
- name: Sentry CLI Login | |
run: sentry-cli login --auth-token ${{ secrets.SENTRY_AUTH_TOKEN }} | |
- name: Build with Gradle | |
run: ./gradlew clean build -x test | |
working-directory: ${{ secrets.WORKING_BACKEND }} | |
env: | |
SPRING_DATASOURCE_URL: ${{ secrets.DB_URL }} | |
SPRING_DATASOURCE_DRIVER: ${{ secrets.DB_DRIVER }} | |
SPRING_DATASOURCE_USERNAME: ${{ secrets.DB_USERNAME }} | |
SPRING_DATASOURCE_PASSWORD: ${{ secrets.DB_PASSWORD }} | |
JWT_SECRET: ${{ secrets.JWT_SECRET }} | |
GOOGLE_CLIENT_NAME: ${{ secrets.GOOGLE_CLIENT_NAME }} | |
GOOGLE_CLIENT_ID: ${{ secrets.GOOGLE_CLIENT_ID }} | |
GOOGLE_CLINET_SECRET: ${{ secrets.GOOGLE_CLINET_SECRET }} | |
GOOGLE_REDIRECT_URI: ${{ secrets.GOOGLE_REDIRECT_URI }} | |
GOOGLE_AUTHORIZATION_GRANT_TYPE: ${{ secrets.GOOGLE_AUTHORIZATION_GRANT_TYPE }} | |
GOOGLE_SCOPE: ${{ secrets.GOOGLE_SCOPE }} | |
- name: Create env file | |
run: | | |
echo SPRING_DATASOURCE_URL=${{ secrets.DB_URL }} >> .env | |
echo SPRING_DATASOURCE_DRIVER=${{ secrets.DB_DRIVER }} >> .env | |
echo SPRING_DATASOURCE_USERNAME=${{ secrets.DB_USERNAME }} >> .env | |
echo SPRING_DATASOURCE_PASSWORD=${{ secrets.DB_PASSWORD }} >> .env | |
echo JWT_SECRET=${{ secrets.JWT_SECRET }} >> .env | |
echo GOOGLE_CLIENT_NAME=${{ secrets.GOOGLE_CLIENT_NAME }} >> .env | |
echo GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID }} >> .env | |
echo GOOGLE_CLINET_SECRET=${{ secrets.GOOGLE_CLINET_SECRET }} >> .env | |
echo GOOGLE_REDIRECT_URI=${{ secrets.GOOGLE_REDIRECT_URI }} >> .env | |
echo GOOGLE_AUTHORIZATION_GRANT_TYPE=${{ secrets.GOOGLE_AUTHORIZATION_GRANT_TYPE }} >> .env | |
echo GOOGLE_SCOPE=${{ secrets.GOOGLE_SCOPE }} >> .env | |
## 이미지 빌드 및 도커허브에 push .. | |
- name: Login to Docker Hub | |
run: echo ${{ secrets.DOCKER_PASSWORD }} | docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin | |
- name: backend docker build and push | |
run: | | |
docker build -f Dockerfile.prod -t ${{ secrets.DOCKER_REPO }}/togethering:1.0 . | |
docker push ${{ secrets.DOCKER_REPO }}/togethering:1.0 | |
working-directory: ${{ secrets.WORKING_BACKEND }} | |
- name: nginx docker build and push | |
run: | | |
docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} | |
docker build -f Dockerfile -t ${{ secrets.DOCKER_REPO }}/togethering-nginx:latest . | |
docker push ${{ secrets.DOCKER_REPO }}/togethering-nginx:latest | |
working-directory: ${{ secrets.WORKING_NGINX }} | |
- name: Copy docker-compose.yml to EC2 | |
uses: appleboy/scp-action@master | |
with: | |
host: ${{ secrets.HOST }} | |
username: ubuntu | |
key: ${{ secrets.KEY }} | |
source: "/github/workspace/docker-compose.yml" | |
target: "/home/ubuntu/" | |
- name: Copy .env to EC2 | |
uses: appleboy/scp-action@master | |
with: | |
host: ${{ secrets.HOST }} | |
username: ubuntu | |
key: ${{ secrets.KEY }} | |
source: "/github/workspace/.env" | |
target: "/home/ubuntu/" | |
## docker compose up | |
# HOST : 인스턴스 주소 | |
# KEY : rsa - 전부 복사, % 제외 | |
- name: executing remote ssh commands using password | |
uses: appleboy/ssh-action@master | |
with: | |
host: ${{ secrets.HOST }} | |
username: ubuntu | |
key: ${{ secrets.KEY }} | |
script: | | |
echo ${{ secrets.DOCKER_PASSWORD }} | sudo docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin | |
if [ "$(docker ps -qa)" ]; then | |
sudo docker rm -f $(docker ps -qa) | |
fi | |
sudo docker pull ${{ secrets.DOCKER_REPO }}/togethering:1.0 | |
sudo docker pull ${{ secrets.DOCKER_REPO }}/togethering-nginx:latest | |
docker-compose -f /home/ubuntu/github/workspace/docker-compose.yml up -d | |
docker image prune -f | |
# 배포 성공 시 master로 자동 merge | |
- name: Merge changes to master | |
run: | | |
git config --global user.email "[email protected]" | |
git config --global user.name "GitHub Actions" | |
git checkout master | |
git merge backend --no-edit | |
git push origin master | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |