Skip to content

Merge pull request #21 from CSID-DGU/feat/course #85

Merge pull request #21 from CSID-DGU/feat/course

Merge pull request #21 from CSID-DGU/feat/course #85

name: spring-actions
on:
push:
branches: [ "backend" ]
paths:
- '**/*.java'
- '**/build.gradle*'
- '**/settings.gradle*'
- '**/application*.yml'
- '**/*.yaml'
- '**/docker-compose.yml'
- '**/Dockerfile'
- '**/*.conf'
pull_request:
branches: [ "backend" ]
paths:
- '**/*.java'
- '**/build.gradle*'
- '**/settings.gradle*'
- '**/application*.yml'
- '**/*.yaml'
- '**/docker-compose.yml'
- '**/Dockerfile'
- '**/*.conf'
permissions:
contents: write
jobs:
build:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0 # 전체 히스토리 받아오기
- name: Set up JDK 11
uses: actions/setup-java@v3
with:
java-version: '11'
distribution: 'corretto'
# yml 파일 prod 버전으로 변경
- name: Set YML
run: |
echo "${{ secrets.APPLICATION_YML }}" | base64 --decode > backend/src/main/resources/application.yml
find backend/src/main/resources
## gradle caching push
- name: Gradle Caching
uses: actions/cache@v3
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
restore-keys: |
${{ runner.os }}-gradle-
- name: Grant execute permission for gradlew
run: chmod +x ./gradlew
working-directory: ${{ secrets.WORKING_BACKEND }}
# sentry
- name: Install Sentry CLI
run: curl -sL https://sentry.io/get-cli/ | bash
- name: Sentry CLI Login
run: sentry-cli login --auth-token ${{ secrets.SENTRY_AUTH_TOKEN }}
- name: Build with Gradle
run: ./gradlew clean build -x test
working-directory: ${{ secrets.WORKING_BACKEND }}
env:
SPRING_DATASOURCE_URL: ${{ secrets.DB_URL }}
SPRING_DATASOURCE_DRIVER: ${{ secrets.DB_DRIVER }}
SPRING_DATASOURCE_USERNAME: ${{ secrets.DB_USERNAME }}
SPRING_DATASOURCE_PASSWORD: ${{ secrets.DB_PASSWORD }}
JWT_SECRET: ${{ secrets.JWT_SECRET }}
GOOGLE_CLIENT_NAME: ${{ secrets.GOOGLE_CLIENT_NAME }}
GOOGLE_CLIENT_ID: ${{ secrets.GOOGLE_CLIENT_ID }}
GOOGLE_CLINET_SECRET: ${{ secrets.GOOGLE_CLINET_SECRET }}
GOOGLE_REDIRECT_URI: ${{ secrets.GOOGLE_REDIRECT_URI }}
GOOGLE_AUTHORIZATION_GRANT_TYPE: ${{ secrets.GOOGLE_AUTHORIZATION_GRANT_TYPE }}
GOOGLE_SCOPE: ${{ secrets.GOOGLE_SCOPE }}
- name: Create env file
run: |
echo SPRING_DATASOURCE_URL=${{ secrets.DB_URL }} >> .env
echo SPRING_DATASOURCE_DRIVER=${{ secrets.DB_DRIVER }} >> .env
echo SPRING_DATASOURCE_USERNAME=${{ secrets.DB_USERNAME }} >> .env
echo SPRING_DATASOURCE_PASSWORD=${{ secrets.DB_PASSWORD }} >> .env
echo JWT_SECRET=${{ secrets.JWT_SECRET }} >> .env
echo GOOGLE_CLIENT_NAME=${{ secrets.GOOGLE_CLIENT_NAME }} >> .env
echo GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID }} >> .env
echo GOOGLE_CLINET_SECRET=${{ secrets.GOOGLE_CLINET_SECRET }} >> .env
echo GOOGLE_REDIRECT_URI=${{ secrets.GOOGLE_REDIRECT_URI }} >> .env
echo GOOGLE_AUTHORIZATION_GRANT_TYPE=${{ secrets.GOOGLE_AUTHORIZATION_GRANT_TYPE }} >> .env
echo GOOGLE_SCOPE=${{ secrets.GOOGLE_SCOPE }} >> .env
## 이미지 빌드 및 도커허브에 push ..
- name: Login to Docker Hub
run: echo ${{ secrets.DOCKER_PASSWORD }} | docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin
- name: backend docker build and push
run: |
docker build -f Dockerfile.prod -t ${{ secrets.DOCKER_REPO }}/togethering:1.0 .
docker push ${{ secrets.DOCKER_REPO }}/togethering:1.0
working-directory: ${{ secrets.WORKING_BACKEND }}
- name: nginx docker build and push
run: |
docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }}
docker build -f Dockerfile -t ${{ secrets.DOCKER_REPO }}/togethering-nginx:latest .
docker push ${{ secrets.DOCKER_REPO }}/togethering-nginx:latest
working-directory: ${{ secrets.WORKING_NGINX }}
- name: Copy docker-compose.yml to EC2
uses: appleboy/scp-action@master
with:
host: ${{ secrets.HOST }}
username: ubuntu
key: ${{ secrets.KEY }}
source: "/github/workspace/docker-compose.yml"
target: "/home/ubuntu/"
- name: Copy .env to EC2
uses: appleboy/scp-action@master
with:
host: ${{ secrets.HOST }}
username: ubuntu
key: ${{ secrets.KEY }}
source: "/github/workspace/.env"
target: "/home/ubuntu/"
## docker compose up
# HOST : 인스턴스 주소
# KEY : rsa - 전부 복사, % 제외
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.HOST }}
username: ubuntu
key: ${{ secrets.KEY }}
script: |
echo ${{ secrets.DOCKER_PASSWORD }} | sudo docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin
if [ "$(docker ps -qa)" ]; then
sudo docker rm -f $(docker ps -qa)
fi
sudo docker pull ${{ secrets.DOCKER_REPO }}/togethering:1.0
sudo docker pull ${{ secrets.DOCKER_REPO }}/togethering-nginx:latest
docker-compose -f /home/ubuntu/github/workspace/docker-compose.yml up -d
docker image prune -f
# 배포 성공 시 master로 자동 merge
- name: Merge changes to master
run: |
git config --global user.email "[email protected]"
git config --global user.name "GitHub Actions"
git checkout master
git merge backend --no-edit
git push origin master
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}