Merge pull request #85 from Team-ReMind/hotfix/3 #97
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# cicd.yml | |
# github repository Actions 페이지에 나타낼 이름 | |
name: Re:mind CI/CD with Gradle | |
# event trigger | |
# main 브랜치에 push 했을 때 실행되는 트리거 | |
on: | |
push: | |
branches: [ "master" ] | |
# permissions: write-all | |
jobs: | |
build: | |
runs-on: ubuntu-20.04 | |
steps: | |
- uses: actions/checkout@v3 | |
- name: 🐧Set up JDK 17 | |
uses: actions/setup-java@v3 | |
with: | |
java-version: '17' | |
distribution: 'temurin' | |
- name: 🐧Gradle Caching | |
uses: actions/cache@v3 | |
with: | |
path: | | |
~/.gradle/caches | |
~/.gradle/wrapper | |
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
restore-keys: | | |
${{ runner.os }}-gradle- | |
- name: 🐧Set ".env" for configuration at NCP Server | |
uses: appleboy/ssh-action@master | |
with: | |
username: ${{ secrets.NCP_SERVER_USERNAME }} | |
host: ${{ secrets.NCP_SERVER_HOST }} | |
password: ${{ secrets.NCP_SERVER_PASSWORD }} | |
script: | | |
rm -rf ./.env | |
touch ./.env | |
echo "DB_USERNAME=${{ secrets.DB_USERNAME }}" >> ./.env | |
echo "DB_PASSWORD=${{ secrets.DB_PASSWORD }}" >> ./.env | |
echo "DB_HOST=${{ secrets.DB_HOST }}" >> ./.env | |
echo "DB_PORT=${{ secrets.DB_PORT }}" >> ./.env | |
echo "DB_DATABASE=${{ secrets.DB_DATABASE }}" >> ./.env | |
echo "NCP_CONTAINER_REGISTRY_PUBLIC_ENDPOINT=${{ secrets.NCP_CONTAINER_REGISTRY_PUBLIC_ENDPOINT }}" >> ./.env | |
echo "NCP_CONTAINER_REGISTRY_IMAGE=${{ secrets.NCP_CONTAINER_REGISTRY_IMAGE }}" >> ./.env | |
echo "JWT_SECRET_KEY=${{ secrets.JWT_SECRET_KEY }}" >> ./.env | |
echo "ACCESS_EXPIRATION_SECONDS=${{ secrets.ACCESS_EXPIRATION_SECONDS }}" >> ./.env | |
echo "REFRESH_EXPIRATION_SECONDS=${{ secrets.REFRESH_EXPIRATION_SECONDS }}" >> ./.env | |
echo "GOOGLE_FCM_SERVICE_SECRET=${{ secrets.GOOGLE_FCM_SERVICE_SECRET }}" >> ./.env | |
echo "GOOGLE_FCM_SERVICE_PROJECTID=${{ secrets.GOOGLE_FCM_SERVICE_PROJECTID }}" >> ./.env | |
echo "PATIENT_IMAGE=${{ secrets.PATIENT_IMAGE }}" >> ./.env | |
echo "DOCTOR_IMAGE=${{ secrets.DOCTOR_IMAGE }}" >> ./.env | |
echo "CENTER_IMAGE=${{ secrets.CENTER_IMAGE }}" >> ./.env | |
- name: 🐧gradle build를 위한 권한을 부여합니다. | |
run: chmod +x gradlew | |
- name: 🐧gradle build 중입니다. | |
run: ./gradlew build | |
shell: bash # ci는 여기까지 | |
- name: 🐧NCP Container Registry에 로그인, docker image build 후 NCP Container Registry에 push합니다.. | |
run: | | |
docker login -u ${{ secrets.NCP_API_ACCESS_KEY }} -p ${{ secrets.NCP_API_SECRET_KEY }} ${{ secrets.NCP_CONTAINER_REGISTRY_PUBLIC_ENDPOINT }} | |
docker build -f ./.deploy/Dockerfile -t ${{ secrets.NCP_CONTAINER_REGISTRY_PUBLIC_ENDPOINT }}/${{ secrets.NCP_CONTAINER_REGISTRY_IMAGE }} . | |
docker push ${{ secrets.NCP_CONTAINER_REGISTRY_PUBLIC_ENDPOINT }}/${{ secrets.NCP_CONTAINER_REGISTRY_IMAGE }} | |
- name: 🐧 docker-compose.yml을 서버에 옮깁니다. | |
uses: appleboy/scp-action@master | |
with: | |
username: ${{ secrets.NCP_SERVER_USERNAME }} | |
host: ${{ secrets.NCP_SERVER_HOST }} | |
password: ${{ secrets.NCP_SERVER_PASSWORD }} | |
source: "./.deploy/docker-compose.yml" | |
target: "/root" | |
strip_components: 2 | |
- name: 🐧NCP Container Registry에서 pull 후 deploy합니다. | |
uses: appleboy/ssh-action@master | |
with: | |
username: ${{ secrets.NCP_SERVER_USERNAME }} | |
host: ${{ secrets.NCP_SERVER_HOST }} | |
password: ${{ secrets.NCP_SERVER_PASSWORD }} | |
script: | | |
docker login -u ${{ secrets.NCP_API_ACCESS_KEY }} -p ${{ secrets.NCP_API_SECRET_KEY }} ${{ secrets.NCP_CONTAINER_REGISTRY_PUBLIC_ENDPOINT }} | |
sudo docker pull ${{ secrets.NCP_CONTAINER_REGISTRY_PUBLIC_ENDPOINT }}/${{ secrets.NCP_CONTAINER_REGISTRY_IMAGE }} | |
sudo docker rm -f $(docker ps -qa) || true | |
docker compose up -d | |
docker image prune -f |