-
Notifications
You must be signed in to change notification settings - Fork 0
125 lines (101 loc) · 3.94 KB
/
ec2-deploy.yml
File metadata and controls
125 lines (101 loc) · 3.94 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
name: EC2 Deploy (RDS + Atlas)
on:
push:
branches: [ develop ]
paths-ignore:
- 'README.md'
- 'docs/**'
workflow_dispatch:
jobs:
# ----------------------------------------------------------------
# 1. 빌드 및 도커 허브 푸시
# ----------------------------------------------------------------
build:
name: Build & Push
runs-on: ubuntu-latest
outputs:
image_tag: ${{ steps.set-tag.outputs.image_tag }}
steps:
- name: Checkout
uses: actions/checkout@v4
# .env 파일 생성 (테스트/빌드 시 필요하다면 복원, 없으면 생략 가능)
- name: Create .env
run: echo "${{ secrets.APP_ENV_B64 }}" | base64 --decode > .env
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '17'
cache: 'gradle'
- name: Build with Gradle
run: |
chmod +x gradlew
./gradlew clean bootJar --no-daemon
- name: Set Image Tag
id: set-tag
run: |
SHA_SHORT=$(git rev-parse --short HEAD)
echo "image_tag=$SHA_SHORT" >> $GITHUB_OUTPUT
- name: Docker Login
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build & Push
run: |
TAG=${{ steps.set-tag.outputs.image_tag }}
REPO=${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKERHUB_REPOSITORY }}
docker build -t $REPO:$TAG .
docker push $REPO:$TAG
# latest 태그 갱신
docker tag $REPO:$TAG $REPO:latest
docker push $REPO:latest
# ----------------------------------------------------------------
# 2. EC2 배포 (앱 컨테이너만 갱신)
# ----------------------------------------------------------------
deploy:
name: Deploy to EC2
needs: build
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/develop'
environment: development
steps:
- name: Checkout
uses: actions/checkout@v4
# docker-compose.yml 파일 전송을 위해 체크아웃
- name: Create .env for Production
run: |
# 1. RDS, Atlas 정보가 담긴 .env 복원
echo "${{ secrets.APP_ENV_B64 }}" | base64 --decode > .env
# 2. 이번에 빌드한 이미지 태그 추가 (docker-compose가 읽음)
echo "IMAGE_TAG=${{ needs.build.outputs.image_tag }}" >> .env
# 3. 도커 허브 사용자명 추가 (docker-compose 이미지 경로용)
echo "DOCKERHUB_USERNAME=${{ secrets.DOCKERHUB_USERNAME }}" >> .env
- name: Setup SSH
run: |
mkdir -p ~/.ssh
echo "${{ secrets.EC2_SSH_KEY }}" > ~/.ssh/deploy_key
chmod 600 ~/.ssh/deploy_key
ssh-keyscan -H ${{ secrets.EC2_HOST }} >> ~/.ssh/known_hosts
- name: Transfer Config Files
run: |
# docker-compose.yml과 .env 파일을 서버로 전송
scp -i ~/.ssh/deploy_key docker-compose.yml .env ${{ secrets.EC2_USER }}@${{ secrets.EC2_HOST }}:/home/${{ secrets.EC2_USER }}/
- name: Deploy on EC2
run: |
ssh -i ~/.ssh/deploy_key ${{ secrets.EC2_USER }}@${{ secrets.EC2_HOST }} << 'EOF'
set -e
echo "Login to Docker Hub..."
echo "${{ secrets.DOCKERHUB_TOKEN }}" | docker login --username "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin
echo "Deploying Application..."
# 1. 최신 이미지 Pull
docker compose pull
# 2. 컨테이너 재실행 (기존 컨테이너 삭제 후 재생성)
docker compose up -d --force-recreate
echo "Cleanup..."
# 3. 미사용 이미지 삭제
docker image prune -f
EOF
- name: Remove SSH Key
if: always()
run: rm -f ~/.ssh/deploy_key