Docker Hub Push & 프로덕션 서버 EC2 배포 #45
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Docker Hub Push & 프로덕션 서버 EC2 배포 | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| version: | |
| description: 'Version number(ex: 1.1.0)' | |
| required: true | |
| jobs: | |
| build: | |
| if: github.ref == 'refs/heads/main' # main 브랜치에서만 실행 | |
| name: 빌드 작업 | |
| runs-on: ubuntu-latest | |
| env: | |
| SECRET_YML_CONTENT: ${{ secrets.SECRET_YML_CONTENT }} | |
| NEW_RELIC_YML: ${{ secrets.NEW_RELIC_YML }} | |
| JVM_XMS: ${{ secrets.PRODUCTION_MIN_MEMORY }} | |
| JVM_XMX: ${{ secrets.PRODUCTION_MAX_MEMORY }} | |
| DOCKER_ID: ${{ secrets.DOCKER_ID }} | |
| DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} | |
| DOCKER_IMAGE_NAME: ${{ secrets.DOCKER_BACKEND_IMAGE_NAME }} | |
| VERSION: ${{ github.event.inputs.version }} | |
| steps: | |
| - name: 코드 체크아웃 | |
| uses: actions/checkout@v4 | |
| - name: JDK 17 설정 | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: 'temurin' | |
| java-version: '17' | |
| - name: Gradle 설정 | |
| uses: gradle/gradle-build-action@v2 | |
| - name: application-secret.yml 등록 | |
| run: | | |
| echo "${SECRET_YML_CONTENT}" > src/main/resources/application-secret.yml | |
| - name: Set up newrelic.yml | |
| run: | | |
| echo "${{ env.NEW_RELIC_YML }}" > newrelic/newrelic.yml | |
| - name: 환경 변수 설정 | |
| run: | | |
| echo DOCKER_ID="${{ env.DOCKER_ID }}" >> gradle.properties | |
| echo DOCKER_PASSWORD="${{ env.DOCKER_PASSWORD }}" >> gradle.properties | |
| echo DOCKER_IMAGE_NAME="${{ env.DOCKER_IMAGE_NAME }}" >> gradle.properties | |
| echo JVM_XMS=${{ env.JVM_XMS }} >> gradle.properties | |
| echo JVM_XMX=${{ env.JVM_XMX }} >> gradle.properties | |
| echo "VERSION=${{ env.VERSION }}" >> gradle.properties | |
| - name: Gradle로 빌드 | |
| run: ./gradlew clean build --refresh-dependencies | |
| - name: Docker Hub에 로그인 | |
| run: echo "${{ env.DOCKER_PASSWORD }}" | docker login -u "${{ env.DOCKER_ID }}" --password-stdin | |
| - name: Jib로 Docker 이미지 빌드 및 푸시 | |
| run: ./gradlew jib -Ddocker.id="${{ env.DOCKER_ID }}" -Ddocker.password="${{ env.DOCKER_PASSWORD }}" -Ddocker.image.name="${{ env.DOCKER_IMAGE_NAME }}" | |
| deploy: | |
| if: github.ref == 'refs/heads/main' # main 브랜치에서만 실행 | |
| name: 프로덕션 서버 배포 작업 | |
| needs: build | |
| runs-on: ubuntu-latest | |
| env: | |
| # AWS 관련 | |
| # AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| # AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| # EC2_INSTANCE_ID: ${{ secrets.PRODUCTION_EC2_INSTANCE_ID }} | |
| # AWS_REGION: ap-northeast-2 | |
| EC2_HOST: ${{ secrets.PRODUCTION_EC2_HOST }} | |
| EC2_USER: ${{ secrets.EC2_USER }} | |
| EC2_KEY: ${{ secrets.EC2_KEY }} | |
| # Docker 관련 | |
| CONTAINER_NAME: sulmun2yong-production-server | |
| DOCKER_ID: ${{ secrets.DOCKER_ID }} | |
| DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} | |
| DOCKER_IMAGE_NAME: ${{ secrets.DOCKER_BACKEND_IMAGE_NAME }}:${{ github.event.inputs.version }} | |
| MONGODB_URL: ${{ secrets.PRODUCTION_MONGODB_URL }} | |
| MONGODB_DATABASE: ${{ secrets.PRODUCTION_MONGODB_DATABASE }} | |
| # Spring Boot 관련 | |
| COOKIE_DOMAIN: sulmoon.io | |
| FRONTEND_BASE_URL: https://www.sulmoon.io | |
| BACKEND_BASE_URL: https://api.sulmoon.io | |
| AI_SERVER_BASE_URL: http://ai.sulmoon.io:8000 | |
| steps: | |
| - name: EC2에 배포 | |
| uses: appleboy/[email protected] | |
| with: | |
| host: ${{ env.EC2_HOST }} | |
| username: ${{ env.EC2_USER }} | |
| key: ${{ env.EC2_KEY }} | |
| port: 22 | |
| debug: true | |
| script: | | |
| echo "${{ env.DOCKER_PASSWORD }}" | docker login -u "${{ env.DOCKER_ID }}" --password-stdin | |
| docker pull ${{ env.DOCKER_ID }}/${{ env.DOCKER_IMAGE_NAME }} | |
| docker stop ${{ env.CONTAINER_NAME }} || true | |
| docker rm ${{ env.CONTAINER_NAME }} || true | |
| docker run -d --name ${{ env.CONTAINER_NAME }} -p 8080:8080 \ | |
| -e SPRING_DATA_MONGODB_URI=${{ env.MONGODB_URL }} \ | |
| -e SPRING_DATA_MONGODB_DATABASE=${{ env.MONGODB_DATABASE }} \ | |
| -e FRONTEND_BASE-URL=${{ env.FRONTEND_BASE_URL }} \ | |
| -e BACKEND_BASE-URL=${{ env.BACKEND_BASE_URL }} \ | |
| -e AI-SERVER_BASE-URL=${{ env.AI_SERVER_BASE_URL }} \ | |
| -e COOKIE_DOMAIN=${{ env.COOKIE_DOMAIN }} \ | |
| ${{ env.DOCKER_ID }}/${{ env.DOCKER_IMAGE_NAME }} | |
| docker image prune -af | |
| # steps: | |
| # - name: AWS 로그인 | |
| # uses: aws-actions/configure-aws-credentials@v4 | |
| # with: | |
| # aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }} | |
| # aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }} | |
| # aws-region: ${{ env.AWS_REGION }} | |
| # | |
| # - name: SSM으로 EC2에 배포 | |
| # run: | | |
| # aws --no-cli-pager ssm send-command \ | |
| # --document-name "AWS-RunShellScript" \ | |
| # --targets "Key=instanceIds, Values=${{ env.EC2_INSTANCE_ID}}" \ | |
| # --parameters '{"commands" : ["echo \"${{ env.DOCKER_PASSWORD }}\" | docker login -u \"${{ env.DOCKER_ID }}\" --password-stdin", | |
| # "docker pull ${{ env.DOCKER_ID }}/${{ env.DOCKER_IMAGE_NAME }}", | |
| # "docker stop ${{ env.CONTAINER_NAME }} || true", | |
| # "docker rm ${{ env.CONTAINER_NAME }} || true", | |
| # "docker run -d --name ${{ env.CONTAINER_NAME }} -p 8080:8080 -e SPRING_DATA_MONGODB_URI=${{ env.MONGODB_URL }} -e SPRING_DATA_MONGODB_DATABASE=${{ env.MONGODB_DATABASE }} -e FRONTEND_BASE-URL=${{ env.FRONTEND_BASE_URL }} -e BACKEND_BASE-URL=${{ env.BACKEND_BASE_URL }} -e AI-SERVER_BASE-URL=${{ env.AI_SERVER_BASE_URL }} -e COOKIE_DOMAIN=${{ env.COOKIE_DOMAIN }} ${{ env.DOCKER_ID }}/${{ env.DOCKER_IMAGE_NAME }}", | |
| # "docker image prune -af"]}' |