refactor: 배포 설정 중 #15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD Pipeline | |
| on: | |
| push: | |
| branches: | |
| - main | |
| jobs: | |
| build-and-deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| # Checkout the code | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| # Log in to Docker Hub | |
| - name: Log in to Docker Hub | |
| run: echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin | |
| # Build and Push Docker Image | |
| - name: Build and Push Docker Image | |
| run: | | |
| docker build -t ${{ secrets.DOCKER_USERNAME }}/bookmile-app:latest . | |
| docker push ${{ secrets.DOCKER_USERNAME }}/bookmile-app:latest | |
| # .env 파일 생성 | |
| - name: Create .env File | |
| run: | | |
| echo "SPRING_DATASOURCE_URL=${{ secrets.SPRING_DATASOURCE_URL }}" >> ./.env | |
| echo "MYSQL_ROOT_PASSWORD=${{ secrets.MYSQL_ROOT_PASSWORD }}" >> ./.env | |
| echo "MYSQL_DATABASE=${{ secrets.MYSQL_DATABASE }}" >> ./.env | |
| echo "MYSQL_USER=${{ secrets.MYSQL_USER }}" >> ./.env | |
| echo "MYSQL_PASSWORD=${{ secrets.MYSQL_PASSWORD }}" >> ./.env | |
| echo "JWT_SECRET_KEY=${{ secrets.JWT_SECRET_KEY }}" >> ./.env | |
| echo "REDIS_HOST=${{ secrets.REDIS_HOST }}" >> ./.env | |
| echo "REDIS_PORT=${{ secrets.REDIS_PORT }}" >> ./.env | |
| echo "AWS_ACCESS_KEY=${{ secrets.AWS_ACCESS_KEY }}" >> ./.env | |
| echo "AWS_SECRET_KEY=${{ secrets.AWS_SECRET_KEY }}" >> ./.env | |
| echo "AWS_BUCKET_FOLDER=${{ secrets.AWS_BUCKET_FOLDER }}" >> ./.env | |
| echo "AWS_BUCKET_PROFILE_FOLDER=${{ secrets.AWS_BUCKET_PROFILE_FOLDER }}" >> ./.env | |
| echo "AWS_BUCKET_MAIN_PROFILE=${{ secrets.AWS_BUCKET_MAIN_PROFILE }}" >> ./.env | |
| # .env 내용 확인 | |
| - name: Reading env file | |
| run: | | |
| cat ./.env | |
| ls ./ | |
| # .gitignore에 있는 properties 파일 추가 | |
| - name: Add prod_properties | |
| run: | | |
| touch ./src/main/resources/application-oauth.properties | |
| touch ./src/main/resources/application-private.properties | |
| echo "${{ secrets.OAUTHPROPERTIES }}" > ./src/main/resources/application-oauth.properties | |
| echo "${{ secrets.PRIVATEPROPERTIES }}" > ./src/main/resources/application-private.properties | |
| # Transfer Files to EC2 | |
| - name: Transfer Files to EC2 | |
| uses: appleboy/scp-action@v0.1.7 | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ubuntu | |
| key: ${{ secrets.EC2_KEY }} | |
| source: | | |
| ./ | |
| target: ~/backend/ | |
| # Deploy Docker Containers on EC2 | |
| - name: Deploy Docker Containers | |
| uses: appleboy/ssh-action@v1.2.0 | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ubuntu | |
| key: ${{ secrets.EC2_KEY }} | |
| script: | | |
| cd ~/backend | |
| docker-compose down | |
| docker-compose up -d | |
| # Obtain SSL Certificates with Certbot | |
| - name: Obtain SSL Certificates with Certbot | |
| uses: appleboy/ssh-action@v1.2.0 | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ubuntu | |
| key: ${{ secrets.EC2_KEY }} | |
| script: | | |
| docker-compose run --rm certbot certonly --webroot -w /var/www/certbot -d bookmile.site -d www.bookmile.site | |
| docker-compose restart nginx | |
| # Verify Deployment | |
| - name: Verify Deployment | |
| uses: appleboy/ssh-action@v1.2.0 | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ubuntu | |
| key: ${{ secrets.EC2_KEY }} | |
| script: | | |
| curl -I https://bookmile.site |