π README.md μ λ°μ΄νΈ #12
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Server CI/CD | |
| on: | |
| push: | |
| branches: [ main ] | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| env: | |
| RDS_ENDPOINT: ${{secrets.RDS_ENDPOINT}} | |
| MYSQL_USER: ${{secrets.MYSQL_USER}} | |
| MYSQL_PASSWORD: ${{secrets.MYSQL_PASSWORD}} | |
| AWS_ACCESS_KEY: ${{secrets.AWS_ACCESS_KEY}} | |
| AWS_SECRET_KEY: ${{secrets.AWS_SECRET_KEY}} | |
| AWS_BUCKET_NAME: ${{secrets.AWS_BUCKET_NAME}} | |
| ADMIN_EMAIL: ${{secrets.ADMIN_EMAIL}} | |
| GUEST_EMAIL: ${{secrets.GUEST_EMAIL}} | |
| GROWSTORY_EMAIL_USERNAME: ${{secrets.GROWSTORY_EMAIL_USERNAME}} | |
| GROWSTORY_EMAIL_PASSWORD: ${{secrets.GROWSTORY_EMAIL_PASSWORD}} | |
| G_CLIENT_ID: ${{secrets.G_CLIENT_ID}} | |
| G_CLIENT_SECRET: ${{secrets.G_CLIENT_SECRET}} | |
| JWT_SECRET_KEY: ${{secrets.JWT_SECRET_KEY}} | |
| KEY_STORE_PASSWORD: ${{secrets.KEY_STORE_PASSWORD}} | |
| EVENT_KEY: ${{secrets.EVENT_KEY}} | |
| working-directory: ./server | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - name: Set up JDK 11 | |
| uses: actions/setup-java@v2 | |
| with: | |
| java-version: '11' | |
| distribution: 'zulu' | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x gradlew | |
| working-directory: ${{ env.working-directory }} | |
| - name: Build with Gradle | |
| run: ./gradlew build | |
| working-directory: ${{ env.working-directory }} | |
| - name: Docker build | |
| run: | | |
| docker login -u ${{ secrets.DOCKER_HUB_USERNAME }} -p ${{ secrets.DOCKER_HUB_PASSWORD }} | |
| docker build \ | |
| --build-arg MYSQL_USER="${{env.MYSQL_USER}}" \ | |
| --build-arg MYSQL_PASSWORD="${{env.MYSQL_PASSWORD}}" \ | |
| --build-arg RDS_ENDPOINT="${{env.RDS_ENDPOINT}}" \ | |
| --build-arg AWS_ACCESS_KEY="${{env.AWS_ACCESS_KEY}}" \ | |
| --build-arg AWS_SECRET_KEY="${{env.AWS_SECRET_KEY}}" \ | |
| --build-arg AWS_BUCKET_NAME="${{env.AWS_BUCKET_NAME}}" \ | |
| --build-arg ADMIN_EMAIL="${{env.ADMIN_EMAIL}}" \ | |
| --build-arg GUEST_EMAIL="${{env.GUEST_EMAIL}}" \ | |
| --build-arg GROWSTORY_EMAIL_USERNAME="${{env.GROWSTORY_EMAIL_USERNAME}}" \ | |
| --build-arg GROWSTORY_EMAIL_PASSWORD="${{env.GROWSTORY_EMAIL_PASSWORD}}" \ | |
| --build-arg G_CLIENT_ID="${{env.G_CLIENT_ID}}" \ | |
| --build-arg G_CLIENT_SECRET="${{env.G_CLIENT_SECRET}}" \ | |
| --build-arg JWT_SECRET_KEY="${{env.JWT_SECRET_KEY}}" \ | |
| --build-arg KEY_STORE_PASSWORD="${{env.KEY_STORE_PASSWORD}}" \ | |
| --build-arg EVENT_KEY="${{env.EVENT_KEY}}" \ | |
| -t growstory-cicd . | |
| docker tag growstory-cicd leest/growstory-cicd:${GITHUB_SHA::7} | |
| docker push leest/growstory-cicd:${GITHUB_SHA::7} | |
| working-directory: ${{ env.working-directory }} | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }} | |
| aws-region: ap-northeast-2 | |
| - name: SSH Connection and Deploy to Server | |
| uses: appleboy/ssh-action@master | |
| with: | |
| host: ${{ secrets.AWS_SSH_HOST }} | |
| username: ${{ secrets.AWS_SSH_USERNAME }} | |
| key: ${{ secrets.AWS_SSH_KEY }} | |
| envs: GITHUB_SHA | |
| script: | | |
| sudo docker rm -f server | |
| sudo docker pull leest/growstory-cicd:${GITHUB_SHA::7} | |
| sudo docker tag leest/growstory-cicd:${GITHUB_SHA::7} growstory-cicd | |
| sudo docker run -d --name server -e TZ=Asia/Seoul -p 443:443 growstory-cicd |