Merge branch 'main' of https://github.com/PND-Gamjakkang/PND-Server #54
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to AWS EC2 using Docker | |
| on: | |
| push: | |
| branches: | |
| - main | |
| env: | |
| DOCKER_IMAGE_NAME: khyaejin/pnd | |
| EC2_HOST: 13.124.4.73 | |
| EC2_SSH_USER: ubuntu | |
| PRIVATE_KEY: ${{ secrets.EC2_SSH_PRIVATE_KEY }} | |
| CONTAINER_NAME: pnd-container | |
| # 임의로 application.properties에서 민감한 정보 관리 | |
| # # DB 설정 | |
| # DB_URL: ${{ secrets.DB_URL }} | |
| # DB_USERNAME: ${{ secrets.DB_USERNAME }} | |
| # DB_PASSWORD: ${{ secrets.DB_PASSWORD }} | |
| # | |
| # # S3 설정 | |
| # ACCESS_KEY: ${{ secrets.ACCESS_KEY }} | |
| # SECRET_KEY: ${{ secrets.SECRET_KEY }} | |
| # GITHUB_REPORT_IMAGE_BUKET_NAME: ${{ secrets.GITHUB_REPORT_IMAGE_BUKET_NAME }} | |
| # USER_IMAGE_BUKET_NAME: ${{ secrets.USER_IMAGE_BUKET_NAME }} | |
| # REGION: ${{ secrets.REGION }} | |
| # | |
| # # JWT 설정 | |
| # JWT_SECRET: ${{ secrets.JWT_SECRET }} | |
| # JWT_REDIRECT_URI: ${{ secrets.JWT_REDIRECT_URI }} | |
| # ACCESS_TOKEN_EXPIRATION_TIME: ${{ secrets.ACCESS_TOKEN_EXPIRATION_TIME }} | |
| # REFRESH_TOKEN_EXPIRATION_TIME: ${{ secrets.REFRESH_TOKEN_EXPIRATION_TIME }} | |
| # | |
| # # GitHub OAuth2 설정 | |
| # OAUTH_GITHUB_CLIENT_ID: ${{ secrets.OAUTH_GITHUB_CLIENT_ID }} | |
| # OAUTH_GITHUB_CLIENT_SECRET: ${{ secrets.OAUTH_GITHUB_CLIENT_SECRET }} | |
| # OAUTH_GITHUB_SCOPE: ${{ secrets.OAUTH_GITHUB_SCOPE }} | |
| # OAUTH_GITHUB_REDIRECT_URI: ${{ secrets.OAUTH_GITHUB_REDIRECT_URI }} | |
| # OAUTH_GITHUB_AUTHORIZATION_GRANT_TYPE: ${{ secrets.OAUTH_GITHUB_AUTHORIZATION_GRANT_TYPE }} | |
| # OAUTH_GITHUB_TOKEN_URI: ${{ secrets.OAUTH_GITHUB_TOKEN_URI }} | |
| # | |
| # # OpenAI API 설정 | |
| # OPEN_AI_KEY: ${{ secrets.OPEN_AI_KEY }} | |
| # OPEN_AI_URL: ${{ secrets.OPEN_AI_URL }} | |
| jobs: | |
| build-and-push-docker: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| # SSH 에이전트 시작 및 프라이빗 키 추가 | |
| - name: Start SSH Agent | |
| uses: webfactory/ssh-agent@v0.5.3 | |
| with: | |
| ssh-private-key: ${{ secrets.EC2_SSH_PRIVATE_KEY }} | |
| # application-secret.properties 설정 | |
| - name: Set up application.properties | |
| run: | | |
| echo "${{ secrets.APPLICATION }}" > ./src/main/resources/application.properties | |
| - name: Build with Gradle | |
| run: ./gradlew build | |
| - name: Build the Docker image | |
| run: docker build . --file Dockerfile --tag ${{ env.DOCKER_IMAGE_NAME }}:latest | |
| - name: Login to Docker Hub using Access Token | |
| run: echo "${{ secrets.DOCKER_HUB_TOKEN }}" | docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin | |
| - name: Push the Docker image | |
| run: docker push ${{ env.DOCKER_IMAGE_NAME }}:latest | |
| deploy-to-ec2: | |
| needs: build-and-push-docker | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Start SSH Agent | |
| uses: webfactory/ssh-agent@v0.5.3 | |
| with: | |
| ssh-private-key: ${{ secrets.EC2_SSH_PRIVATE_KEY }} | |
| - name: Deploy to EC2 | |
| uses: appleboy/ssh-action@master | |
| with: | |
| host: ${{ env.EC2_HOST }} | |
| username: ${{ env.EC2_SSH_USER }} | |
| key: ${{ env.PRIVATE_KEY }} | |
| script: | | |
| # 기존 컨테이너가 있는지 확인하고 삭제 | |
| CONTAINER_ID=$(sudo docker ps -a -q --filter "name=${{ env.CONTAINER_NAME }}") | |
| if [ ! -z "$CONTAINER_ID" ]; then | |
| echo "Stopping and removing existing container $CONTAINER_ID" | |
| sudo docker stop $CONTAINER_ID || true | |
| sudo docker rm $CONTAINER_ID || true | |
| fi | |
| # 최신 이미지로 Docker 컨테이너 실행 | |
| sudo docker pull ${{ env.DOCKER_IMAGE_NAME }} | |
| sudo docker run --name ${{ env.CONTAINER_NAME }} -d -p 8080:8080 -e TZ=Asia/Seoul ${{ env.DOCKER_IMAGE_NAME }} |