Skip to content

securit pertmi

securit pertmi #40

Workflow file for this run

name: CI/CD using github actions & docker
on:
push:
branches: [ "main" ]
jobs:
auto-deploy:
runs-on: ubuntu-latest
steps:
#Runner에 git checkout
- uses: actions/checkout@v4
#Runner에 자바17 환경 세팅
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'adopt'
#gradle caching - 빌드 시간 향상
- name: Gradle Caching
uses: actions/cache@v4
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
restore-keys: |
${{ runner.os }}-gradle-
# 배포용 yml 파일 생성
- name: make application.yml
run: |
cd ./src/main/resources
touch ./application.yml #application.yml 생성
echo "${{ secrets.YML }}" > ./application.yml # github actions에서 설정한 값을 application.yml 파일에 쓰기
shell: bash
# gradlew 권한 설정
- name: Grant execute permission to gradlew
run: chmod +x ./gradlew
#json타입 키 값 생성 (github actions는 json타입을 secret에 저장할 시 ""를 제외시킴. 따라서 다시 JSON타입으로 만들어야 함)
- name: create-json
id: create-json
uses: jsdaniell/[email protected]
with:
name: "soc.json"
json: ${{ secrets.GCS_KEY }}
# gradle build & soc.json 위치 이동
- name: Build with Gradle
run: |
./gradlew build -x test
# docker build & push to production
- name: Docker build & push to prod
run: |
docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }}
docker build -t ${{ secrets.DOCKER_USERNAME }}/sc5-spring .
docker push ${{ secrets.DOCKER_USERNAME }}/sc5-spring
- name: Pull and restart Docker Container #aws 권한 설정 #key 설정6
uses: appleboy/ssh-action@master
with:
key: ${{ secrets.SSH_KEY }}
host: ${{ secrets.HOST }} # EC2 퍼블릭 IPv4 DNS
username: ${{ secrets.USER }} #ip 주소로 변경
script: |
docker stop $(docker ps -a -q)
docker rm $(docker ps -a -q)
docker image rm ${{ secrets.DOCKER_USERNAME }}/sc5-spring
docker run -d -p 8080:8080 ${{ secrets.DOCKER_USERNAME }}/sc5-spring:latest