securit pertmi #40
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI/CD using github actions & docker | |
on: | |
push: | |
branches: [ "main" ] | |
jobs: | |
auto-deploy: | |
runs-on: ubuntu-latest | |
steps: | |
#Runner에 git checkout | |
- uses: actions/checkout@v4 | |
#Runner에 자바17 환경 세팅 | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v3 | |
with: | |
java-version: '17' | |
distribution: 'adopt' | |
#gradle caching - 빌드 시간 향상 | |
- name: Gradle Caching | |
uses: actions/cache@v4 | |
with: | |
path: | | |
~/.gradle/caches | |
~/.gradle/wrapper | |
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
restore-keys: | | |
${{ runner.os }}-gradle- | |
# 배포용 yml 파일 생성 | |
- name: make application.yml | |
run: | | |
cd ./src/main/resources | |
touch ./application.yml #application.yml 생성 | |
echo "${{ secrets.YML }}" > ./application.yml # github actions에서 설정한 값을 application.yml 파일에 쓰기 | |
shell: bash | |
# gradlew 권한 설정 | |
- name: Grant execute permission to gradlew | |
run: chmod +x ./gradlew | |
#json타입 키 값 생성 (github actions는 json타입을 secret에 저장할 시 ""를 제외시킴. 따라서 다시 JSON타입으로 만들어야 함) | |
- name: create-json | |
id: create-json | |
uses: jsdaniell/[email protected] | |
with: | |
name: "soc.json" | |
json: ${{ secrets.GCS_KEY }} | |
# gradle build & soc.json 위치 이동 | |
- name: Build with Gradle | |
run: | | |
./gradlew build -x test | |
# docker build & push to production | |
- name: Docker build & push to prod | |
run: | | |
docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} | |
docker build -t ${{ secrets.DOCKER_USERNAME }}/sc5-spring . | |
docker push ${{ secrets.DOCKER_USERNAME }}/sc5-spring | |
- name: Pull and restart Docker Container #aws 권한 설정 #key 설정6 | |
uses: appleboy/ssh-action@master | |
with: | |
key: ${{ secrets.SSH_KEY }} | |
host: ${{ secrets.HOST }} # EC2 퍼블릭 IPv4 DNS | |
username: ${{ secrets.USER }} #ip 주소로 변경 | |
script: | | |
docker stop $(docker ps -a -q) | |
docker rm $(docker ps -a -q) | |
docker image rm ${{ secrets.DOCKER_USERNAME }}/sc5-spring | |
docker run -d -p 8080:8080 ${{ secrets.DOCKER_USERNAME }}/sc5-spring:latest |