mod::deploy.yml mysql-container secrets 설정 #31
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy | |
| on: | |
| push: | |
| branches: | |
| - deploy | |
| - dev/deploy1 | |
| jobs: | |
| build-and-docker: | |
| runs-on: ubuntu-latest | |
| steps: | |
| # 1. 코드 체크아웃 | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| # 2. JDK 설치 | |
| - name: Set up JDK 21 # 실행 환경에서 사용 중인 JDK 확인 (java -version) | |
| uses: actions/setup-java@v2 | |
| with: | |
| java-version: '21' | |
| distribution: 'temurin' | |
| # 3. Gradle Wrapper 검증 | |
| - name: Set up Gradle | |
| uses: gradle/wrapper-validation-action@v1 | |
| # 4. application.properties 생성 | |
| - name: Create application.properties | |
| run: | | |
| mkdir -p src/main/resources | |
| echo "spring.application.name=${{ secrets.SPRING_APPLICATION_NAME }}" > src/main/resources/application.properties | |
| echo "spring.datasource.url=${{ secrets.SPRING_DATASOURCE_URL }}" >> src/main/resources/application.properties | |
| echo "spring.datasource.username=${{ secrets.SPRING_DATASOURCE_USERNAME }}" >> src/main/resources/application.properties | |
| echo "spring.datasource.password=${{ secrets.SPRING_DATASOURCE_PASSWORD }}" >> src/main/resources/application.properties | |
| echo "spring.datasource.driver-class-name=${{ secrets.SPRING_DATASOURCE_DRIVER_CLASS_NAME }}" >> src/main/resources/application.properties | |
| echo "spring.jpa.hibernate.ddl-auto=create" >> src/main/resources/application.properties | |
| echo "jwt.secret-key=${{ secrets.JWT_SECRET_KEY }}" >> src/main/resources/application.properties | |
| echo "jwt.access.expiration=${{ secrets.JWT_ACCESS_EXPIRATION }}" >> src/main/resources/application.properties | |
| echo "jwt.refresh.expiration=${{ secrets.JWT_REFRESH_EXPIRATION }}" >> src/main/resources/application.properties | |
| echo "jwt.access.header=${{ secrets.JWT_ACCESS_HEADER }}" >> src/main/resources/application.properties | |
| echo "jwt.refresh.header=${{ secrets.JWT_REFRESH_HEADER }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.registration.google.client-id=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_CLIENT_ID }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.registration.google.client-secret=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_CLIENT_SECRET }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.registration.google.scope=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_SCOPE }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.registration.google.redirect-uri=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_REDIRECT_URI }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.registration.google.authorization-grant-type=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_AUTHORIZATION_GRANT_TYPE }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.registration.google.client-name=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_CLIENT_NAME }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.provider.google.authorization-uri=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_GOOGLE_AUTHORIZATION_URI }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.provider.google.token-uri=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_GOOGLE_TOKEN_URI }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.provider.google.user-info-uri=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_GOOGLE_USER_INFO_URI }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.provider.google.user-name-attribute=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_GOOGLE_USER_NAME_ATTRIBUTE }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.registration.kakao.client-id=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KAKAO_CLIENT_ID }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.registration.kakao.scope=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KAKAO_SCOPE }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.registration.kakao.redirect-uri=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KAKAO_REDIRECT_URI }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.registration.kakao.authorization-grant-type=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KAKAO_AUTHORIZATION_GRANT_TYPE }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.registration.kakao.client-name=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KAKAO_CLIENT_NAME }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.provider.kakao.authorization-uri=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_KAKAO_AUTHORIZATION_URI }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.provider.kakao.token-uri=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_KAKAO_TOKEN_URI }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.provider.kakao.user-info-uri=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_KAKAO_USER_INFO_URI }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.provider.kakao.user-name-attribute=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_KAKAO_USER_NAME_ATTRIBUTE }}" >> src/main/resources/application.properties | |
| echo "management.endpoints.web.exposure.include=health" >> src/main/resources/application.properties | |
| echo "management.endpoint.health.show-details=always" >> src/main/resources/application.properties | |
| # 5. Gradle 빌드 | |
| - name: Build with Gradle | |
| run: | | |
| cd ontime-back | |
| ./gradlew build -x test | |
| # 6. Docker Image 빌드 | |
| - name: Build the Docker image | |
| run: docker build ./ontime-back --file ./ontime-back/Dockerfile --tag ${{ secrets.DOCKER_IMAGE_NAME }}:latest | |
| - name: Login to Docker Hub using Access Token | |
| run: echo "${{ secrets.DOCKER_HUB_TOKEN }}" | docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin | |
| - name: Push the Docker image | |
| run: docker push ${{ secrets.DOCKER_IMAGE_NAME }}:latest | |
| deploy-to-ec2: | |
| needs: build-and-docker | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Deploy to EC2 | |
| uses: appleboy/ssh-action@master | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USER }} | |
| key: ${{ secrets.EC2_SSH_KEY }} | |
| source: ./ # 현재 GitHub Actions의 소스 코드 디렉토리 | |
| target: /home/ubuntu/OnTime-back/ # EC2 서버에 업로드될 디렉토리 | |
| script: | | |
| cd /home/ubuntu/OnTime-back/ontime-back | |
| CONTAINER_ID=$(sudo docker ps -aq --filter "name=ontime-container") | |
| if [ ! -z "$CONTAINER_ID" ]; then | |
| sudo docker stop $CONTAINER_ID | |
| sudo docker rm $CONTAINER_ID | |
| fi | |
| # 기존 컨테이너 중지 및 제거 | |
| sudo docker-compose down || true | |
| # 소스 코드 빌드 및 컨테이너 실행 | |
| sudo MYSQL_PASSWORD=${{ secrets.MYSQL_PASSWORD }} \ | |
| MYSQL_ROOT_PASSWORD=${{ secrets.MYSQL_ROOT_PASSWORD }} \ | |
| SPRING_DATASOURCE_PASSWORD=${{ secrets.SPRING_DATASOURCE_PASSWORD }} \ | |
| docker-compose up --build -d |