mod::docker-compose 파일 추가 #122
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy | |
| on: | |
| push: | |
| branches: | |
| - deploy | |
| jobs: | |
| build-and-docker: | |
| runs-on: ubuntu-latest | |
| steps: | |
| # 코드 체크아웃 | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| # JDK 설치 | |
| - name: Set up JDK 21 # 실행 환경에서 사용 중인 JDK 확인 (java -version) | |
| uses: actions/setup-java@v2 | |
| with: | |
| java-version: '21' | |
| distribution: 'temurin' | |
| # Gradle Wrapper 검증 | |
| - name: Set up Gradle | |
| uses: gradle/wrapper-validation-action@v1 | |
| # Gradle 빌드 | |
| - name: Build with Gradle | |
| run: | | |
| cd ontime-back | |
| ./gradlew build -x test | |
| - name: Remove jar file | |
| run: mv ontime-back/build/libs/ontime-back-0.0.1-SNAPSHOT.jar ./project.jar | |
| - name: Upload files to EC2 | |
| uses: appleboy/scp-action@v0.1.7 | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USER }} | |
| key: ${{ secrets.EC2_SSH_KEY }} | |
| source: | | |
| ./project.jar | |
| ./ontime-back/docker-compose.yml | |
| target: "/home/ubuntu/OnTime-back" | |
| debug: true | |
| create-config-files: | |
| needs: build-and-docker | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Deploy to EC2 | |
| uses: appleboy/ssh-action@master | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USER }} | |
| key: ${{ secrets.EC2_SSH_KEY }} | |
| debug: true | |
| script: | | |
| sudo mkdir -p /home/ubuntu/OnTime-back/ontime-back/src/main/resources/key | |
| # .env 파일 생성 | |
| sudo bash -c 'cat <<EOT > .env | |
| MYSQL_DATABASE=${{ secrets.MYSQL_DATABASE }} | |
| MYSQL_USER=${{ secrets.MYSQL_USER }} | |
| MYSQL_PASSWORD=${{ secrets.MYSQL_PASSWORD }} | |
| MYSQL_ROOT_PASSWORD=${{ secrets.MYSQL_ROOT_PASSWORD }} | |
| SPRING_DATASOURCE_URL=${{ secrets.SPRING_DATASOURCE_URL }} | |
| SPRING_DATASOURCE_USERNAME=${{ secrets.SPRING_DATASOURCE_USERNAME }} | |
| SPRING_DATASOURCE_PASSWORD=${{ secrets.SPRING_DATASOURCE_PASSWORD }} | |
| SPRING_APPLICATION_NAME=${{ secrets.SPRING_APPLICATION_NAME }} | |
| SPRING_JPA_HIBERNATE_DDL_AUTO=${{ secrets.SPRING_JPA_HIBERNATE_DDL_AUTO }} | |
| SPRING_DATASOURCE_DRIVER_CLASS_NAME=${{ secrets.SPRING_DATASOURCE_DRIVER_CLASS_NAME }} | |
| JWT_SECRET_KEY=${{ secrets.JWT_SECRETKEY }} | |
| JWT_ACCESS_EXPIRATION=${{ secrets.JWT_ACCESS_EXPIRATION }} | |
| JWT_REFRESH_EXPIRATION=${{ secrets.JWT_REFRESH_EXPIRATION }} | |
| JWT_ACCESS_HEADER=${{ secrets.JWT_ACCESS_HEADER }} | |
| JWT_REFRESH_HEADER=${{ secrets.JWT_REFRESH_HEADER }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_CLIENT_ID=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_CLIENT_ID }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_CLIENT_SECRET=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_CLIENT_SECRET }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_SCOPE=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_SCOPE }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_REDIRECT_URI=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_REDIRECT_URI }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_AUTHORIZATION_GRANT_TYPE=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_AUTHORIZATION_GRANT_TYPE }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_CLIENT_NAME=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_CLIENT_NAME }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_GOOGLE_AUTHORIZATION_URI=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_GOOGLE_AUTHORIZATION_URI }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_GOOGLE_TOKEN_URI=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_GOOGLE_TOKEN_URI }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_GOOGLE_USER_INFO_URI=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_GOOGLE_USER_INFO_URI }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_GOOGLE_USER_NAME_ATTRIBUTE=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_GOOGLE_USER_NAME_ATTRIBUTE }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KAKAO_CLIENT_ID=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KAKAO_CLIENT_ID }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KAKAO_SCOPE=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KAKAO_SCOPE }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KAKAO_REDIRECT_URI=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KAKAO_REDIRECT_URI }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KAKAO_AUTHORIZATION_GRANT_TYPE=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KAKAO_AUTHORIZATION_GRANT_TYPE }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KAKAO_CLIENT_NAME=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KAKAO_CLIENT_NAME }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_KAKAO_AUTHORIZATION_URI=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_KAKAO_AUTHORIZATION_URI }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_KAKAO_TOKEN_URI=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_KAKAO_TOKEN_URI }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_KAKAO_USER_INFO_URI=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_KAKAO_USER_INFO_URI }} | |
| SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_KAKAO_USER_NAME_ATTRIBUTE=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_KAKAO_USER_NAME_ATTRIBUTE }} | |
| ONTIME_PASSWORD=${{ secrets.ONTIME_PASSWORD }} | |
| ONTIME_HOST=${{ secrets.ONTIME_HOST }} | |
| APPLE_CLIENT_ID=${{ secrets.APPLE_CLIENT_ID }} | |
| APPLE_CLIENT_SECRET=${{ secrets.APPLE_CLIENT_SECRET }} | |
| APPLE_LOGIN_KEY=${{ secrets.APPLE_LOGIN_KEY }} | |
| APPLE_TEAM_ID=${{ secrets.APPLE_TEAM_ID }} | |
| EOT' | |
| # json 파일 생성 | |
| sudo bash -c 'cat <<EOT > /home/ubuntu/OnTime-back/ontime-back/src/main/resources/ontime-push-firebase-adminsdk-gnpxs-7d098872ff.json | |
| ${{ secrets.ONTIME_PUSH_FIREBASE_ADMINSDK }} | |
| EOT' | |
| # authkey 생성 | |
| sudo bash -c 'cat <<EOT > /home/ubuntu/OnTime-back/ontime-back/src/main/resources/key/AuthKey_743M7R5W3W.p8 | |
| ${{ secrets.AUTHKEY_743M7R5W3W_1 }} | |
| ${{ secrets.AUTHKEY_743M7R5W3W_2 }} | |
| ${{ secrets.AUTHKEY_743M7R5W3W_3 }} | |
| ${{ secrets.AUTHKEY_743M7R5W3W_4 }} | |
| ${{ secrets.AUTHKEY_743M7R5W3W_5 }} | |
| ${{ secrets.AUTHKEY_743M7R5W3W_6 }} | |
| EOT' | |
| # application.properties 생성 | |
| sudo bash -c 'cat <<EOT > /home/ubuntu/OnTime-back/ontime-back/src/main/resources/application.properties | |
| spring.application.name=${{ secrets.SPRING_APPLICATION_NAME }} | |
| spring.datasource.url=${{ secrets.SPRING_DATASOURCE_URL }} | |
| spring.datasource.username=${{ secrets.SPRING_DATASOURCE_USERNAME }} | |
| spring.datasource.password=${{ secrets.SPRING_DATASOURCE_PASSWORD }} | |
| spring.datasource.driver-class-name=${{ secrets.SPRING_DATASOURCE_DRIVER_CLASS_NAME }} | |
| spring.jpa.hibernate.ddl-auto=create | |
| jwt.secret.key=${{ secrets.JWT_SECRETKEY }} | |
| jwt.access.expiration=${{ secrets.JWT_ACCESS_EXPIRATION }} | |
| jwt.refresh.expiration=${{ secrets.JWT_REFRESH_EXPIRATION }} | |
| jwt.access.header=${{ secrets.JWT_ACCESS_HEADER }} | |
| jwt.refresh.header=${{ secrets.JWT_REFRESH_HEADER }} | |
| spring.security.oauth2.client.registration.google.client-id=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_CLIENT_ID }} | |
| spring.security.oauth2.client.registration.google.client-secret=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_CLIENT_SECRET }} | |
| spring.security.oauth2.client.registration.google.scope=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_SCOPE }} | |
| spring.security.oauth2.client.registration.google.redirect-uri=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_REDIRECT_URI }} | |
| spring.security.oauth2.client.registration.google.authorization-grant-type=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_AUTHORIZATION_GRANT_TYPE }} | |
| spring.security.oauth2.client.registration.google.client-name=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_CLIENT_NAME }} | |
| spring.security.oauth2.client.provider.google.authorization-uri=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_GOOGLE_AUTHORIZATION_URI }} | |
| spring.security.oauth2.client.provider.google.token-uri=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_GOOGLE_TOKEN_URI }} | |
| spring.security.oauth2.client.provider.google.user-info-uri=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_GOOGLE_USER_INFO_URI }} | |
| spring.security.oauth2.client.provider.google.user-name-attribute=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_GOOGLE_USER_NAME_ATTRIBUTE }} | |
| spring.security.oauth2.client.registration.kakao.client-id=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KAKAO_CLIENT_ID }} | |
| spring.security.oauth2.client.registration.kakao.scope=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KAKAO_SCOPE }} | |
| spring.security.oauth2.client.registration.kakao.redirect-uri=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KAKAO_REDIRECT_URI }} | |
| spring.security.oauth2.client.registration.kakao.authorization-grant-type=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KAKAO_AUTHORIZATION_GRANT_TYPE }} | |
| spring.security.oauth2.client.registration.kakao.client-name=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KAKAO_CLIENT_NAME }} | |
| spring.security.oauth2.client.provider.kakao.authorization-uri=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_KAKAO_AUTHORIZATION_URI }} | |
| spring.security.oauth2.client.provider.kakao.token-uri=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_KAKAO_TOKEN_URI }} | |
| spring.security.oauth2.client.provider.kakao.user-info-uri=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_KAKAO_USER_INFO_URI }} | |
| spring.security.oauth2.client.provider.kakao.user-name-attribute=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_KAKAO_USER_NAME_ATTRIBUTE }} | |
| apple.client.id=${{ secrets.APPLE_CLIENT_ID }} | |
| apple.client.secret=${{ secrets.APPLE_CLIENT_SECRET }} | |
| apple.login.key=${{ secrets.APPLE_LOGIN_KEY }} | |
| apple.team.id=${{ secrets.APPLE_TEAM_ID }} | |
| management.endpoints.web.exposure.include=health | |
| management.endpoint.health.show-details=always | |
| EOT' | |
| deploy-to-ec2: | |
| needs: create-config-files | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: SSH to EC2 & Deploy Docker Containers | |
| uses: appleboy/ssh-action@master | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USER }} | |
| key: ${{ secrets.EC2_SSH_KEY }} | |
| script: | | |
| # 기존 컨테이너 종료 및 삭제 | |
| CONTAINER_ID=$(sudo docker ps -aq --filter "name=ontime-container") | |
| if [ ! -z "$CONTAINER_ID" ]; then | |
| sudo docker stop $CONTAINER_ID | |
| sudo docker rm $CONTAINER_ID | |
| fi | |
| # 기존 컨테이너 및 볼륨 정리 | |
| sudo docker-compose down | |
| sudo docker container prune -f | |
| sudo docker image prune -a -f | |
| sudo docker volume prune -f | |
| sudo docker network prune -f | |
| # Docker Compose 실행 | |
| cd /home/ubuntu/OnTime-back/ontime-back | |
| docker-compose up --build -d | |