-
Notifications
You must be signed in to change notification settings - Fork 2
134 lines (117 loc) · 4.11 KB
/
production_build_deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
name: production Build And Deploy
on:
push:
tags:
- v*.*.*
env:
DOCKERHUB_USERNAME: tenminutes
DOCKERHUB_IMAGE_NAME: 10mm-server
jobs:
build-deploy:
runs-on: ubuntu-latest
environment: PROD
strategy:
matrix:
java-version: [ 21 ]
distribution: [ 'temurin' ]
steps:
# 기본 체크아웃
- name: Checkout
uses: actions/checkout@v3
# JDK를 21 버전으로 세팅
- name: Set up JDK 21
uses: actions/setup-java@v3
with:
java-version: ${{ matrix.java-version }}
distribution: ${{ matrix.distribution }}
# test 돌릴때 레디스 필요
- name: Start containers
run: docker compose -f ./docker-compose-test.yaml up -d
# Gradlew 실행 허용
- name: Run chmod to make gradlew executable
run: chmod +x ./gradlew
# Gradle 빌드
- name: Build with Gradle
id: gradle
uses: gradle/gradle-build-action@v2
with:
arguments: |
build
--scan
cache-read-only: ${{ github.ref != 'refs/heads/main' && github.ref != 'refs/heads/develop' }}
# Dockerhub 로그인
- name: Login to Dockerhub
uses: docker/login-action@v3
with:
username: ${{ env.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}
# Docker 메타데이터 추출
- name: Extract Docker metadata
id: metadata
uses: docker/metadata-action@v5.5.0
env:
DOCKERHUB_IMAGE_FULL_NAME: ${{ env.DOCKERHUB_USERNAME }}/${{ env.DOCKERHUB_IMAGE_NAME }}
with:
images: ${{ env.DOCKERHUB_IMAGE_FULL_NAME }}
tags: |
type=semver,pattern={{version}}
flavor: |
latest=false
# 멀티 아키텍처 지원을 위한 QEMU 설정
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
# 도커 확장 빌드를 위한 Buildx 설정
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
# Docker 이미지 빌드 및 도커허브로 푸시
- name: Docker Build and Push
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/arm64/v8
push: true
tags: ${{ steps.metadata.outputs.tags }}
# 서버로 docker-compose 파일 전송
- name: Copy docker-compose file to EC2
uses: burnett01/rsync-deployments@7.0.1
with:
switches: -avzr --delete
remote_host: ${{ secrets.EC2_HOST }}
remote_user: ${{ secrets.EC2_USERNAME }}
remote_key: ${{ secrets.EC2_PRIVATE_KEY }}
path: docker-compose.yaml
remote_path: /home/ec2-user/
- name: Copy default.conf to EC2
uses: burnett01/rsync-deployments@7.0.1
with:
switches: -avzr --delete
remote_host: ${{ secrets.EC2_HOST }}
remote_user: ${{ secrets.EC2_USERNAME }}
remote_key: ${{ secrets.EC2_PRIVATE_KEY }}
path: ./nginx
remote_path: /home/ec2-user/
# 슬랙으로 빌드 스캔 결과 전송
- name: Send to slack
uses: slackapi/slack-github-action@v1.24.0
with:
payload: |
{
"text": "Gradle Build Scan Report of ${{ github.workflow }}: ${{ steps.gradle.outputs.build-scan-url }}"
}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
# EC2로 배포
- name: Deploy to EC2 Server
uses: appleboy/ssh-action@master
env:
IMAGE_FULL_URL: ${{ steps.metadata.outputs.tags }}
with:
host: ${{ secrets.EC2_HOST }}
username: ${{ secrets.EC2_USERNAME }}
key: ${{ secrets.EC2_PRIVATE_KEY }}
envs: IMAGE_FULL_URL, DOCKERHUB_IMAGE_NAME # docker-compose.yml 에서 사용할 환경 변수
script: |
echo "${{ secrets.DOCKERHUB_ACCESS_TOKEN }}" | docker login -u "${{ env.DOCKERHUB_USERNAME }}" --password-stdin
docker compose up -d
docker exec -d nginx nginx -s reload
docker image prune -a -f