Deploy to AWS EC2 #4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to AWS EC2 | |
| on: | |
| workflow_dispatch: # ✅ 수동 실행 트리거 | |
| env: | |
| AWS_REGION: ${{ secrets.AWS_REGION }} | |
| AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }} | |
| ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} | |
| IMAGE_TAG: latest | |
| CONTAINER_NAME: spring-app | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Repository | |
| uses: actions/checkout@v3 | |
| - name: Set up AWS CLI | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| - name: Login to Amazon ECR | |
| run: | | |
| aws ecr get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin $AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com | |
| - name: Generate application-secret.yml | |
| run: | | |
| cat <<EOF > ./src/main/resources/application-secret.yml | |
| spring: | |
| datasource: | |
| hikari: | |
| jdbc-url: ${{ secrets.DB_JDBC_URL }} | |
| driver-class-name: com.mysql.cj.jdbc.Driver | |
| username: ${{ secrets.DB_USERNAME }} | |
| password: ${{ secrets.DB_PASSWORD }} | |
| EOF | |
| - name: List files in current directory | |
| run: ls -alh | |
| - name: Build & Push Docker Image | |
| run: | | |
| docker build --build-arg PROFILE=dev -t $ECR_REPOSITORY:$IMAGE_TAG . | |
| # docker build --build-arg PROFILE=dev -t $ECR_REPOSITORY:$IMAGE_TAG . | |
| docker tag $ECR_REPOSITORY:$IMAGE_TAG $AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$ECR_REPOSITORY:$IMAGE_TAG | |
| docker push $AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$ECR_REPOSITORY:$IMAGE_TAG | |
| - name: Deploy to EC2 | |
| uses: appleboy/[email protected] | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USER }} | |
| key: ${{ secrets.EC2_SSH_PRIVATE_KEY }} | |
| script: | | |
| echo "${{ secrets.APP_SECRET_YML }}" | base64 --decode > /home/ec2-user/application-secret.yml | |
| chmod 600 /home/ec2-user/application-secret.yml | |
| docker pull $AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$ECR_REPOSITORY:$IMAGE_TAG | |
| docker stop $CONTAINER_NAME || true | |
| docker rm $CONTAINER_NAME || true | |
| docker run -d --name $CONTAINER_NAME -p 8080:8080 \ | |
| -e "SPRING_PROFILES_ACTIVE=dev" \ | |
| -v /home/ec2-user/application-secret.yml:/app/config/application-secret.yml \ | |
| $AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$ECR_REPOSITORY:$IMAGE_TAG |