Deploy to AWS EC2 #17
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to AWS EC2 | |
| on: | |
| workflow_dispatch: # ✅ 수동 실행 트리거 | |
| env: | |
| AWS_REGION: ${{ secrets.AWS_REGION }} | |
| AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }} | |
| ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} | |
| IMAGE_TAG: ${{ github.sha }} | |
| CONTAINER_NAME: spring-app | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Repository | |
| uses: actions/checkout@v3 | |
| - name: Set up AWS CLI | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| - name: Login to Amazon ECR | |
| run: | | |
| aws ecr get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin $AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com | |
| - name: Generate application-secret.yml | |
| run: | | |
| cat <<EOF > ./src/main/resources/application-secret.yml | |
| spring: | |
| datasource: | |
| hikari: | |
| jdbc-url: ${{ secrets.DB_JDBC_URL }} | |
| driver-class-name: com.mysql.cj.jdbc.Driver | |
| username: ${{ secrets.DB_USERNAME }} | |
| password: ${{ secrets.DB_PASSWORD }} | |
| EOF | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '17' | |
| distribution: 'adopt' | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x gradlew | |
| - name: build with gradle | |
| run: ./gradlew clean build -x test | |
| - name: Build & Push Docker Image | |
| run: | | |
| docker build --build-arg PROFILE=dev -t $ECR_REPOSITORY:$IMAGE_TAG . | |
| docker tag $ECR_REPOSITORY:$IMAGE_TAG $AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$ECR_REPOSITORY:$IMAGE_TAG | |
| docker push $AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$ECR_REPOSITORY:$IMAGE_TAG | |
| - name: Check container name | |
| run: echo "Container Name:$CONTAINER_NAME" | |
| - name: Deploy to EC2 | |
| uses: appleboy/ssh-action@master | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USER }} | |
| key: ${{ secrets.EC2_SSH_PRIVATE_KEY }} | |
| script: | | |
| # 환경 변수 설정 | |
| echo "AWS_ACCOUNT_ID=${{ secrets.AWS_ACCOUNT_ID }}" >> ~/.bashrc | |
| echo "AWS_REGION=${{ secrets.AWS_REGION }}" >> ~/.bashrc | |
| echo "ECR_REPOSITORY=${{ secrets.ECR_REPOSITORY }}" >> ~/.bashrc | |
| echo "IMAGE_TAG=${{ github.sha }}" >> ~/.bashrc | |
| echo "CONTAINER_NAME=spring-app" >> ~/.bashrc | |
| # 환경 변수 적용 | |
| source ~/.bashrc | |
| # secret 값에 따라서 필요한 파일 생성 | |
| echo "${{ secrets.APP_SECRET_YML }}" | base64 --decode > /home/ec2-user/application-secret.yml | |
| chmod 600 /home/ec2-user/application-secret.yml | |
| # ECR 로그인 | |
| aws ecr get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin $AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com | |
| # Docker 이미지 풀 | |
| docker pull $AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$ECR_REPOSITORY:$IMAGE_TAG | |
| # 컨테이너 중지 및 삭제 | |
| docker stop $CONTAINER_NAME || true | |
| docker rm $CONTAINER_NAME || true | |
| # 새로운 컨테이너 실행 | |
| docker run -d --name $CONTAINER_NAME -p 8080:8080 \ | |
| -e "SPRING_PROFILES_ACTIVE=dev" \ | |
| -v /home/ec2-user/application-secret.yml:/app/config/application-secret.yml \ | |
| $AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$ECR_REPOSITORY:$IMAGE_TAG | |
| # - name: Deploy to EC2 | |
| # uses: appleboy/[email protected] | |
| # with: | |
| # host: ${{ secrets.EC2_HOST }} | |
| # username: ${{ secrets.EC2_USER }} | |
| # key: ${{ secrets.EC2_SSH_PRIVATE_KEY }} | |
| # script: | | |
| # # 환경변수 설정 | |
| # export AWS_ACCOUNT_ID="${{ secrets.AWS_ACCOUNT_ID }}" | |
| # export AWS_REGION="${{ secrets.AWS_REGION }}" | |
| # export ECR_REPOSITORY="${{ secrets.ECR_REPOSITORY }}" | |
| # export IMAGE_TAG="${{ github.sha }}" | |
| # export CONTAINER_NAME="spring-app" | |
| # # 나머지 배포 명령어들 | |
| # echo "${{ secrets.APP_SECRET_YML }}" | base64 --decode > /home/ec2-user/application-secret.yml | |
| # chmod 600 /home/ec2-user/application-secret.yml | |
| # # Docker 로그인 및 이미지 풀 | |
| # aws ecr get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin $AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com | |
| # docker pull $AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$ECR_REPOSITORY:$IMAGE_TAG | |
| # # 기존 컨테이너 중지 및 삭제 | |
| # docker stop $CONTAINER_NAME || true | |
| # docker rm $CONTAINER_NAME || true | |
| # # 새로운 컨테이너 실행 | |
| # docker run -d --name $CONTAINER_NAME -p 8080:8080 \ | |
| # -e "SPRING_PROFILES_ACTIVE=dev" \ | |
| # -v /home/ec2-user/application-secret.yml:/app/config/application-secret.yml \ | |
| # $AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$ECR_REPOSITORY:$IMAGE_TAG | |
| # - name: Deploy to EC2 | |
| # uses: appleboy/[email protected] | |
| # with: | |
| # host: ${{ secrets.EC2_HOST }} | |
| # username: ${{ secrets.EC2_USER }} | |
| # key: ${{ secrets.EC2_SSH_PRIVATE_KEY }} | |
| # script: | | |
| # echo "${{ secrets.APP_SECRET_YML }}" | base64 --decode > /home/ec2-user/application-secret.yml | |
| # chmod 600 /home/ec2-user/application-secret.yml | |
| # docker pull $AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$ECR_REPOSITORY:$IMAGE_TAG | |
| # docker stop $CONTAINER_NAME || true | |
| # docker rm $CONTAINER_NAME || true | |
| # docker run -d --name $CONTAINER_NAME -p 8080:8080 \ | |
| # -e "SPRING_PROFILES_ACTIVE=dev" \ | |
| # -v /home/ec2-user/application-secret.yml:/app/config/application-secret.yml \ | |
| # $AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$ECR_REPOSITORY:$IMAGE_TAG |