Merge pull request #60 from MARU-EGG/fix/네트워크-및-nginx-설정-수정 #189
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: MARU EGG CI-CD Workflow | |
on: | |
push: | |
branches: [ "main", "develop" ] | |
permissions: | |
contents: read | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
# Java JDK 설정 | |
- name: Setup Java JDK | |
uses: actions/setup-java@v3 | |
with: | |
java-version: 17 | |
distribution: 'temurin' | |
# 환경별 yml 파일 생성 | |
- name: make application.yml | |
if: contains(github.ref, 'develop') | |
run: | | |
cd ./src/main/resources | |
touch ./application.yml | |
echo "${{ secrets.YML }}" > ./application.yml | |
shell: bash | |
# 환경별 yml 파일 생성 - dev | |
- name: make application-dev.yml | |
if: contains(github.ref, 'develop') | |
run: | | |
cd ./src/main/resources | |
touch ./application-dev.yml | |
echo "${{ secrets.YML_DEV }}" > ./application-dev.yml | |
shell: bash | |
# Gradle 패키지 캐시 | |
- name: Cache Gradle packages | |
uses: actions/cache@v3 | |
with: | |
path: ~/.gradle/caches | |
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
# gradlew 실행 권한 부여 | |
- name: Grant execute permission for gradlew | |
run: chmod +x gradlew | |
# Spring Boot 애플리케이션 빌드 | |
- name: Build with Gradle | |
uses: gradle/gradle-build-action@v3 | |
with: | |
arguments: clean bootJar | |
# Docker Hub에 로그인 | |
- name: Log in to Docker Hub | |
uses: docker/login-action@v2 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
# Metadata action | |
- name: Metadata action | |
id: meta | |
uses: docker/metadata-action@v4 | |
with: | |
images: ${{ secrets.DOCKER_REPO }} | |
# Docker image Build & push | |
- name: Build and push Docker image | |
if: contains(github.ref, 'develop') | |
id: docker_build | |
uses: docker/build-push-action@v3 | |
with: | |
context: . | |
push: true | |
tags: ${{ steps.meta.outputs.tags }}-${{ github.run_number }} | |
labels: ${{ steps.meta.outputs.labels }} | |
deploy: | |
runs-on: ubuntu-latest | |
needs: build | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
- name: Create and send .env file to EC2 instance | |
run: echo "DOCKER_REPO=${{ secrets.DOCKER_REPO }}" > .env && echo "IMAGE_TAG=develop-${{ github.run_number }}" >> .env | |
- name: Copy docker-compose into instance | |
uses: appleboy/scp-action@master | |
with: | |
host: ${{ secrets.PUBLIC_DNS }} | |
username: ${{ secrets.USERNAME }} | |
key: ${{ secrets.PEM_KEY }} | |
source: "docker-compose.yml" | |
target: "/home/${{ secrets.USERNAME }}" | |
strip_components: 3 | |
overwrite: true | |
debug: true | |
- name: Deploy to EC2 dev | |
uses: appleboy/[email protected] | |
if: contains(github.ref, 'develop') | |
with: | |
host: ${{ secrets.PUBLIC_DNS }} | |
username: ${{ secrets.USERNAME }} | |
key: ${{ secrets.PEM_KEY }} | |
script: | | |
cd /home/${{ secrets.USERNAME }} | |
echo " | |
services: | |
maru-egg-app: | |
container_name: maru-egg | |
image: ${{ secrets.DOCKER_REPO }}:develop-${{ github.run_number }} | |
ports: | |
- \"8080:8080\" | |
networks: | |
- maru-egg-dev | |
volumes: | |
- /home/ec2-user/logs:/logs | |
nginx: | |
image: nginx:latest | |
container_name: maru-egg-nginx | |
restart: unless-stopped | |
ports: | |
- \"80:80\" | |
- \"443:443\" | |
volumes: | |
- ./nginx/nginx.conf:/etc/nginx/nginx.conf | |
- ./data/certbot/conf:/etc/letsencrypt | |
- ./data/certbot/www:/var/www/certbot | |
depends_on: | |
- maru-egg-app | |
networks: | |
- maru-egg-dev | |
command: \"/bin/sh -c 'while true; do sleep 6h && nginx -s reload; done & nginx -g \\\"daemon off;\\\"'\" | |
certbot: | |
container_name: certbot | |
image: certbot/certbot | |
restart: unless-stopped | |
volumes: | |
- ./data/certbot/conf:/etc/letsencrypt | |
- ./data/certbot/www:/var/www/certbot | |
entrypoint: \"/bin/sh -c 'trap \\\"exit 0\\\" TERM; while true; do certbot renew; sleep 12h; done'\" | |
networks: | |
- maru-egg-dev | |
networks: | |
maru-egg-dev:" > docker-compose.yml | |
echo ${{ secrets.DOCKER_PASSWORD }} | sudo docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin | |
sudo docker-compose down | |
sudo docker-compose pull | |
sudo docker-compose up -d | |
sudo docker image prune -f |