feat: SecurityConfig 파일 추가(#7) #12
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CD-dev | |
| on: | |
| push: | |
| branches: [ "feat/ci-cd" ] | |
| permissions: | |
| contents: read | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: checkout | |
| uses: actions/checkout@v3 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '17' | |
| distribution: 'corretto' | |
| - name: Gradle Caching | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.gradle/caches | |
| ~/.gradle/wrapper | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: | | |
| ${{ runner.os }}-gradle- | |
| - name: Set .env for configuration | |
| uses: appleboy/ssh-action@master | |
| with: | |
| host: ${{ secrets.HOST }} | |
| username: ubuntu | |
| key: ${{ secrets.KEY }} | |
| script: | | |
| rm -rf ./.env | |
| touch ./.env | |
| echo "DOCKER_USERNAME=${{ secrets.DOCKER_USERNAME }}" >> ./.env | |
| echo "DOCKER_REPOSITORY=${{ secrets.DOCKER_REPOSITORY }}" >> ./.env | |
| echo "DB_URL=${{ secrets.DEV_DB_URL }}" >> ./.env | |
| echo "DB_USERNAME=${{ secrets.DEV_DB_USERNAME }}" >> ./.env | |
| echo "DB_PASSWORD=${{ secrets.DEV_DB_PASSWORD }}" >> ./.env | |
| # echo "JWT_SECRET=${{ secrets.JWT_SECRET }}" >> ./.env | |
| # echo "KAKAO_APP_ID=${{ secrets.KAKAO_APP_ID }}" >> ./.env | |
| # echo "APPLE_APP_ID=${{ secrets.APPLE_APP_ID }}" >> ./.env | |
| # echo "S3_BUCKET=${{ secrets.S3_BUCKET }}" >> ./.env | |
| # echo "AWS_ACCESS_KEY=${{ secrets.AWS_ACCESS_KEY }}" >> ./.env | |
| # echo "AWS_SECRET_KEY=${{ secrets.AWS_SECRET_KEY }}" >> ./.env | |
| # gradle build | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x gradlew | |
| - name: Build with Gradle | |
| run: ./gradlew build -x test | |
| ## 도커 이미지 빌드 후 도커허브에 push | |
| - name: docker build and push | |
| run: | | |
| docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} | |
| docker build -t ${{ secrets.DOCKER_USERNAME }}/${{ secrets.DOCKER_REPOSITORY }} . | |
| docker push ${{ secrets.DOCKER_USERNAME }}/${{ secrets.DOCKER_REPOSITORY }} | |
| ## deploy.sh 파일 서버로 전달 | |
| - name: Send deploy.sh | |
| uses: appleboy/scp-action@master | |
| with: | |
| username: ubuntu | |
| host: ${{ secrets.HOST }} | |
| key: ${{ secrets.KEY }} | |
| port: 22 | |
| source: "./scripts/" | |
| target: "/home/ubuntu/" | |
| - name: Send docker-compose.yml | |
| uses: appleboy/scp-action@master | |
| with: | |
| username: ubuntu | |
| host: ${{ secrets.HOST }} | |
| key: ${{ secrets.KEY }} | |
| port: 22 | |
| source: "./docker-compose.yml" | |
| target: "/home/ubuntu/" | |
| ## 도커 허브에서 jar파일 및 pull후에 컴포즈 up | |
| - name: Deploy to Dev | |
| uses: appleboy/ssh-action@master | |
| with: | |
| username: ubuntu | |
| host: ${{ secrets.HOST }} | |
| key: ${{ secrets.KEY }} | |
| script: | | |
| sudo docker pull ${{ secrets.DOCKER_USERNAME }}/${{ secrets.DOCKER_REPOSITORY }} | |
| chmod 777 ./scripts/deploy.sh | |
| cp ./scripts/deploy.sh ./deploy.sh | |
| ./deploy.sh | |
| docker image prune -f |