Update cd.yml #207
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to Ubuntu Server using Docker | |
| on: | |
| push: | |
| branches: | |
| - main | |
| env: | |
| DOCKER_IMAGE_NAME: kanepark/app | |
| SERVER_HOST: 211.47.114.99 | |
| SERVER_SSH_USER: parkhaein | |
| PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }} | |
| jobs: | |
| build-and-push-docker: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| with: | |
| token: ${{ secrets.SUBMODULE_TOKEN }} | |
| submodules: true | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x ./gradlew | |
| - name: Build with Gradle | |
| env: | |
| JASYPT_PASSWORD: ${{ secrets.JASYPT_PASSWORD }} # GitHub Secrets에서 비밀번호 가져오기 | |
| run: ./gradlew build -Djasypt.encryptor.password=${{ secrets.JASYPT_PASSWORD }} --info | |
| - name: Build the Docker image | |
| run: docker build . --file Dockerfile --tag ${{ env.DOCKER_IMAGE_NAME }}:latest | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.KANE_DOCKER_USERNAME }} | |
| password: ${{ secrets.KANE_DOCKER_HUB_TOKEN }} | |
| - name: Push the Docker image | |
| run: docker push ${{ env.DOCKER_IMAGE_NAME }}:latest | |
| deploy-to-ubuntu-server: | |
| needs: build-and-push-docker | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Deploy to Ubuntu Server | |
| uses: appleboy/ssh-action@master | |
| with: | |
| host: ${{ env.SERVER_HOST }} | |
| username: ${{ env.SERVER_SSH_USER }} | |
| key: ${{ secrets.SSH_PRIVATE_KEY }} | |
| port: 234 | |
| script: | | |
| LOG_DIR="/home/ubuntu/app-logs" | |
| mkdir -p $LOG_DIR | |
| touch $LOG_DIR/app.log | |
| # sudo 명령어에 비밀번호 자동 입력 | |
| echo "${{ secrets.SUDO_PASSWORD }}" | sudo -S docker container prune -f | |
| echo "${{ secrets.SUDO_PASSWORD }}" | sudo -S docker image prune -af | |
| echo "${{ secrets.SUDO_PASSWORD }}" | sudo -S docker volume prune -f | |
| echo "${{ secrets.SUDO_PASSWORD }}" | sudo -S docker system prune -af --volumes | |
| # 기존 컨테이너 종료 (종료를 기다림) | |
| CONTAINER_ID=$(sudo docker ps -q --filter "publish=80") | |
| if [ ! -z "$CONTAINER_ID" ]; then | |
| echo "${{ secrets.SUDO_PASSWORD }}" | sudo -S docker stop $CONTAINER_ID | |
| echo "컨테이너 종료 대기 중..." | |
| # 컨테이너 종료 상태를 기다림 | |
| while true; do | |
| # 컨테이너 상태 확인 | |
| CONTAINER_STATUS=$(sudo docker inspect --format '{{.State.Status}}' $CONTAINER_ID) | |
| # 종료된 상태이면 루프 종료 | |
| if [ "$CONTAINER_STATUS" == "exited" ]; then | |
| echo "컨테이너 종료 완료" | |
| break | |
| fi | |
| # 1초 대기 후 다시 확인 | |
| sleep 1 | |
| done | |
| fi | |
| # Docker 이미지 업데이트 및 컨테이너 실행 | |
| echo "${{ secrets.SUDO_PASSWORD }}" | sudo -S docker pull ${{ env.DOCKER_IMAGE_NAME }}:latest | |
| echo "${{ secrets.SUDO_PASSWORD }}" | sudo -S docker run --name dosirak-be-container -d -p 50:8080 -e TZ=Asia/Seoul \ | |
| -v $LOG_DIR/app.log:/app/logs/app.log ${{ env.DOCKER_IMAGE_NAME }}:latest |