Merge pull request #114 from Nexters/dev #43
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CD | |
| on: | |
| push: | |
| branches: | |
| - main | |
| permissions: write-all #테스트 결과 작성을 위해 쓰기권한 추가 | |
| jobs: | |
| # 빌드 | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| #jdk 세팅 | |
| - name: check out | |
| uses: actions/checkout@v3 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| #gradle 캐싱 | |
| - name: Gradle Caching | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.gradle/caches | |
| ~/.gradle/wrapper | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: | | |
| ${{ runner.os }}-gradle- | |
| ### CD | |
| #배포를 위한 prod properties 설정 | |
| - name: Make application-prod.properties | |
| run: | | |
| cd ./src/main/resources | |
| touch ./application-prod.properties | |
| echo "${{ secrets.PROPERTIES_PROD }}" > ./application-prod.properties | |
| shell: bash | |
| - name: Decode and save Firebase service account JSON | |
| run: | | |
| cd ./src/main/resources | |
| touch ./bbsofficial-firebase-adminsdk.json | |
| echo "${{ secrets.FCM_SERVICE_ACCOUNT_JSON }}" | base64 --decode > ./bbsofficial-firebase-adminsdk.json | |
| #test를 제외한 프로젝트 빌드 | |
| - name: Build With Gradle | |
| run: ./gradlew build -x test | |
| - name: Set up Docker Build | |
| uses: docker/setup-buildx-action@v2 | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKER_HUB_USERNAME }} | |
| password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v4 | |
| with: | |
| context: . # 현재 디렉터리 | |
| file: ./Dockerfile # Dockerfile의 경로 | |
| push: true | |
| tags: ${{ secrets.DOCKER_HUB_USERNAME }}/donmani:latest | |
| # 배포 | |
| deploy: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Deploy to Prod | |
| uses: appleboy/ssh-action@master | |
| id: deploy-prod | |
| with: | |
| host: ${{ secrets.SERVER_IP }} | |
| username: ${{ secrets.SERVER_USER }} | |
| password: ${{ secrets.SERVER_PASSWORD }} | |
| envs: GITHUB_SHA | |
| script: | | |
| docker stop donmani | |
| docker rm donmani | |
| sudo docker pull ${{ secrets.DOCKER_HUB_USERNAME }}/donmani | |
| docker run -d --name donmani --network donmani-network -p 8080:8080 ${{ secrets.DOCKER_HUB_USERNAME }}/donmani | |
| docker images -f "dangling=true" -q | xargs -r docker rmi -f |