Merge pull request #154 from kakao-tech-campus-2nd-step3/weekly #36
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI/CD Pipeline | |
on: | |
push: | |
branches: [ develop ] | |
pull_request: | |
branches: [ develop ] | |
env: | |
LIGHTSAIL_USERNAME: ubuntu | |
AWS_REGION: ap-northeast-2 | |
jobs: | |
build: | |
runs-on: ubuntu-22.04 | |
steps: | |
# 브런치로 체크아웃 | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
# jdk 설치 | |
- name: Set up JDK 21 | |
uses: actions/setup-java@v3 | |
with: | |
distribution: 'temurin' | |
java-version: '21' | |
# application-oauth.yml 생성 | |
- name: Create application-oauth.yml | |
run: | | |
mkdir -p src/main/resources | |
cat <<EOF > src/main/resources/application-oauth.yml | |
spring: | |
security: | |
oauth2: | |
client: | |
registration: | |
google: | |
client-id: ${{ secrets.GOOGLE_CLIENT_ID}} | |
client-secret: ${{secrets.GOOGLE_CLIENT_SECRET}} | |
redirect-uri: https://seamlessup.com/login/oauth2/code/google | |
scope: | |
- profile | |
provider: | |
google: | |
authorization-uri: https://accounts.google.com/o/oauth2/auth | |
token-uri: https://oauth2.googleapis.com/token | |
user-info-uri: https://www.googleapis.com/oauth2/v3/userinfo | |
jwt: | |
secretKey: ${{ secrets.JWT_SECRET_KEY}} | |
tokenExpTime: ${{ secrets.JWT_TOKEN_EXP_TIME}} | |
code: | |
secretKey: ${{ secrets.CODE_SECRET_KEY}} | |
vector: ${{ secrets.CODE_VECTOR}} | |
EOF | |
# application-db.yml 생성 | |
- name: Create application-db.yml | |
run: | | |
mkdir -p src/main/resources | |
cat <<EOF > src/main/resources/application-db.yml | |
spring: | |
datasource: | |
driver-class-name: com.mysql.cj.jdbc.Driver | |
url: ${{secrets.MYSQL_URL}} | |
username: ${{secrets.MYSQL_USERNAME}} | |
password: ${{secrets.MYSQL_PASSWORD}} | |
jpa: | |
properties: | |
hibernate: | |
dialect: org.hibernate.dialect.MySQLDialect | |
database: mysql | |
EOF | |
# application-mail.yml 생성 | |
- name: Create application-mail.yml | |
run: | | |
mkdir -p src/main/resources | |
cat <<EOF > src/main/resources/application-mail.yml | |
spring: | |
mail: | |
host: smtp.gmail.com | |
port: ${{secrets.MAIL_PORT}} | |
username: ${{secrets.MAIL_USERNAME}} | |
password: ${{secrets.MAIL_PASSWORD}} | |
properties: | |
mail: | |
smtp: | |
auth: true | |
starttls: | |
enable: true | |
required: true | |
connectiontimeout: 5000 | |
timeout: 5000 | |
writetimeout: 5000 | |
EOF | |
# Gradle 캐시 설정 | |
- name: Cache Gradle packages | |
uses: actions/cache@v3 | |
with: | |
path: | | |
~/.gradle/caches | |
~/.gradle/wrapper | |
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
restore-keys: | | |
${{ runner.os }}-gradle- | |
# gradlew 실행 권한 부여 | |
- name: Grant execute permission for gradlew | |
run: chmod +x gradlew | |
# gradle로 빌드 | |
- name: Build with Gradle | |
run: ./gradlew bootJar | |
# AWS 인증 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
aws-region: ${{ env.AWS_REGION }} | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
# AWS 인증 테스트 | |
- name: Verify AWS Credentials | |
run: aws configure list | |
# 배포 자동화 | |
- name: Upload files to Lightsail | |
uses: appleboy/scp-action@master | |
with: | |
host: ${{ secrets.LIGHTSAIL_HOST }} | |
username: ${{ env.LIGHTSAIL_USERNAME }} | |
port: 22 | |
key: ${{ secrets.LIGHTSAIL_SSH_KEY }} | |
source: 'build/libs/*.jar' | |
target: '/home/ubuntu/seamless/dist' | |
use_insecure_cipher: true | |
- name: Restart Spring Boot process | |
uses: appleboy/ssh-action@master | |
with: | |
host: ${{ secrets.LIGHTSAIL_HOST }} | |
username: ${{env.LIGHTSAIL_USERNAME}} | |
key: ${{ secrets.LIGHTSAIL_SSH_KEY }} | |
script: | | |
BUILD_PATH=$(ls /home/ubuntu/seamless/dist/build/libs/*.jar) | |
JAR_NAME=$(basename $BUILD_PATH) | |
CURRENT_PID=$(pgrep -f $JAR_NAME) | |
if [ -z $CURRENT_PID ] | |
then | |
sleep 1 | |
else | |
kill -15 $CURRENT_PID | |
sleep 10 | |
fi | |
DEPLOY_PATH=/home/ubuntu/seamless/deploy/ | |
mkdir -p $DEPLOY_PATH | |
cp $BUILD_PATH $DEPLOY_PATH | |
cd $DEPLOY_PATH | |
DEPLOY_JAR=$DEPLOY_PATH$JAR_NAME | |
nohup java -jar $DEPLOY_JAR > /dev/null 2> /dev/null < /dev/null & |