Merge pull request #171 from kookmin-sw/feature/be/#159-ApiRateLimiter #60
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy Server | |
| on: | |
| push: | |
| branches: | |
| - develop-back | |
| - main | |
| permissions: | |
| contents: read | |
| jobs: | |
| setup-env: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Create env file | |
| run: | | |
| echo DB_ENDPOINT=${{ secrets.DB_ENDPOINT }} >> .env | |
| echo DB_NAME=${{ secrets.DB_NAME }} >> .env | |
| echo DB_PORT=${{ secrets.DB_PORT }} >> .env | |
| echo MYSQL_USERNAME=${{ secrets.MYSQL_USERNAME }} >> .env | |
| echo MYSQL_PASSWORD=${{ secrets.MYSQL_PASSWORD }} >> .env | |
| echo JWT_SECRET=${{ secrets.JWT_SECRET }} >> .env | |
| echo JWT_ACCESS_EXPIRATION_TIME=${{ secrets.JWT_ACCESS_EXPIRATION_TIME }} >> .env | |
| echo JWT_REFRESH_EXPIRATION_TIME=${{ secrets.JWT_REFRESH_EXPIRATION_TIME }} >> .env | |
| echo HMAC_SECRET=${{ secrets.HMAC_SECRET }} >> .env | |
| echo HMAC_ALGORITHM=${{ secrets.HMAC_ALGORITHM }} >> .env | |
| echo DeepL_API_KEY=${{ secrets.DeepL_API_KEY }} >> .env | |
| echo TEST_KEY=${{ secrets.TEST_KEY }} >> .env | |
| echo Azure_API_KEY=${{ secrets.Azure_API_KEY }} >> .env | |
| echo REDIS_HOST=${{ secrets.REDIS_HOST }} >> .env | |
| echo REDIS_PORT=${{ secrets.REDIS_PORT }} >> .env | |
| echo S3_ACCESS_KEY=${{ secrets.S3_ACCESS_KEY }} >> .env | |
| echo S3_SECRET_KEY=${{ secrets.S3_SECRET_KEY }} >> .env | |
| echo SECRET_KEY_BASE=${{ secrets.SECRET_KEY_BASE }} >> .env | |
| echo SERVER_NAME=${{ secrets.SERVER_NAME }} >> .env | |
| echo SERVER_URL=${{ secrets.SERVER_URL }} >> .env | |
| echo CHATBOT_URL=${{ secrets.CHATBOT_URL }} >> .env | |
| - name: Copy .env to EC2 | |
| uses: appleboy/scp-action@master | |
| with: | |
| host: ${{ secrets.AWS_HOST }} | |
| username: ubuntu | |
| key: ${{ secrets.AWS_KEY }} | |
| source: "./.env" | |
| target: "capstone" | |
| - name: Copy docker-compose.yaml to EC2 | |
| uses: appleboy/scp-action@master | |
| with: | |
| host: ${{ secrets.AWS_HOST }} | |
| username: ubuntu | |
| key: ${{ secrets.AWS_KEY }} | |
| source: "./docker-compose.yml" | |
| target: "capstone" | |
| - name: action-slack | |
| uses: 8398a7/action-slack@v3 | |
| with: | |
| status: ${{ job.status }} | |
| author_name: 외국민 | |
| fields: repo,message,commit,author,action,eventName,ref,workflow,job,took | |
| env: | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| if: always() | |
| build-spring: | |
| runs-on: ubuntu-latest | |
| needs: setup-env | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to DockerHub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Build and push Spring | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: ./back | |
| push: true | |
| tags: ${{ secrets.DOCKER_REPO }}/spring:latest | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: action-slack | |
| uses: 8398a7/action-slack@v3 | |
| with: | |
| status: ${{ job.status }} | |
| author_name: 외국민 | |
| fields: repo,message,commit,author,action,eventName,ref,workflow,job,took | |
| env: | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| if: always() | |
| build-nginx: | |
| runs-on: ubuntu-latest | |
| needs: setup-env | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to DockerHub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Build and push Nginx | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: ./back/nginx | |
| push: true | |
| tags: ${{ secrets.DOCKER_REPO }}/nginx:latest | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: action-slack | |
| uses: 8398a7/action-slack@v3 | |
| with: | |
| status: ${{ job.status }} | |
| author_name: 외국민 | |
| fields: repo,message,commit,author,action,eventName,ref,workflow,job,took | |
| env: | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| if: always() | |
| build-ruby: | |
| runs-on: ubuntu-latest | |
| needs: setup-env | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to DockerHub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Build and push Ruby on Rails | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: ./back-chat | |
| push: true | |
| tags: ${{ secrets.DOCKER_REPO }}/ruby:latest | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: action-slack | |
| uses: 8398a7/action-slack@v3 | |
| with: | |
| status: ${{ job.status }} | |
| author_name: 외국민 | |
| fields: repo,message,commit,author,action,eventName,ref,workflow,job,took | |
| env: | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| if: always() | |
| build-gateway: | |
| runs-on: ubuntu-latest | |
| needs: setup-env | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to DockerHub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Login to DockerHub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Build and push Spring | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: ./back-gateway | |
| push: true | |
| tags: ${{ secrets.DOCKER_REPO }}/spring-gateway:latest | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: action-slack | |
| uses: 8398a7/action-slack@v3 | |
| with: | |
| status: ${{ job.status }} | |
| author_name: 외국민 | |
| fields: repo,message,commit,author,action,eventName,ref,workflow,job,took | |
| env: | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| if: always() | |
| deploy: | |
| runs-on : ubuntu-latest | |
| needs: [build-spring, build-nginx, build-ruby, build-gateway] | |
| steps: | |
| - name: executing remote ssh commands using password | |
| uses: appleboy/ssh-action@master | |
| with: | |
| host: ${{ secrets.AWS_HOST }} | |
| username: ubuntu | |
| key: ${{ secrets.AWS_KEY }} | |
| script: | | |
| if [ "$(sudo docker ps -qa)" ]; then | |
| sudo docker rm -f $(sudo docker ps -qa) | |
| fi | |
| sudo docker pull ${{ secrets.DOCKER_REPO }}/spring:latest | |
| sudo docker pull ${{ secrets.DOCKER_REPO }}/nginx:latest | |
| sudo docker pull ${{ secrets.DOCKER_REPO }}/ruby:latest | |
| sudo docker pull ${{ secrets.DOCKER_REPO }}/spring-gateway:latest | |
| sudo docker compose -f capstone/docker-compose.yml up -d | |
| sudo docker image prune -f | |
| - name: action-slack | |
| uses: 8398a7/action-slack@v3 | |
| with: | |
| status: ${{ job.status }} | |
| author_name: 외국민 | |
| fields: repo,message,commit,author,action,eventName,ref,workflow,job,took | |
| env: | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| if: always() | |