This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI/CD Github Action | |
on: | |
push: | |
branches: [ "Master", "Weekly/*" ] | |
permissions: | |
contents: read | |
env: | |
DATASOURCE_URL : ${{ secrets.ENV_DATASOURCE_URL }} | |
DATASOURCE_USERNAME : ${{ secrets.ENV_DATASOURCE_USERNAME }} | |
DATASOURCE_PASSWORD : ${{ secrets.ENV_DATASOURCE_PASSWORD }} | |
GOOGLE_CLIENT_ID : ${{ secrets.ENV_GOOGLE_CLIENT_ID }} | |
GOOGLE_CLIENT_SECRET: ${{ secrets.ENV_GOOGLE_CLIENT_SECRET }} | |
GOOGLE_REDIRECT_URI : ${{ secrets.ENV_GOOGLE_REDIRECT_URI }} | |
IMAGE_UPLOAD_PATH : ${{ secrets.ENV_IMAGE_UPLOAD_PATH }} | |
JWT_SECRET : ${{ secrets.ENV_JWT_SECRET }} | |
KAKAO_CLIENT_ID : ${{ secrets.ENV_KAKAO_CLIENT_ID }} | |
KAKAO_CLIENT_SECRET : ${{ secrets.ENV_KAKAO_CLIENT_SECRET }} | |
KAKAO_REDIRECT_URI : ${{ secrets.ENV_KAKAO_REDIRECT_URI }} | |
KAKAOPAY_SECRET_KEY : ${{ secrets.ENV_KAKAOPAY_SECRET_KEY }} | |
SERVER_DOMAIN_NAME : ${{ secrets.ENV_SERVER_DOMAIN_NAME }} | |
jobs: | |
## 1단계: 프로젝트 빌드 | |
Build: | |
runs-on: ubuntu-22.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up JDK 21 | |
uses: actions/setup-java@v4 | |
with: | |
java-version: '21' | |
distribution: 'corretto' | |
- name: Gradle Caching (for faster build) | |
uses: actions/cache@v3 | |
with: | |
path: | | |
~/.gradle/caches | |
~/.gradle/wrapper | |
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
restore-keys: | | |
${{ runner.os }}-gradle- | |
- name: Build Application | |
run: | | |
chmod +x gradlew | |
./gradlew clean build -x test | |
- name: Store build failure reports (execute when build fail) | |
if: failure() | |
uses: actions/upload-artifact@v3 | |
with: | |
name: build-failure-reports | |
path: | | |
**/build/reports/ | |
- name: Store build artifacts | |
uses: actions/upload-artifact@v3 | |
with: | |
name: build-artifacts | |
path: build/libs/*.jar | |
## 2단계: 테스트 실행 | |
Test: | |
runs-on: ubuntu-22.04 | |
needs: Build # Build 단계가 완료되어야 실행됨 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up JDK 21 | |
uses: actions/setup-java@v4 | |
with: | |
java-version: '21' | |
distribution: 'corretto' | |
- name: Gradle Caching (for faster build) | |
uses: actions/cache@v3 | |
with: | |
path: | | |
~/.gradle/caches | |
~/.gradle/wrapper | |
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
restore-keys: | | |
${{ runner.os }}-gradle- | |
- name: Test Application | |
run: | | |
chmod +x gradlew | |
./gradlew test | |
- name: Store test failure reports (execute when test fail) | |
if: failure() | |
uses: actions/upload-artifact@v3 | |
with: | |
name: test-failure-reports | |
path: | | |
**/build/test-results/ | |
## 3단계: Docker 빌드 및 푸시 | |
Docker-Build: | |
runs-on: ubuntu-22.04 | |
needs: Test # Test 단계가 성공적으로 완료되어야 실행됨 | |
if: github.event_name == 'push' | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Download Build Artifacts | |
uses: actions/download-artifact@v3 | |
with: | |
name: build-artifacts | |
path: build/libs | |
- name: Docker Hub Login | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_TOKEN }} | |
- name: Docker Build | |
run: docker build -f Dockerfile --build-arg DEPENDENCY=build/dependency -t ${{ secrets.DOCKER_REPO_FULLNAME }} . | |
- name: Docker Push | |
run: docker push ${{ secrets.DOCKER_REPO_FULLNAME }} | |
## 4단계: 서버에 배포 | |
Deploy: | |
runs-on: ubuntu-22.04 | |
needs: Docker-Build | |
if: github.event_name == 'push' | |
steps: | |
- name: Update .env | |
uses: appleboy/ssh-action@master | |
with: | |
host: ${{ secrets.SSH_HOST }} | |
username: ${{ secrets.SSH_USERNAME }} | |
key: ${{ secrets.SSH_PRIVATE_KEY }} | |
port: ${{ secrets.SSH_PORT }} | |
script: | | |
echo "DATASOURCE_URL=${{ secrets.ENV_DATASOURCE_URL }}" > ~/.env | |
echo "DATASOURCE_USERNAME=${{ secrets.ENV_DATASOURCE_USERNAME }}" >> ~/.env | |
echo "DATASOURCE_PASSWORD=${{ secrets.ENV_DATASOURCE_PASSWORD }}" >> ~/.env | |
echo "GOOGLE_CLIENT_ID=${{ secrets.ENV_GOOGLE_CLIENT_ID }}" >> ~/.env | |
echo "GOOGLE_CLIENT_SECRET=${{ secrets.ENV_GOOGLE_CLIENT_SECRET }}" >> ~/.env | |
echo "GOOGLE_REDIRECT_URI=${{ secrets.ENV_GOOGLE_REDIRECT_URI }}" >> ~/.env | |
echo "JWT_SECRET=${{ secrets.ENV_JWT_SECRET }}" >> ~/.env | |
echo "IMAGE_UPLOAD_PATH=${{ secrets.ENV_IMAGE_UPLOAD_PATH }}" >> ~/.env | |
echo "KAKAO_CLIENT_ID=${{ secrets.ENV_KAKAO_CLIENT_ID }}" >> ~/.env | |
echo "KAKAO_CLIENT_SECRET=${{ secrets.ENV_KAKAO_CLIENT_SECRET }}" >> ~/.env | |
echo "KAKAO_REDIRECT_URI=${{ secrets.ENV_KAKAO_REDIRECT_URI }}" >> ~/.env | |
echo "KAKAOPAY_SECRET_KEY=${{ secrets.ENV_KAKAOPAY_SECRET_KEY }}" >> ~/.env | |
echo "SERVER_DOMAIN_NAME=${{ secrets.ENV_SERVER_DOMAIN_NAME }}" >> ~/.env | |
echo "Environment setup has been completed." | |
- name: Pull New Docker Image | |
uses: appleboy/ssh-action@master | |
with: | |
host: ${{ secrets.SSH_HOST }} | |
username: ${{ secrets.SSH_USERNAME }} | |
key: ${{ secrets.SSH_PRIVATE_KEY }} | |
port: ${{ secrets.SSH_PORT }} | |
envs: GITHUB_SHA | |
script: sudo docker pull ${{ secrets.DOCKER_REPO_FULLNAME }} | |
- name: Stop Old Docker Image | |
uses: appleboy/ssh-action@master | |
with: | |
host: ${{ secrets.SSH_HOST }} | |
username: ${{ secrets.SSH_USERNAME }} | |
key: ${{ secrets.SSH_PRIVATE_KEY }} | |
port: ${{ secrets.SSH_PORT }} | |
envs: GITHUB_SHA | |
script: sudo docker stop would-you-in | |
- name: Run New Docker Image | |
uses: appleboy/ssh-action@master | |
with: | |
host: ${{ secrets.SSH_HOST }} | |
username: ${{ secrets.SSH_USERNAME }} | |
key: ${{ secrets.SSH_PRIVATE_KEY }} | |
port: ${{ secrets.SSH_PORT }} | |
envs: GITHUB_SHA | |
script: sudo docker run --rm -d -p 80:8080 --env-file ~/.env --name would-you-in -v would-you-in-image-volume:${{ secrets.ENV_IMAGE_UPLOAD_PATH }} ${{ secrets.DOCKER_REPO_FULLNAME }} | |
- name: Clean-Up Docker Image | |
uses: appleboy/ssh-action@master | |
with: | |
host: ${{ secrets.SSH_HOST }} | |
username: ${{ secrets.SSH_USERNAME }} | |
key: ${{ secrets.SSH_PRIVATE_KEY }} | |
port: ${{ secrets.SSH_PORT }} | |
envs: GITHUB_SHA | |
script: sudo docker image prune -f |