feat(snackgame.biz): 기존 인증체계를 사용하지 않는다 (#189) #123
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: 변경사항을 개발 서버에 배포한다 | |
on: | |
workflow_dispatch: | |
push: | |
branches: [ "dev" ] | |
permissions: | |
contents: read | |
env: | |
JAR_NAME: snackgame-server.jar | |
JAR_DIRECTORY: /home/ubuntu/snackgame | |
jobs: | |
deploy: | |
runs-on: dev | |
environment: | |
name: dev | |
steps: | |
- name: Get token from Submodule Reader | |
uses: actions/create-github-app-token@v1 | |
id: app_token | |
with: | |
app-id: ${{ secrets.SUBMODULE_APP_ID }} | |
private-key: ${{ secrets.SUBMODULE_APP_PEM }} | |
owner: ${{ github.repository_owner }} | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
submodules: true | |
token: ${{ steps.app_token.outputs.token }} | |
- name: Setup Gradle | |
uses: gradle/actions/setup-gradle@v3 | |
- name: Create bootjar | |
uses: gradle/gradle-build-action@v3 | |
with: | |
arguments: bootjar | |
- name: Copy jar | |
shell: bash {0} | |
run: | | |
mkdir $JAR_DIRECTORY | |
cp ./build/libs/$JAR_NAME $JAR_DIRECTORY/$JAR_NAME | |
- name: 현재 사용중인 어플리케이션 포트 확인 | |
shell: bash {0} | |
run: | | |
PORT_A_PID=$(lsof -ti:${{ vars.APPLICATION_PORT_A }}) | |
PORT_B_PID=$(lsof -ti:${{ vars.APPLICATION_PORT_B }}) | |
if [ -n "$PORT_A_PID" ] && [ -n "$PORT_B_PID" ]; then | |
echo "::error title=배포 실패::$PORT_A_PID, $PORT_B_PID 두 포트가 모두 사용중입니다"; | |
exit 1; | |
elif [ -n "$PORT_A_PID" ]; then | |
echo "BLUE_PORT=${{ vars.APPLICATION_PORT_A }}" >> "$GITHUB_ENV" | |
echo "GREEN_PORT=${{ vars.APPLICATION_PORT_B }}" >> "$GITHUB_ENV" | |
elif [ -n "$PORT_B_PID" ]; then | |
echo "BLUE_PORT=${{ vars.APPLICATION_PORT_B }}" >> "$GITHUB_ENV" | |
echo "GREEN_PORT=${{ vars.APPLICATION_PORT_A }}" >> "$GITHUB_ENV" | |
else | |
echo "BLUE_PORT=${{ vars.APPLICATION_PORT_A }}" >> "$GITHUB_ENV" | |
echo "GREEN_PORT=${{ vars.APPLICATION_PORT_B }}" >> "$GITHUB_ENV" | |
fi | |
- name: Download Datadog Java Agent | |
working-directory: ${{ env.JAR_DIRECTORY }} | |
run: | | |
wget -O dd-java-agent.jar 'https://dtdg.co/latest-java-tracer' | |
- name: 그린 어플리케이션 실행 | |
env: | |
RUNNER_TRACKING_ID: "" | |
shell: bash | |
working-directory: ${{ env.JAR_DIRECTORY }} | |
run: | | |
nohup java \ | |
-Dserver.port=$GREEN_PORT \ | |
-Dspring.profiles.active=${{ vars.ENVIRONMENT_NAME }} \ | |
-DACCESS_TOKEN_SECRET_KEY=${{ secrets.ACCESS_TOKEN_SECRET_KEY }} \ | |
-DACCESS_TOKEN_EXPIRY_DAYS=${{ secrets.ACCESS_TOKEN_EXPIRY_DAYS }} \ | |
-DREFRESH_TOKEN_SECRET_KEY=${{ secrets.REFRESH_TOKEN_SECRET_KEY }} \ | |
-DREFRESH_TOKEN_EXPIRY_DAYS=${{ secrets.REFRESH_TOKEN_EXPIRY_DAYS }} \ | |
-DDB_URL=${{ secrets.DB_URL }} \ | |
-DDB_USERNAME=${{ secrets.DB_USERNAME }} \ | |
-DDB_PASSWORD=${{ secrets.DB_PASSWORD }} \ | |
-javaagent:dd-java-agent.jar \ | |
-Ddd.profiling.enabled=true \ | |
-XX:FlightRecorderOptions=stackdepth=256 \ | |
-Ddd.logs.injection=true \ | |
-Ddd.appsec.enabled=true \ | |
-Ddd.iast.enabled=true \ | |
-Ddd.service=snackgame \ | |
-Ddd.env=${{ vars.ENVIRONMENT_NAME }} \ | |
-jar $JAR_NAME > ~/snackgame-server.log & | |
- name: 그린 어플리케이션이 접속 가능할 때까지 기다린다 | |
shell: bash {0} | |
run: | | |
PROCESS_ID="$(lsof -i:$GREEN_PORT -t)" | |
while [ "$(curl -o /dev/null -s -w %{http_code} localhost:$GREEN_PORT/rankings/1?by=BEST_SCORE)" != 200 ] | |
do | |
if [ ! -e "/proc/$PROCESS_ID" ]; then | |
echo "::error title=배포 실패::블루 어플리케이션으로 롤백합니다."; | |
exit 1; | |
fi | |
echo "새로운 어플리케이션을 띄우는 중입니다."; | |
sleep 5; | |
done | |
- name: 리버스 프록시 설정 변경 | |
working-directory: ${{ env.JAR_DIRECTORY }} | |
shell: bash {0} | |
run: | | |
echo "proxy_pass http://localhost:$GREEN_PORT;" > port.inc; | |
sudo nginx -s reload; | |
- name: 블루 어플리케이션 종료 | |
shell: bash {0} | |
run: | | |
PROCESS_ID="$(lsof -i:$BLUE_PORT -t)" | |
if [ -n "$PROCESS_ID" ]; then | |
sudo kill -15 $PROCESS_ID | |
echo "구동중인 애플리케이션을 종료했습니다. (pid : $PROCESS_ID)\n" | |
fi |