refactor: application 추적에 다른 CICD 파이프라인 수정 & JWT 토큰 개별화로 클라이언트 접근 방지 #1
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Individual Deploy Test | |
| on: | |
| pull_request: | |
| branches: [ "develop" ] | |
| permissions: | |
| contents: read | |
| jobs: | |
| CI-CD: | |
| runs-on: ubuntu-latest | |
| steps: | |
| # JDK setting - github actions에서 사용할 JDK 설정 (aws 과 project의 java 버전과 별도로 관리) | |
| - uses: actions/checkout@v3 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| ## gradle caching (빌드 시간 줄이기) | |
| - name: Gradle Caching | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.gradle/caches | |
| ~/.gradle/wrapper | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: | | |
| ${{ runner.os }}-gradle- | |
| # dev profile을 활성화 시킵니다. | |
| - name: Set dev profile | |
| run: | | |
| echo "spring: | |
| profiles: | |
| include: dev" > ./src/main/resources/application.yml | |
| shell: bash | |
| # gradle chmod | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x gradlew | |
| # gradle build | |
| - name: Build with Gradle | |
| run: ./gradlew clean build -x test | |
| # docker login | |
| - name: Docker Hub Login | |
| uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| # docker build & push to develop | |
| - name: Docker build & push to dev server | |
| run: | | |
| docker build -f Dockerfile -t ${{ secrets.DOCKER_REPO }}/eatssu-dev . | |
| docker push ${{ secrets.DOCKER_REPO }}/eatssu-dev | |
| ## deploy to develop | |
| - name: Deploy to dev server | |
| uses: appleboy/ssh-action@master | |
| id: deploy-dev | |
| with: | |
| host: ${{ secrets.HOST_DEV }} # EC2 퍼블릭 IPv4 DNS | |
| username: ${{ secrets.USERNAME }} # ubuntu | |
| port: 22 | |
| key: ${{ secrets.DEV_PRIVATE_KEY }} | |
| script: | | |
| sudo docker ps | |
| sudo docker rm -f $(docker ps -qa) | |
| sudo docker pull ${{ secrets.DOCKER_REPO }}/eatssu-dev | |
| sudo docker run -d -p 9000:9000 \ | |
| -e EATSSU_DB_URL_DEV="${{ secrets.EATSSU_DB_URL_DEV }}" \ | |
| -e EATSSU_DB_USERNAME="${{ secrets.EATSSU_DB_USERNAME }}" \ | |
| -e EATSSU_DB_PASSWORD="${{ secrets.EATSSU_DB_PASSWORD }}" \ | |
| -e EATSSU_JWT_SECRET_DEV="${{ secrets.EATSSU_JWT_SECRET_DEV }}" \ | |
| -e EATSSU_AWS_ACCESS_KEY_DEV="${{ secrets.EATSSU_AWS_ACCESS_KEY_DEV }}" \ | |
| -e EATSSU_AWS_SECRET_KEY_DEV="${{ secrets.EATSSU_AWS_SECRET_KEY_DEV }}" \ | |
| -e EATSSU_SLACK_TOKEN="${{ secrets.EATSSU_SLACK_TOKEN }}" \ | |
| ${{ secrets.DOCKER_REPO }}/eatssu-dev | |
| sudo docker image prune -f |