Merge pull request #98 from Konkuk-KUIT/94-someissues #45

	name: Deploy (SSH)

	on:
	push:
	branches: ["main"]

	concurrency:
	group: deploy-main
	cancel-in-progress: true

	jobs:
	deploy:
	runs-on: ubuntu-latest
	steps:
	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: ${{ secrets.AWS_REGION }}

	- name: Get runner public IP
	id: ip
	run: \|
	IP="$(curl -fsSL https://checkip.amazonaws.com)"
	echo "ipv4=$IP" >> "$GITHUB_OUTPUT"

	- name: Authorize runner IP in security group
	run: \|
	aws ec2 authorize-security-group-ingress \
	--group-id "${{ secrets.SECURITY_GROUP_ID }}" \
	--protocol tcp \
	--port 22 \
	--cidr "${{ steps.ip.outputs.ipv4 }}/32" \|\| true

	- name: Deploy via SSH
	uses: appleboy/ssh-action@v1.0.3
	with:
	host: ${{ secrets.SSH_HOST }}
	username: ${{ secrets.SSH_USER }}
	key: ${{ secrets.SSH_PRIVATE_KEY }}
	port: ${{ secrets.SSH_PORT \|\| 22 }}
	script: \|
	set -e
	# Adjust these paths to your server layout
	JAVA_REPO_DIR="${{ secrets.JAVA_REPO_DIR }}"
	COMPOSE_DIR="${{ secrets.COMPOSE_DIR }}"

	echo "[1/2] Pull java repo"
	if [ -n "$JAVA_REPO_DIR" ]; then
	cd "$JAVA_REPO_DIR"
	git pull origin main
	fi

	echo "[2/2] Compose up (java-server only)"
	cd "$COMPOSE_DIR"
	docker compose up -d --build java-server

	- name: Revoke runner IP from security group
	if: always()
	run: \|
	aws ec2 revoke-security-group-ingress \
	--group-id "${{ secrets.SECURITY_GROUP_ID }}" \
	--protocol tcp \
	--port 22 \
	--cidr "${{ steps.ip.outputs.ipv4 }}/32" \|\| true

Provide feedback