chore: CI/CD 워크플로우 작성 #8
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and Deploy to Develop | |
on: | |
push: | |
branches: [ "develop" ] | |
pull_request: | |
branches: [ "develop" ] | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
environment: develop | |
strategy: | |
matrix: | |
java-version: [ 17 ] | |
distribution: [ 'temurin' ] | |
outputs: | |
image-tag: ${{ steps.image-tag.outputs.value }} | |
steps: | |
# 체크아웃 | |
- name: Checkout | |
uses: actions/checkout@v4 | |
# Docker 이미지 태그 세팅 | |
- name: Set up image-tag by GITHUB_SHA | |
id: image-tag | |
run: echo "value=$(echo ${GITHUB_SHA::7})" >> $GITHUB_OUTPUT | |
# JDK 17 버전으로 세팅 | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v4 | |
with: | |
java-version: ${{ matrix.java-version }} | |
distribution: ${{ matrix.distribution }} | |
# Gradlew 실행 허용 | |
- name: Run chmod to make gradlew executable | |
run: chmod +x ./gradlew | |
# Gradle 빌드 | |
- name: Build with Gradle | |
uses: gradle/gradle-build-action@v2 | |
with: | |
arguments: | | |
build | |
--scan | |
cache-read-only: ${{ github.ref != 'refs/heads/main' && github.ref != 'refs/heads/develop' }} # feature 브랜치는 캐시를 읽기 전용으로 설정 | |
# Dockerhub 로그인 | |
- name: Login to Dockerhub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
# 이미지 빌드 및 Dockerhub에 푸시 | |
- name: Docker Build and Push | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
push: true | |
tags: ${{ secrets.DOCKERHUB_USERNAME }}/gdsc-server:${{ steps.image-tag.outputs.value }} | |
# docker-compose.yml 파일을 EC2 서버로 전송 | |
- name: Copy docker-compose.yml to EC2 server | |
uses: appleboy/[email protected] | |
with: | |
host: ${{ secrets.EC2_HOST }} | |
username: ${{ secrets.EC2_USERNAME }} | |
key: ${{ secrets.EC2_PRIVATE_KEY }} | |
source: docker-compose.yml | |
target: /home/ubuntu/ | |
# TODO: 슬랙으로 build scan report 전송하는 워크플로 추가 | |
deploy: | |
runs-on: ubuntu-latest | |
environment: develop | |
needs: build | |
steps: | |
- name: Deploy to EC2 Server | |
uses: appleboy/ssh-action@master | |
env: | |
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} | |
DOCKERHUB_IMAGE_TAG: ${{ needs.build.outputs.image-tag }} | |
with: | |
host: ${{ secrets.EC2_HOST }} | |
username: ${{ secrets.EC2_USERNAME }} | |
key: ${{ secrets.EC2_PRIVATE_KEY }} | |
script: | | |
echo "${{ secrets.DOCKERHUB_TOKEN }}" | docker login -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin | |
docker pull ${{ secrets.DOCKERHUB_USERNAME }}/gdsc-server:${{ needs.build.outputs.image-tag }} | |
docker-compose -f /home/ubuntu/docker-compose.yml up -d | |
docker image prune -a -f |