Feat : 도커 스왐 적용 #225
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Java CI/CD with Gradle | |
| on: | |
| push: | |
| branches: [ "develop" ] | |
| pull_request: | |
| branches: [ "develop" ] | |
| types: [ closed ] | |
| permissions: | |
| contents: read | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| env: | |
| PROFILE: prod | |
| DB_PROD_HOST: ${{ secrets.DB_PROD_HOST }} | |
| DB_PROD_USERNAME: ${{ secrets.DB_PROD_USERNAME }} | |
| DB_PROD_PASSWD: ${{ secrets.DB_PROD_PASSWD }} | |
| SOCIAL_CLIENT_ID: ${{ secrets.SOCIAL_CLIENT_ID }} | |
| SOCIAL_CLIENT_PASSWD: ${{ secrets.SOCIAL_CLIENT_PASSWD }} | |
| SOCIAL_CLIENT_SECRET: ${{ secrets.SOCIAL_CLIENT_SECRET }} | |
| JWT_SECRET: ${{ secrets.JWT_SECRET }} | |
| WAS_HOST: ${{ secrets.WAS_HOST }} | |
| AWS_S3_BUCKET_NAME: ${{ secrets.AWS_S3_BUCKET_NAME }} | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| AWS_REGION: ap-northeast-2 | |
| DEFAULT_PROFILE: ${{ secrets.DEFAULT_PROFILE }} | |
| AWS_CLOUDFRONT_DOMAIN: ${{ secrets.AWS_CLOUDFRONT_DOMAIN }} | |
| SOCKET_SERVER_URL: ${{secrets.SOCKET_SERVER_URL}} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| - name: Build with Gradle | |
| run: ./gradlew --warning-mode all build -i | |
| docker-build: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x gradlew | |
| - name: Build with Gradle (without Test) | |
| run: ./gradlew clean build -x test --stacktrace | |
| - name: Docker Hub build & push | |
| run: | | |
| docker login -u ${{ secrets.DOCKER_HUB_USERNAME }} -p ${{ secrets.DOCKER_HUB_PWD }} | |
| docker build --build-arg PROFILE=${{ secrets.PROFILE }} \ | |
| --build-arg DB_PROD_HOST=${{ secrets.DB_PROD_HOST }} \ | |
| --build-arg DB_PROD_USERNAME=${{ secrets.DB_PROD_USERNAME }} \ | |
| --build-arg DB_PROD_PASSWD=${{ secrets.DB_PROD_PASSWD }} \ | |
| --build-arg SOCIAL_CLIENT_ID=${{ secrets.SOCIAL_CLIENT_ID }} \ | |
| --build-arg SOCIAL_CLIENT_PASSWD=${{ secrets.SOCIAL_CLIENT_PASSWD }} \ | |
| --build-arg SOCIAL_CLIENT_SECRET=${{ secrets.SOCIAL_CLIENT_SECRET }} \ | |
| --build-arg JWT_SECRET=${{ secrets.JWT_SECRET }} \ | |
| --build-arg AWS_S3_BUCKET_NAME=${{ secrets.AWS_S3_BUCKET_NAME }} \ | |
| --build-arg AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} \ | |
| --build-arg AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} \ | |
| --build-arg AWS_REGION=ap-northeast-2 \ | |
| --build-arg DEFAULT_PROFILE=${{ secrets.DEFAULT_PROFILE }} \ | |
| --build-arg AWS_CLOUDFRONT_DOMAIN=${{ secrets.AWS_CLOUDFRONT_DOMAIN }} \ | |
| --build-arg SOCKET_SERVER_URL=${{ secrets.SOCKET_SERVER_URL }} \ | |
| -t linkode/linkode:latest . | |
| docker images | |
| docker push linkode/linkode:latest | |
| deploy: | |
| runs-on: ubuntu-latest | |
| needs: docker-build | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: SSH로 서버에 연결하여 Docker Swarm 배포 | |
| uses: appleboy/ssh-action@master | |
| with: | |
| host: ${{ secrets.WAS_HOST }} | |
| username: ubuntu | |
| key: ${{ secrets.PRIVATE_KEY }} | |
| port: ${{ secrets.WAS_PORT }} | |
| script: | | |
| # 기존 서비스가 존재하는지 확인 후 없으면 생성, 있으면 업데이트 | |
| if ! sudo docker service ls | grep -q "linkode-service"; then | |
| echo "서비스가 존재하지 않으므로 새로 생성합니다." | |
| sudo docker service create \ | |
| --name linkode-service \ | |
| --env PROFILE=${{ secrets.PROFILE }} \ | |
| --env DB_PROD_HOST=${{ secrets.DB_PROD_HOST }} \ | |
| --env DB_PROD_USERNAME=${{ secrets.DB_PROD_USERNAME }} \ | |
| --env DB_PROD_PASSWD=${{ secrets.DB_PROD_PASSWD }} \ | |
| --env SOCIAL_CLIENT_ID=${{ secrets.SOCIAL_CLIENT_ID }} \ | |
| --env SOCIAL_CLIENT_PASSWD=${{ secrets.SOCIAL_CLIENT_PASSWD }} \ | |
| --env SOCIAL_CLIENT_SECRET=${{ secrets.SOCIAL_CLIENT_SECRET }} \ | |
| --env JWT_SECRET=${{ secrets.JWT_SECRET }} \ | |
| --env AWS_S3_BUCKET_NAME=${{ secrets.AWS_S3_BUCKET_NAME }} \ | |
| --env AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} \ | |
| --env AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} \ | |
| --env AWS_REGION=ap-northeast-2 \ | |
| --env DEFAULT_PROFILE=${{ secrets.DEFAULT_PROFILE }} \ | |
| --env AWS_CLOUDFRONT_DOMAIN=${{ secrets.AWS_CLOUDFRONT_DOMAIN }} \ | |
| --env SOCKET_SERVER_URL=${{ secrets.SOCKET_SERVER_URL }} \ | |
| --publish 8080:8080 \ | |
| ${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.DOCKER_HUB_REPO_NAME }}:latest | |
| else | |
| echo "서비스가 이미 존재합니다. 업데이트를 진행합니다." | |
| sudo docker service update --force \ | |
| --image ${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.DOCKER_HUB_REPO_NAME }}:latest \ | |
| --env-add PROFILE=${{ secrets.PROFILE }} \ | |
| --env-add DB_PROD_HOST=${{ secrets.DB_PROD_HOST }} \ | |
| --env-add DB_PROD_USERNAME=${{ secrets.DB_PROD_USERNAME }} \ | |
| --env-add DB_PROD_PASSWD=${{ secrets.DB_PROD_PASSWD }} \ | |
| --env-add SOCIAL_CLIENT_ID=${{ secrets.SOCIAL_CLIENT_ID }} \ | |
| --env-add SOCIAL_CLIENT_PASSWD=${{ secrets.SOCIAL_CLIENT_PASSWD }} \ | |
| --env-add SOCIAL_CLIENT_SECRET=${{ secrets.SOCIAL_CLIENT_SECRET }} \ | |
| --env-add JWT_SECRET=${{ secrets.JWT_SECRET }} \ | |
| --env-add AWS_S3_BUCKET_NAME=${{ secrets.AWS_S3_BUCKET_NAME }} \ | |
| --env-add AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} \ | |
| --env-add AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} \ | |
| --env-add AWS_REGION=ap-northeast-2 \ | |
| --env-add DEFAULT_PROFILE=${{ secrets.DEFAULT_PROFILE }} \ | |
| --env-add AWS_CLOUDFRONT_DOMAIN=${{ secrets.AWS_CLOUDFRONT_DOMAIN }} \ | |
| --env-add SOCKET_SERVER_URL=${{ secrets.SOCKET_SERVER_URL }} \ | |
| linkode-service | |
| fi | |
| # 사용하지 않는 도커 이미지를 정리 | |
| sudo docker image prune -f |