feat: ci-cd pipeline 구축

JongMany · Oct 21, 2024 · 0661d7d · 0661d7d
1 parent fafec86
commit 0661d7d
Show file tree

Hide file tree

Showing 3 changed files with 169 additions and 0 deletions.
diff --git a/.dockerignore b/.dockerignore
@@ -0,0 +1,5 @@
+node_modules
+npm-debug.log
+Dockerfile
+.dockerignore
+.next
diff --git a/.github/workflows/ci-cd.yaml b/.github/workflows/ci-cd.yaml
@@ -0,0 +1,108 @@
+name: FE-Dockerizing to Amazon ECR
+
+on:
+  push:
+    branches: ["main"]
+  pull_request:
+    branches: ["main"]
+
+env:
+  AWS_REGION: ap-northeast-2
+  ECR_REPOSITORY: sj-graduate
+  ECR_REGISTRY: 214925768882.dkr.ecr.ap-northeast-2.amazonaws.com
+
+jobs:
+  ci:
+    name: FE-Deploy
+    runs-on: ubuntu-latest
+    environment: production
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Config AWS credentials
+        uses: aws-actions/configure-aws-credentials@v2
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ${{ env.AWS_REGION }}
+
+      - name: Login To Amazon ECR
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v1
+
+      - name: Build, tag, and push image to Amazon ECR
+        id: build-image
+        env:
+          ECR_REGISTRY: ${{ env.ECR_REGISTRY }}
+          ECR_REPOSITORY: ${{ env.ECR_REPOSITORY }}
+          IMAGE_TAG: ${{ github.sha }}
+        run: |
+          docker build --build-arg NEXT_PUBLIC_BASE_URL=${{ secrets.NEXT_PUBLIC_BASE_URL }} \
+            -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f ./client/Dockerfile.prod ./client
+          docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
+          echo "IMAGE_TAG=$IMAGE_TAG" >> $GITHUB_ENV
+      - name: Save image tag to file
+        run: echo "${IMAGE_TAG}" > image-tag.txt
+
+      - name: Verify image tag file
+        run: cat image-tag.txt
+
+      - name: Upload artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: image-tag
+          path: image-tag.txt
+
+  cd:
+    name: FE-Deploy Docker Image to Server
+    runs-on: self-hosted
+    needs: ci
+    steps:
+      - name: Download artifact
+        uses: actions/download-artifact@v3
+        with:
+          name: image-tag
+
+      - name: Read image tag
+        id: read-image-tag
+        run: |
+          IMAGE_TAG=$(cat image-tag.txt)
+          echo "IMAGE_TAG=$IMAGE_TAG" >> $GITHUB_ENV
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v2
+        with:
+          aws-access-key-id: ${{ secrets.AWS_IAM_ACCESS }}
+          aws-secret-access-key: ${{ secrets.AWS_IAM_SECRET }}
+          aws-region: ${{ env.AWS_REGION }}
+
+      - name: Login to Amazon ECR
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v1
+
+      - name: Create .env.production file in config directory
+        run: |
+          mkdir -p config
+          echo NEXTAUTH_SECRET="${{ secrets.NEXTAUTH_SECRET }}" >> .env.production          
+          echo NEXTAUTH_URL="${{ secrets.NEXTAUTH_URL }}" >> .env.production          
+          echo NEXT_PUBLIC_API_URL="${{ secrets.NEXT_PUBLIC_API_URL }}" >> .env.production          
+          echo NEXT_PUBLIC_THREAD_KEY = "${{ secrets.NEXT_PUBLIC_THREAD_KEY }}" >> .env.production
+#          echo NEXTAUTH_SECRET="${{ secrets.NEXTAUTH_SECRET }}" >> config/.env.production
+#          echo NEXTAUTH_URL="${{ secrets.NEXTAUTH_URL }}" >> config/.env.production
+#          echo NEXT_PUBLIC_API_URL="${{ secrets.NEXT_PUBLIC_API_URL }}" >> config/.env.production
+#          echo NEXT_PUBLIC_THREAD_KEY = "${{ secrets.NEXT_PUBLIC_THREAD_KEY }}" >> config/.env.production
+
+      - name: Set permissions for .env.production file
+        run: chmod 600 config/.env.production
+      - name: Verify .env file contents
+        run: cat config/.env.production
+
+      - name: Pull image from Amazon ECR and restart Docker Container
+        run: |
+          docker pull ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ env.IMAGE_TAG }}
+          docker stop study-log-client || true && docker rm study-log-client || true
+          docker run -d --name study-log-client -p 3000:3000 --restart unless-stopped \
+            --env-file config/.env.production \
+            ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ env.IMAGE_TAG }}
+#            --env-file .env.production \
diff --git a/Dockerfile.prod b/Dockerfile.prod
@@ -0,0 +1,56 @@
+# 빌드 단계
+FROM node:18-alpine AS client-build
+
+# 작업 디렉토리 설정
+WORKDIR /app
+
+# package.json과 package-lock.json 복사
+COPY package*.json ./
+
+# 빌드 시점 환경변수 정의
+ARG NEXT_PUBLIC_BASE_URL
+
+# Next.js 종속성 설치
+RUN npm install
+
+# 애플리케이션 코드 복사
+COPY . .
+
+# 환경 변수 파일 복사
+# COPY ./config ./config
+# 빌드 시 사용할 환경 변수 파일 복사
+# 기본적으로 development 환경 변수 파일을 사용
+# ARG ENV_FILE=.env.production
+# COPY config/$ENV_FILE .env
+
+# 환경변수를 설정하여 빌드 시점에 적용
+ENV NEXT_PUBLIC_BASE_URL=$NEXT_PUBLIC_BASE_URL
+
+# Next.js 애플리케이션 빌드
+RUN npm run build:prod
+
+# 실행 단계
+FROM node:18-alpine
+
+# 작업 디렉토리 설정
+WORKDIR /app
+
+# production 의존성만 설치
+COPY package*.json ./
+RUN npm install --production
+
+# 빌드된 파일만 복사
+COPY --from=client-build /app/.next ./.next
+COPY --from=client-build /app/public ./public
+COPY --from=client-build /app/next.config.mjs ./next.config.mjs
+COPY --from=client-build /app/package.json ./package.json
+
+# 환경 변수 파일 복사
+# COPY --from=client-build /app/.env .env
+
+
+# 포트 설정
+EXPOSE 3000
+
+# 애플리케이션 시작
+CMD ["npm", "run", "start:prod"]