feat: add aws config information when executing docker container #9
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Slack-Server CI/CD | |
# 트리거를 수행할 브랜치를 지정합니다. | |
on: | |
push: | |
branches: [ danawa-slack ] | |
# 환경설정 | |
env: | |
DOCKER_IMAGE: ghcr.io/${{ github.actor }}/danawa-slack | |
VERSION: ${{ github.sha }} | |
NAME: slack_cicd | |
jobs: | |
# 빌드 Job | |
build: | |
name: Build | |
runs-on: ubuntu-latest | |
steps: | |
# github repository에서 checkout | |
- uses: actions/checkout@v2 | |
# docker build 수행 | |
- name: Set up docker buildx | |
id: buildx | |
uses: docker/setup-buildx-action@v1 | |
- name: Cache docker layers | |
uses: actions/cache@v2 | |
with: | |
path: /tmp/.buildx-cache | |
key: ${{ runner.os }}-buildx-${{ env.VERSION }} | |
restore-keys: | | |
${{ runner.os }}-buildx- | |
# GitHub 컨테이너 레지스트리에 로그인 후 빌드 & 푸시 | |
- name: Login to ghcr | |
uses: docker/login-action@v1 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GHCR_TOKEN }} | |
- name: Build and push | |
id: docker_build | |
uses: docker/build-push-action@v2 | |
with: | |
builder: ${{ steps.buildx.outputs.name }} | |
push: true | |
tags: ${{ env.DOCKER_IMAGE }}:latest | |
# 배포 Job | |
deploy: | |
needs: build # build 후에 실행되도록 정의 | |
name: Deploy | |
runs-on: [ self-hosted, label-go ] # AWS ./configure에서 사용할 label명 | |
steps: | |
- name: Login to ghcr | |
uses: docker/login-action@v1 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GHCR_TOKEN }} | |
# 3000 -> 80 포트로 수행하도록 지정 | |
- name: Docker run | |
run: | | |
docker stop ${{ env.NAME }} && docker rm ${{ env.NAME }} && docker rmi ${{ env.DOCKER_IMAGE }}:latest | |
docker run -d -p 80:3000 \ | |
--name slack_cicd \ | |
--restart always \ | |
-e app_token=${{ secrets.APP_TOKEN }} \ | |
-e bot_token=${{ secrets.BOT_TOKEN }} \ | |
-e AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} \ | |
-e AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} \ | |
-v ~/.aws/:/root/.aws:ro \ | |
${{ env.DOCKER_IMAGE }}:latest |