-
Notifications
You must be signed in to change notification settings - Fork 2
79 lines (74 loc) · 2.87 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
name: CI/CD Pipeline
on:
push:
branches:
- main # main 브랜치에 푸시될 때 실행
jobs:
build-and-deploy:
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v3
- name: Set Docker Permissions
run: |
sudo chmod 666 /var/run/docker.sock
- name: Generate .env.prod
run: |
echo "DB_HOST=${{ secrets.DB_HOST }}" >> .env.prod
echo "DB_PASSWORD=${{ secrets.DB_PASSWORD }}" >> .env.prod
echo "SECRET_FOR_JWT=${{ secrets.SECRET_FOR_JWT }}" >> .env.prod
- name: Get Public IP
id: ip
uses: haythem/[email protected]
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Log in to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Get Version
id: version
run: echo "VERSION=1.0.$(date +%s)" >> $GITHUB_ENV
- name: Build and Push Docker Image
run: |
docker build -t odumag99/snuvote:${{ env.VERSION }} .
docker tag odumag99/snuvote:${{ env.VERSION }} odumag99/snuvote:latest
docker push odumag99/snuvote:${{ env.VERSION }}
docker push odumag99/snuvote:latest
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: 'ap-northeast-2'
- name: Add GitHub Actions IP
run: |
aws ec2 authorize-security-group-ingress \
--group-id ${{ secrets.SECURITY_GROUP_ID }} \
--protocol tcp \
--port 22 \
--cidr ${{ steps.ip.outputs.ipv4 }}/32 || true
- name: Copy .env.prod to EC2
run: |
echo "${{ secrets.SERVER_SSH_KEY }}" > ssh_key
chmod 600 ssh_key
scp -i ssh_key -o StrictHostKeyChecking=no .env.prod ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_IP }}:/home/${{ secrets.SERVER_USER }}/.env.prod
- name: Deploy to EC2
run: |
ssh -i ssh_key -o StrictHostKeyChecking=no ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_IP }} "
sudo docker pull odumag99/snuvote:${{ env.VERSION }} &&
if [ \"\$(sudo docker ps -aq -f name=snuvote)\" ]; then
sudo docker stop snuvote
sudo docker rm snuvote
fi &&
sudo docker run -d --name snuvote -p 8000:8000 \
--env-file /home/${{ secrets.SERVER_USER }}/.env.prod \
odumag99/snuvote:${{ env.VERSION }}"
- name: Remove GitHub Actions IP
run: |
aws ec2 revoke-security-group-ingress \
--group-id ${{ secrets.SECURITY_GROUP_ID }} \
--protocol tcp \
--port 22 \
--cidr ${{ steps.ip.outputs.ipv4 }}/32 || true