test: 주석 제거겸 deploy test #5
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to EC2 with Docker hub | |
| on: | |
| push: | |
| branches: | |
| - dev | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| # 소스코드 체크아웃 | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| # Gradle 실행 권한 부여 | |
| - name: Make gradlew executable | |
| run: chmod +x ./gradlew | |
| # Docker hub 로그인 | |
| - name: Log in to Docker Hub | |
| uses: docker/[email protected] | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| # Docker Buildx 설정 추가 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| # Dockerfile을 사용하여 이미지를 빌드하고 Docker Hub에 푸시합니다. | |
| - name: Build and push Docker image | |
| uses: docker/[email protected] | |
| with: | |
| context: . | |
| file: ./Dockerfile | |
| push: true | |
| # Docker 레이어 캐시 활성화 | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| tags: | | |
| ${{ secrets.DOCKER_USERNAME }}/gitdeun:latest | |
| ${{ secrets.DOCKER_USERNAME }}/gitdeun:${{ github.sha }} | |
| # 3. EC2에서 환경 변수를 설정하고 애플리케이션 실행 | |
| - name: Deploy via SSH | |
| uses: appleboy/[email protected] | |
| with: | |
| host: ${{secrets.EC2_HOST}} | |
| username: ${{secrets.EC2_USERNAME}} | |
| key: ${{ secrets.EC2_PRIVATE_KEY }} | |
| port: 22 | |
| script: | | |
| set -euo pipefail | |
| # 대상 디렉터리 보장 | |
| mkdir -p ${{ secrets.EC2_TARGET_PATH }} | |
| # 멀티라인 .env 안전 저장 - 옵션 A(Heredoc) 예시 | |
| cat > ${{ secrets.EC2_TARGET_PATH }}/.env <<'ENV_EOF'${{ secrets.ENV_FILE }}ENV_EOF | |
| chmod 600 ${{ secrets.EC2_TARGET_PATH }}/.env | |
| # Docker Hub 로그인 | |
| echo "${{ secrets.DOCKERHUB_TOKEN }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin | |
| # 네트워크 준비 | |
| docker network create gitdeun-network || true | |
| # 최신 커밋 SHA로 배포(불변 태그) | |
| IMAGE="${{ secrets.DOCKER_USERNAME }}/gitdeun:${{ github.sha }}" | |
| docker pull "$IMAGE" | |
| # 기존 컨테이너 중지/삭제 | |
| docker stop gitdeun || true | |
| docker rm gitdeun || true | |
| # 실행 | |
| docker run -d \ | |
| --name gitdeun \ | |
| --restart unless-stopped \ | |
| --env SPRING_PROFILES_ACTIVE=prod,s3Bucket \ | |
| --env-file ${{ secrets.EC2_TARGET_PATH }}/.env \ | |
| --network gitdeun-network \ | |
| -p 8080:8080 \ | |
| -v ${{ secrets.EC2_TARGET_PATH }}/logs:/app/logs \ | |
| "$IMAGE" | |
| # 오래된 이미지 정리 | |
| docker image prune -f --filter "until=168h" |