[WHAT-73] security & jwt 토큰을 이용한 로그인 구현 (#61) #77
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # 작업명 | |
| name: CD NCP | |
| # 실행해야 할 브랜치, push가 발생한 경우로만 한정하였다. | |
| on: | |
| push: | |
| branches: | |
| - 'develop' | |
| - 'main' | |
| jobs: | |
| CD: | |
| ## 이거 NCP ubuntu OS 가 아니라, github Actions job 실행 환경의 ubuntu OS버전이다. | |
| runs-on: ubuntu-latest | |
| env: | |
| RESOURCE_PATH: ./src/main/resources/application.yml | |
| steps: | |
| ## Project JDK 17 Setting | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| - name: Set yml file | |
| uses: microsoft/variable-substitution@v1 | |
| with: | |
| files: ${{ env.RESOURCE_PATH }} | |
| env: | |
| spring.datasource.url: ${{ secrets.DB_HOST }} | |
| spring.datasource.username: ${{ secrets.DB_USERNAME }} | |
| spring.datasource.password: ${{ secrets.DB_PASSWORD }} | |
| # Gradle의 사용권한 셋팅 | |
| - name: Grant Execute permission for gradlew | |
| run: chmod +x gradlew | |
| shell: bash | |
| # 프로젝트 테스트 진행없이 빌드 | |
| - name: Build with Gradle | |
| run: ./gradlew build -x test | |
| shell: bash | |
| # Docker 빌드 생성 및 푸시 | |
| - name: dev Docker build & push | |
| if: contains(github.ref, 'main') || contains(github.ref, 'develop') | |
| run: | | |
| echo ${{ secrets.SONG_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
| docker build -f Dockerfile -t ghcr.io/whatever-mentoring/whatssue-be/whatssue:1.0 . | |
| docker push ghcr.io/whatever-mentoring/whatssue-be/whatssue:1.0 | |
| # 개발서버 SSH접속 및 배포 | |
| - name: Deploy | |
| uses: appleboy/ssh-action@master | |
| id: deploy | |
| if: contains(github.ref, 'main') || contains(github.ref, 'develop') | |
| with: | |
| host: ${{ secrets.NCP_DEV_SERVER_IP }} | |
| username: ${{ secrets.NCP_DEV_SERVER_USER }} | |
| password: ${{ secrets.NCP_DEV_SERVER_PASSWORD }} | |
| port: ${{ secrets.NCP_DEV_SERVER_SSH_PORT }} | |
| script: | | |
| echo "${{ secrets.SONG_TOKEN }}" | sudo docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
| if [ "$(docker ps -aq -f name=whatssue-be)" ]; then | |
| sudo docker stop whatssue-be | |
| sudo docker rm whatssue-be | |
| fi | |
| # 이전 이미지를 제거합니다. | |
| if [ "$(docker images -q ghcr.io/whatever-mentoring/whatssue-be/whatssue)" ]; then | |
| sudo docker rmi ghcr.io/whatever-mentoring/whatssue-be/whatssue | |
| fi | |
| sudo docker pull ghcr.io/whatever-mentoring/whatssue-be/whatssue:1.0 | |
| sudo docker run -d -p 8090:8090 --name whatssue-be ghcr.io/whatever-mentoring/whatssue-be/whatssue:1.0 | |
| sudo docker image prune -f | |