chore : security 폴더 업데이트 #66
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow uses actions that are not certified by GitHub. | |
# They are provided by a third-party and are governed by | |
# separate terms of service, privacy policy, and support | |
# documentation. | |
# This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time | |
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle | |
name: Java CI with Gradle | |
on: | |
push: | |
branches: [ "main" ] | |
pull_request: | |
branches: [ "main" ] | |
permissions: | |
contents: read | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v3 | |
with: | |
java-version: '17' | |
distribution: 'temurin' | |
# (1) 기본 체크아웃 | |
- name: Checkout | |
uses: actions/checkout@v3 | |
with: | |
token: ${{ secrets.SUBMODULE_TOKEN }} | |
submodules: true | |
# gradle caching | |
- name: Gradle Caching | |
uses: actions/cache@v3 | |
with: | |
path: | | |
~/.gradle/caches | |
~/.gradle/wrapper | |
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
restore-keys: | | |
${{ runner.os }}-gradle- | |
# gradle 권한 부여 | |
- name: Run chmod to make gradlew executable | |
run: chmod +x ./gradlew | |
# docker spring job | |
- name: Build BootJar with Gradle # 실제 application build(-x 옵션을 통해 test는 제외) | |
run: ./gradlew bootjar | |
# docker build & push to | |
- name: Docker build & push | |
run: | | |
docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} | |
docker build -t ${{ secrets.DOCKER_USERNAME }}/trip-together . | |
docker push ${{ secrets.DOCKER_USERNAME }}/trip-together | |
# docker deploy | |
- name : Docker Deploy Executing remote ssh commands | |
uses : appleboy/ssh-action@master | |
with : | |
host : ${{ secrets.HOST }} | |
username : ubuntu | |
key : ${{ secrets.SSH_KEY }} | |
script : | | |
docker volume prune -f # 사용되지 않는 컨테이너, 이미지 삭제 및 볼륨 정리 | |
docker-compose down # docker-compose 내리기 | |
docker-compose pull | |
docker-compose build # docker-compose 빌드 | |
docker-compose up -d # docker-compose 백그라운드 실행 |