test #31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: deploy | |
on: | |
push: | |
branches: | |
- prod/backend | |
jobs: | |
docker-build: | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
working-directory: ./backend | |
steps: | |
- name: Log in to Docker Hub | |
uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
- uses: actions/checkout@v3 | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v3 | |
with: | |
java-version: '17' | |
distribution: 'adopt' | |
- name: Gradle Caching | |
uses: actions/cache@v3 | |
with: | |
path: | | |
~/.gradle/caches | |
~/.gradle/wrapper | |
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
restore-keys: | | |
${{ runner.os }}-gradle- | |
- name: Grant execute permission for gradlew | |
run: chmod +x gradlew | |
- name: Build for asciiDoc | |
run: ./gradlew bootjar | |
- name: Build with Gradle | |
run: ./gradlew bootjar | |
- name: Extract metadata (tags, labels) for Docker | |
id: meta | |
uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 | |
with: | |
images: woowacarffeine/backend | |
- name: Build and push Docker image | |
uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671 | |
with: | |
context: . | |
file: ./backend/Dockerfile | |
push: true | |
platforms: linux/arm64 | |
tags: woowacarffeine/backend:latest | |
labels: ${{ steps.meta.outputs.labels }} | |
deploy: | |
runs-on: self-hosted | |
if: ${{ needs.docker-build.result == 'success' }} | |
needs: [ docker-build ] | |
steps: | |
- name: Join EC2 dev server | |
uses: appleboy/ssh-action@master | |
env: | |
JASYPT_KEY: ${{ secrets.JASYPT_KEY }} | |
DATABASE_USERNAME: ${{ secrets.DATABASE_USERNAME }} | |
DATABASE_PASSWORD: ${{ secrets.DATABASE_PASSWORD }} | |
with: | |
host: ${{ secrets.SERVER_HOST }} | |
username: ${{ secrets.SERVER_USERNAME }} | |
key: ${{ secrets.SERVER_KEY }} | |
port: ${{ secrets.SERVER_PORT }} | |
envs: JASYPT_KEY, DATABASE_USERNAME, DATABASE_PASSWORD | |
script: | | |
sudo docker pull woowacarffeine/backend:latest | |
sudo docker stop backend || true | |
sudo docker container prune -f | |
sudo docker run -d -p 8080:8080 -p 8088:8088 \ | |
-e "SPRING_PROFILE=prod" \ | |
-e "ENCRYPT_KEY=${{secrets.JASYPT_KEY}}" \ | |
-e "DATABASE_USERNAME=${{secrets.DATABASE_USERNAME}}" \ | |
-e "DATABASE_PASSWORD=${{secrets.DATABASE_PASSWORD}}" \ | |
-e "REPLICA_DATABASE_USERNAME=${{secrets.REPLICA_DB_USER_NAME}}" \ | |
-e "REPLICA_DATABASE_PASSWORD=${{secrets.REPLICA_DB_USER_PASSWORD}}" \ | |
-e "SLACK_WEBHOOK_URL=${{secrets.SLACK_WEBHOOK_URL}}" \ | |
--name backend \ | |
woowacarffeine/backend:latest | |
sudo docker image prune -a -f |