This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD with Git Actions & Docker Hub | |
| on: | |
| pull_request: | |
| branches: | |
| - master | |
| - develop | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| env: | |
| SPRING_PROFILE: ${{ github.base_ref == 'master' && 'prod' || 'dev' }} | |
| PRIVATE_IP: ${{ github.base_ref == 'master' && secrets.PRIVATE_IP || secrets.DEV_PRIVATE_IP }} | |
| REPOSITORY: ${{ github.base_ref == 'master' && secrets.DOCKERHUB_REPOSITORY || secrets.DEV_DOCKERHUB_REPOSITORY }} | |
| APPLICATION_YML: ${{ github.base_ref == 'master' && secrets.APPLICATION_YML_PROD || secrets.APPLICATION_YML_DEV }} | |
| steps: | |
| - name: Checkout source code | |
| uses: actions/checkout@v3 | |
| - name: Set up JDK 21 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '21' | |
| distribution: 'temurin' | |
| - name: Grant execute permission to gradlew | |
| run: chmod +x ./gradlew | |
| - name: Create application-{profile}.yml | |
| run: | | |
| mkdir -p src/main/resources | |
| echo "${{ env.APPLICATION_YML }}" > src/main/resources/application-${{ env.SPRING_PROFILE }}.yml | |
| - name: Build with Gradle | |
| run: ./gradlew clean :bootJar | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Build and push Docker image | |
| run: | | |
| docker build \ | |
| --build-arg SPRING_PROFILE=${{ env.SPRING_PROFILE }} \ | |
| -t ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.REPOSITORY }}:${{ secrets.DOCKERHUB_TAG }} \ | |
| --platform linux/amd64 . | |
| docker push ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.REPOSITORY }}:${{ secrets.DOCKERHUB_TAG }} | |
| - name: Deploy at EC2 instance through Bastion Host | |
| uses: appleboy/ssh-action@master | |
| with: | |
| host: ${{ secrets.BASTION_SSH_HOST }} # Bastion Host 퍼블릭 IP | |
| username: ubuntu | |
| key: ${{ secrets.BASTION_SSH_KEY }} | |
| port: ${{ secrets.BASTION_SSH_PORT }} | |
| script: | | |
| echo "✅ Bastion Host 접속 완료" | |
| # Private EC2에 SSH 접속 후 배포 수행 | |
| ssh -i "${{secrets.DIRECTORY_PEM}}" ubuntu@${{ env.PRIVATE_IP }} << 'EOF' | |
| echo "✅ Private EC2 접속 완료" | |
| IMAGE_NAME="${{ secrets.DOCKERHUB_USERNAME }}/${{ env.REPOSITORY }}:${{ secrets.DOCKERHUB_TAG }}" | |
| CONTAINER_NAME="${{ secrets.DOCKERHUB_TAG }}" | |
| echo "🔹 Docker 로그인" | |
| docker login -u "${{ secrets.DOCKERHUB_USERNAME }}" -p "${{ secrets.DOCKERHUB_TOKEN }}" | |
| echo "🔹 기존 컨테이너($CONTAINER_NAME) 중지 및 삭제" | |
| if [ "$(sudo docker ps -q -f name=$CONTAINER_NAME)" ]; then | |
| sudo docker stop "$CONTAINER_NAME" | |
| sudo docker rm "$CONTAINER_NAME" | |
| else | |
| echo "ℹ️ $CONTAINER_NAME 컨테이너가 실행 중이지 않음" | |
| fi | |
| echo "🔹 기존 이미지($IMAGE_NAME) 삭제" | |
| if [ "$(sudo docker images -q $IMAGE_NAME)" ]; then | |
| sudo docker rmi "$IMAGE_NAME" | |
| else | |
| echo "ℹ️ 삭제할 이미지 없음: $IMAGE_NAME" | |
| fi | |
| echo "🔹 새로운 Docker 이미지 Pull" | |
| sudo docker pull "$IMAGE_NAME" | |
| echo "🔹 컨테이너 실행" | |
| sudo docker run -d --name "$CONTAINER_NAME" --network=drinkly -p 8888:8888 --restart unless-stopped "$IMAGE_NAME" | |
| echo "🚀 배포 완료" | |
| EOF |