#141 Deploy: docker 캐시 활용 #99
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD Pipeline with Docker | |
| on: | |
| push: | |
| branches: [ develop, dep/#141-cicd-optimizing ] # develop 브랜치에 push 발생 시 실행 | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: 'temurin' | |
| java-version: '17' | |
| cache: 'gradle' | |
| - name: Create application.yml | |
| run: | | |
| mkdir -p src/main/resources | |
| cat <<EOF > src/main/resources/application.yml | |
| ${{ secrets.APPLICATION_YML }} | |
| EOF | |
| shell: bash | |
| - name: Build with Gradle | |
| run: | | |
| chmod +x gradlew | |
| ./gradlew bootJar | |
| - name: Upload docker-compose file | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: docker-compose | |
| path: docker-compose.yml | |
| - name: Login to DockerHub | |
| run: echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin | |
| - name: Build and push Docker image | |
| run: | | |
| docker build --cache-from=type=registry,ref=${{ secrets.DOCKER_USERNAME }}/${{ vars.MY_APP }}:latest \ | |
| --cache-to=type=inline \ | |
| -t ${{ secrets.DOCKER_USERNAME }}/${{ vars.MY_APP }}:latest . | |
| docker push ${{ secrets.DOCKER_USERNAME }}/${{ vars.MY_APP }}:latest | |
| deploy: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Download docker-compose file | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: docker-compose | |
| - name: Deploy to EC2 | |
| env: | |
| EC2_SSH_KEY: ${{ secrets.EC2_SSH_KEY }} | |
| EC2_USERNAME: ${{ secrets.EC2_USERNAME }} | |
| EC2_HOST: ${{ secrets.EC2_HOST }} | |
| DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
| MY_APP: ${{ vars.MY_APP }} | |
| run: | | |
| echo "$EC2_SSH_KEY" > private_key.pem | |
| chmod 600 private_key.pem | |
| mkdir -p ~/.ssh | |
| ssh-keyscan -H $EC2_HOST >> ~/.ssh/known_hosts | |
| chmod 600 ~/.ssh/known_hosts | |
| # EC2로 docker-compose.yml 복사 | |
| scp -i private_key.pem docker-compose.yml $EC2_USERNAME@$EC2_HOST:/home/$EC2_USERNAME/docker-compose.yml | |
| ssh -i private_key.pem -o StrictHostKeyChecking=no $EC2_USERNAME@$EC2_HOST " | |
| docker pull $DOCKER_USERNAME/$MY_APP:latest | |
| docker-compose down || true | |
| docker-compose up -d --remove-orphans | |
| docker image prune -f | |
| " | |
| rm -f private_key.pem |