Feat: CI/CD 구축 및 무중단 배포 #101
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD | |
| on: | |
| push: | |
| branches: [ "dev" ] | |
| pull_request: | |
| branches: [ "dev" ] | |
| workflow_dispatch: | |
| jobs: | |
| upload-deployment: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Copy deployment files to EC2 | |
| uses: appleboy/scp-action@v0.1.4 | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ubuntu | |
| key: ${{ secrets.EC2_PRIVATE_KEY }} | |
| source: "deployment" | |
| target: "~/NBE5-7-2-TEAM08" | |
| get-active-color: | |
| runs-on: ubuntu-latest | |
| needs: upload-deployment | |
| outputs: | |
| new_color: ${{ steps.set_color.outputs.NEW_COLOR }} | |
| steps: | |
| - name: Get current active color from EC2 | |
| id: get_color | |
| run: | | |
| echo "${{ secrets.EC2_PRIVATE_KEY }}" > ./private_key.pem | |
| chmod 600 ./private_key.pem | |
| COLOR=$(ssh -o StrictHostKeyChecking=no -i ./private_key.pem ubuntu@${{ secrets.EC2_HOST }} 'cat ~/NBE5-7-2-TEAM08/deployment/active_color.txt 2>/dev/null || echo blue') | |
| echo "CURRENT_COLOR=$COLOR" | |
| echo "CURRENT_COLOR=$COLOR" >> $GITHUB_OUTPUT | |
| - name: Set NEW_COLOR | |
| id: set_color | |
| run: | | |
| if [ "${{ steps.get_color.outputs.CURRENT_COLOR }}" = "blue" ]; then | |
| echo "NEW_COLOR=green" >> $GITHUB_OUTPUT | |
| else | |
| echo "NEW_COLOR=blue" >> $GITHUB_OUTPUT | |
| fi | |
| backend: | |
| runs-on: ubuntu-latest | |
| needs: get-active-color | |
| env: | |
| NEW_COLOR: ${{ needs.get-active-color.outputs.new_color }} | |
| RDS_USERNAME: ${{ secrets.RDS_USERNAME }} | |
| RDS_PASSWORD: ${{ secrets.RDS_PASSWORD }} | |
| RDS_ENDPOINT: ${{ secrets.RDS_ENDPOINT }} | |
| REDIS_HOST: ${{ secrets.REDIS_HOST }} | |
| REDIS_PORT: ${{ secrets.REDIS_PORT }} | |
| OAUTH_GITHUB_CLIENT_ID: ${{ secrets.OAUTH_GITHUB_CLIENT_ID }} | |
| OAUTH_GITHUB_SECRET: ${{ secrets.OAUTH_GITHUB_SECRET }} | |
| DOMAIN_URL: ${{ secrets.DOMAIN_URL }} | |
| IMAGE_URL: ${{ secrets.IMAGE_URL }} | |
| WEBHOOK_URL: ${{ secrets.WEBHOOK_URL }} | |
| AWS_ACCESS_KEY: ${{ secrets.AWS_ACCESS_KEY }} | |
| AWS_SECRET_KEY: ${{ secrets.AWS_SECRET_KEY }} | |
| JWT_SECRET: ${{ secrets.JWT_SECRET }} | |
| defaults: | |
| run: | |
| working-directory: backend | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up JDK 21 | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: temurin | |
| java-version: 21 | |
| - run: chmod +x ./gradlew | |
| - run: ./gradlew clean build -x test | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| - name: Docker build image (backend) | |
| run: docker build --platform linux/amd64 --no-cache -t limkanghyun/dev-chat-backend:${NEW_COLOR} . | |
| - name: Docker push backend image | |
| run: docker push limkanghyun/dev-chat-backend:${NEW_COLOR} | |
| frontend: | |
| runs-on: ubuntu-latest | |
| needs: get-active-color | |
| env: | |
| NEW_COLOR: ${{ needs.get-active-color.outputs.new_color }} | |
| defaults: | |
| run: | |
| working-directory: frontend | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: 22 | |
| - run: npm install | |
| - run: CI=false npm run build | |
| - run: npm test -- --passWithNoTests | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| - name: Docker build image(frontend) | |
| run: docker build --platform linux/amd64 -t limkanghyun/dev-chat-frontend:${NEW_COLOR} . | |
| - name: Docker push frontend image | |
| run: docker push limkanghyun/dev-chat-frontend:${NEW_COLOR} | |
| deploy: | |
| runs-on: ubuntu-latest | |
| needs: [ backend, frontend, get-active-color ] | |
| env: | |
| NEW_COLOR: ${{ needs.get-active-color.outputs.new_color }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Deploy to EC2 via SSH | |
| uses: appleboy/ssh-action@v1 | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ubuntu | |
| key: ${{ secrets.EC2_PRIVATE_KEY }} | |
| envs: | | |
| NEW_COLOR | |
| JWT_SECRET | |
| RDS_USERNAME | |
| RDS_PASSWORD | |
| RDS_ENDPOINT | |
| REDIS_HOST | |
| REDIS_PORT | |
| OAUTH_GITHUB_CLIENT_ID | |
| OAUTH_GITHUB_SECRET | |
| DOMAIN_URL | |
| IMAGE_URL | |
| WEBHOOK_URL | |
| AWS_ACCESS_KEY | |
| AWS_SECRET_KEY | |
| script: | | |
| export NEW_COLOR="${{ needs.get-active-color.outputs.new_color }}" | |
| export JWT_SECRET="${{ secrets.JWT_SECRET }}" | |
| export RDS_USERNAME="${{ secrets.RDS_USERNAME }}" | |
| export RDS_PASSWORD="${{ secrets.RDS_PASSWORD }}" | |
| export RDS_ENDPOINT="${{ secrets.RDS_ENDPOINT }}" | |
| export REDIS_HOST="${{ secrets.REDIS_HOST }}" | |
| export REDIS_PORT="${{ secrets.REDIS_PORT }}" | |
| export OAUTH_GITHUB_CLIENT_ID="${{ secrets.OAUTH_GITHUB_CLIENT_ID }}" | |
| export OAUTH_GITHUB_SECRET="${{ secrets.OAUTH_GITHUB_SECRET }}" | |
| export DOMAIN_URL="${{ secrets.DOMAIN_URL }}" | |
| export IMAGE_URL="${{ secrets.IMAGE_URL }}" | |
| export WEBHOOK_URL="${{ secrets.WEBHOOK_URL }}" | |
| export AWS_ACCESS_KEY="${{ secrets.AWS_ACCESS_KEY }}" | |
| export AWS_SECRET_KEY="${{ secrets.AWS_SECRET_KEY }}" | |
| cd ~/NBE5-7-2-TEAM08/deployment | |
| chmod +x ./deploy.sh | |
| ./deploy.sh | |
| # 중단방식 | |
| # script: | | |
| # cd ~/NBE5-7-2-TEAM08 | |
| # docker-compose pull | |
| # docker-compose down | |
| # docker-compose up -d --build |