CI/CD - Dev (NCP) #51
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD - Dev (NCP) | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| branch: | |
| description: 'Branch' | |
| required: true | |
| default: 'develop' | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ github.event.inputs.branch }} | |
| - uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'temurin' | |
| java-version: '17' | |
| - uses: gradle/actions/setup-gradle@v3 | |
| with: | |
| gradle-version: '8.14.2' | |
| - name: Generate Development Configs | |
| shell: bash | |
| run: | | |
| mkdir -p ./src/main/resources | |
| # 🔥 'EOF'를 사용해 내부 ${VAR} 문법 보존 | |
| cat <<'EOF' > ./src/main/resources/application.yml | |
| ${{ secrets.CD_APPLICATION_DEV }} | |
| EOF | |
| cat <<'EOF' > ./src/main/resources/application-aws.yml | |
| ${{ secrets.CD_APPLICATION_AWS }} | |
| EOF | |
| cat <<'EOF' > ./src/main/resources/application-oauth.yml | |
| ${{ secrets.CD_APPLICATION_OAUTH_DEV }} | |
| EOF | |
| - name: Build & Push | |
| run: | | |
| chmod +x ./gradlew | |
| ./gradlew clean build -x test | |
| echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin | |
| docker build --no-cache -t "${{ secrets.DOCKER_USERNAME }}/doki-dev:latest" . | |
| docker push "${{ secrets.DOCKER_USERNAME }}/doki-dev:latest" | |
| deploy: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Deploy to NCP via SSH | |
| uses: appleboy/ssh-action@v1.0.3 | |
| with: | |
| host: ${{ secrets.DEV_NCP_PUBLIC_IP }} | |
| username: root | |
| password: ${{ secrets.DEV_NCP_PASSWORD }} | |
| script: | | |
| echo "📦 Pulling latest doki-dev image..." | |
| docker pull ${{ secrets.DOCKER_USERNAME }}/doki-dev:latest | |
| echo "🗑 Cleaning up old container..." | |
| docker rm -f doki-dev-container || true | |
| echo "🚀 Running new development container..." | |
| docker run -d --name doki-dev-container \ | |
| --network host \ | |
| -m 512m \ | |
| -e JAVA_TOOL_OPTIONS="-Xms256m -Xmx384m" \ | |
| -e SPRING_PROFILES_ACTIVE=dev \ | |
| -e DB_PASSWORD_DEV="${{ secrets.DB_PASSWORD_DEV }}" \ | |
| -e DOKI_JWT_SECRET_VALUE="${{ secrets.DOKI_JWT_SECRET_VALUE }}" \ | |
| -e DOKI_GOOGLE_CLIENT_ID="${{ secrets.DOKI_GOOGLE_CLIENT_ID }}" \ | |
| -e DOKI_APPLE_CLIENT_ID="${{ secrets.DOKI_APPLE_CLIENT_ID }}" \ | |
| -e DOKI_APPLE_TEAM_ID="${{ secrets.DOKI_APPLE_TEAM_ID }}" \ | |
| -e DOKI_APPLE_KEY_ID="${{ secrets.DOKI_APPLE_KEY_ID }}" \ | |
| -e DOKI_DEV_APPLE_REDIRECT_URI="${{ secrets.DOKI_DEV_APPLE_REDIRECT_URI }}" \ | |
| -e APPLE_REFRESH_TOKEN_SECRET="${{ secrets.APPLE_REFRESH_TOKEN_SECRET }}" \ | |
| -e DOKI_APPLE_PRIVATE_KEY='${{ secrets.DOKI_APPLE_PRIVATE_KEY }}' \ | |
| -e DOKI_KAKAO_CLIENT_ID="${{ secrets.DOKI_KAKAO_CLIENT_ID }}" \ | |
| -e DOKI_KAKAO_CLIENT_SECRET="${{ secrets.DOKI_KAKAO_CLIENT_SECRET }}" \ | |
| -e DOKI_DEV_KAKAO_REDIRECT_URI="${{ secrets.DOKI_DEV_KAKAO_REDIRECT_URI }}" \ | |
| -e WEATHER_URL="${{ secrets.WEATHER_URL }}" \ | |
| -e WEATHER_API_KEY="${{ secrets.WEATHER_API_KEY }}" \ | |
| -e AWS_ACCESS_KEY_ID="${{ secrets.AWS_ACCESS_KEY_ID }}" \ | |
| -e AWS_SECRET_ACCESS_KEY="${{ secrets.AWS_SECRET_ACCESS_KEY }}" \ | |
| ${{ secrets.DOCKER_USERNAME }}/doki-dev:latest | |
| sudo nginx -t && sudo systemctl reload nginx | |
| echo "✅ NCP Dev Deployment Complete!" |