Merge pull request #109 from wafflestudio/107-프로필-이미지-응답-형식-수정 #57
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CD Pipeline - EC2 Deploy | |
| on: | |
| push: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: picokosmos | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| push: true | |
| tags: | | |
| docker.io/picokosmos/spring-app:latest | |
| docker.io/picokosmos/spring-app:${{ github.sha }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Deploy to EC2 | |
| uses: appleboy/ssh-action@v1.0.3 | |
| env: | |
| APP_DIR: ${{ secrets.EC2_APP_DIR }} | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USER }} | |
| key: ${{ secrets.EC2_SSH_KEY }} | |
| port: ${{ secrets.EC2_SSH_PORT }} | |
| envs: APP_DIR | |
| script: | | |
| set -euo pipefail | |
| if [ -n "${APP_DIR:-}" ]; then | |
| cd "$APP_DIR" | |
| else | |
| cd ~/app | |
| fi | |
| # Create/update .env file with secrets | |
| cat > .env << 'EOF' | |
| SPRING_MAIL_USERNAME=${{ secrets.SPRING_MAIL_USERNAME }} | |
| SPRING_MAIL_PASSWORD=${{ secrets.SPRING_MAIL_PASSWORD }} | |
| DB_PASSWORD=${{ secrets.DB_PASSWORD }} | |
| MYSQL_ROOT_PASSWORD=${{ secrets.MYSQL_ROOT_PASSWORD }} | |
| JWT_SECRET=${{ secrets.JWT_SECRET }} | |
| SENDGRID_API_KEY=${{ secrets.SENDGRID_API_KEY }} | |
| GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID }} | |
| GOOGLE_CLIENT_SECRET=${{ secrets.GOOGLE_CLIENT_SECRET }} | |
| GOOGLE_REDIRECT_URI=${{ secrets.GOOGLE_REDIRECT_URI }} | |
| EOF | |
| # Pull latest docker-compose file | |
| curl -fsSL https://raw.githubusercontent.com/${{ github.repository }}/main/docker-compose.prod.yml -o docker-compose.yml | |
| # Pull latest images and restart | |
| docker compose pull | |
| docker compose up -d | |
| # Clean up old images | |
| docker image prune -f | |
| # Show status | |
| echo "=== Container Status ===" | |
| docker compose ps | |
| # Wait for app to be healthy | |
| echo "=== Waiting for app to start ===" | |
| sleep 30 | |
| docker compose logs --tail=50 app | |
| - name: Health check | |
| uses: appleboy/ssh-action@v1.0.3 | |
| env: | |
| APP_DIR: ${{ secrets.EC2_APP_DIR }} | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USER }} | |
| key: ${{ secrets.EC2_SSH_KEY }} | |
| port: ${{ secrets.EC2_SSH_PORT }} | |
| envs: APP_DIR | |
| script: | | |
| set -euo pipefail | |
| if [ -n "${APP_DIR:-}" ]; then | |
| cd "$APP_DIR" | |
| else | |
| cd ~/app | |
| fi | |
| echo "=== Waiting for app to be healthy ===" | |
| for i in {1..30}; do | |
| if curl -sf http://localhost:8080/actuator/health > /dev/null 2>&1; then | |
| echo "✅ App is healthy!" | |
| exit 0 | |
| fi | |
| echo "Attempt $i/30: App not ready yet, waiting 30s..." | |
| sleep 30 | |
| done | |
| echo "❌ App failed to start. Logs:" | |
| docker compose logs --tail=100 | |
| exit 1 |