Update cicd.yml #2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 🌱Farm System 4th Security-WEB deploy session🌱 | |
| on: | |
| push: | |
| branches: [ "main" ] | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| - name: Create application.yml for build | |
| run: | | |
| mkdir -p ./src/main/resources | |
| echo "${{ secrets.APPLICATION }}" > ./src/main/resources/application.yml | |
| - name: Cache Gradle packages | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.gradle/caches | |
| ~/.gradle/wrapper | |
| key: gradle-${{ runner.os }}-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: | | |
| gradle-${{ runner.os }}- | |
| - name: 권한 부여 | |
| run: chmod +x ./gradlew | |
| - name: Build with Gradle Wrapper (Skip Tests) | |
| run: ./gradlew build -x test | |
| - name: Docker build & push to Docker Hub | |
| run: | | |
| echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin | |
| docker build -t ${{ secrets.DOCKER_USERNAME }}/farm:latest . | |
| docker push ${{ secrets.DOCKER_USERNAME }}/farm:latest | |
| docker logout | |
| - name: Deploy to EC2 | |
| uses: appleboy/ssh-action@master | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ubuntu | |
| key: ${{ secrets.EC2_PRIVATE_KEY }} | |
| script: | | |
| set -e | |
| echo "🛑 기존 컨테이너 중지 및 제거" | |
| docker stop farm || true | |
| docker rm farm || true | |
| echo "📦 최신 이미지 pull" | |
| docker pull ${{ secrets.DOCKER_USERNAME }}/farm:latest | |
| echo "📂 yml 파일을 저장할 디렉토리 생성" | |
| sudo mkdir -p /home/ubuntu/app/src/main/resources | |
| sudo chown -R ubuntu:ubuntu /home/ubuntu/app | |
| sudo chmod -R 755 /home/ubuntu/app | |
| echo "📄 yml 파일 생성 및 GitHub Secrets 값 적용" | |
| echo "${{ secrets.APPLICATION }}" | sudo tee /home/ubuntu/app/src/main/resources/application.yml > /dev/null | |
| sudo chmod 644 /home/ubuntu/app/src/main/resources/application.yml | |
| echo "🚀 새 컨테이너 실행 중..." | |
| sudo docker run -d --log-driver=syslog --name farm -p 8080:8080 \ | |
| -v /home/ubuntu/app/src/main/resources:/app/src/main/resources \ | |
| --restart always \ | |
| ${{ secrets.DOCKER_USERNAME }}/farm:latest | |
| echo "🧹 사용하지 않는 Docker 이미지 정리" | |
| docker image prune -f |