Skip to content

Commit ad01899

Browse files
lejuholejuho
authored
Update ci-cd.yml (#31)
1 parent bc85785 commit ad01899

1 file changed

Lines changed: 27 additions & 20 deletions

File tree

.github/workflows/ci-cd.yml

Lines changed: 27 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -203,30 +203,37 @@ jobs:
203203
username: ${{ secrets.EC2_USER }}
204204
key: ${{ secrets.EC2_SSH_KEY }}
205205
script: |
206-
ECR_REGISTRY="${{ steps.login-ecr.outputs.registry }}"
207-
ECR_REPOSITORY="cp_main_be"
208-
# AWS CLI 설정 및 docker login
209-
aws ecr get-login-password --region ${{ secrets.AWS_REGION }} | docker login --username AWS --password-stdin $ECR_REGISTRY
210-
# 이미지 pull
211-
docker pull $ECR_REGISTRY/$ECR_REPOSITORY:latest
212-
# 기존 컨테이너 정리
206+
# AWS ECR 로그인
207+
aws ecr get-login-password --region ${{ secrets.AWS_REGION }} | docker login --username AWS --password-stdin ${{ steps.login-ecr.outputs.registry }}
208+
209+
# 최신 이미지 pull
210+
docker pull ${{ steps.login-ecr.outputs.registry }}/cp_main_be:latest
211+
212+
# 기존 컨테이너 중지 및 삭제
213213
if [ $(docker ps -a -q -f name=spring-app-container) ]; then
214214
docker stop spring-app-container
215215
docker rm spring-app-container
216216
fi
217-
# 환경변수 로드 및 새 컨테이너 실행
218-
source /etc/environment
217+
218+
# 1. GitHub Secret에서 Firebase 키 파일 생성
219+
echo "${{ secrets.FIREBASE_KEY_JSON }}" > /home/${{ secrets.EC2_USER }}/serviceAccountKey.json
220+
221+
# 2. 모든 환경 변수를 포함하여 새 컨테이너 실행
219222
docker run -d --name spring-app-container -p 8080:8080 \
220-
-e DB_URL="$DB_URL" \
221-
-e DB_USERNAME="$DB_USERNAME" \
222-
-e DB_PASSWORD="$DB_PASSWORD" \
223-
-e SPRING_PROFILES_ACTIVE=prod \
224-
-e R2_ENDPOINT="${{ secrets.R2_ENDPOINT }}" \
225-
-e R2_BUCKET="${{ secrets.R2_BUCKET }}" \
226-
-e R2_ACCESS_KEY="${{ secrets.R2_ACCESS_KEY }}" \
227-
-e R2_SECRET_KEY="${{ secrets.R2_SECRET_KEY }}" \
228-
$ECR_REGISTRY/$ECR_REPOSITORY:latest
229-
223+
-e SPRING_PROFILES_ACTIVE=prod \
224+
-e DB_URL="${{ secrets.DB_URL }}" \
225+
-e DB_USERNAME="${{ secrets.DB_USERNAME }}" \
226+
-e DB_PASSWORD="${{ secrets.DB_PASSWORD }}" \
227+
-e R2_ENDPOINT="${{ secrets.R2_ENDPOINT }}" \
228+
-e R2_BUCKET="${{ secrets.R2_BUCKET }}" \
229+
-e R2_ACCESS_KEY="${{ secrets.R2_ACCESS_KEY }}" \
230+
-e R2_SECRET_KEY="${{ secrets.R2_SECRET_KEY }}" \
231+
-e JWT_SECRET="${{ secrets.JWT_SECRET }}" \
232+
-e FASTAPI_URL="${{ secrets.FASTAPI_URL }}" \
233+
-e API_TOKEN="${{ secrets.API_TOKEN }}" \
234+
-e GOOGLE_APPLICATION_CREDENTIALS=/app/serviceAccountKey.json \
235+
-v /home/${{ secrets.EC2_USER }}/serviceAccountKey.json:/app/serviceAccountKey.json \
236+
${{ steps.login-ecr.outputs.registry }}/cp_main_be:latest
230237
# 워크플로우 실행 결과 요약
231238
summary:
232239
runs-on: ubuntu-latest
@@ -246,4 +253,4 @@ jobs:
246253
echo "| EC2 배포 | ${{ needs.deploy.result == 'success' && '✅ 성공' || (needs.deploy.result == 'skipped' && '⏭️ 건너뜀' || '❌ 실패') }} |" >> $GITHUB_STEP_SUMMARY
247254
else
248255
echo "| 배포 관련 작업 | ⏭️ 건너뜀 (PR 이벤트) |" >> $GITHUB_STEP_SUMMARY
249-
fi
256+
fi

0 commit comments

Comments
 (0)