Merge pull request #358 from KW-ClassLog/revert-357-Chore/$356/cd-pip… #46
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: ClassLog CD | |
| on: | |
| push: | |
| branches: ["dev"] | |
| permissions: | |
| contents: read | |
| packages: write | |
| env: | |
| IMAGE_TAG: ${{ github.sha }} | |
| BACKEND_IMAGE: ${{ secrets.DOCKER_USERNAME }}/classlog-backend | |
| FRONTEND_IMAGE: ${{ secrets.DOCKER_USERNAME }}/classlog-frontend | |
| jobs: | |
| build-and-push: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name : Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| - name: Grant execute permission for gradlew | |
| working-directory: ./backend | |
| run: chmod +x gradlew | |
| - name: Build with Gradle | |
| working-directory: ./backend | |
| run: ./gradlew clean bootJar | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| - name: Build & Push Backend Image | |
| run: | | |
| docker build -t ${BACKEND_IMAGE}:latest -t ${BACKEND_IMAGE}:${IMAGE_TAG} ./backend | |
| docker push ${BACKEND_IMAGE}:latest | |
| docker push ${BACKEND_IMAGE}:${IMAGE_TAG} | |
| - name: Build & Push Frontend Image | |
| run: | | |
| docker build -t ${FRONTEND_IMAGE}:latest -t ${FRONTEND_IMAGE}:${IMAGE_TAG} ./frontend | |
| docker push ${FRONTEND_IMAGE}:latest | |
| docker push ${FRONTEND_IMAGE}:${IMAGE_TAG} | |
| deploy: | |
| needs: build-and-push | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Create backend/.env on server | |
| uses: appleboy/[email protected] | |
| with: | |
| host: ${{ secrets.SSH_HOST }} | |
| username: ${{ secrets.SSH_USER }} | |
| key: ${{ secrets.SSH_KEY }} | |
| script: | | |
| mkdir -p /home/ubuntu/classlog/backend | |
| cat > /home/ubuntu/classlog/backend/.env <<EOF | |
| DB_USERNAME=${{ secrets.DB_USERNAME }} | |
| DB_PASSWORD=${{ secrets.DB_PASSWORD }} | |
| DB_NAME=${{ secrets.DB_NAME }} | |
| DB_HOST=${{ secrets.DB_HOST }} | |
| DB_PORT=${{ secrets.DB_PORT }} | |
| REDIS_HOST=${{ secrets.REDIS_HOST }} | |
| REDIS_PORT=${{ secrets.REDIS_PORT }} | |
| JWT_SECRET=${{ secrets.JWT_SECRET }} | |
| MAIL_HOST=${{ secrets.MAIL_HOST }} | |
| MAIL_PORT=${{ secrets.MAIL_PORT }} | |
| MAIL_USERNAME=${{ secrets.MAIL_USERNAME }} | |
| MAIL_PASSWORD=${{ secrets.MAIL_PASSWORD }} | |
| AWS_REGION=${{ secrets.AWS_REGION }} | |
| AWS_ACCESS_KEY=${{ secrets.AWS_ACCESS_KEY }} | |
| AWS_SECRET_KEY=${{ secrets.AWS_SECRET_KEY }} | |
| AWS_S3_BUCKET_NAME=${{ secrets.AWS_S3_BUCKET_NAME }} | |
| AI_SERVER_URL=${{ secrets.AI_SERVER_URL }} | |
| OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }} | |
| KAKAO_API_KEY=${{ secrets.KAKAO_API_KEY }} | |
| KAKAO_REDIRECT_URI=${{ secrets.KAKAO_REDIRECT_URI }} | |
| CORS_ORIGIN=${{ secrets.CORS_ORIGIN}} | |
| EOF | |
| - name: Create frontend/.env on server | |
| uses: appleboy/[email protected] | |
| with: | |
| host: ${{ secrets.SSH_HOST }} | |
| username: ${{ secrets.SSH_USER }} | |
| key: ${{ secrets.SSH_KEY }} | |
| script: | | |
| mkdir -p /home/ubuntu/classlog/frontend | |
| cat > /home/ubuntu/classlog/frontend/.env <<EOF | |
| NEXT_PUBLIC_API_BASE_URL=${{secrets.NEXT_PUBLIC_API_BASE_URL}} | |
| NEXT_PUBLIC_WS_URL=${{secrets.NEXT_PUBLIC_WS_URL}} | |
| EOF | |
| - name: Deploy containers | |
| uses: appleboy/[email protected] | |
| with: | |
| host: ${{ secrets.SSH_HOST }} | |
| username: ${{ secrets.SSH_USER }} | |
| key: ${{ secrets.SSH_KEY }} | |
| script: | | |
| cd /home/ubuntu/classlog | |
| export DOCKERHUB_USERNAME="${{ secrets.DOCKER_USERNAME }}" | |
| export IMAGE_TAG="${{ github.sha }}" | |
| echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${DOCKERHUB_USERNAME}" --password-stdin | |
| docker compose down | |
| docker compose pull | |
| docker compose up -d | |
| docker image prune -f | |
| - name: Notify on Discord (Success) | |
| if: success() | |
| env: | |
| DISCORD_WEBHOOK_URL: ${{ secrets.DISCORD_WEBHOOK }} | |
| run: | | |
| payload=$(cat <<'JSON' | |
| { | |
| "username": "CD Bot", | |
| "embeds": [{ | |
| "title": "✅ 배포 성공", | |
| "description": "프로덕션 배포가 완료되었습니다.", | |
| "color": 3066993, | |
| "fields": [ | |
| { "name": "Repo", "value": "${{ github.repository }}", "inline": true }, | |
| { "name": "Branch", "value": "${{ github.ref_name }}", "inline": true }, | |
| { "name": "Commit", "value": "[${{ github.sha }}](https://github.com/${{ github.repository }}/commit/${{ github.sha }})" }, | |
| { "name": "Actor", "value": "${{ github.actor }}", "inline": true }, | |
| { "name": "Workflow", "value": "${{ github.workflow }}", "inline": true } | |
| ] | |
| }] | |
| } | |
| JSON | |
| ) | |
| curl -sS -X POST -H "Content-Type: application/json" \ | |
| -d "$payload" "$DISCORD_WEBHOOK_URL" | |
| - name: Notify on Discord (Fail) | |
| if: failure() | |
| env: | |
| DISCORD_WEBHOOK_URL: ${{ secrets.DISCORD_WEBHOOK }} | |
| run: | | |
| payload=$(cat <<'JSON' | |
| { | |
| "username": "CD Bot", | |
| "embeds": [{ | |
| "title": "❌ 배포 실패", | |
| "description": "워크플로우 중 오류가 발생했습니다.\nActions 로그를 확인해주세요.", | |
| "color": 15158332, | |
| "fields": [ | |
| { "name": "Repo", "value": "${{ github.repository }}", "inline": true }, | |
| { "name": "Branch", "value": "${{ github.ref_name }}", "inline": true }, | |
| { "name": "Commit", "value": "[${{ github.sha }}](https://github.com/${{ github.repository }}/commit/${{ github.sha }})" }, | |
| { "name": "Actor", "value": "${{ github.actor }}", "inline": true }, | |
| { "name": "Run", "value": "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" } | |
| ] | |
| }] | |
| } | |
| JSON | |
| ) | |
| curl -sS -X POST -H "Content-Type: application/json" \ | |
| -d "$payload" "$DISCORD_WEBHOOK_URL" |