TEST:: 헬스체크 추가 #78
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: docker-build | |
| on: | |
| push: | |
| branches: ['develop', 'main'] | |
| env: | |
| DOCKER_IMAGE_MAIN: ghcr.io/devheun/ku-key-prod | |
| DOCKER_CONTAINER_MAIN: kukey-prod | |
| DOCKER_IMAGE: ghcr.io/devheun/ku-key-dev | |
| DOCKER_CONTAINER: kukey-dev | |
| jobs: | |
| build: | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - name: Checkout Source Code | |
| uses: actions/checkout@v3 | |
| - name: Set up Docker | |
| id: buildx | |
| uses: docker/setup-buildx-action@v2 | |
| - name: docker login | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GHCR_TOKEN }} | |
| - name: build and push image for main | |
| if: github.ref == 'refs/heads/main' | |
| id: docker_build_main | |
| uses: docker/build-push-action@v3 | |
| with: | |
| platforms: linux/amd64 | |
| push: true | |
| tags: ${{ env.DOCKER_IMAGE_MAIN }}:latest | |
| - name: build and push image for develop | |
| if: github.ref == 'refs/heads/develop' | |
| id: docker_build_develop | |
| uses: docker/build-push-action@v3 | |
| with: | |
| platforms: linux/amd64 | |
| push: true | |
| tags: ${{ env.DOCKER_IMAGE }}:latest | |
| deploy_develop: | |
| needs: build | |
| if: github.ref == 'refs/heads/develop' | |
| runs-on: self-hosted | |
| steps: | |
| - name: setup .env.test | |
| run: | | |
| echo "DB_HOST=${{ secrets.DEV_DB_HOST }}" >> .env.test | |
| echo "DB_PORT=${{ secrets.DB_PORT }}" >> .env.test | |
| echo "DB_PASSWORD=${{ secrets.DEV_DB_PASSWORD }}" >> .env.test | |
| echo "DB_USERNAME=${{ secrets.DEV_DB_USERNAME }}" >> .env.test | |
| echo "DB_DATABASE=${{ secrets.DEV_DB_DATABASE }}" >> .env.test | |
| echo "JWT_ACCESS_SECRET=${{ secrets.JWT_ACCESS_SECRET }}" >> .env.test | |
| echo "JWT_REFRESH_SECRET=${{ secrets.JWT_REFRESH_SECRET }}" >> .env.test | |
| echo "EMAIL_USER=${{ secrets.EMAIL_USER }}" >> .env.test | |
| echo "EMAIL_PASS=${{ secrets.EMAIL_PASS }}" >> .env.test | |
| echo "ADMIN_ID=${{ secrets.ADMIN_ID }}" >> .env.test | |
| echo "ADMIN_PASSWORD=${{ secrets.ADMIN_PASSWORD }}" >> .env.test | |
| echo "AWS_ACCESS_KEY=${{ secrets.AWS_ACCESS_KEY }}" >> .env.test | |
| echo "AWS_SECRET_KEY=${{ secrets.AWS_SECRET_KEY }}" >> .env.test | |
| echo "AWS_BUCKET_REGION=${{ secrets.AWS_BUCKET_REGION }}" >> .env.test | |
| echo "AWS_BUCKET_NAME=${{ secrets.AWS_BUCKET_NAME }}" >> .env.test | |
| echo "DEEPL_API_KEY=${{ secrets.DEEPL_API_KEY }}" >> .env.test | |
| echo "PORT=${{ secrets.PORT }}" >> .env.test | |
| echo "SWAGGER_USER=${{ secrets.SWAGGER_USER }}" >> .env.test | |
| echo "SWAGGER_PASSWORD=${{ secrets.SWAGGER_PASSWORD }}" >> .env.test | |
| cat .env.test | |
| - name: Run Docker for dev server | |
| run: | | |
| sudo docker stop ${{ env.DOCKER_CONTAINER }} && sudo docker rm ${{ env.DOCKER_CONTAINER }} && sudo docker rmi ${{ env.DOCKER_IMAGE }}:latest | |
| sudo docker run --env-file ./.env.test --platform linux/amd64 -d --name ${{ env.DOCKER_CONTAINER }} --network host --restart always ${{ env.DOCKER_IMAGE }}:latest | |
| deploy_main: | |
| needs: build | |
| if: github.ref == 'refs/heads/main' | |
| runs-on: self-hosted | |
| env: | |
| ACCOUNT: 'ubuntu' | |
| DOCKER_TAG: 'latest' | |
| BLUE_PORT: '3080' | |
| GREEN_PORT: '3081' | |
| NGINX_CONFIG: '/etc/nginx/sites-available/default' | |
| steps: | |
| - name: setup .env.prod | |
| run: | | |
| echo "DB_HOST=${{ secrets.DB_HOST }}" >> .env.prod | |
| echo "DB_PORT=${{ secrets.DB_PORT }}" >> .env.prod | |
| echo "DB_PASSWORD=${{ secrets.DB_PASSWORD }}" >> .env.prod | |
| echo "DB_USERNAME=${{ secrets.DB_USERNAME }}" >> .env.prod | |
| echo "DB_DATABASE=${{ secrets.DB_DATABASE }}" >> .env.prod | |
| echo "JWT_ACCESS_SECRET=${{ secrets.JWT_ACCESS_SECRET }}" >> .env.prod | |
| echo "JWT_REFRESH_SECRET=${{ secrets.JWT_REFRESH_SECRET }}" >> .env.prod | |
| echo "EMAIL_USER=${{ secrets.EMAIL_USER }}" >> .env.prod | |
| echo "EMAIL_PASS=${{ secrets.EMAIL_PASS }}" >> .env.prod | |
| echo "ADMIN_ID=${{ secrets.ADMIN_ID }}" >> .env.prod | |
| echo "ADMIN_PASSWORD=${{ secrets.ADMIN_PASSWORD }}" >> .env.prod | |
| echo "AWS_ACCESS_KEY=${{ secrets.AWS_ACCESS_KEY }}" >> .env.prod | |
| echo "AWS_SECRET_KEY=${{ secrets.AWS_SECRET_KEY }}" >> .env.prod | |
| echo "AWS_BUCKET_REGION=${{ secrets.AWS_BUCKET_REGION }}" >> .env.prod | |
| echo "AWS_BUCKET_NAME=${{ secrets.AWS_BUCKET_NAME }}" >> .env.prod | |
| echo "DEEPL_API_KEY=${{ secrets.DEEPL_API_KEY }}" >> .env.prod | |
| echo "PORT=${{ secrets.PORT }}" >> .env.prod | |
| echo "SWAGGER_USER=${{ secrets.SWAGGER_USER }}" >> .env.prod | |
| echo "SWAGGER_PASSWORD=${{ secrets.SWAGGER_PASSWORD }}" >> .env.prod | |
| cat .env.prod | |
| - name: Run Docker for main server | |
| run: | | |
| CURRENT_PORT=$(grep 'server localhost:' ${{ env.NGINX_CONFIG }} | awk '{print $2}' | cut -d ':' -f 2 | sed 's/;//') | |
| if [ "$CURRENT_PORT" = "${{ env.BLUE_PORT }}" ]; then | |
| NEW_PORT=${{ env.GREEN_PORT }} | |
| elif [ "$CURRENT_PORT" = "${{ env.GREEN_PORT }}" ]; then | |
| NEW_PORT=${{ env.BLUE_PORT }} | |
| else | |
| echo "BLUE_PORT or GREEN_PORT is not matched" | |
| exit 1 | |
| fi | |
| NEW_SERVICE_NAME=${{ env.DOCKER_CONTAINER_MAIN }}-$NEW_PORT | |
| OLD_SERVICE_NAME=${{ env.DOCKER_CONTAINER_MAIN }}-$CURRENT_PORT | |
| sudo docker pull ${{ env.DOCKER_IMAGE_MAIN }}:${{ env.DOCKER_TAG }} | |
| sudo docker run --env-file ./.env.prod --platform linux/amd64 -d -p $NEW_PORT:${{secrets.PORT}} --name $NEW_SERVICE_NAME --network bridge --restart always ${{ env.DOCKER_IMAGE_MAIN }}:${{ env.DOCKER_TAG}} | |
| for i in {1..20}; do | |
| HEALTH_CHECK=$(curl -v -s -o /dev/null -w '%{http_code}' http://localhost:$NEW_PORT || true) | |
| if [ "$HEALTH_CHECK" -eq 200 ]; then | |
| echo -e "\n Health Check Success on $HOST \n" | |
| break | |
| fi | |
| echo -e "\n Health Check Try $i/20 failure. Retry 5sec later on $HOST... \n" | |
| sleep 5 | |
| done | |
| if [ "$HEALTH_CHECK" -ne 200 ]; then | |
| docker stop $NEW_SERVICE_NAME && docker rm $NEW_SERVICE_NAME | |
| exit 1 | |
| fi | |
| sudo sed -i "s/server localhost:$CURRENT_PORT;/server localhost:$NEW_PORT;/g" ${{ env.NGINX_CONFIG }} | |
| sudo nginx -s reload | |
| sudo docker stop $OLD_SERVICE_NAME | |
| sudo docker rm $OLD_SERVICE_NAME | |
| sudo docker images --format \"{{.ID}} {{.Repository}}:{{.Tag}}\" | grep -v ':latest' | awk '{print \$1}' | xargs -r docker rmi | |
| sudo docker system prune -a -f | |
| echo "배포 완료 on ${{ secrets.HOST }}. $NEW_SERVICE_NAME" |