-
Notifications
You must be signed in to change notification settings - Fork 0
161 lines (139 loc) · 6.67 KB
/
docker-build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
name: docker-build
on:
push:
branches: ['develop', 'main']
env:
DOCKER_IMAGE_MAIN: ghcr.io/devheun/ku-key-prod
DOCKER_CONTAINER_MAIN: kukey-prod
DOCKER_IMAGE: ghcr.io/devheun/ku-key-dev
DOCKER_CONTAINER: kukey-dev
jobs:
build:
runs-on: ubuntu-20.04
steps:
- name: Checkout Source Code
uses: actions/checkout@v3
- name: Set up Docker
id: buildx
uses: docker/setup-buildx-action@v2
- name: docker login
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GHCR_TOKEN }}
- name: build and push image for main
if: github.ref == 'refs/heads/main'
id: docker_build_main
uses: docker/build-push-action@v3
with:
platforms: linux/amd64
push: true
tags: ${{ env.DOCKER_IMAGE_MAIN }}:latest
- name: build and push image for develop
if: github.ref == 'refs/heads/develop'
id: docker_build_develop
uses: docker/build-push-action@v3
with:
platforms: linux/amd64
push: true
tags: ${{ env.DOCKER_IMAGE }}:latest
deploy_develop:
needs: build
if: github.ref == 'refs/heads/develop'
runs-on: self-hosted
steps:
- name: setup .env.test
run: |
echo "DB_HOST=${{ secrets.DEV_DB_HOST }}" >> .env.test
echo "DB_PORT=${{ secrets.DB_PORT }}" >> .env.test
echo "DB_PASSWORD=${{ secrets.DEV_DB_PASSWORD }}" >> .env.test
echo "DB_USERNAME=${{ secrets.DEV_DB_USERNAME }}" >> .env.test
echo "DB_DATABASE=${{ secrets.DEV_DB_DATABASE }}" >> .env.test
echo "JWT_ACCESS_SECRET=${{ secrets.JWT_ACCESS_SECRET }}" >> .env.test
echo "JWT_REFRESH_SECRET=${{ secrets.JWT_REFRESH_SECRET }}" >> .env.test
echo "EMAIL_USER=${{ secrets.EMAIL_USER }}" >> .env.test
echo "EMAIL_PASS=${{ secrets.EMAIL_PASS }}" >> .env.test
echo "ADMIN_ID=${{ secrets.ADMIN_ID }}" >> .env.test
echo "ADMIN_PASSWORD=${{ secrets.ADMIN_PASSWORD }}" >> .env.test
echo "AWS_ACCESS_KEY=${{ secrets.AWS_ACCESS_KEY }}" >> .env.test
echo "AWS_SECRET_KEY=${{ secrets.AWS_SECRET_KEY }}" >> .env.test
echo "AWS_BUCKET_REGION=${{ secrets.AWS_BUCKET_REGION }}" >> .env.test
echo "AWS_BUCKET_NAME=${{ secrets.AWS_BUCKET_NAME }}" >> .env.test
echo "DEEPL_API_KEY=${{ secrets.DEEPL_API_KEY }}" >> .env.test
echo "PORT=${{ secrets.PORT }}" >> .env.test
echo "SWAGGER_USER=${{ secrets.SWAGGER_USER }}" >> .env.test
echo "SWAGGER_PASSWORD=${{ secrets.SWAGGER_PASSWORD }}" >> .env.test
cat .env.test
- name: Run Docker for dev server
run: |
sudo docker stop ${{ env.DOCKER_CONTAINER }} && sudo docker rm ${{ env.DOCKER_CONTAINER }} && sudo docker rmi ${{ env.DOCKER_IMAGE }}:latest
sudo docker run --env-file ./.env.test --platform linux/amd64 -d --name ${{ env.DOCKER_CONTAINER }} --network host --restart always ${{ env.DOCKER_IMAGE }}:latest
deploy_main:
needs: build
if: github.ref == 'refs/heads/main'
runs-on: self-hosted
env:
ACCOUNT: 'ubuntu'
DOCKER_TAG: 'latest'
BLUE_PORT: '3080'
GREEN_PORT: '3081'
NGINX_CONFIG: '/etc/nginx/sites-available/default'
steps:
- name: setup .env.prod
run: |
echo "DB_HOST=${{ secrets.DB_HOST }}" >> .env.prod
echo "DB_PORT=${{ secrets.DB_PORT }}" >> .env.prod
echo "DB_PASSWORD=${{ secrets.DB_PASSWORD }}" >> .env.prod
echo "DB_USERNAME=${{ secrets.DB_USERNAME }}" >> .env.prod
echo "DB_DATABASE=${{ secrets.DB_DATABASE }}" >> .env.prod
echo "JWT_ACCESS_SECRET=${{ secrets.JWT_ACCESS_SECRET }}" >> .env.prod
echo "JWT_REFRESH_SECRET=${{ secrets.JWT_REFRESH_SECRET }}" >> .env.prod
echo "EMAIL_USER=${{ secrets.EMAIL_USER }}" >> .env.prod
echo "EMAIL_PASS=${{ secrets.EMAIL_PASS }}" >> .env.prod
echo "ADMIN_ID=${{ secrets.ADMIN_ID }}" >> .env.prod
echo "ADMIN_PASSWORD=${{ secrets.ADMIN_PASSWORD }}" >> .env.prod
echo "AWS_ACCESS_KEY=${{ secrets.AWS_ACCESS_KEY }}" >> .env.prod
echo "AWS_SECRET_KEY=${{ secrets.AWS_SECRET_KEY }}" >> .env.prod
echo "AWS_BUCKET_REGION=${{ secrets.AWS_BUCKET_REGION }}" >> .env.prod
echo "AWS_BUCKET_NAME=${{ secrets.AWS_BUCKET_NAME }}" >> .env.prod
echo "DEEPL_API_KEY=${{ secrets.DEEPL_API_KEY }}" >> .env.prod
echo "PORT=${{ secrets.PORT }}" >> .env.prod
echo "SWAGGER_USER=${{ secrets.SWAGGER_USER }}" >> .env.prod
echo "SWAGGER_PASSWORD=${{ secrets.SWAGGER_PASSWORD }}" >> .env.prod
cat .env.prod
- name: Run Docker for main server
run: |
CURRENT_PORT=$(grep 'server localhost:' ${{ env.NGINX_CONFIG }} | awk '{print $2}' | cut -d ':' -f 2 | sed 's/;//')
if [ "$CURRENT_PORT" = "${{ env.BLUE_PORT }}" ]; then
NEW_PORT=${{ env.GREEN_PORT }}
elif [ "$CURRENT_PORT" = "${{ env.GREEN_PORT }}" ]; then
NEW_PORT=${{ env.BLUE_PORT }}
else
echo "BLUE_PORT or GREEN_PORT is not matched"
exit 1
fi
NEW_SERVICE_NAME=${{ env.DOCKER_CONTAINER_MAIN }}-$NEW_PORT
OLD_SERVICE_NAME=${{ env.DOCKER_CONTAINER_MAIN }}-$CURRENT_PORT
sudo docker pull ${{ env.DOCKER_IMAGE_MAIN }}:${{ env.DOCKER_TAG }}
sudo docker run --env-file ./.env.prod --platform linux/amd64 -d -p $NEW_PORT:${{secrets.PORT}} --name $NEW_SERVICE_NAME --network bridge --restart always ${{ env.DOCKER_IMAGE_MAIN }}:${{ env.DOCKER_TAG}}
for i in {1..20}; do
HEALTH_CHECK=$(curl -v -s -o /dev/null -w '%{http_code}' http://localhost:$NEW_PORT || true)
if [ "$HEALTH_CHECK" -eq 200 ]; then
echo -e "\n Health Check Success on $HOST \n"
break
fi
echo -e "\n Health Check Try $i/20 failure. Retry 5sec later on $HOST... \n"
sleep 5
done
if [ "$HEALTH_CHECK" -ne 200 ]; then
docker stop $NEW_SERVICE_NAME && docker rm $NEW_SERVICE_NAME
exit 1
fi
sudo sed -i "s/server localhost:$CURRENT_PORT;/server localhost:$NEW_PORT;/g" ${{ env.NGINX_CONFIG }}
sudo nginx -s reload
sudo docker stop $OLD_SERVICE_NAME
sudo docker rm $OLD_SERVICE_NAME
sudo docker images --format \"{{.ID}} {{.Repository}}:{{.Tag}}\" | grep -v ':latest' | awk '{print \$1}' | xargs -r docker rmi
sudo docker system prune -a -f
echo "배포 완료 on ${{ secrets.HOST }}. $NEW_SERVICE_NAME"