fix: deploy.yml 수정 #20
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# 워크 플로우 이름 | |
name: Java CI with Gradle | |
# 워크 플로우가 언제 실행될지를 정한다. | |
on: | |
push: | |
branches: [ "main" ] | |
pull_request: | |
branches: [ "main" ] | |
# 워크 플로우가 깃 레포에 대한 권한을 읽기만 가능하게 설정한다. | |
permissions: | |
contents: read | |
# 워크플로우에서 할 작업 정의한다. | |
jobs: | |
# 작업 환경 = 우분투 최신 버전 | |
build: | |
runs-on: ubuntu-latest | |
env: | |
SPRING_DATASOURCE_URL: ${{ secrets.SPRING_DATASOURCE_URL }} | |
SPRING_DATASOURCE_USERNAME: ${{ secrets.SPRING_DATASOURCE_USERNAME }} | |
SPRING_DATASOURCE_PASSWORD: ${{ secrets.SPRING_DATASOURCE_PASSWORD }} | |
MAIL_USERNAME: ${{ secrets.MAIL_USERNAME }} | |
MAIL_PASSWORD: ${{ secrets.MAIL_PASSWORD }} | |
JWT_SECRET_KEY: ${{ secrets.JWT_SECRET_KEY }} | |
GOOGLE_CLIENT_ID: ${{ secrets.GOOGLE_CLIENT_ID }} | |
GOOGLE_CLIENT_SECRET: ${{ secrets.GOOGLE_CLIENT_SECRET }} | |
steps: | |
# 깃허브에서 제공하는 checkout 액션 사용 | |
- uses: actions/checkout@v3 | |
# JDK 21 설정 | |
# temurin = Adoptium에서 제공하는 JDK | |
- name: Set up JDK 21 | |
uses: actions/setup-java@v3 | |
with: | |
java-version: '21' | |
distribution: 'temurin' | |
# Gradle wrapper 파일에 실행 권한을 부여 | |
- name: Grant execute permission for gradlew | |
run: chmod +x gradlew | |
# Gradle 빌드 액션을 이용해서 프로젝트 빌드 | |
- name: Build with Gradle | |
uses: gradle/gradle-build-action@v2.6.0 | |
with: | |
arguments: build | |
# 빌드된 JAR 파일을 깃허브 아티팩트로 업로드 | |
- name: Upload build artifact | |
uses: actions/upload-artifact@v2 | |
with: | |
name: musinsaServer | |
path: build/libs/musinsaServer-0.0.1-SNAPSHOT.jar | |
# 배포 작업 | |
deploy: | |
needs: build | |
runs-on: ubuntu-latest | |
env: | |
SPRING_DATASOURCE_URL: ${{ secrets.SPRING_DATASOURCE_URL }} | |
SPRING_DATASOURCE_USERNAME: ${{ secrets.SPRING_DATASOURCE_USERNAME }} | |
SPRING_DATASOURCE_PASSWORD: ${{ secrets.SPRING_DATASOURCE_PASSWORD }} | |
MAIL_USERNAME: ${{ secrets.MAIL_USERNAME }} | |
MAIL_PASSWORD: ${{ secrets.MAIL_PASSWORD }} | |
JWT_SECRET_KEY: ${{ secrets.JWT_SECRET_KEY }} | |
GOOGLE_CLIENT_ID: ${{ secrets.GOOGLE_CLIENT_ID }} | |
GOOGLE_CLIENT_SECRET: ${{ secrets.GOOGLE_CLIENT_SECRET }} | |
steps: | |
# 위의 빌드 작업한 JAR 파일을 다운로드 | |
- name: Download build artifact | |
uses: actions/download-artifact@v2 | |
with: | |
name: musinsaServer | |
path: build/libs/ | |
# EC2에 배포 | |
- name: Deploy to EC2 | |
run: | | |
echo "${{ secrets.EC2_SSH_KEY }}" > private_key.pem | |
chmod 600 private_key.pem | |
scp -i private_key.pem -o StrictHostKeyChecking=no build/libs/musinsaServer-0.0.1-SNAPSHOT.jar ${{ secrets.EC2_USERNAME }}@${{ secrets.EC2_HOST }}:/home/${{ secrets.EC2_USERNAME }}/musinsaServer.jar | |
ssh -i private_key.pem -o StrictHostKeyChecking=no ${{ secrets.EC2_USERNAME }}@${{ secrets.EC2_HOST }} "pgrep java | xargs kill -9; nohup java -jar /home/${{ secrets.EC2_USERNAME }}/musinsaServer.jar > app.log 2>&1 &" | |
rm -f private_key.pem |