[Refactor] 유효성 검사 정책 수정 반영 #108
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: someup_dev | |
on: | |
push: | |
branches: [ "develop" ] | |
pull_request: | |
branches: [ "develop" ] | |
jobs: | |
develop: | |
# 실행 환경 | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
# JDK 17 | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v3 | |
with: | |
java-version: '17' | |
distribution: 'temurin' | |
# Gradle Caching | |
- name: Gradle Caching | |
uses: actions/cache@v3 | |
with: | |
path: | | |
~/.gradle/caches | |
~/.gradle/wrapper | |
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
restore-keys: | | |
${{ runner.os }}-gradle- | |
# application-dev.yml | |
- name: Copy dev Secret | |
env: | |
DEV_SECRET: ${{ secrets.APPLICATION_DEV_YML }} | |
DEV_SECRET_DIR: src/main/resources | |
DEV_SECRET_DIR_FILE_NAME: application-dev.yml | |
run: echo $DEV_SECRET | base64 --decode >> $DEV_SECRET_DIR/$DEV_SECRET_DIR_FILE_NAME | |
# application-oauth.yml | |
- name: Copy oauth Secret | |
env: | |
DEV_SECRET: ${{ secrets.APPLICATION_OAUTH_YML }} | |
DEV_SECRET_DIR: src/main/resources | |
DEV_SECRET_DIR_FILE_NAME: application-oauth.yml | |
run: echo $DEV_SECRET | base64 --decode >> $DEV_SECRET_DIR/$DEV_SECRET_DIR_FILE_NAME | |
# application-jwt.yml | |
- name: Copy jwt Secret | |
env: | |
DEV_SECRET: ${{ secrets.APPLICATION_JWT_YML }} | |
DEV_SECRET_DIR: src/main/resources | |
DEV_SECRET_DIR_FILE_NAME: application-jwt.yml | |
run: echo $DEV_SECRET | base64 --decode >> $DEV_SECRET_DIR/$DEV_SECRET_DIR_FILE_NAME | |
# application-ai.yml | |
- name: Copy ai Secret | |
env: | |
DEV_SECRET: ${{ secrets.APPLICATION_AI_YML }} | |
DEV_SECRET_DIR: src/main/resources | |
DEV_SECRET_DIR_FILE_NAME: application-ai.yml | |
run: echo $DEV_SECRET | base64 --decode >> $DEV_SECRET_DIR/$DEV_SECRET_DIR_FILE_NAME | |
# application-swagger.yml | |
- name: Copy swagger Secret | |
env: | |
DEV_SECRET: ${{ secrets.APPLICATION_SWAGGER_YML }} | |
DEV_SECRET_DIR: src/main/resources | |
DEV_SECRET_DIR_FILE_NAME: application-swagger.yml | |
run: echo $DEV_SECRET | base64 --decode >> $DEV_SECRET_DIR/$DEV_SECRET_DIR_FILE_NAME | |
# ./gradlew 권한 설정 | |
- name: ./gradlew 권한 설정 | |
run: chmod +x ./gradlew | |
# Gradle Build | |
- name: Build with Gradle | |
run: | | |
./gradlew clean | |
./gradlew compileJava | |
./gradlew build | |
env: | |
SPRING_PROFILES_ACTIVE: dev | |
# Docker Build하고 DockerHub에 Push | |
- name: Docker Build & Push to DockerHub | |
run: | | |
docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} | |
docker build -t ${{ secrets.DOCKER_USERNAME }}/${{ secrets.DOCKER_REPO }}:latest . | |
docker push ${{ secrets.DOCKER_USERNAME }}/${{ secrets.DOCKER_REPO }}:latest | |
# GitHub IP를 요청 | |
- name: Get GitHub IP | |
id: ip | |
uses: haythem/public-ip@v1.2 | |
# AWS 세팅 | |
- name: AWS Setting | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }} | |
aws-region: ap-northeast-2 | |
# GitHub IP를 AWS에 추가 | |
- name: Add GitHub IP to AWS | |
run: | | |
aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32 | |
# docker-compose.yml 파일 EC2로 복사 | |
- name: Copy docker-compose.yml to EC2 | |
uses: appleboy/scp-action@master | |
with: | |
host: ${{ secrets.EC2_HOST }} | |
username: ${{ secrets.EC2_USERNAME }} | |
key: ${{ secrets.KEY }} | |
port: 22 | |
source: "./docker-compose.yml" | |
target: "./someup" | |
# SSH Key로 서버에 접속하고 docker-compose image를 pull 받고 실행하기 | |
- name: Access Server with SSH Key, pull and execute docker-compose image | |
uses: appleboy/ssh-action@v0.1.6 | |
with: | |
host: ${{ secrets.EC2_HOST }} | |
username: ${{ secrets.EC2_USERNAME }} | |
key: ${{ secrets.KEY }} | |
port: 22 | |
script: | | |
cd someup | |
sudo docker-compose down | |
sudo docker-compose pull | |
sudo docker-compose up -d | |
sudo docker image prune -f | |
# Security Group에서 Github IP를 삭제 | |
- name: Remove Github IP From Security Group | |
run: | | |
aws ec2 revoke-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32 |