-
Notifications
You must be signed in to change notification settings - Fork 0
140 lines (118 loc) · 5.14 KB
/
deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
name: Deploy Application
on:
push:
branches: [main]
paths:
- 'apps/**'
- 'docker-compose.yml'
- 'nginx/**'
- '.github/workflows/deploy.yml'
jobs:
test:
runs-on: ubuntu-latest
name: Run Tests
environment: ${{'prod'}}
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Node.js
uses: actions/setup-node@v4
with:
node-version: 'node'
- name: Install pnpm
run: npm install -g pnpm
- name: Install dependencies
run: pnpm install --no-frozen-lockfile
- name: Test backend
working-directory: apps/backend
run: pnpm test
- name: Test frontend
working-directory: apps/frontend
run: pnpm test
build-and-push:
needs: test
runs-on: ubuntu-latest
name: Build and Push Docker Images
environment: ${{'prod'}}
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Install Docker Compose
run: |
sudo curl -L "https://github.com/docker/compose/releases/download/v2.24.1/docker-compose-linux-x86_64" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
- name: Log in to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build and push with Docker Compose
env:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_TAG: ${{ secrets.DOCKER_TAG }}
NODE_ENV: ${{ secrets.NODE_ENV }}
SESSION_SECRET: ${{ secrets.SESSION_SECRET }}
DB_PORT: ${{ secrets.DB_PORT }}
DB_USERNAME: ${{ secrets.DB_USERNAME }}
DB_PASSWORD: ${{ secrets.DB_PASSWORD }}
DB_DATABASE: ${{ secrets.DB_DATABASE }}
DB_SYNCHRONIZE: ${{ secrets.DB_SYNCHRONIZE }}
DB_ROOT_PASSWORD: ${{ secrets.DB_ROOT_PASSWORD }}
run: |
docker-compose build
docker-compose push
deploy:
needs: build-and-push
runs-on: ubuntu-latest
name: Deploy to Server
environment: ${{'prod'}}
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up SSH Key
run: |
mkdir -p ~/.ssh
echo "${{ secrets.PUBLIC_SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
ssh-keyscan -t rsa ${{ secrets.PUBLIC_SERVER_IP }} >> ~/.ssh/known_hosts
- name: Deploy to server
env:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_TAG: ${{ secrets.DOCKER_TAG }}
NODE_ENV: ${{ secrets.NODE_ENV }}
SESSION_SECRET: ${{ secrets.SESSION_SECRET }}
DB_PORT: ${{ secrets.DB_PORT }}
DB_USERNAME: ${{ secrets.DB_USERNAME }}
DB_PASSWORD: ${{ secrets.DB_PASSWORD }}
DB_DATABASE: ${{ secrets.DB_DATABASE }}
DB_SYNCHRONIZE: ${{ secrets.DB_SYNCHRONIZE }}
MYSQL_ROOT_PASSWORD: ${{ secrets.MYSQL_ROOT_PASSWORD }}
run: |
# 배포 디렉토리 생성
ssh -i ~/.ssh/id_rsa ${{ secrets.DEPLOY_USER }}@${{ secrets.PUBLIC_SERVER_IP }} "mkdir -p ~/booquiz"
# 필요한 파일들을 서버로 복사
scp -i ~/.ssh/id_rsa docker-compose.yml ${{ secrets.DEPLOY_USER }}@${{ secrets.PUBLIC_SERVER_IP }}:~/booquiz/
scp -i ~/.ssh/id_rsa -r nginx ${{ secrets.DEPLOY_USER }}@${{ secrets.PUBLIC_SERVER_IP }}:~/booquiz/
scp -i ~/.ssh/id_rsa -r mysql ${{ secrets.DEPLOY_USER }}@${{ secrets.PUBLIC_SERVER_IP }}:~/booquiz/
# 환경 변수 파일 생성 및 서비스 배포
ssh -i ~/.ssh/id_rsa ${{ secrets.DEPLOY_USER }}@${{ secrets.PUBLIC_SERVER_IP }} "
cd ~/booquiz
cat > .env << EOL
DOCKER_USERNAME=$DOCKER_USERNAME
DOCKER_TAG=$DOCKER_TAG
NODE_ENV=$NODE_ENV
SESSION_SECRET=$SESSION_SECRET
DB_PORT=$DB_PORT
DB_USERNAME=$DB_USERNAME
DB_PASSWORD=$DB_PASSWORD
DB_DATABASE=$DB_DATABASE
DB_SYNCHRONIZE=$DB_SYNCHRONIZE
MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD
EOL
sudo docker network create booquiz || true
sudo docker-compose pull
sudo docker-compose up -d
sudo docker image prune -f
"