Update application.yml #16
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD Deployment | |
| on: | |
| push: | |
| branches: | |
| - main # main 브랜치에 푸시될 때 트리거 | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'temurin' | |
| java-version: '17' | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x ./gradlew | |
| - name: Build project | |
| env: | |
| DATABASE_URL: ${{ secrets.DATABASE_URL }} | |
| DATABASE_USERNAME: ${{ secrets.DATABASE_USERNAME }} | |
| DATABASE_PASSWORD: ${{ secrets.DATABASE_PASSWORD }} | |
| JWT_SECRET_KEY: ${{ secrets.JWT_SECRET_KEY }} | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| SERVER_SSL_KEY_STORE: ${{ secrets.SERVER_SSL_KEY_STORE }} | |
| SERVER_SSL_KEY_STORE_PASSWORD: ${{ secrets.SERVER_SSL_KEY_STORE_PASSWORD }} | |
| OAUTH_GOOGLE_CLIENT_ID: ${{ secrets.OAUTH_GOOGLE_CLIENT_ID }} | |
| OAUTH_GOOGLE_CLIENT_SECRET: ${{ secrets.OAUTH_GOOGLE_CLIENT_SECRET }} | |
| OAUTH_KAKAO_CLIENT_ID: ${{ secrets.OAUTH_KAKAO_CLIENT_ID }} | |
| OAUTH_KAKAO_CLIENT_SECRET: ${{ secrets.OAUTH_KAKAO_CLIENT_SECRET }} | |
| OAUTH_NAVER_CLIENT_ID: ${{ secrets.OAUTH_NAVER_CLIENT_ID }} | |
| OAUTH_NAVER_CLIENT_SECRET: ${{ secrets.OAUTH_NAVER_CLIENT_SECRET }} | |
| run: ./gradlew clean build | |
| - name: Copy JAR to remote server | |
| env: | |
| SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }} | |
| run: | | |
| set -x # 명령어를 실행할 때마다 출력 | |
| mkdir -p ~/.ssh | |
| echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa | |
| chmod 600 ~/.ssh/id_rsa | |
| echo -e "Host mykeyhost\n User ubuntu\n HostName 13.209.198.1\n IdentityFile ~/.ssh/id_rsa\n StrictHostKeyChecking no" > ~/.ssh/config | |
| ls -l ~/.ssh # SSH 디렉토리 확인 | |
| scp build/libs/demo-0.0.1-SNAPSHOT.jar mykeyhost:~/ | |
| - name: Deploy application | |
| env: | |
| DATABASE_URL: ${{ secrets.DATABASE_URL }} | |
| DATABASE_USERNAME: ${{ secrets.DATABASE_USERNAME }} | |
| DATABASE_PASSWORD: ${{ secrets.DATABASE_PASSWORD }} | |
| JWT_SECRET_KEY: ${{ secrets.JWT_SECRET_KEY }} | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| SERVER_SSL_KEY_STORE: ${{ secrets.SERVER_SSL_KEY_STORE }} | |
| SERVER_SSL_KEY_STORE_PASSWORD: ${{ secrets.SERVER_SSL_KEY_STORE_PASSWORD }} | |
| OAUTH_GOOGLE_CLIENT_ID: ${{ secrets.OAUTH_GOOGLE_CLIENT_ID }} | |
| OAUTH_GOOGLE_CLIENT_SECRET: ${{ secrets.OAUTH_GOOGLE_CLIENT_SECRET }} | |
| OAUTH_KAKAO_CLIENT_ID: ${{ secrets.OAUTH_KAKAO_CLIENT_ID }} | |
| OAUTH_KAKAO_CLIENT_SECRET: ${{ secrets.OAUTH_KAKAO_CLIENT_SECRET }} | |
| OAUTH_NAVER_CLIENT_ID: ${{ secrets.OAUTH_NAVER_CLIENT_ID }} | |
| OAUTH_NAVER_CLIENT_SECRET: ${{ secrets.OAUTH_NAVER_CLIENT_SECRET }} | |
| run: | | |
| set -x # 명령어를 실행할 때마다 출력 | |
| ssh mykeyhost << 'EOF' | |
| sudo pkill -f 'java -jar' || true | |
| sudo nohup java -jar ~/demo-0.0.1-SNAPSHOT.jar \ | |
| --server.ssl.key-store=$SERVER_SSL_KEY_STORE \ | |
| --server.ssl.key-store-password=$SERVER_SSL_KEY_STORE_PASSWORD \ | |
| --server.port=443 \ | |
| --jwt.secret-key=$JWT_SECRET_KEY \ | |
| --aws.access-key-id=$AWS_ACCESS_KEY_ID \ | |
| --aws.secret-access-key=$AWS_SECRET_ACCESS_KEY > app.log 2>&1 & | |
| EOF |