배포 파일 변경 #86
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: build and deploy | |
| on: | |
| push: | |
| branches: ['dev'] | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout (with submodules) | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| token: ${{ secrets.PAT_TOKEN }} | |
| fetch-depth: 0 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '22' | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Build (Vite) | |
| run: npm run build | |
| - name: Add 404.html (SPA fallback) | |
| run: | | |
| cd dist | |
| cp index.html 404.html | |
| - name: Setup SSH configuration (bastion → target) | |
| run: | | |
| set -e | |
| eval "$(ssh-agent -s)" | |
| mkdir -p ~/.ssh && chmod 700 ~/.ssh | |
| # SSH 키 설정 | |
| echo "${{ secrets.BASTION_KEY }}" > ~/.ssh/bastion.pem | |
| echo "${{ secrets.SERVER_KEY }}" > ~/.ssh/target.pem | |
| chmod 600 ~/.ssh/bastion.pem ~/.ssh/target.pem | |
| ssh-add ~/.ssh/bastion.pem | |
| ssh-add ~/.ssh/target.pem | |
| # known_hosts 설정 | |
| ssh-keyscan -H -t rsa,ed25519 ${{ secrets.BASTION_HOST }} >> ~/.ssh/known_hosts || { | |
| ssh-keyscan -t rsa ${{ secrets.BASTION_HOST }} >> ~/.ssh/known_hosts || { | |
| echo "Warning: Could not add bastion to known_hosts" | |
| } | |
| } | |
| # SSH 설정 파일 생성 | |
| cat > ~/.ssh/config << 'EOF' | |
| Host bastion | |
| HostName ${{ secrets.BASTION_HOST }} | |
| User ${{ secrets.BASTION_USER }} | |
| IdentityFile ~/.ssh/bastion.pem | |
| ServerAliveInterval 60 | |
| ServerAliveCountMax 3 | |
| StrictHostKeyChecking no | |
| UserKnownHostsFile /dev/null | |
| Host target | |
| HostName ${{ secrets.SERVER_HOST }} | |
| User ${{ secrets.SERVER_USERNAME }} | |
| IdentityFile ~/.ssh/target.pem | |
| ProxyJump bastion | |
| ServerAliveInterval 60 | |
| ServerAliveCountMax 3 | |
| StrictHostKeyChecking no | |
| UserKnownHostsFile /dev/null | |
| EOF | |
| chmod 600 ~/.ssh/config | |
| echo "SSH configuration completed" | |
| - name: Test SSH connections | |
| run: | |
| ssh -F ~/.ssh/config -o ConnectTimeout=10 bastion "echo 'bastion connection successful'" | |
| ssh -F ~/.ssh/config -o ConnectTimeout=15 target "echo 'target connection successful'" | |
| - name: Upload dist via bastion & reload nginx | |
| run: | | |
| set -e | |
| echo "Preparing target directory..." | |
| ssh -F ~/.ssh/config target " | |
| mkdir -p ~/cra_web/dist && | |
| rm -rf ~/cra_web/dist/* | |
| " | |
| echo "Uploading files..." | |
| scp -F ~/.ssh/config -r ./dist/* target:~/cra_web/dist/ | |
| echo "Testing and reloading nginx..." | |
| ssh -F ~/.ssh/config target " | |
| sudo nginx -t && | |
| sudo systemctl reload nginx | |
| " | |
| echo "Deployment completed successfully" |