Update README.md #301

Workflow file for this run

	name: CI/CD Backend API to GCP

	on:
	push:
	branches: [ "main" ] # 'main' 브랜치에 푸시될 때 실행
	pull_request:
	branches: [ "main" ] # 'main' 브랜치에 대한 Pull Request가 생성될 때 실행

	env:
	DOCKER_IMAGE_NAME: cometwoo/backend_api_i

	jobs:
	# 빌드 및 이미지 푸시
	build-and-push:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Login to Docker Hub
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_TOKEN }}
	- name: Build and push Docker image
	uses: docker/build-push-action@v5
	with:
	context: . # Dockerfile이 있는 경로
	push: true
	tags: ${{ env.DOCKER_IMAGE_NAME }}:latest

	# CD: 서버에 배포
	deploy-to-gcp:
	needs: build-and-push
	runs-on: ubuntu-latest
	steps:
	# GCP 서버에 SSH로 접속하여 배포 스크립트를 실행
	- name: Deploy to GCP
	uses: appleboy/[email protected]
	with:
	host: ${{ secrets.GCP_HOST }}
	username: ${{ secrets.GCP_USERNAME }}
	key: ${{ secrets.GCP_SSH_KEY }}
	script: \|
	docker pull ${{ env.DOCKER_IMAGE_NAME }}:latest

	if [ "$(docker ps -aq -f name=backend-api-c)" ]; then
	docker stop backend-api-c
	docker rm backend-api-c
	fi

	printf "%s" '${{ secrets.GCP_SA_KEY }}' >> gcp-sa-key.json

	echo "Cleaning up bot from previous deployment..."
	docker exec teleport-daemon tctl bots rm jarvis-bot \|\| true

	BOT_JOIN_TOKEN=$(docker exec teleport-daemon tctl bots add jarvis-bot --roles=editor,teleport-event-handler --ttl=5m \| grep 'The bot token: ' \| awk '{print $4}')

	if [ -z "$BOT_JOIN_TOKEN" ]; then
	echo "Error: Failed to generate or extract bot join token."
	exit 1
	fi

	TELEPORT_DAEMON_IP=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' teleport-daemon)

	docker run -d --name backend-api-c \
	--network=teleport-net \
	-p 8080:8080 \
	-e JOIN_TOKEN="${BOT_JOIN_TOKEN}" \
	-e GITHUB_CLIENT_ID='${{ secrets.CLIENT_ID }}' \
	-e GITHUB_CLIENT_SECRET='${{ secrets.CLIENT_SECRET }}' \
	-e GITHUB_CALLBACK_URL='${{ secrets.CALLBACK_URL }}' \
	-e VITE_API_URL='${{ secrets.VITE_API_URL }}' \
	-e TELEPORT_PROXY_ADDR='${{ secrets.TELEPORT_PROXY_ADDR }}' \
	-e TELEPORT_AUTH_ADDR='${{ secrets.TELEPORT_AUTH_ADDR }}' \
	-e JWT_SECRET_KEY='${{ secrets.JWT_SECRET_KEY }}' \
	-e GCP_PROJECT_ID='${{ secrets.GCP_PROJECT_ID }}' \
	-e GCP_LOCATION='${{ secrets.GCP_LOCATION }}' \
	-e GEMINI_MODEL='${{ secrets.GEMINI_MODEL }}' \
	-e GITHUB_ORG_NAME='${{ secrets.ORG_NAME }}' \
	-e GITHUB_TEAM_SLUG='${{ secrets.TEAM_SLUG }}' \
	-e TELEPORT_AUDIT_LOG_PATH='/var/lib/teleport/log/events.log' \
	-e TBOT_IDENTITY_FILE_PATH='/opt/machine-id/identity' \
	-e GOOGLE_APPLICATION_CREDENTIALS='/etc/gcp/gcp-sa-key.json' \
	-v ~/teleport-daemon/keys/fullchain.pem:/etc/letsencrypt/fullchain.pem \
	-v ~/teleport-daemon/keys/privkey.pem:/etc/letsencrypt/privkey.pem \
	-v tbot-certs-volume:/opt/machine-id \
	-v ~/identity:/opt/jarvis-service-identity:ro \
	-v /var/lib/teleport/log/events.log:/var/lib/teleport/log/events.log:ro \
	-v ~/gcp-sa-key.json:/etc/gcp/gcp-sa-key.json:ro \
	--add-host='${{ secrets.VITE_API_URL }}':${TELEPORT_DAEMON_IP} \
	${{ env.DOCKER_IMAGE_NAME }}:latest

	rm gcp-sa-key.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Update README.md #301

Workflow file

Update README.md #301

Uh oh!

Workflow file for this run