Merge branch 'prod' into dev #150
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # .github/workflows/dev-cd.yml | |
| name: CD for Dev | |
| on: | |
| push: | |
| branches: [ "dev" ] | |
| permissions: | |
| contents: read | |
| jobs: | |
| build: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| - name: Gradle Caching | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.gradle/caches | |
| ~/.gradle/wrapper | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: | | |
| ${{ runner.os }}-gradle- | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x gradlew | |
| - name: Create application-dev.yml | |
| run: | | |
| mkdir -p ./src/main/resources | |
| echo "${{ secrets.PROPERTIES_DEV }}" > ./src/main/resources/application-dev.yml | |
| shell: bash | |
| - name: Create .p8 | |
| run: | | |
| echo "${{ secrets.APPLE_AUTH }}" > ./src/main/resources/AUTHKEY_JUINJAG.p8 | |
| shell: bash | |
| # APPLE IN_APP 결제 관련 프로세스 시작 | |
| - name: Create certs and keys directories | |
| run: | | |
| mkdir -p ./src/main/resources/keys | |
| - name: Create IAP .p8 Key | |
| run: | | |
| echo "${{ secrets.APPLE_IAP_KEY }}" > ./src/main/resources/keys/SubscriptionKey_Q5646J7W54.p8 | |
| # 키 파일 크기 확인 (내용은 로그에 출력하지 않음) | |
| if [ -s "./src/main/resources/keys/SubscriptionKey_Q5646J7W54.p8" ]; then | |
| echo "✅ IAP key file created: $(wc -c < ./src/main/resources/keys/SubscriptionKey_Q5646J7W54.p8) bytes" | |
| else | |
| echo "❌ IAP key file is empty!" | |
| exit 1 | |
| fi | |
| # PEM 형식 확인 | |
| if grep -q "BEGIN PRIVATE KEY" ./src/main/resources/keys/SubscriptionKey_Q5646J7W54.p8; then | |
| echo "✅ IAP key file appears to be in PEM format" | |
| else | |
| echo "⚠️ IAP key file may not be in PEM format" | |
| fi | |
| shell: bash | |
| # APPLE IN_APP 결제 관련 프로세스 끝 | |
| - name: Build With Gradle | |
| run: ./gradlew build -x test | |
| - name: Login to Docker Hub | |
| run: | | |
| echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin | |
| - name: Build and push | |
| uses: docker/build-push-action@v4 | |
| with: | |
| context: . | |
| file: ./Dockerfile-dev | |
| push: true | |
| tags: ${{ secrets.DOCKER_USERNAME }}/${{ secrets.DOCKER_REPO_DEV }} | |
| - name: Deploy to Dev | |
| uses: appleboy/[email protected] | |
| with: | |
| host: ${{ secrets.EC2_HOST_DEV }} | |
| username: ${{ secrets.EC2_USERNAME_DEV }} | |
| key: ${{ secrets.EC2_PRIVATE_KEY_DEV }} | |
| port: 22 | |
| script: | | |
| sudo docker rm -f $(docker ps -qa) || true | |
| sudo docker pull ${{ secrets.DOCKER_USERNAME }}/${{ secrets.DOCKER_REPO_DEV }} | |
| docker-compose up -d | |
| docker image prune -f |