fix: 환경변수 로드 시 주석 제거 #133
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD - DockerHub Push & Blue-Green Deploy | |
| on: | |
| push: | |
| branches: [main] | |
| paths-ignore: | |
| - 'docker/monitoring/**' | |
| jobs: | |
| build-and-deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| # 1. 코드와 설정 파일 체크아웃 | |
| - name: Checkout app repository | |
| uses: actions/checkout@v3 | |
| - name: Checkout private config repository | |
| uses: actions/checkout@v3 | |
| with: | |
| repository: UruruLab/Ururu-Backend-Config | |
| token: ${{ secrets.PRIVATE_REPO_TOKEN }} | |
| path: config | |
| # 2. 설정 파일 복사 | |
| - name: Copy config files (application*.yml) | |
| run: | | |
| mkdir -p src/main/resources/ | |
| cp config/application*.yml src/main/resources/ | |
| # 3. JDK 설정 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: "17" | |
| distribution: "temurin" | |
| - name: Grant permission to Gradle | |
| run: chmod +x ./gradlew | |
| # 4. 애플리케이션 빌드 | |
| - name: Build Spring Boot JAR | |
| run: ./gradlew clean bootJar --no-daemon | |
| # 5. 현재 활성 컨테이너 확인 및 타겟 결정 (SSH 직접 방식) | |
| - name: Setup SSH key and determine ACTIVE container | |
| run: | | |
| echo "=== 단계 1: SSH 키 설정 시작 ===" | |
| mkdir -p ~/.ssh | |
| echo "mkdir 완료" | |
| echo "${{ secrets.EC2_SSH_KEY }}" > ~/.ssh/private_key | |
| echo "키 파일 생성 완료" | |
| chmod 600 ~/.ssh/private_key | |
| echo "권한 설정 완료" | |
| echo "=== 단계 2: SSH 연결 테스트 ===" | |
| ssh -i ~/.ssh/private_key -o StrictHostKeyChecking=no ${{ secrets.EC2_USER }}@${{ secrets.EC2_HOST }} "echo 'SSH 테스트 성공'" | |
| echo "SSH 연결 완료" | |
| echo "=== 단계 3: nginx 내용 읽기 ===" | |
| NGINX_CONTENT=$(ssh -i ~/.ssh/private_key -o StrictHostKeyChecking=no ${{ secrets.EC2_USER }}@${{ secrets.EC2_HOST }} "cat /home/ec2-user/app/.nginx-env") | |
| echo "nginx 내용: $NGINX_CONTENT" | |
| echo "=== 단계 4: ACTIVE 결정 ===" | |
| if [[ "$NGINX_CONTENT" == *"ururu-blue"* ]]; then | |
| ACTIVE="ururu-blue" | |
| TARGET="ururu-green" | |
| TARGET_TAG="green" | |
| else | |
| ACTIVE="ururu-green" | |
| TARGET="ururu-blue" | |
| TARGET_TAG="blue" | |
| fi | |
| echo "=== 단계 5: 환경 변수 설정 ===" | |
| echo "ACTIVE=$ACTIVE" >> $GITHUB_ENV | |
| echo "TARGET=$TARGET" >> $GITHUB_ENV | |
| echo "TARGET_TAG=$TARGET_TAG" >> $GITHUB_ENV | |
| echo "최종 결과: ACTIVE=$ACTIVE, TARGET=$TARGET, TARGET_TAG=$TARGET_TAG" | |
| # 6. DockerHub 로그인 및 푸시 | |
| - name: Login to DockerHub | |
| run: | | |
| echo "${{ secrets.DOCKERHUB_PASSWORD }}" | docker login -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin | |
| - name: Build Docker image | |
| run: docker build -t juwon0909/ururu:${{ env.TARGET_TAG }} -f docker/Dockerfile . | |
| - name: Push image to DockerHub | |
| run: docker push juwon0909/ururu:${{ env.TARGET_TAG }} | |
| # 7. EC2에 파일 업로드 | |
| - name: Ensure remote app directory exists | |
| uses: appleboy/ssh-action@v1 | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USER }} | |
| key: ${{ secrets.EC2_SSH_KEY }} | |
| script: mkdir -p /home/ec2-user/app | |
| - name: Upload docker-compose-prod.yml to EC2 | |
| uses: appleboy/scp-action@v1 | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USER }} | |
| key: ${{ secrets.EC2_SSH_KEY }} | |
| source: docker/docker-compose-prod.yml | |
| target: /home/ec2-user/app/ | |
| strip_components: 1 | |
| overwrite: true | |
| - name: Upload nginx configs and scripts to EC2 | |
| uses: appleboy/scp-action@v1 | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USER }} | |
| key: ${{ secrets.EC2_SSH_KEY }} | |
| source: "docker/nginx/nginx.conf.template,docker/nginx/switch.sh,docker/nginx/rollback.sh,docker/nginx/healthcheck.sh" | |
| target: /home/ec2-user/app/nginx/ | |
| strip_components: 2 | |
| overwrite: true | |
| debug: true | |
| - name: Upload .env to EC2 (from config repo) | |
| uses: appleboy/scp-action@v1 | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USER }} | |
| key: ${{ secrets.EC2_SSH_KEY }} | |
| source: config/.env | |
| target: /home/ec2-user/app/ | |
| strip_components: 1 | |
| overwrite: true | |
| - name: Ensure nginx shell scripts are executable | |
| uses: appleboy/ssh-action@v1 | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USER }} | |
| key: ${{ secrets.EC2_SSH_KEY }} | |
| script: | | |
| chmod +x /home/ec2-user/app/nginx/*.sh | |
| # 8. 대상 컨테이너 배포 | |
| - name: Deploy to target container | |
| uses: appleboy/ssh-action@v0.1.6 | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USER }} | |
| key: ${{ secrets.EC2_SSH_KEY }} | |
| envs: TARGET | |
| script: | | |
| cd /home/ec2-user/app | |
| docker compose -f docker-compose-prod.yml pull $TARGET | |
| docker compose -f docker-compose-prod.yml up -d --no-deps $TARGET | |
| env: | |
| TARGET: ${{ env.TARGET }} | |
| # 9. 헬스 체크 수행 | |
| - name: Health check on target container | |
| id: health-check | |
| uses: appleboy/ssh-action@v0.1.6 | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USER }} | |
| key: ${{ secrets.EC2_SSH_KEY }} | |
| script: | | |
| cd /home/ec2-user/app | |
| TARGET_PORT=8081 | |
| if [ -f .nginx-env ] && grep -q ururu-blue .nginx-env; then | |
| TARGET_PORT=8082 | |
| fi | |
| bash nginx/healthcheck.sh $TARGET_PORT | |
| # 10. Nginx 트래픽 전환 | |
| - name: Switch Nginx traffic to target | |
| uses: appleboy/ssh-action@v0.1.6 | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USER }} | |
| key: ${{ secrets.EC2_SSH_KEY }} | |
| envs: TARGET | |
| script: | | |
| cd /home/ec2-user/app | |
| bash nginx/switch.sh $TARGET | |
| env: | |
| TARGET: ${{ env.TARGET }} | |
| # 11. 롤백 (헬스체크 실패 시) | |
| - name: Rollback if health check failed | |
| if: steps.health-check.outcome == 'failure' | |
| uses: appleboy/ssh-action@v0.1.6 | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USER }} | |
| key: ${{ secrets.EC2_SSH_KEY }} | |
| envs: TARGET | |
| script: | | |
| cd /home/ec2-user/app | |
| bash nginx/rollback.sh $TARGET | |
| env: | |
| TARGET: ${{ env.TARGET }} | |
| # 12. 이전 컨테이너 제거 | |
| - name: Remove old container | |
| if: success() | |
| uses: appleboy/ssh-action@v0.1.6 | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USER }} | |
| key: ${{ secrets.EC2_SSH_KEY }} | |
| envs: ACTIVE | |
| script: | | |
| cd /home/ec2-user/app | |
| docker rm -f $ACTIVE || true | |
| env: | |
| ACTIVE: ${{ env.ACTIVE }} |