🌐 [Ci]: base 이미지 캐싱 #109
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Media Server CI/CD | |
| on: | |
| push: | |
| branches: | |
| - develop | |
| - Fix/316 | |
| # paths: | |
| # - 'apps/media/**' | |
| jobs: | |
| build-and-push: | |
| runs-on: ubuntu-latest | |
| env: | |
| IMAGE_NAME: media-camon | |
| MEDIA_PORT: 3001 | |
| REDIS_HOST: ${{ secrets.REDIS_HOST }} | |
| REDIS_PORT: ${{ secrets.REDIS_PORT }} | |
| REDIS_MEDIA: ${{ secrets.REDIS_MEDIA }} | |
| ANNOUNCED_IP: ${{ secrets.ANNOUNCED_IP }} | |
| API_SERVER_URL: ${{ secrets.API_SERVER_URL }} | |
| HTTP_TIMEOUT: ${{ secrets.HTTP_TIMEOUT }} | |
| RECORD_SERVER_URL: ${{ secrets.RECORD_SERVER_URL }} | |
| SERVER_PRIVATE_IP: ${{ secrets.SERVER_PRIVATE_IP }} | |
| PUBLIC_RECORD_SERVER_URL: ${{ secrets.PUBLIC_RECORD_SERVER_URL }} | |
| JWT_SECRET: ${{ secrets.JWT_SECRET }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v2 | |
| - name: Log in to Ncloud Container Registry | |
| env: | |
| USERNAME: ${{ secrets.NCLOUD_ACCESS_KEY }} | |
| PASSWORD: ${{ secrets.NCLOUD_SECRET_KEY }} | |
| REGISTRY_URL: ${{ secrets.NCLOUD_REGISTRY_URL }} | |
| run: | | |
| echo "$PASSWORD" | docker login -u "$USERNAME" "$REGISTRY_URL" --password-stdin | |
| - name: Build Base Docker image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: ./apps/media/Dockerfile | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| target: base | |
| - name: Build Docker image | |
| run: | | |
| docker build \ | |
| -f ./apps/media/Dockerfile \ | |
| -t ${{ secrets.NCLOUD_REGISTRY_URL }}/$IMAGE_NAME:latest \ | |
| --build-arg MEDIA_PORT=$MEDIA_PORT \ | |
| --build-arg REDIS_HOST=$REDIS_HOST \ | |
| --build-arg REDIS_PORT=$REDIS_PORT \ | |
| --build-arg REDIS_MEDIA=$REDIS_MEDIA \ | |
| --build-arg ANNOUNCED_IP=$ANNOUNCED_IP \ | |
| --build-arg API_SERVER_URL=$API_SERVER_URL \ | |
| --build-arg HTTP_TIMEOUT=$HTTP_TIMEOUT \ | |
| --build-arg RECORD_SERVER_URL=$RECORD_SERVER_URL \ | |
| --build-arg SERVER_PRIVATE_IP=$SERVER_PRIVATE_IP \ | |
| --build-arg PUBLIC_RECORD_SERVER_URL=$PUBLIC_RECORD_SERVER_URL \ | |
| --build-arg JWT_SECRET=$JWT_SECRET \ | |
| . | |
| - name: Push to Ncloud Container Registry | |
| run: | | |
| docker push ${{ secrets.NCLOUD_REGISTRY_URL }}/$IMAGE_NAME:latest | |
| deploy-and-run: | |
| runs-on: ubuntu-latest | |
| needs: build-and-push | |
| env: | |
| IMAGE_NAME: media-camon | |
| MEDIA_PORT: 3001 | |
| REDIS_HOST: ${{ secrets.REDIS_HOST }} | |
| REDIS_PORT: ${{ secrets.REDIS_PORT }} | |
| REDIS_MEDIA: ${{ secrets.REDIS_MEDIA }} | |
| ANNOUNCED_IP: ${{ secrets.ANNOUNCED_IP }} | |
| API_SERVER_URL: ${{ secrets.API_SERVER_URL }} | |
| HTTP_TIMEOUT: ${{ secrets.HTTP_TIMEOUT }} | |
| RECORD_SERVER_URL: ${{ secrets.RECORD_SERVER_URL }} | |
| SERVER_PRIVATE_IP: ${{ secrets.SERVER_PRIVATE_IP }} | |
| PUBLIC_RECORD_SERVER_URL: ${{ secrets.PUBLIC_RECORD_SERVER_URL }} | |
| JWT_SECRET: ${{ secrets.JWT_SECRET }} | |
| NCLOUD_REGISTRY_URL: ${{ secrets.NCLOUD_REGISTRY_URL }} | |
| NCLOUD_ACCESS_KEY: ${{ secrets.NCLOUD_ACCESS_KEY }} | |
| NCLOUD_SECRET_KEY: ${{ secrets.NCLOUD_SECRET_KEY }} | |
| steps: | |
| - name: Checkout for docker-compose | |
| uses: actions/checkout@v2 | |
| - name: Copy docker-compose file | |
| uses: appleboy/scp-action@master | |
| with: | |
| host: ${{ secrets.SERVER_IP }} | |
| username: ${{ secrets.SERVER_USER }} | |
| key: ${{ secrets.SSH_SERVER_KEY }} | |
| source: "docker-compose.yml" | |
| target: "/home/${{ secrets.SERVER_USER }}/camon" | |
| - name: SSH and deploy | |
| uses: appleboy/[email protected] | |
| with: | |
| host: ${{ secrets.SERVER_IP }} | |
| username: ${{ secrets.SERVER_USER }} | |
| key: ${{ secrets.SSH_SERVER_KEY }} | |
| port: 22 | |
| envs: MEDIA_PORT,REDIS_HOST,REDIS_PORT,REDIS_MEDIA,ANNOUNCED_IP,API_SERVER_URL,HTTP_TIMEOUT,RECORD_SERVER_URL,SERVER_PRIVATE_IP,PUBLIC_RECORD_SERVER_URL,NCLOUD_REGISTRY_URL,NCLOUD_ACCESS_KEY,NCLOUD_SECRET_KEY | |
| script: | | |
| cd /home/${{ secrets.SERVER_USER }}/camon | |
| echo "MEDIA_PORT=$MEDIA_PORT" > .env | |
| echo "REDIS_HOST=$REDIS_HOST" >> .env | |
| echo "REDIS_PORT=$REDIS_PORT" >> .env | |
| echo "REDIS_MEDIA=$REDIS_MEDIA" >> .env | |
| echo "ANNOUNCED_IP=$ANNOUNCED_IP" >> .env | |
| echo "API_SERVER_URL=$API_SERVER_URL" >> .env | |
| echo "HTTP_TIMEOUT=$HTTP_TIMEOUT" >> .env | |
| echo "RECORD_SERVER_URL=$RECORD_SERVER_URL" >> .env | |
| echo "SERVER_PRIVATE_IP=$SERVER_PRIVATE_IP" >> .env | |
| echo "PUBLIC_RECORD_SERVER_URL=$PUBLIC_RECORD_SERVER_URL" >> .env | |
| echo "NCLOUD_REGISTRY_URL=$NCLOUD_REGISTRY_URL" >> .env | |
| echo "NCLOUD_ACCESS_KEY=$NCLOUD_ACCESS_KEY" >> .env | |
| echo "NCLOUD_SECRET_KEY=$NCLOUD_SECRET_KEY" >> .env | |
| echo "JWT_SECRET=$JWT_SECRET" >> .env | |
| sudo docker login -u $NCLOUD_ACCESS_KEY -p $NCLOUD_SECRET_KEY $NCLOUD_REGISTRY_URL | |
| sudo docker stop media-camon || true | |
| sudo docker rm media-camon || true | |
| sudo docker rmi $NCLOUD_REGISTRY_URL/media-camon:latest || true | |
| sudo docker pull $NCLOUD_REGISTRY_URL/media-camon:latest | |
| sudo docker tag $NCLOUD_REGISTRY_URL/media-camon:latest media-camon | |
| sudo docker-compose up -d media | |
| sudo docker image prune -f | |
| - name: Check container status | |
| uses: appleboy/[email protected] | |
| with: | |
| host: ${{ secrets.SERVER_IP }} | |
| username: ${{ secrets.SERVER_USER }} | |
| key: ${{ secrets.SSH_SERVER_KEY }} | |
| port: 22 | |
| script: | | |
| cd /home/${{ secrets.SERVER_USER }}/camon | |
| sudo docker-compose ps media | |
| sudo docker-compose logs --tail=100 media |