Rename deploy-frontend.yml to deploy.yml #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy Frontend to EC2 | |
| on: | |
| push: | |
| branches: | |
| - develop | |
| - main | |
| workflow_dispatch: # 수동 트리거 추가 | |
| jobs: | |
| deploy-frontend: | |
| runs-on: ubuntu-latest | |
| # 환경변수 설정 | |
| env: | |
| AWS_SG_ID: ${{ secrets.AWS_SG_ID }} | |
| AWS_DEFAULT_REGION: ap-northeast-2 | |
| AWS_EC2_SSH_KEY: ${{ secrets.AWS_EC2_SSH_KEY }} | |
| AWS_EC2_USERNAME: ${{ secrets.AWS_EC2_USERNAME }} | |
| AWS_EC2_DNS: ${{ secrets.AWS_EC2_DNS }} | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| PROPERTY_JSON: ${{ secrets.PROPERTY_JSON }} | |
| NODE_ENV: production | |
| steps: | |
| # Node.js 설정 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20' | |
| # Github action IP 가져오기 | |
| - name: Get Github action IP | |
| id: ip | |
| uses: haythem/[email protected] | |
| # 배포 브랜치 지정 | |
| - name: Checkout branch | |
| uses: actions/checkout@v2 | |
| with: | |
| ref: develop | |
| # Node.js 모듈 캐싱 | |
| - name: Cache Node.js modules | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.npm | |
| key: ${{ runner.os }}-node-${{ hashFiles('package-lock.json') }} | |
| restore-keys: | | |
| ${{ runner.os }}-node- | |
| # npm 의존성 설치 | |
| - name: Install dependencies | |
| run: | | |
| npm install --include=dev | |
| # property.json 파일 생성 | |
| - name: Create property.json | |
| run: | | |
| echo -e "${{ env.PROPERTY_JSON }}" > ./src/configs/property.json | |
| cat ./src/configs/property.json | |
| # React 앱 빌드 | |
| - name: Build the React app | |
| run: npm run build | |
| # SSH Agent 설정 및 GitHub Secrets에 저장된 SSH 키 로드 | |
| - name: Set up SSH agent | |
| uses: webfactory/[email protected] | |
| with: | |
| ssh-private-key: ${{ env.AWS_EC2_SSH_KEY }} | |
| # Github action IP 보안그룹에 추가 | |
| - name: Add Github Actions IP to Security group | |
| run: | | |
| aws ec2 authorize-security-group-ingress --group-id ${{ env.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32 | |
| # EC2 호스트 키 등록 | |
| - name: Add EC2 to known hosts | |
| run: | | |
| ssh-keyscan -H ${{ env.AWS_EC2_DNS }} >> ~/.ssh/known_hosts | |
| # EC2에 빌드된 소스 배포 | |
| - name: Deploy build to EC2 | |
| run: | | |
| scp -r build/* ${{ env.AWS_EC2_USERNAME }}@${{ env.AWS_EC2_DNS }}:/var/www/html/ | |
| # 배포 후 Nginx 재시작 | |
| - name: Restart Nginx (Optional) | |
| run: | | |
| ssh ${{ env.AWS_EC2_USERNAME }}@${{ env.AWS_EC2_DNS }} << EOF | |
| sudo systemctl restart nginx | |
| EOF | |
| # GitHub Actions IP를 보안 그룹에서 제거 | |
| - name: Remove GitHub Actions IP from Security Group | |
| run: | | |
| aws ec2 revoke-security-group-ingress --group-id ${{ env.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32 |