Skip to content

Update deploy.yml

Update deploy.yml #7

Workflow file for this run

name: Deploy Frontend to EC2
on:
push:
branches:
- develop
- main
workflow_dispatch: # 수동 트리거 추가
jobs:
deploy-frontend:
runs-on: ubuntu-latest
# 환경변수 설정
env:
AWS_SG_ID: ${{ secrets.AWS_SG_ID }}
AWS_DEFAULT_REGION: ap-northeast-2
AWS_EC2_SSH_KEY: ${{ secrets.AWS_EC2_SSH_KEY }}
AWS_EC2_USERNAME: ${{ secrets.AWS_EC2_USERNAME }}
AWS_EC2_DNS: ${{ secrets.AWS_EC2_DNS }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
PROPERTY_JSON: ${{ secrets.PROPERTY_JSON }}
NODE_ENV: production
steps:
# Node.js 설정
- name: Set up Node.js
uses: actions/setup-node@v4
with:
node-version: '20'
# Github action IP 가져오기
- name: Get Github action IP
id: ip
uses: haythem/[email protected]
# 배포 브랜치 지정
- name: Checkout branch
uses: actions/checkout@v2
with:
ref: develop
# Node.js 모듈 캐싱
- name: Cache Node.js modules
uses: actions/cache@v3
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
# npm 의존성 설치
- name: Install dependencies
run: |
npm install --include=dev
# property.json 파일 생성
- name: Create property.json
run: |
echo ${{ env.PROPERTY_JSON }} > ./src/configs/property.json
# 결과 확인
cat ./src/configs/property.json
# React 앱 빌드
- name: Build the React app
run: npm run build
# SSH Agent 설정 및 GitHub Secrets에 저장된 SSH 키 로드
- name: Set up SSH agent
uses: webfactory/[email protected]
with:
ssh-private-key: ${{ env.AWS_EC2_SSH_KEY }}
# Github action IP 보안그룹에 추가
- name: Add Github Actions IP to Security group
run: |
aws ec2 authorize-security-group-ingress --group-id ${{ env.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32
# EC2 호스트 키 등록
- name: Add EC2 to known hosts
run: |
ssh-keyscan -H ${{ env.AWS_EC2_DNS }} >> ~/.ssh/known_hosts
# EC2에 빌드된 소스 배포
- name: Deploy build to EC2
run: |
scp -r build/* ${{ env.AWS_EC2_USERNAME }}@${{ env.AWS_EC2_DNS }}:/home/ubuntu/catchweak-web/
# 배포 후 Nginx 재시작
- name: Restart Nginx (Optional)
run: |
ssh ${{ env.AWS_EC2_USERNAME }}@${{ env.AWS_EC2_DNS }} << EOF
sudo mv /home/ubuntu/catchweak-web/* /var/www/html/
sudo chown -R www-data:www-data /var/www/html/
sudo systemctl restart nginx
EOF
# GitHub Actions IP를 보안 그룹에서 제거
- name: Remove GitHub Actions IP from Security Group
run: |
aws ec2 revoke-security-group-ingress --group-id ${{ env.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32