Update deploy.yml #24
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to AWS | |
| on: | |
| push: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Set up JDK 21 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '21' | |
| distribution: 'adopt' | |
| - name : Override APPLICATION PROPERTIES | |
| run : echo "${{ secrets.APPLICATION_PROPERTIES }}" > ./src/main/resources/application.properties | |
| - name: Configure Production Properties | |
| run: | | |
| touch ./src/main/resources/application-prod.properties | |
| echo "${{ secrets.APPLICATION_PROD_PROPERTIES }}" > ./src/main/resources/application-prod.properties | |
| - name: Configure Test Properties | |
| run: | | |
| touch ./src/main/resources/application-test.properties | |
| echo "${{ secrets.APPLICATION_TEST_PROPERTIES }}" > ./src/main/resources/application-test.properties | |
| - name: gradlew에 실행 권한 부여 | |
| run: chmod +x ./gradlew | |
| - name: 배포 파일 생성 | |
| run: ./gradlew bootJar | |
| - name: Upload JAR file | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: cau-be-jar | |
| path: build/libs/cau-be-0.0.1-SNAPSHOT.jar | |
| deploy: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| steps: | |
| - name: Download JAR file | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: cau-be-jar | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v3 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| - name: Get GitHub Actions Runner IP | |
| id: get_ip | |
| run: echo $(curl -s https://api64.ipify.org) > RUNNER_IP.txt | |
| - name: Add GitHub Actions IP to AWS Security Group | |
| run: | | |
| RUNNER_IP=$(cat RUNNER_IP.txt) | |
| aws ec2 authorize-security-group-ingress \ | |
| --group-id ${{ secrets.AWS_SECURITY_GROUP_ID }} \ | |
| --protocol tcp \ | |
| --port 22 \ | |
| --cidr "${RUNNER_IP}/32" \ | |
| --region ${{ secrets.AWS_REGION }} | |
| - name: Configure SSH private key | |
| run: | | |
| touch ./key-derby.pem | |
| echo "${{ secrets.CAU_AWS_SSH_KEY }}" > ./key-derby.pem | |
| chmod 600 ./key-derby.pem | |
| - name: Add AWS EC2 to known_hosts | |
| run: | | |
| mkdir -p ~/.ssh | |
| ssh-keyscan -H "${{ secrets.AWS_EC2_IP }}" >> ~/.ssh/known_hosts | |
| - name: Deploy to AWS EC2 | |
| run: | | |
| # # scp로 EC2에 jar 파일 전송 | |
| # scp -vvv -o Compression=no -i ./key-derby.pem ./cau-be-0.0.1-SNAPSHOT.jar \ | |
| # ubuntu@${{ secrets.AWS_EC2_IP }}:/home/ubuntu/repository | |
| - name: SCP로 EC2에 빌드된 파일 전송하기 | |
| uses: appleboy/[email protected] | |
| with: | |
| host: ${{ secrets.AWS_EC2_IP }} | |
| username: ubuntu | |
| key: ./key-derby.pem | |
| source: ./cau-be-0.0.1-SNAPSHOT.jar | |
| target: /home/ubuntu/repository | |
| - name: Restart API Server | |
| run: | | |
| # EC2의 deploy.sh 실행 | |
| ssh -i ./key-derby.pem ubuntu@${{ secrets.AWS_EC2_IP }} << EOF | |
| /home/ubuntu/repository/deploy.sh | |
| EOF | |
| - name: Remove GitHub Actions IP from AWS Security Group | |
| run: | | |
| RUNNER_IP=$(cat RUNNER_IP.txt) | |
| aws ec2 revoke-security-group-ingress \ | |
| --group-id ${{ secrets.AWS_SECURITY_GROUP_ID }} \ | |
| --protocol tcp \ | |
| --port 22 \ | |
| --cidr "${RUNNER_IP}/32" \ | |
| --region ${{ secrets.AWS_REGION }} | |
| - name: Clean up SSH key | |
| run: rm ./key-derby.pem |