Merge pull request #42 from Caring-Team/develop #36
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to EC2 | |
| on: | |
| push: | |
| branches: [ "main" ] | |
| workflow_dispatch: | |
| env: | |
| AWS_REGION: ap-northeast-2 | |
| AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }} | |
| ECR_REPO: caring-server | |
| IMAGE_URI: ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com/${{ secrets.ECR_REPO }} | |
| permissions: | |
| id-token: write | |
| contents: read | |
| jobs: | |
| Deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: JDK 17버전 설치 | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: temurin | |
| java-version: 17 | |
| - name: gradlew 실행 권한 추가 | |
| run: chmod +x ./gradlew | |
| - name: AWS Role 설정 | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: arn:aws:iam::430118840639:role/GitHubActionsECRDeployRole | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| - name: ECR에 로그인 | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| # 이미지 태그( latest + sha ) 자동 생성 | |
| - name: Docker metadata 설정 | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.IMAGE_URI }} | |
| tags: | | |
| type=raw,value=latest | |
| type=sha | |
| # 추가: Buildx를 docker-container 드라이버로 | |
| - name: Docker Buildx 설정 | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| driver: docker-container | |
| - name: Docker 이미지 빌드 및 ECR에 Push | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| # 필요 시 아키텍처 강제 | |
| platforms: linux/amd64 | |
| - name: EC2 접속 및 배포 | |
| uses: appleboy/ssh-action@v1.0.3 | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USER }} # ubuntu 또는 ec2-user | |
| key: ${{ secrets.EC2_KEY }} | |
| script: | | |
| set -e | |
| AWS_REGION=${{ secrets.AWS_REGION }} | |
| ECR_REGISTRY=${{ steps.login-ecr.outputs.registry }} | |
| ECR_REPO=${{ secrets.ECR_REPO }} | |
| # ECR 로그인 | |
| aws ecr get-login-password --region ${AWS_REGION} \ | |
| | docker login --username AWS --password-stdin ${ECR_REGISTRY} | |
| # EC2에서 Docker 이미지 Pull & Run | |
| cd /home/ubuntu/apps/caring/prod | |
| docker stop caring-server || true | |
| docker rm caring-server || true | |
| docker compose pull caring-server | |
| docker compose up -d caring-server | |
| docker image prune -f |