ForDay_Server/.github/workflows/deploy.yml at dev · Central-MakeUs/ForDay_Server · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
name: Deploy To EC2 (Blue-Green Public)

on:
  push:
    branches: [ "main" ]

permissions:
  contents: read

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - uses: actions/setup-java@v4
        with:
          distribution: temurin
          java-version: 17

      - name: Create Firebase JSON
        uses: jsdaniell/create-json@v1.2.2
        with:
          name: "forday-2ae94-firebase-adminsdk-fbsvc-e11f290048.json"
          json: ${{ secrets.FIREBASE_JSON }}
          dir: "src/main/resources/"

      - name: Create application.yml
        run: echo "${{ secrets.APPLICATION_PROPERTIES }}" > ./src/main/resources/application.yml

      - name: Build Spring Boot
        run: |
          chmod +x ./gradlew
          ./gradlew clean build -x test

      - name: Configure AWS Credentials
        uses: aws-actions/configure-aws-credentials@v4
        with:
          aws-region: ap-northeast-2
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

      - name: Login to ECR
        run: |
          aws ecr get-login-password --region ap-northeast-2 \
          | docker login --username AWS --password-stdin 839983937363.dkr.ecr.ap-northeast-2.amazonaws.com

      - name: Build & Push Docker Image
        run: |
          docker build -t forday .
          docker tag forday:latest 839983937363.dkr.ecr.ap-northeast-2.amazonaws.com/forday:latest
          docker push 839983937363.dkr.ecr.ap-northeast-2.amazonaws.com/forday:latest

  deploy:
    needs: build
    runs-on: ubuntu-latest
    steps:
      - name: Configure SSH
        run: |
          mkdir -p ~/.ssh
          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
          chmod 600 ~/.ssh/id_rsa
          cat <<EOF >> ~/.ssh/config
          Host ec2-server
            HostName ${{ secrets.EC2_PUBLIC_IP }}
            User ubuntu
            IdentityFile ~/.ssh/id_rsa
            StrictHostKeyChecking no
          EOF

      - name: Blue-Green Deploy via SSH
        run: |
          ssh ec2-server << 'EOF'
            set -e

            aws ecr get-login-password --region ap-northeast-2 | docker login --username AWS --password-stdin 839983937363.dkr.ecr.ap-northeast-2.amazonaws.com

            echo "▶ Nginx 환경 설정 확인"
            # 파일이 없으면 생성
            if [ ! -f /etc/nginx/conf.d/service-env.inc ]; then
              echo "set \$service_url blue;" | sudo tee /etc/nginx/conf.d/service-env.inc
            fi

            CURRENT_VAL=$(grep -oP '(?<=set \$service_url ).*(?=;)' /etc/nginx/conf.d/service-env.inc || echo "blue")

            if [ "$CURRENT_VAL" = "blue" ]; then
              TARGET="green"
              TARGET_PORT=8081
              OLD_TARGET="blue"
            else
              TARGET="blue"
              TARGET_PORT=8080
              OLD_TARGET="green"
            fi

            echo "▶ 배포 대상: $TARGET (포트: $TARGET_PORT)"
            docker pull 839983937363.dkr.ecr.ap-northeast-2.amazonaws.com/forday:latest

            docker stop $TARGET || true
            docker rm $TARGET || true

             docker run -d \
              --name $TARGET \
              --restart=always \
              --network forday-net \
              -v /etc/localtime:/etc/localtime:ro \
              -e TZ=Asia/Seoul \
              -e SPRING_PROFILES_ACTIVE=$TARGET \
              -p $TARGET_PORT:8080 \
              -e SPRING_DATA_REDIS_HOST=redis \
              -e SPRING_DATA_REDIS_PORT=6379 \
              -e SPRING_RABBITMQ_HOST=rabbitmq \
              -e SPRING_RABBITMQ_USERNAME=forday \
              -e SPRING_RABBITMQ_PASSWORD=forday1234 \
              839983937363.dkr.ecr.ap-northeast-2.amazonaws.com/forday:latest

            echo "▶ 헬스 체크 시작"
            for i in {1..20}; do
              # Spring Boot 기본 헬스체크 경로(/actuator/health) 또는 지정하신 경로 확인 필요
              if curl -sf http://localhost:$TARGET_PORT/health_check; then
                HEALTH_OK=true
                break
              fi
              echo "대기 중... ($i/20)"
              sleep 5
            done

            if [ "$HEALTH_OK" != "true" ]; then
              echo "❌ 헬스 체크 실패"
              docker logs $TARGET
              exit 1
            fi

            echo "▶ Nginx 스위칭"
            echo "set \$service_url $TARGET;" | sudo tee /etc/nginx/conf.d/service-env.inc
            sudo nginx -t && sudo nginx -s reload

            echo "▶ 이전 컨테이너 정리 및 미사용 이미지 삭제"
            docker stop $OLD_TARGET || true
            docker rm $OLD_TARGET || true
            docker image prune -af
          EOF