fix:backcicd.yaml 환경변수에 맞게 수정 #18
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Backend MSA CI/CD Pipeline | |
| on: | |
| push: | |
| branches: | |
| - 48-Develop브랜치-푸시시-CI/CD-구현 | |
| jobs: | |
| build-and-push: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| include: | |
| - module: gitfolio-auth | |
| port: 8080 | |
| service_name: auth | |
| instance_name: "Gitfolio BE1" | |
| instance_index: "1" | |
| - module: gitfolio-member | |
| port: 8081 | |
| service_name: member | |
| instance_name: "Gitfolio BE1" | |
| instance_index: "1" | |
| - module: gitfolio-payment | |
| port: 8083 | |
| service_name: payment | |
| instance_name: "Gitfolio BE2" | |
| instance_index: "2" | |
| - module: gitfolio-resume | |
| port: 8082 | |
| service_name: resume | |
| instance_name: "Gitfolio BE2" | |
| instance_index: "2" | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Create .env file | |
| run: | | |
| cat << EOF > .env | |
| # URL | |
| REDIRECT_ONBOARDING_URL=${{ secrets.REDIRECT_ONBOARDING_URL }} | |
| REDIRECT_MAIN_URL=${{ secrets.REDIRECT_MAIN_URL }} | |
| MEMBER_SERVER_URL=${{ secrets.MEMBER_SERVER_URL }} | |
| PAYMENT_SERVER_URL=${{ secrets.PAYMENT_SERVER_URL }} | |
| AI_SERVER_URL=${{ secrets.AI_SERVER_URL }} | |
| # gRPC Port | |
| MEMBER_GRPC_PORT=${{ secrets.MEMBER_GRPC_PORT }} | |
| # Server Port | |
| AUTH_SERVER_PORT=${{ secrets.AUTH_SERVER_PORT }} | |
| MEMBER_SERVER_PORT=${{ secrets.MEMBER_SERVER_PORT }} | |
| RESUME_SERVER_PORT=${{ secrets.RESUME_SERVER_PORT }} | |
| PAYMENT_SERVER_PORT=${{ secrets.PAYMENT_SERVER_PORT }} | |
| # GitHub OAuth | |
| GH_CLIENT_ID=${{ secrets.GH_CLIENT_ID }} | |
| GH_CLIENT_SECRET=${{ secrets.GH_CLIENT_SECRET }} | |
| GH_REDIRECT_URI=${{ secrets.GH_REDIRECT_URI }} | |
| GH_API_TOKEN=${{ secrets.GH_API_TOKEN }} | |
| # JWT | |
| JWT_SECRET_KEY=${{ secrets.JWT_SECRET_KEY }} | |
| ACCESS_TOKEN_EXPIRY=${{ secrets.ACCESS_TOKEN_EXPIRY }} | |
| REFRESH_TOKEN_EXPIRY=${{ secrets.REFRESH_TOKEN_EXPIRY }} | |
| # Redis Configuration | |
| AUTH_REDIS_HOST=${{ secrets.AUTH_REDIS_HOST }} | |
| AUTH_REDIS_PORT=${{ secrets.AUTH_REDIS_PORT }} | |
| RESUME_REDIS_HOST=${{ secrets.RESUME_REDIS_HOST }} | |
| RESUME_REDIS_PORT=${{ secrets.RESUME_REDIS_PORT }} | |
| # MySQL Configuration | |
| MEMBER_MYSQL_DB_HOST=${{ secrets.MEMBER_MYSQL_DB_HOST }} | |
| MEMBER_MYSQL_DB_PORT=${{ secrets.MEMBER_MYSQL_DB_PORT }} | |
| MEMBER_MYSQL_DB_NAME=${{ secrets.MEMBER_MYSQL_DB_NAME }} | |
| MEMBER_MYSQL_DB_USERNAME=${{ secrets.MEMBER_MYSQL_DB_USERNAME }} | |
| MEMBER_MYSQL_DB_PASSWORD=${{ secrets.MEMBER_MYSQL_DB_PASSWORD }} | |
| LIKE_MYSQL_DB_HOST=${{ secrets.LIKE_MYSQL_DB_HOST }} | |
| LIKE_MYSQL_DB_PORT=${{ secrets.LIKE_MYSQL_DB_PORT }} | |
| LIKE_MYSQL_DB_NAME=${{ secrets.LIKE_MYSQL_DB_NAME }} | |
| LIKE_MYSQL_DB_USERNAME=${{ secrets.LIKE_MYSQL_DB_USERNAME }} | |
| LIKE_MYSQL_DB_PASSWORD=${{ secrets.LIKE_MYSQL_DB_PASSWORD }} | |
| PAYMENT_MYSQL_DB_HOST=${{ secrets.PAYMENT_MYSQL_DB_HOST }} | |
| PAYMENT_MYSQL_DB_PORT=${{ secrets.PAYMENT_MYSQL_DB_PORT }} | |
| PAYMENT_MYSQL_DB_NAME=${{ secrets.PAYMENT_MYSQL_DB_NAME }} | |
| PAYMENT_MYSQL_DB_USERNAME=${{ secrets.PAYMENT_MYSQL_DB_USERNAME }} | |
| PAYMENT_MYSQL_DB_PASSWORD=${{ secrets.PAYMENT_MYSQL_DB_PASSWORD }} | |
| # MongoDB Configuration | |
| MEMBER_MONGO_DB_USERNAME=${{ secrets.MEMBER_MONGO_DB_USERNAME }} | |
| MEMBER_MONGO_DB_PORT=${{ secrets.MEMBER_MONGO_DB_PORT }} | |
| MEMBER_MONGO_DB_DATABASE=${{ secrets.MEMBER_MONGO_DB_DATABASE }} | |
| RESUME_MONGO_DB_USERNAME=${{ secrets.RESUME_MONGO_DB_USERNAME }} | |
| RESUME_MONGO_DB_PORT=${{ secrets.RESUME_MONGO_DB_PORT }} | |
| RESUME_MONGO_DB_DATABASE=${{ secrets.RESUME_MONGO_DB_DATABASE }} | |
| # S3 Configuration | |
| S3_ACCESS_KEY=${{ secrets.S3_ACCESS_KEY }} | |
| S3_SECRET_KEY=${{ secrets.S3_SECRET_KEY }} | |
| S3_URL_PREFIX=${{ secrets.S3_URL_PREFIX }} | |
| # Kakao Pay | |
| KAKAO_API_URL=${{ secrets.KAKAO_API_URL }} | |
| KAKAOPAY_SECRET_KEY=${{ secrets.KAKAOPAY_SECRET_KEY }} | |
| # Kafka Configuration | |
| KAFKA_HOST1=${{ secrets.KAFKA_HOST1 }} | |
| KAFKA_PORT1=${{ secrets.KAFKA_PORT1 }} | |
| EOF | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v2 | |
| - name: Log in to Docker Hub | |
| uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
| # Builder 이미지 빌드 | |
| - name: Build and push builder image | |
| run: | | |
| docker compose build builder | |
| docker compose push builder | |
| # 서비스 이미지 빌드 및 푸시 (환경변수 포함) | |
| - name: Build and push service images | |
| run: | | |
| docker compose build ${{ matrix.service_name }} | |
| docker compose push ${{ matrix.service_name }} | |
| deploy: | |
| needs: build-and-push | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| include: | |
| - module: gitfolio-auth | |
| port: 8080 | |
| service_name: auth | |
| instance_name: "Gitfolio BE1" | |
| instance_index: "1" | |
| - module: gitfolio-member | |
| port: 8081 | |
| service_name: member | |
| instance_name: "Gitfolio BE1" | |
| instance_index: "1" | |
| - module: gitfolio-payment | |
| port: 8083 | |
| service_name: payment | |
| instance_name: "Gitfolio BE2" | |
| instance_index: "2" | |
| - module: gitfolio-resume | |
| port: 8082 | |
| service_name: resume | |
| instance_name: "Gitfolio BE2" | |
| instance_index: "2" | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Create .env file | |
| run: | | |
| # 위의 .env 파일 생성 스크립트와 동일 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ap-northeast-2 | |
| - name: Get EC2 instance ID | |
| id: get-instance | |
| run: | | |
| INSTANCE_ID=$(aws ec2 describe-instances \ | |
| --filters \ | |
| "Name=tag:Service,Values=back" \ | |
| "Name=tag:Environment,Values=dev" \ | |
| "Name=tag:Name,Values=${{ matrix.instance_name }}" \ | |
| "Name=tag:Index,Values=${{ matrix.instance_index }}" \ | |
| "Name=instance-state-name,Values=running" \ | |
| --query "Reservations[*].Instances[*].InstanceId" \ | |
| --output text) | |
| echo "instance_id=$INSTANCE_ID" >> $GITHUB_OUTPUT | |
| - name: Install Session Manager Plugin | |
| run: | | |
| curl "https://s3.amazonaws.com/session-manager-downloads/plugin/latest/ubuntu_64bit/session-manager-plugin.deb" -o "session-manager-plugin.deb" | |
| sudo dpkg -i session-manager-plugin.deb | |
| - name: Copy .env and docker-compose.yml to EC2 | |
| run: | | |
| aws ssm start-session \ | |
| --target "${{ steps.get-instance.outputs.instance_id }}" \ | |
| --document-name "AWS-StartInteractiveCommand" \ | |
| --parameters "{\"command\":[\"cat > /home/ec2-user/.env << 'EOL'\n$(cat .env)\nEOL\"]}" | |
| aws ssm start-session \ | |
| --target "${{ steps.get-instance.outputs.instance_id }}" \ | |
| --document-name "AWS-StartInteractiveCommand" \ | |
| --parameters "{\"command\":[\"cat > /home/ec2-user/docker-compose.yml << 'EOL'\n$(cat docker-compose.yml)\nEOL\"]}" | |
| - name: Deploy to EC2 using SSM and Docker Compose | |
| run: | | |
| aws ssm start-session \ | |
| --target "${{ steps.get-instance.outputs.instance_id }}" \ | |
| --document-name "AWS-StartInteractiveCommand" \ | |
| --parameters "{\"command\":[\"cd /home/ec2-user && \ | |
| docker login -u ${{ secrets.DOCKERHUB_USERNAME }} -p ${{ secrets.DOCKERHUB_PASSWORD }} && \ | |
| docker compose pull ${{ matrix.service_name }} && \ | |
| docker compose up -d ${{ matrix.service_name }}\"]}" |