mod::서버 호스트 키를 known_hosts에 추가 #5
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy | |
| on: | |
| push: | |
| branches: | |
| - deploy | |
| - dev/deploy1 | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| # 1. 코드 체크아웃 | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| # 2. JDK 설치 | |
| - name: Set up JDK 21 # 실행 환경에서 사용 중인 JDK 확인 (java -version) | |
| uses: actions/setup-java@v2 | |
| with: | |
| java-version: '21' | |
| distribution: 'temurin' | |
| # 3. Gradle Wrapper 검증 | |
| - name: Set up Gradle | |
| uses: gradle/wrapper-validation-action@v1 | |
| # 4. application.properties 생성 | |
| - name: Create application.properties | |
| run: | | |
| mkdir -p src/main/resources | |
| echo "spring.application.name=${{ secrets.SPRING_APPLICATION_NAME }}" > src/main/resources/application.properties | |
| echo "spring.datasource.url=${{ secrets.SPRING_DATASOURCE_URL }}" >> src/main/resources/application.properties | |
| echo "spring.datasource.username=${{ secrets.SPRING_DATASOURCE_USERNAME }}" >> src/main/resources/application.properties | |
| echo "spring.datasource.password=${{ secrets.SPRING_DATASOURCE_PASSWORD }}" >> src/main/resources/application.properties | |
| echo "spring.datasource.driver-class-name=${{ secrets.SPRING_DATASOURCE_DRIVER_CLASS_NAME }}" >> src/main/resources/application.properties | |
| echo "spring.jpa.hibernate.ddl-auto=${{ secrets.SPRING_JPA_HIBERNATE_DDL_AUTO }}" >> src/main/resources/application.properties | |
| echo "jwt.secret-key=${{ secrets.JWT_SECRET_KEY }}" >> src/main/resources/application.properties | |
| echo "jwt.access.expiration=${{ secrets.JWT_ACCESS_EXPIRATION }}" >> src/main/resources/application.properties | |
| echo "jwt.refresh.expiration=${{ secrets.JWT_REFRESH_EXPIRATION }}" >> src/main/resources/application.properties | |
| echo "jwt.access.header=${{ secrets.JWT_ACCESS_HEADER }}" >> src/main/resources/application.properties | |
| echo "jwt.refresh.header=${{ secrets.JWT_REFRESH_HEADER }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.registration.google.client-id=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_CLIENT_ID }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.registration.google.client-secret=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_CLIENT_SECRET }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.registration.google.scope=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_SCOPE }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.registration.google.redirect-uri=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_REDIRECT_URI }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.registration.google.authorization-grant-type=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_AUTHORIZATION_GRANT_TYPE }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.registration.google.client-name=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GOOGLE_CLIENT_NAME }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.provider.google.authorization-uri=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_GOOGLE_AUTHORIZATION_URI }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.provider.google.token-uri=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_GOOGLE_TOKEN_URI }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.provider.google.user-info-uri=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_GOOGLE_USER_INFO_URI }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.provider.google.user-name-attribute=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_GOOGLE_USER_NAME_ATTRIBUTE }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.registration.kakao.client-id=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KAKAO_CLIENT_ID }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.registration.kakao.scope=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KAKAO_SCOPE }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.registration.kakao.redirect-uri=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KAKAO_REDIRECT_URI }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.registration.kakao.authorization-grant-type=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KAKAO_AUTHORIZATION_GRANT_TYPE }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.registration.kakao.client-name=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_KAKAO_CLIENT_NAME }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.provider.kakao.authorization-uri=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_KAKAO_AUTHORIZATION_URI }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.provider.kakao.token-uri=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_KAKAO_TOKEN_URI }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.provider.kakao.user-info-uri=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_KAKAO_USER_INFO_URI }}" >> src/main/resources/application.properties | |
| echo "spring.security.oauth2.client.provider.kakao.user-name-attribute=${{ secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_KAKAO_USER_NAME_ATTRIBUTE }}" >> src/main/resources/application.properties | |
| echo "management.endpoints.web.exposure.include=health" >> src/main/resources/application.properties | |
| echo "management.endpoint.health.show-details=always" >> src/main/resources/application.properties | |
| # 5. Gradle 빌드 | |
| - name: Build with Gradle | |
| run: | | |
| cd ontime-back | |
| ./gradlew build -x test | |
| # 6. EC2 서버로 Docker Compose 파일과 jar 파일 전송 | |
| - name: Deploy to EC2 | |
| env: | |
| SSH_PRIVATE_KEY: ${{ secrets.EC2_SSH_KEY }} | |
| HOST: ${{ secrets.EC2_HOST }} | |
| USER: ${{ secrets.EC2_USER }} | |
| run: | | |
| echo "$SSH_PRIVATE_KEY" > private_key.pem | |
| chmod 600 private_key.pem | |
| # 서버 호스트 키를 known_hosts에 추가 | |
| mkdir -p ~/.ssh | |
| ssh-keyscan -H $HOST >> ~/.ssh/known_hosts | |
| # 프로젝트 전송 | |
| scp -i private_key.pem -r ./* $USER@$HOST:/home/$USER/app/ | |
| # SSH 접속하여 Docker Compose 실행 | |
| ssh -i private_key.pem $USER@$HOST << EOF | |
| cd /home/$USER/app | |
| docker-compose down | |
| docker-compose up --build -d | |
| EOF | |
| # 7. 배포 완료 확인 | |
| - name: Verify Deployment | |
| run: curl http://${{ secrets.EC2_HOST }}:8080/actuator/health |