Skip to content
auto deploy with NCP Registry

[BE / infra] Docker Run 명령 시, submodule에서 민감정보를 추출한다 #27

Sign in to view logs

[BE / infra] Docker Run 명령 시, submodule에서 민감정보를 추출한다

[BE / infra] Docker Run 명령 시, submodule에서 민감정보를 추출한다 #27

Workflow file for this run

.github/workflows/deploy.yml at 8a0d460
name: auto deploy with NCP Registry
on:
push:
branches:
- main
pull_request:
branches:
- main
permissions:
contents: read
checks: write
jobs:
push_to_registry_and_Deploy:
name: Push to NCP Container Registry
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up JDK 11
uses: actions/setup-java@v3
with:
java-version: '11'
distribution: 'temurin'
- name: Make gradlew executable
run: chmod +x ./gradlew
- name: Build with Gradle
run: ./gradlew build -x test
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to NCP Container Registry
uses: docker/login-action@v2
with:
registry: ${{ secrets.NCP_CONTAINER_REGISTRY }}
username: ${{ secrets.NCP_ACCESS_KEY }}
password: ${{ secrets.NCP_SECRET_KEY }}
- name: Build and Push Docker Image
uses: docker/build-push-action@v3
with:
context: .
file: ./Dockerfile
push: true
tags: ${{ secrets.NCP_CONTAINER_REGISTRY }}/rehab-server:latest
cache-from: type=registry,ref=${{ secrets.NCP_CONTAINER_REGISTRY }}/rehab-server:latest
cache-to: type=inline
secrets: |
GIT_AUTH_TOKEN=${{ secrets.GIT_TOKEN }}
- name: Connect to Server and Pull from Container Registry
uses: appleboy/[email protected]
with:
host: ${{ secrets.NCP_SERVER_IP }}
username: ${{ secrets.NCP_SERVER_USERNAME }}
password: ${{ secrets.NCP_SERVER_PASSWORD }}
port: ${{ secrets.NCP_SERVER_PORT }}
script: |
echo "${{ secrets.NCP_SECRET_KEY }}" | docker login -u ${{ secrets.NCP_ACCESS_KEY }} --password-stdin ${{ secrets.NCP_CONTAINER_REGISTRY }}
latest_tag=$(docker pull --quiet ${{ secrets.NCP_CONTAINER_REGISTRY }}/rehab-server:latest | grep -oP "(?<=digest: ).*")
echo "-----------------Latest tag found: ${{ secrets.LATEST_TAG }}"
container_id=$(docker ps -aq)
if [ ! -z "$container_id" ]; then
docker stop $container_id
docker rm $container_id
fi
docker run -d -p 443:443 -v /home/ubuntu/yml_/ ${{ secrets.NCP_CONTAINER_REGISTRY }}/rehab-server:${{ secrets.LATEST_TAG }}
docker image prune -f