Merge pull request #84 from Block-Guard/refactor/news-api #62
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD for Spring Boot with Docker | |
| on: | |
| push: | |
| branches: | |
| - main | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: 코드 체크아웃 | |
| uses: actions/checkout@v3 | |
| - name: JDK 설정 | |
| uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'temurin' | |
| java-version: '21' | |
| - name: application.yml 설정 | |
| run: | | |
| mkdir -p ./src/main/resources | |
| echo "${{ secrets.APPLICATION }}" > ./src/main/resources/application.yml | |
| - name: Gradle 빌드 | |
| run: ./gradlew clean build -x test | |
| - name: Docker 이미지 빌드 및 푸시 | |
| run: | | |
| docker build -t ${{ secrets.DOCKER_USERNAME }}/blockguard_server . | |
| echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin | |
| docker push ${{ secrets.DOCKER_USERNAME }}/blockguard_server:latest | |
| deploy: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| steps: | |
| - name: EC2에 SSH 접속하여 무중단 배포 수행 | |
| uses: appleboy/ssh-action@v0.1.10 | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ubuntu | |
| key: ${{ secrets.EC2_PRIVATE_KEY }} | |
| script: | | |
| set -euo pipefail | |
| if docker ps --format '{{.Names}} {{.Ports}}' | grep -q 'blockguard_server_blue.*0.0.0.0:8080->8080'; then | |
| CURRENT_PORT=8080 | |
| else | |
| CURRENT_PORT=8081 | |
| fi | |
| if [ "$CURRENT_PORT" = "8080" ]; then | |
| NEW_PORT=8081 | |
| else | |
| NEW_PORT=8080 | |
| fi | |
| NEW_NAME=blockguard_server_$(if [ "$NEW_PORT" = "8080" ]; then echo "blue"; else echo "green"; fi) | |
| OLD_NAME=blockguard_server_$(if [ "$CURRENT_PORT" = "8080" ]; then echo "blue"; else echo "green"; fi) | |
| echo "새 컨테이너 실행: $NEW_NAME (포트: $NEW_PORT)" | |
| docker pull ${{ secrets.DOCKER_USERNAME }}/blockguard_server:latest | |
| docker stop $NEW_NAME || true | |
| docker rm $NEW_NAME || true | |
| docker run -d --name $NEW_NAME -p $NEW_PORT:8080 ${{ secrets.DOCKER_USERNAME }}/blockguard_server:latest | |
| echo "헬스체크 시작" | |
| for i in $(seq 1 40); do | |
| STATUS=$(curl -s http://localhost:$NEW_PORT/actuator/health || true) | |
| echo "[$i] health: $STATUS" | |
| echo "$STATUS" | grep -q '"status":"UP"' && PASSED=1 && break || true | |
| sleep 3 | |
| done | |
| if [ "${PASSED:-0}" -ne 1 ]; then | |
| echo "헬스체크 실패 → 새 컨테이너 로그" | |
| docker logs "$NEW_NAME" | tail -n 200 | |
| docker stop "$NEW_NAME" || true | |
| docker rm "$NEW_NAME" || true | |
| exit 1 | |
| fi | |
| echo "헬스체크 통과" | |
| echo "nginx 포트 전환" | |
| sudo sed -i "s/server 127\.0\.0\.1:[0-9][0-9]*/server 127.0.0.1:$NEW_PORT/" /etc/nginx/conf.d/app-upstream.conf | |
| sudo nginx -t | |
| sudo systemctl reload nginx | |
| echo "이전 컨테이너 정리: $OLD_NAME" | |
| docker stop $OLD_NAME || true | |
| docker rm $OLD_NAME || true |