Skip to content
Deploy to EC2

Merge pull request #46 from Isonade2/feature/image #66

Sign in to view logs

Merge pull request #46 from Isonade2/feature/image

Merge pull request #46 from Isonade2/feature/image #66

Workflow file for this run

.github/workflows/main.yml at d8a3a9d
name: Deploy to EC2
on:
push:
branches:
- dev
jobs:
deploy:
runs-on: ubuntu-latest
env:
APP_DOMAIN: ${{ secrets.APP_DOMAIN }}
DOMAIN: ${{ secrets.DOMAIN }}
JWT_ACCESS_EXPIRATION: ${{ secrets.JWT_ACCESS_EXPIRATION }}
JWT_REFRESH_EXPIRATION: ${{ secrets.JWT_REFRESH_EXPIRATION }}
JWT_SECRET: ${{ secrets.JWT_SECRET }}
MAIL_USERNAME: ${{ secrets.MAIL_USERNAME }}
MAIL_PASSWORD: ${{ secrets.MAIL_PASSWORD }}
OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
LOCAL_DB_URL: ${{ secrets.LOCAL_DB_URL }}
LOCAL_DB_USERNAME: ${{ secrets.LOCAL_DB_USERNAME }}
LOCAL_DB_PASSWORD: ${{ secrets.LOCAL_DB_PASSWORD }}
SQL_INIT_MODE: ${{ secrets.SQL_INIT_MODE }}
JPA_DDI: ${{ secrets.JPA_DDI }}
JPA_DDL_AUTO: ${{ secrets.JPA_DDL_AUTO }}
GOOGLE_CLIENT_ID: ${{ secrets.GOOGLE_CLIENT_ID }}
GOOGLE_CLIENT_SECRET: ${{ secrets.GOOGLE_CLIENT_SECRET }}
KAKAO_CLIENT_ID: ${{ secrets.KAKAO_CLIENT_ID }}
KAKAO_CLIENT_SECRET: ${{ secrets.KAKAO_CLIENT_SECRET }}
NAVER_CLIENT_ID: ${{ secrets.NAVER_CLIENT_ID }}
NAVER_CLIENT_SECRET: ${{ secrets.NAVER_CLIENT_SECRET }}
FIREBASE_TYPE: ${{ secrets.FIREBASE_TYPE }}
FIREBASE_PROJECT_ID: ${{ secrets.FIREBASE_PROJECT_ID }}
FIREBASE_PRIVATE_KEY_ID: ${{ secrets.FIREBASE_PRIVATE_KEY_ID }}
FIREBASE_PRIVATE_KEY: ${{ secrets.FIREBASE_PRIVATE_KEY }}
FIREBASE_CLIENT_EMAIL: ${{ secrets.FIREBASE_CLIENT_EMAIL }}
FIREBASE_CLIENT_ID: ${{ secrets.FIREBASE_CLIENT_ID }}
FIREBASE_AUTH_URI: ${{ secrets.FIREBASE_AUTH_URI }}
FIREBASE_TOKEN_URI: ${{ secrets.FIREBASE_TOKEN_URI }}
FIREBASE_AUTH_PROVIDER_X509_CERT_URL: ${{ secrets.FIREBASE_AUTH_PROVIDER_X509_CERT_URL }}
FIREBASE_CLIENT_X509_CERT_URL: ${{ secrets.FIREBASE_CLIENT_X509_CERT_URL }}
REDIS_HOST: ${{ secrets.REDIS_HOST }}
steps:
- name: πŸ“₯ Checkout source code
uses: actions/checkout@v3
- name: πŸ›  Setup JDK 17
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: '17'
- name: πŸ“¦ Build with Gradle (Skip Tests)
run: |
chmod +x gradlew
./gradlew clean build -x test
JAR_FILE=$(ls build/libs/*.jar | grep -v 'plain' | head -n 1)
if [[ -z "$JAR_FILE" ]]; then
echo "🚨 No valid JAR file found in build/libs/. Build failed!"
exit 1
fi
echo "βœ… JAR file found: $JAR_FILE"
- name: πŸ— Setup SSH Key
run: |
echo "${{ secrets.EC2_SSH_KEY }}" > private_key.pem
chmod 400 private_key.pem
- name: πŸ” Test SSH Connection
run: |
ssh -o StrictHostKeyChecking=no -i private_key.pem ubuntu@52.79.228.170 "echo 'βœ… SSH connection successful!'"
- name: πŸ“‚ Transfer JAR file to EC2
run: |
JAR_FILE=$(ls build/libs/*.jar | grep -v 'plain' | head -n 1)
scp -i private_key.pem "$JAR_FILE" ubuntu@52.79.228.170:~/app/spring-boot-app.jar
- name: πŸš€ Deploy to EC2
run: |
ssh -o StrictHostKeyChecking=no -i private_key.pem ubuntu@52.79.228.170 <<'EOF'
echo "πŸ“‚ Creating app directory..."
mkdir -p ~/app
cd ~/app
echo "πŸ“ Creating .env file..."
rm -f .env
touch .env
echo "APP_DOMAIN=${{ secrets.APP_DOMAIN }}" >> .env
echo "DOMAIN=${{ secrets.DOMAIN }}" >> .env
echo "JWT_ACCESS_EXPIRATION=${{ secrets.JWT_ACCESS_EXPIRATION }}" >> .env
echo "JWT_REFRESH_EXPIRATION=${{ secrets.JWT_REFRESH_EXPIRATION }}" >> .env
echo "JWT_SECRET=${{ secrets.JWT_SECRET }}" >> .env
echo "MAIL_USERNAME=${{ secrets.MAIL_USERNAME }}" >> .env
echo "MAIL_PASSWORD=${{ secrets.MAIL_PASSWORD }}" >> .env
echo "OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}" >> .env
echo "LOCAL_DB_URL=${{ secrets.LOCAL_DB_URL }}" >> .env
echo "LOCAL_DB_USERNAME=${{ secrets.LOCAL_DB_USERNAME }}" >> .env
echo "LOCAL_DB_PASSWORD=${{ secrets.LOCAL_DB_PASSWORD }}" >> .env
echo "SQL_INIT_MODE=${{ secrets.SQL_INIT_MODE }}" >> .env
echo "JPA_DDI=${{ secrets.JPA_DDI }}" >> .env
echo "JPA_DDL_AUTO=${{ secrets.JPA_DDL_AUTO }}" >> .env
echo "GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID }}" >> .env
echo "GOOGLE_CLIENT_SECRET=${{ secrets.GOOGLE_CLIENT_SECRET }}" >> .env
echo "KAKAO_CLIENT_ID=${{ secrets.KAKAO_CLIENT_ID }}" >> .env
echo "KAKAO_CLIENT_SECRET=${{ secrets.KAKAO_CLIENT_SECRET }}" >> .env
echo "NAVER_CLIENT_ID=${{ secrets.NAVER_CLIENT_ID }}" >> .env
echo "NAVER_CLIENT_SECRET=${{ secrets.NAVER_CLIENT_SECRET }}" >> .env
echo "FIREBASE_TYPE=${{ secrets.FIREBASE_TYPE }}" >> .env
echo "FIREBASE_PROJECT_ID=${{ secrets.FIREBASE_PROJECT_ID }}" >> .env
echo "FIREBASE_PRIVATE_KEY_ID=${{ secrets.FIREBASE_PRIVATE_KEY_ID }}" >> .env
echo "πŸ“¦ Decoding FIREBASE_PRIVATE_KEY from base64..."
echo '${{ secrets.FIREBASE_PRIVATE_KEY }}' | base64 -d > decoded_key.pem
ENCODED_KEY=$(cat decoded_key.pem | sed ':a;N;$!ba;s/\n/\\n/g')
echo FIREBASE_PRIVATE_KEY="$ENCODED_KEY" >> .env
rm decoded_key.pem
echo "FIREBASE_CLIENT_EMAIL=${{ secrets.FIREBASE_CLIENT_EMAIL }}" >> .env
echo "FIREBASE_CLIENT_ID=${{ secrets.FIREBASE_CLIENT_ID }}" >> .env
echo "FIREBASE_AUTH_URI=${{ secrets.FIREBASE_AUTH_URI }}" >> .env
echo "FIREBASE_TOKEN_URI=${{ secrets.FIREBASE_TOKEN_URI }}" >> .env
echo "FIREBASE_AUTH_PROVIDER_X509_CERT_URL=${{ secrets.FIREBASE_AUTH_PROVIDER_X509_CERT_URL }}" >> .env
echo "FIREBASE_CLIENT_X509_CERT_URL=${{ secrets.FIREBASE_CLIENT_X509_CERT_URL }}" >> .env
echo "REDIS_HOST=${{ secrets.REDIS_HOST }}" >> .env
# βœ… μ—¬κΈ°μ„œ ν”„λ‘œνŒŒμΌ prod둜 μ„€μ •
echo "SPRING_PROFILES_ACTIVE=prod" >> .env
echo "πŸ” Stopping previous Java process..."
PID=$(pgrep -f "spring-boot-app.jar")
if [[ ! -z "$PID" ]]; then
echo "πŸ›‘ Stopping application (PID: $PID)..."
kill -9 "$PID"
sleep 2
fi
echo "πŸ“¦ Starting new application..."
nohup java -jar ~/app/spring-boot-app.jar > ~/app/log.txt 2>&1 &
sleep 5
echo "βœ… Deployment complete! Checking logs..."
tail -n 20 ~/app/log.txt || echo "🚨 No logs found!"
echo "πŸ” Checking running processes..."
ps aux | grep java
echo "🌍 Testing application health..."
curl -I http://localhost:8080 || echo "🚨 Application is not responding!"
EOF