Skip to content
ci/cd action

[#13] CICD 개선 #91

Sign in to view logs

[#13] CICD 개선

[#13] CICD 개선 #91

Workflow file for this run

.github/workflows/boolock-dev-cicd.yml at 16e2f91
name: ci/cd action
on:
push:
branches: ['dev']
pull_request:
branches: ['dev']
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
buildkitd-flags: --debug
- name: Cache Docker layers
uses: actions/cache@v3
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-docker-${{ hashFiles('Dockerfile', 'Dockerfile.base', 'docker-compose.yml') }}
restore-keys: |
${{ runner.os }}-docker-
- name: Set BE .env
run: |
echo "MONGO_URI=${{ secrets.DEPLOY_MONGO_URI }}" > apps/server/.env
echo "IS_LOCAL=false" >> apps/server/.env
echo "SERVER_CORS_ACCEPT=${{ secrets.DEPLOY_SERVER_CORS_ACCEPT }}" >> apps/server/.env
echo "S3_ACCESS_KEY=${{ secrets.S3_ACCESS_KEY }}" >> apps/server/.env
echo "S3_SECRET_KEY=${{ secrets.S3_SECRET_KEY }}" >> apps/server/.env
echo "S3_BUCKET_NAME=${{ secrets.S3_BUCKET_NAME }}" >> apps/server/.env
echo "NODE_ENV=production" >> apps/server/.env
- name: Set FE .env
run: |
echo "VITE_SERVER_URL=${{ secrets.DEPLOY_VITE_SERVER_URL }}" > apps/client/.env
echo "VITE_MIXPANEL_TOKEN=${{ secrets.VITE_MIXPANEL_TOKEN }}" >> apps/client/.env
echo "VITE_STATIC_STORAGE_URL=${{ secrets.VITE_STATIC_STORAGE_URL }}" >> apps/client/.env
- name: Set Nginx SSL files
run: |
mkdir -p apps/client/ssl
echo "${{ secrets.SSL_FULLCHAIN }}" > apps/client/ssl/fullchain.pem
echo "${{ secrets.SSL_PRIVKEY }}" > apps/client/ssl/privkey.pem
# - name: Clear Docker Cache
# run: |
# docker builder prune --all --force
# docker image prune --all --force
# - name: Build and Push Base Image
# uses: docker/build-push-action@v4
# with:
# context: .
# file: Dockerfile.base
# push: true
# tags: ${{ secrets.DOCKERHUB_USERNAME }}/base-image:latest
# cache-from: type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/base-image:latest,mode=max
# cache-to: type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/base-image:latest,mode=max
# outputs: type=docker
- name: Build and Save Base Image
uses: docker/build-push-action@v4
with:
context: .
file: Dockerfile.base
push: true
tags: |
${{ secrets.DOCKERHUB_USERNAME }}/base-image:latest
cache-from: type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/base-image:latest,mode=max
cache-to: |
type=inline
type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/base-image:latest,mode=max
- name: Pull Base Image (Remote)
run: docker pull docker.io/${{ secrets.DOCKERHUB_USERNAME }}/base-image:latest
- name: Verify Base Image
run: docker images ${{ secrets.DOCKERHUB_USERNAME }}/base-image:latest
- name: Retag Base Image Locally
run: docker tag ${{ secrets.DOCKERHUB_USERNAME }}/base-image:latest base-image:latest
- name: Save Base Image to File
run: docker save base-image:latest -o base-image.tar
- name: Load Base Image from File
run: docker load -i base-image.tar
- name: Build and Push Frontend Image
uses: docker/build-push-action@v4
with:
context: .
file: apps/client/Dockerfile
push: true
tags: ${{ secrets.DOCKERHUB_USERNAME }}/boolock_client_test:latest
cache-from: |
type=inline
type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/boolock_client_test:latest,mode=max
cache-to: type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/boolock_client_test:latest,mode=max
build-args: |
DOCKERHUB_USERNAME=${{ secrets.DOCKERHUB_USERNAME }}
- name: Build and Push Backend Image
uses: docker/build-push-action@v4
with:
context: .
file: apps/server/Dockerfile
push: true
tags: ${{ secrets.DOCKERHUB_USERNAME }}/boolock_server_test:latest
cache-from: |
type=inline
type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/boolock_server_test:latest,mode=max
cache-to: type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/boolock_server_test:latest,mode=max
build-args: |
DOCKERHUB_USERNAME=${{ secrets.DOCKERHUB_USERNAME }}
# - name: Build and Push Base Image
# uses: docker/build-push-action@v4
# with:
# context: .
# file: Dockerfile.base
# push: true
# tags: ${{ secrets.DOCKERHUB_USERNAME }}/base-image:latest
# cache-from: type=local,src=/tmp/.buildx-cache
# cache-to: type=local,dest=/tmp/.buildx-cache
# - name: Build and Push Frontend Image
# uses: docker/build-push-action@v4
# with:
# context: .
# file: apps/client/Dockerfile
# push: true
# tags: ${{ secrets.DOCKERHUB_USERNAME }}/boolock_client_test:latest
# cache-from: type=local,src=/tmp/.buildx-cache
# cache-to: type=local,dest=/tmp/.buildx-cache
# build-args: |
# DOCKERHUB_USERNAME=${{ secrets.DOCKERHUB_USERNAME }}
# - name: Build and Push Backend Image
# uses: docker/build-push-action@v4
# with:
# context: .
# file: apps/server/Dockerfile
# push: true
# tags: ${{ secrets.DOCKERHUB_USERNAME }}/boolock_server_test:latest
# cache-from: type=local,src=/tmp/.buildx-cache
# cache-to: type=local,dest=/tmp/.buildx-cache
# build-args: |
# DOCKERHUB_USERNAME=${{ secrets.DOCKERHUB_USERNAME }}
deploy:
needs: build
runs-on: ubuntu-latest
steps:
- name: Deploy with docker
uses: appleboy/[email protected]
with:
host: ${{ secrets.SSH_HOST }}
username: ${{ secrets.SSH_USER }}
password: ${{ secrets.SSH_PASSWORD }}
port: ${{ secrets.SSH_PORT }}
script: |
cd boolock/refactor-web31-BooLock
git fetch origin
git checkout refactor/13
git pull origin refactor/13
echo "DOCKERHUB_USERNAME=${{ secrets.DOCKERHUB_USERNAME }}" > .env
echo "${{ secrets.DOCKERHUB_ACCESS_TOKEN }}" | docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin
sudo docker compose pull
sudo docker compose down
sudo docker compose up -d