Prod 서버 재배포 (#255) #306
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: deploy | |
on: | |
push: | |
branches: [main] | |
jobs: | |
build-and-deploy: | |
runs-on: ubuntu-20.04 | |
strategy: | |
matrix: | |
node-version: [18.x] | |
steps: | |
- name: Checkout source code. | |
uses: actions/checkout@v3 | |
- name: Use Node.js ${{ matrix.node-version }} | |
uses: actions/setup-node@v3 | |
with: | |
node-version: ${{ matrix.node-version }} | |
- name: Create .env file | |
run: | | |
pwd | |
touch .env | |
echo DATABASE_URL="\"${{ secrets.DATABASE_URL }}\"" >> .env | |
echo JWT_SECRET_KEY="\"${{ secrets.JWT_SECRET_KEY }}\"" >> .env | |
echo MANAGER_EMAIL="\"${{ secrets.MANAGER_EMAIL }}\"" >> .env | |
echo MANAGER_PASSWORD="\"${{ secrets.MANAGER_PASSWORD }}\"" >> .env | |
echo S3_ACCESS_KEY="\"${{ secrets.S3_ACCESS_KEY }}\"" >> .env | |
echo S3_SECRET_KEY="\"${{ secrets.S3_SECRET_KEY }}\"" >> .env | |
echo S3_BUCKET="\"${{ secrets.S3_BUCKET }}\"" >> .env | |
echo TEST_ACCESS_TOKEN="\"${{ secrets.TEST_ACCESS_TOKEN }}\"" >> .env | |
echo WEBHOOK_URL_ERROR="\"${{ secrets.WEBHOOK_URL_ERROR }}\"" >> .env | |
echo WEBHOOK_URL_SIGNUP="\"${{ secrets.WEBHOOK_URL_SIGNUP }}\"" >> .env | |
cat .env | |
- name: Create JSON file | |
run: | | |
pwd | |
touch service-account-file.json | |
cat <<EOF > service-account-file.json | |
{ | |
"type": "service_account", | |
"project_id": "new-peekabook", | |
"private_key_id": ${{ secrets.FIREBASE_PRIVATE_KEY_ID }}, | |
"private_key": ${{ secrets.FIREBASE_PRIVATE_KEY }}, | |
"client_email": ${{ secrets.FIREBASE_CLIENT_EMAIL }}, | |
"client_id": ${{ secrets.FIREBASE_CLIENT_ID }}, | |
"auth_uri": "https://accounts.google.com/o/oauth2/auth", | |
"token_uri": "https://oauth2.googleapis.com/token", | |
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", | |
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk-ke3ck%40new-peekabook.iam.gserviceaccount.com", | |
"universe_domain": "googleapis.com" | |
} | |
EOF | |
- name: Build server files | |
run: | | |
yarn | |
yarn run build | |
- name: Zip files | |
run: zip -r peekabook.zip ./dist ./scripts ./appspec.yml ./.env ./package.json ./prisma ./service-account-file.json | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: ap-northeast-2 | |
- name: Upload to S3 | |
run: aws s3 cp --region ap-northeast-2 ./peekabook.zip s3://peekabook-build/deploy/ | |
- name: Deploy with AWS CodeDeploy | |
run: | | |
aws deploy create-deployment \ | |
--application-name peekabook-codedeploy \ | |
--deployment-config-name CodeDeployDefault.AllAtOnce \ | |
--deployment-group-name GROUP \ | |
--s3-location bucket=peekabook-build,bundleType=zip,key=deploy/peekabook.zip |