-
Notifications
You must be signed in to change notification settings - Fork 1
147 lines (117 loc) · 6.28 KB
/
dev-cd.yml
File metadata and controls
147 lines (117 loc) · 6.28 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
name: Clokey-Dev CD
on:
push:
branches: [ develop ]
jobs:
dev-cd:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v4
with:
clean: true
- name: Setup Java 21
uses: actions/setup-java@v4
with:
distribution: 'corretto'
java-version: '21'
- name: Gradle Cache
uses: actions/cache@v4
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
restore-keys: ${{ runner.os }}-gradle-
- name: Grant gradlew permission
run: chmod +x ./gradlew
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
install: true
- name: Log in to DockerHub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build & Push App Image
run: |
docker buildx build \
--platform linux/arm64 \
--push \
--file clokey-api/Dockerfile \
--tag ${{ secrets.DOCKERHUB_USERNAME }}/clokey-docker-2026:dev-app \
.
- name: Copy dev-compose
uses: appleboy/scp-action@v0.1.3
with:
username: ubuntu
host: ${{ secrets.OCI_HOST }}
key: ${{ secrets.OCI_INSTANCE_SSH_KEY }}
source: "clokey-api/dev-compose.yml"
target: /home/ubuntu/
- name: Set OCI private key env (multiline)
run: |
echo "OCI_PRIVATE_KEY<<ENDOFKEY" >> $GITHUB_ENV
echo "${{ secrets.OCI_PRIVATE_KEY }}" >> $GITHUB_ENV
echo "ENDOFKEY" >> $GITHUB_ENV
- name: Prepare OCI key base64 for Deploy script
run: echo "OCI_PRIVATE_KEY_B64=$(echo -n "$OCI_PRIVATE_KEY" | base64 -w 0)" >> $GITHUB_ENV
- name: Deploy App
uses: appleboy/ssh-action@master
with:
username: ubuntu
host: ${{ secrets.OCI_HOST }}
key: ${{ secrets.OCI_INSTANCE_SSH_KEY }}
envs: DOCKERHUB_USERNAME,CODIVE_DEV_BASE_URL,CODIVE_PROD_BASE_URL,OCI_MYSQL_HEATWAVE_HOST,OCI_DEV_MYSQL_DB_NAME,OCI_MYSQL_USERNAME,OCI_MYSQL_PASSWORD,REDIS_PASSWORD,KAKAO_CLIENT_ID,KAKAO_CLIENT_SECRET,APPLE_CLIENT_ID,APPLE_CLIENT_SECRET,JWT_ACCESS_TOKEN_SECRET,JWT_REFRESH_TOKEN_SECRET,JWT_ACCESS_TOKEN_EXPIRATION_TIME,JWT_REFRESH_TOKEN_EXPIRATION_TIME,JWT_ISSUER,OCI_TENANCY_ID,OCI_USER_ID,OCI_FINGERPRINT,OCI_REGION,OCI_PASSPHRASE,OCI_OBJECTSTORAGE_NAMESPACE,OCI_DEV_OBJECTSTORAGE_BUCKET,SWAGGER_USERNAME,SWAGGER_PASSWORD,FIREBASE_SA_JSON_B64,AI_SERVER_IP,CLOTH_INFERENCE_PATH,STYLE_INFERENCE_PATH,HISTORY_CLOTH_DETECT_PATH,MEILISEARCH_ENDPOINT,MEILISEARCH_KEY
script: |
export DOCKERHUB_USERNAME=${{ secrets.DOCKERHUB_USERNAME }}
export DOCKER_TAG=dev-app
export CODIVE_DEV_BASE_URL=${{ secrets.CODIVE_DEV_BASE_URL }}
export CODIVE_PROD_BASE_URL=${{ secrets.CODIVE_PROD_BASE_URL }}
export OCI_MYSQL_HEATWAVE_HOST=${{ secrets.OCI_MYSQL_HEATWAVE_HOST }}
export OCI_DEV_MYSQL_DB_NAME=${{ secrets.OCI_DEV_MYSQL_DB_NAME }}
export OCI_MYSQL_USERNAME=${{ secrets.OCI_MYSQL_USERNAME }}
export OCI_MYSQL_PASSWORD=${{ secrets.OCI_MYSQL_PASSWORD }}
export REDIS_PASSWORD=${{ secrets.REDIS_PASSWORD }}
export KAKAO_CLIENT_ID=${{ secrets.KAKAO_CLIENT_ID }}
export KAKAO_CLIENT_SECRET=${{ secrets.KAKAO_CLIENT_SECRET }}
export APPLE_CLIENT_ID=${{ secrets.APPLE_CLIENT_ID }}
export APPLE_CLIENT_SECRET=${{ secrets.APPLE_CLIENT_SECRET }}
export JWT_ACCESS_TOKEN_SECRET=${{ secrets.JWT_ACCESS_TOKEN_SECRET }}
export JWT_REFRESH_TOKEN_SECRET=${{ secrets.JWT_REFRESH_TOKEN_SECRET }}
export JWT_ACCESS_TOKEN_EXPIRATION_TIME=${{ secrets.JWT_ACCESS_TOKEN_EXPIRATION_TIME }}
export JWT_REFRESH_TOKEN_EXPIRATION_TIME=${{ secrets.JWT_REFRESH_TOKEN_EXPIRATION_TIME }}
export JWT_ISSUER=${{ secrets.JWT_ISSUER }}
export OCI_TENANCY_ID=${{ secrets.OCI_TENANCY_ID }}
export OCI_USER_ID=${{ secrets.OCI_USER_ID }}
export OCI_FINGERPRINT=${{ secrets.OCI_FINGERPRINT }}
export OCI_REGION=${{ secrets.OCI_REGION }}
export OCI_PASSPHRASE=${{ secrets.OCI_PASSPHRASE }}
export OCI_OBJECTSTORAGE_NAMESPACE=${{ secrets.OCI_OBJECTSTORAGE_NAMESPACE }}
export OCI_DEV_OBJECTSTORAGE_BUCKET=${{ secrets.OCI_DEV_OBJECTSTORAGE_BUCKET }}
export SWAGGER_USERNAME=${{ secrets.SWAGGER_USERNAME }}
export SWAGGER_PASSWORD=${{ secrets.SWAGGER_PASSWORD }}
export MEILISEARCH_ENDPOINT=${{ secrets.MEILISEARCH_ENDPOINT }}
export MEILISEARCH_KEY=${{ secrets.MEILISEARCH_KEY }}
export AI_SERVER_IP=${{ secrets.AI_SERVER_IP }}
export CLOTH_INFERENCE_PATH=${{ secrets.CLOTH_INFERENCE_PATH }}
export STYLE_INFERENCE_PATH=${{ secrets.STYLE_INFERENCE_PATH }}
export HISTORY_CLOTH_DETECT_PATH=${{ secrets.HISTORY_CLOTH_DETECT_PATH }}
export DEFAULT_PROFILE_IMAGE_URL=${{ secrets.DEFAULT_PROFILE_IMAGE_URL }}
export TODAY_TEMPERATURE_IMAGE_URL=${{ secrets.TODAY_TEMPERATURE_IMAGE_URL }}
mkdir -p /home/ubuntu/secrets
echo "${{ secrets.FIREBASE_SA_JSON_B64 }}" | base64 -d | tee /home/ubuntu/secrets/firebase-sa.json > /dev/null
chmod 600 /home/ubuntu/secrets/firebase-sa.json
echo '${{ env.OCI_PRIVATE_KEY_B64 }}' | base64 -d | tee /home/ubuntu/secrets/oci_key.pem > /dev/null
chmod 600 /home/ubuntu/secrets/oci_key.pem
export OCI_PRIVATE_KEY="$(cat /home/ubuntu/secrets/oci_key.pem)"
export FIREBASE_CREDENTIALS_PATH=/home/ubuntu/secrets/firebase-sa.json
echo "${{ secrets.DOCKERHUB_TOKEN }}" | docker login -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin
cd /home/ubuntu
docker compose -f clokey-api/dev-compose.yml up -d
echo "Cleaning up dangling Docker images..."
docker image prune -f