|
1 | | -name: Build Docker and Upload to S3 |
| 1 | +name: DEV CI |
2 | 2 | permissions: |
3 | 3 | contents: read |
4 | 4 |
|
5 | 5 | on: |
6 | 6 | push: |
7 | | - branches: |
8 | | - - master |
| 7 | + branches: [ develop ] |
| 8 | + tags: [ 'development-**' ] |
| 9 | + workflow_dispatch: |
| 10 | + |
| 11 | +concurrency: |
| 12 | + group: dev-${{ github.ref }} |
| 13 | + cancel-in-progress: true |
9 | 14 |
|
10 | 15 | jobs: |
11 | | - build-and-upload: |
| 16 | + deploy: |
12 | 17 | runs-on: ubuntu-latest |
| 18 | + env: |
| 19 | + NODE_ENV: production |
| 20 | + NEXT_PUBLIC_BASE_API_URL: ${{ secrets.NEXT_PUBLIC_BASE_API_URL }} |
| 21 | + NEXT_PUBLIC_GOOGLE_REDIRECT_CLIENT_ID: ${{ secrets.NEXT_PUBLIC_GOOGLE_REDIRECT_CLIENT_ID }} |
| 22 | + NEXT_PUBLIC_GOOGLE_REDIRECT_URI: ${{ secrets.NEXT_PUBLIC_GOOGLE_REDIRECT_URI }} |
13 | 23 |
|
14 | 24 | steps: |
15 | | - - name: Checkout Code |
16 | | - uses: actions/checkout@v3 |
17 | | - |
18 | | - - name: Create .env file |
19 | | - run: | |
20 | | - echo "DOCKER_HUB_USERNAME=${{ secrets.DOCKER_HUB_USERNAME }}" > .env |
21 | | - echo "NEXT_PUBLIC_BASE_API_URL=${{ secrets.NEXT_PUBLIC_BASE_API_URL }}" >> .env |
22 | | - echo "NEXT_PUBLIC_GOOGLE_REDIRECT_CLIENT_ID=${{secrets.NEXT_PUBLIC_GOOGLE_REDIRECT_CLIENT_ID}}" >> .env |
23 | | - echo "NEXT_PUBLIC_GOOGLE_REDIRECT_URI=${{secrets.NEXT_PUBLIC_GOOGLE_REDIRECT_URI}}" >> .env |
| 25 | + - name: Checkout source code |
| 26 | + uses: actions/checkout@v4 |
24 | 27 |
|
25 | | - - name: Login to DockerHub (Optional) |
26 | | - uses: docker/login-action@v2 |
27 | | - with: |
28 | | - username: ${{ secrets.DOCKER_HUB_USERNAME }} |
29 | | - password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} |
| 28 | + - name: Use Node.js 20 |
| 29 | + uses: actions/setup-node@v4 |
| 30 | + with: |
| 31 | + node-version: '20' |
| 32 | + cache: 'yarn' # yarn.lock 기반 자동 캐시 |
30 | 33 |
|
31 | | - - name: Build and Push Docker Image |
32 | | - run: | |
33 | | - docker build -t ${{ secrets.DOCKER_HUB_USERNAME }}/gdgoc-fe-app:latest . |
34 | | - docker run --rm ${{ secrets.DOCKER_HUB_USERNAME }}/gdgoc-fe-app:latest ls -la /app |
35 | | - docker push ${{ secrets.DOCKER_HUB_USERNAME }}/gdgoc-fe-app:latest |
| 34 | + - name: Install dependencies |
| 35 | + run: yarn install --frozen-lockfile |
36 | 36 |
|
37 | | - - name: Create Deployment Package |
38 | | - run: | |
39 | | - cp scripts/deploy.sh ./deploy.sh |
40 | | - zip -r deploy.zip .env docker-compose.yml deploy.sh appspec.yml \ |
41 | | - Dockerfile package.json package-lock.json next.config.ts \ |
42 | | - pages public .next |
| 37 | + - name: Build & Export |
| 38 | + run: | |
| 39 | + yarn build |
| 40 | + yarn export |
43 | 41 |
|
44 | | - - name: Configure AWS credentials |
45 | | - run: | |
46 | | - aws configure set aws_access_key_id ${{ secrets.AWS_ACCESS_KEY_ID }} |
47 | | - aws configure set aws_secret_access_key ${{ secrets.AWS_SECRET_ACCESS_KEY }} |
48 | | - aws configure set region ${{ secrets.AWS_REGION }} |
| 42 | + - name: Configure AWS Credentials |
| 43 | + uses: aws-actions/configure-aws-credentials@v4 |
| 44 | + with: |
| 45 | + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} |
| 46 | + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} |
| 47 | + aws-region: ${{ secrets.AWS_REGION }} |
49 | 48 |
|
50 | | - - name: Upload Deployment Package to S3 |
51 | | - run: | |
52 | | - aws s3 cp deploy.zip s3://${{ secrets.AWS_S3_BUCKET }}/main-deploy.zip |
| 49 | + # (선택) 캐시 헤더 전략: 해시된 자산은 장기 캐시, HTML은 no-cache |
| 50 | + # 프로젝트에 맞게 include/exclude 패턴 조정 |
| 51 | + - name: Upload static assets (long cache) |
| 52 | + run: | |
| 53 | + aws s3 cp ./out s3://${{ secrets.AWS_S3_BUCKET }} \ |
| 54 | + --recursive \ |
| 55 | + --exclude "*" \ |
| 56 | + --include "_next/**" --include "static/**" --include "assets/**" \ |
| 57 | + --cache-control "public, max-age=31536000, immutable" \ |
| 58 | + --metadata-directive REPLACE |
| 59 | + - name: Upload html (no cache) |
| 60 | + run: | |
| 61 | + aws s3 cp ./out s3://${{ secrets.AWS_S3_BUCKET }} \ |
| 62 | + --recursive \ |
| 63 | + --exclude "_next/*" --exclude "static/*" --exclude "assets/*" \ |
| 64 | + --cache-control "no-cache" \ |
| 65 | + --metadata-directive REPLACE |
| 66 | + # (단순화 원하면 기존 sync 한 줄 유지 가능) |
| 67 | + # - name: Deploy to S3 |
| 68 | + # run: aws s3 sync ./out s3://${{ secrets.AWS_S3_BUCKET }} --delete |
53 | 69 |
|
54 | | - - name: Trigger CodeDeploy (CLI) |
55 | | - env: |
56 | | - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} |
57 | | - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} |
58 | | - AWS_REGION: ap-northeast-2 |
59 | | - run: | |
60 | | - aws deploy create-deployment \ |
61 | | - --application-name ${{ secrets.AWS_CODEDEPLOY_APP }} \ |
62 | | - --deployment-group-name ${{ secrets.AWS_CODEDEPLOY_GROUP }} \ |
63 | | - --s3-location bucket=${{ secrets.S3_BUCKET }},bundleType=zip,key=main-deploy.zip \ |
64 | | - --file-exists-behavior OVERWRITE |
| 70 | + - name: Invalidate CloudFront Cache |
| 71 | + run: | |
| 72 | + aws cloudfront create-invalidation \ |
| 73 | + --distribution-id ${{ secrets.AWS_DISTRIBUTION_ID }} \ |
| 74 | + --paths "/*" |
0 commit comments