fix: 추첨예매 결제 후 예매 생성 수정 (#565) #173
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: deploy | |
| env: | |
| IMAGE_NAME: tt_backend | |
| on: | |
| push: | |
| paths: | |
| - ".github/workflows/**" | |
| - "src/**" | |
| - "build.gradle" | |
| - "settings.gradle" | |
| - "build.gradle.kts" | |
| - "settings.gradle.kts" | |
| - "gradle/**" | |
| - "gradlew" | |
| - "gradlew.bat" | |
| - "Dockerfile" | |
| - "docker/**" | |
| branches: | |
| - develop | |
| permissions: | |
| contents: write | |
| packages: write | |
| jobs: | |
| makeTagAndRelease: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| tag_name: ${{ steps.create_tag.outputs.new_tag }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Create Tag | |
| id: create_tag | |
| uses: mathieudutour/github-tag-action@v6.2 | |
| with: | |
| github_token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} | |
| - name: Create Release | |
| id: create_release | |
| uses: actions/create-release@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }} | |
| with: | |
| tag_name: ${{ steps.create_tag.outputs.new_tag }} | |
| release_name: Release ${{ steps.create_tag.outputs.new_tag }} | |
| body: ${{ steps.create_tag.outputs.changelog }} | |
| draft: false | |
| prerelease: false | |
| buildImageAndPush: | |
| name: 도커 이미지 빌드와 푸시 | |
| needs: makeTagAndRelease | |
| runs-on: ubuntu-latest | |
| outputs: | |
| owner_lc: ${{ steps.export_owner.outputs.owner_lc }} | |
| image_name: ${{ steps.export_image.outputs.image_name }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Docker Buildx 설치 | |
| uses: docker/setup-buildx-action@v2 | |
| - name: 레지스트리 로그인 | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.PERSONAL_ACCESS_TOKEN }} | |
| - name: set lower case owner name | |
| id: export_owner | |
| run: | | |
| OWNER_LC="chehyeon-kim23" | |
| echo "owner_lc=$OWNER_LC" >> $GITHUB_OUTPUT | |
| - name: export image name | |
| id: export_image | |
| run: echo "image_name=tt_backend" >> $GITHUB_OUTPUT | |
| - name: 빌드 앤 푸시 | |
| uses: docker/build-push-action@v3 | |
| with: | |
| context: . | |
| push: true | |
| cache-from: type=registry,ref=ghcr.io/${{ steps.export_owner.outputs.owner_lc }}/${{ steps.export_image.outputs.image_name }}:cache | |
| cache-to: type=registry,ref=ghcr.io/${{ steps.export_owner.outputs.owner_lc }}/${{ steps.export_image.outputs.image_name }}:cache,mode=max | |
| tags: | | |
| ghcr.io/${{ steps.export_owner.outputs.owner_lc }}/${{ steps.export_image.outputs.image_name }}:${{ needs.makeTagAndRelease.outputs.tag_name }}, | |
| ghcr.io/${{ steps.export_owner.outputs.owner_lc }}/${{ steps.export_image.outputs.image_name }}:latest | |
| deploy: | |
| runs-on: ubuntu-latest | |
| needs: [ buildImageAndPush ] | |
| steps: | |
| - uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| - name: 인스턴스 ID 가져오기 | |
| id: get_instance_id | |
| run: | | |
| INSTANCE_ID=$(aws ec2 describe-instances --filters "Name=tag:Name,Values=TT-ec2-1" "Name=instance-state-name,Values=running" --query "Reservations[].Instances[].InstanceId" --output text) | |
| echo "INSTANCE_ID=$INSTANCE_ID" >> $GITHUB_ENV | |
| - name: AWS SSM Send-Command (Doppler 완전 통합) | |
| run: | | |
| aws ssm send-command \ | |
| --instance-ids "${{ env.INSTANCE_ID }}" \ | |
| --document-name "AWS-RunShellScript" \ | |
| --comment "Deploy with Doppler (all secrets managed centrally)" \ | |
| --parameters '{ | |
| "commands": [ | |
| "#!/bin/bash", | |
| "set -euo pipefail", | |
| "export HOME=/root", | |
| "export PATH=$PATH:/usr/local/bin", | |
| "git config --global --add safe.directory /dockerProjects/tt-src/WEB7_9_B2ST_BE", | |
| "cd /dockerProjects/tt-src/WEB7_9_B2ST_BE/ || exit 1", | |
| "git fetch --all", | |
| "git reset --hard origin/develop", | |
| "cd docker/", | |
| "# Doppler 설정 (파일에서 토큰만 읽기)", | |
| "export DOPPLER_TOKEN=\"$(sudo tr -d \"\\r\\n\" < /etc/tt-secrets/doppler-token)\"", | |
| "export DOPPLER_PROJECT=tt", | |
| "export DOPPLER_CONFIG=prd", | |
| "# GitHub 레지스트리 로그인 (Doppler에서 GITHUB_TOKEN 주입)", | |
| "doppler run --project \"$DOPPLER_PROJECT\" --config \"$DOPPLER_CONFIG\" -- bash -c \"echo \\$GITHUB_TOKEN | docker login ghcr.io -u ${{ github.actor }} --password-stdin 2>/dev/null\"", | |
| "# Alertmanager 설정 파일 환경변수 치환", | |
| "doppler run --project \"$DOPPLER_PROJECT\" --config \"$DOPPLER_CONFIG\" -- bash -lc \"envsubst < monitoring/alertmanager/alertmanager.yml > /tmp/alertmanager-resolved.yml\"", | |
| "cp /tmp/alertmanager-resolved.yml monitoring/alertmanager/alertmanager.yml", | |
| "rm -f /tmp/alertmanager-resolved.yml", | |
| "# Docker Compose 실행 (모든 환경변수 Doppler에서 주입)", | |
| "doppler run --project \"$DOPPLER_PROJECT\" --config \"$DOPPLER_CONFIG\" -- docker compose pull", | |
| "doppler run --project \"$DOPPLER_PROJECT\" --config \"$DOPPLER_CONFIG\" -- docker compose up -d --force-recreate", | |
| "# 정리", | |
| "docker image prune -f", | |
| "docker logout ghcr.io 2>/dev/null", | |
| "echo \"✅ Deployment completed at $(date)\"", | |
| "# 최종 상태 확인", | |
| "doppler run --project \"$DOPPLER_PROJECT\" --config \"$DOPPLER_CONFIG\" -- docker compose ps" | |
| ] | |
| }' \ | |
| --region ${{ secrets.AWS_REGION }} |