-
Notifications
You must be signed in to change notification settings - Fork 2
86 lines (70 loc) · 3.47 KB
/
backend-ci-cd.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
name: main 브랜치에서 백엔드 CI/CD 파이프라인 구축
on:
push:
branches:
- 'main'
paths:
- 'packages/BE/**'
workflow_dispatch:
jobs:
build-and-test:
runs-on: ubuntu-latest
steps:
- name: 소스 코드 불러오기
uses: actions/checkout@v4
- name: Node.js 설정
uses: actions/setup-node@v3
with:
node-version: '20'
- name: BE 의존성 설치
run: yarn install
# e2e 테스트 추가 후 설정 예정
# - name: BE e2e 테스트 실행
# run: yarn test:e2e
# working-directory: packages/BE
build-and-deploy:
runs-on: ubuntu-latest
needs: build-and-test
if: success()
steps:
# - name: 소스 코드 불러오기
# uses: actions/checkout@v4
- name: Github Actions Public IP 가져오기
id: ip
run: |
PUBLIC_IP=$(curl -s https://ifconfig.me)
echo "::set-output name=public_ip::$PUBLIC_IP"
- name: NCP CLI 설치 및 자격 증명
run: |
cd ~
wget https://www.ncloud.com/api/support/download/5/65
unzip 65
mkdir ~/.ncloud
echo -e "[DEFAULT]\nncloud_access_key_id = ${{ secrets.NCP_ACCESS_KEY_ID }}\nncloud_secret_access_key = ${{ secrets.NCP_SECRET_ACCESS_KEY }}\nncloud_api_url = ${{ secrets.NCP_API_URL }}" >> ~/.ncloud/configure
- name: Github Actions IP를 ACG, ACL 규칙에 추가
run: |
chmod -R 777 ~/cli_linux
cd ~/cli_linux
./ncloud vserver addAccessControlGroupInboundRule --regionCode KR --vpcNo ${{ secrets.NCP_VPC_ID }} --accessControlGroupNo ${{ secrets.NCP_AGC_ID }} --accessControlGroupRuleList "protocolTypeCode='TCP', ipBlock='${{ steps.ip.outputs.public_ip }}/32', portRange='${{ secrets.SSH_PORT }}'"
./ncloud vpc addNetworkAclInboundRule --regionCode KR --networkAclNo ${{ secrets.NCP_ACL_ID }} --networkAclRuleList "priority='${{ secrets.NCP_ACL_PRIORITY}}', protocolTypeCode='TCP', ipBlock='${{ steps.ip.outputs.public_ip }}/32', portRange='${{ secrets.SSH_PORT }}', ruleActionCode='ALLOW'"
- name: NCP 서버에 SSH로 접속 후 배포
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.NCP_SERVET_HOST}}
username: ${{ secrets.NCP_SERVER_USERNAME}}
password: ${{ secrets.NCP_SERVER_PASSWORD}}
port: ${{ secrets.NCP_SERVER_PORT}}
script: |
cd /you-quiz
git switch main
git pull origin main
docker build -f Dockerfile.be -t you-quiz-be .
docker stop you-quiz-be || true
docker rm you-quiz-be || true
docker run -d --name you-quiz-be --env-file ./packages/BE/.env -p 80:3000 you-quiz-be
- name: Github Actions IP를 ACG, ACL 규칙에서 삭제
run: |
chmod -R 777 ~/cli_linux
cd ~/cli_linux
./ncloud vserver removeAccessControlGroupInboundRule --regionCode KR --vpcNo ${{ secrets.NCP_VPC_ID }} --accessControlGroupNo ${{ secrets.NCP_AGC_ID }} --accessControlGroupRuleList "protocolTypeCode='TCP', ipBlock='${{ steps.ip.outputs.public_ip }}/32', portRange='${{ secrets.SSH_PORT }}'"
./ncloud vpc removeNetworkAclInboundRule --regionCode KR --networkAclNo ${{ secrets.NCP_ACL_ID }} --networkAclRuleList "priority='${{ secrets.NCP_ACL_PRIORITY}}', protocolTypeCode='TCP', ipBlock='${{ steps.ip.outputs.public_ip }}/32', portRange='${{ secrets.SSH_PORT }}', ruleActionCode='ALLOW'"