-
Notifications
You must be signed in to change notification settings - Fork 0
47 lines (42 loc) · 1.53 KB
/
Copy pathdeploy.yml
File metadata and controls
47 lines (42 loc) · 1.53 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
name: CI/CD Deployment
on:
push:
branches: ["main"]
workflow_dispatch:
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- name: Deploy to server
uses: appleboy/ssh-action@v1
with:
host: ${{ secrets.SSH_HOST }}
port: ${{ secrets.SSH_PORT }}
username: ${{ secrets.SSH_USER }}
key: ${{ secrets.SSH_PRIVATE_KEY }}
envs: DB_PASSWORD,JWT_SECRET,SECRET_KEY,GOOGLE_CLIENT_ID,GOOGLE_CLIENT_SECRET,BACKEND_URL,FRONTEND_URL
script: |
cd /home/metamong/Metamong_back
git pull origin main
# .env 파일 재생성 (서버에 평문 저장 방지를 위해 매 배포 시 덮어씀)
cat > .env <<EOF
DB_PASSWORD=$DB_PASSWORD
JWT_SECRET=$JWT_SECRET
SECRET_KEY=$SECRET_KEY
GOOGLE_CLIENT_ID=$GOOGLE_CLIENT_ID
GOOGLE_CLIENT_SECRET=$GOOGLE_CLIENT_SECRET
BACKEND_URL=$BACKEND_URL
FRONTEND_URL=$FRONTEND_URL
NODE_ENV=production
EOF
docker compose down
docker compose up --build -d
docker image prune -f
env:
DB_PASSWORD: ${{ secrets.DB_PASSWORD }}
JWT_SECRET: ${{ secrets.JWT_SECRET }}
SECRET_KEY: ${{ secrets.SECRET_KEY }}
GOOGLE_CLIENT_ID: ${{ secrets.GOOGLE_CLIENT_ID }}
GOOGLE_CLIENT_SECRET: ${{ secrets.GOOGLE_CLIENT_SECRET }}
BACKEND_URL: ${{ secrets.BACKEND_URL }}
FRONTEND_URL: ${{ secrets.FRONTEND_URL }}