@@ -29,30 +29,66 @@ jobs:
2929 name : build-artifacts
3030 path : kkambbak/build/libs/*.jar
3131
32+ - name : Upload monitoring configs
33+ uses : actions/upload-artifact@v4
34+ with :
35+ name : monitoring-configs
36+ path : monitoring/
37+
3238 dockerize :
3339 runs-on : ubuntu-latest
3440 needs : build
3541 steps :
3642 - name : Checkout source code
3743 uses : actions/checkout@v5
3844
39- - name : Download build artifact
40- uses : actions/download-artifact@v4
41- with :
42- name : build-artifacts
43- path : kkambbak/build/libs
45+ - name : Set up Docker Buildx
46+ uses : docker/setup-buildx-action@v3
4447
4548 - name : Log in to DockerHub
4649 uses : docker/login-action@v3
4750 with :
4851 username : ${{ secrets.DOCKERHUB_USERNAME }}
4952 password : ${{ secrets.DOCKERHUB_TOKEN }}
5053
51- - name : Build Docker image
52- run : docker build -t ${{ secrets.DOCKERHUB_USERNAME }}/kkambbak:develop .
54+ - name : Build and push API image
55+ uses : docker/build-push-action@v5
56+ with :
57+ context : .
58+ file : ./Dockerfile
59+ target : api
60+ push : true
61+ tags : ${{ secrets.DOCKERHUB_USERNAME }}/kkambbak:develop
62+ cache-from : type=gha
63+ cache-to : type=gha,mode=max
64+
65+ - name : Build and push Scheduler image
66+ uses : docker/build-push-action@v5
67+ with :
68+ context : .
69+ file : ./Dockerfile
70+ target : scheduler
71+ push : true
72+ tags : ${{ secrets.DOCKERHUB_USERNAME }}/kkambbak-scheduler:develop
73+ cache-from : type=gha
74+ cache-to : type=gha,mode=max
75+
76+ - name : Download monitoring configs
77+ uses : actions/download-artifact@v4
78+ with :
79+ name : monitoring-configs
80+ path : ./monitoring
5381
54- - name : Push Docker image
55- run : docker push ${{ secrets.DOCKERHUB_USERNAME }}/kkambbak:develop
82+ - name : Upload monitoring configs to server
83+ uses : appleboy/scp-action@v0.1.7
84+ with :
85+ host : ${{ secrets.NCP_HOST }}
86+ username : ${{ secrets.NCP_USERNAME }}
87+ key : ${{ secrets.NCP_SSH_KEY }}
88+ password : ${{ secrets.NCP_PASSWORD }}
89+ source : " ./monitoring/*"
90+ target : " /home/ubuntu/kkambbak/"
91+ strip_components : 0
5692
5793 - name : Deploy to Naver Cloud
5894 uses : appleboy/ssh-action@v1.0.3
@@ -62,11 +98,48 @@ jobs:
6298 key : ${{ secrets.NCP_SSH_KEY }}
6399 password : ${{ secrets.NCP_PASSWORD }}
64100 script : |
101+ # .env 파일 생성
102+ cat > /tmp/.env <<'EOF'
103+ DB_URL=${{ secrets.DB_URL }}
104+ DB_USERNAME=${{ secrets.DB_USERNAME }}
105+ DB_PASSWORD=${{ secrets.DB_PASSWORD }}
106+ DB_DRIVER=${{ secrets.DB_DRIVER }}
107+ JPA_DDL_AUTO=${{ secrets.JPA_DDL_AUTO }}
108+ JPA_DIALECT=${{ secrets.JPA_DIALECT }}
109+ REDIS_HOST=kkambbak-redis
110+ REDIS_PORT=6379
111+ JWT_SECRET=${{ secrets.JWT_SECRET }}
112+ JWT_ACCESS_TOKEN_EXPIRATION=${{ secrets.JWT_ACCESS_TOKEN_EXPIRATION }}
113+ JWT_REFRESH_TOKEN_EXPIRATION=${{ secrets.JWT_REFRESH_TOKEN_EXPIRATION }}
114+ GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID }}
115+ GOOGLE_CLIENT_SECRET=${{ secrets.GOOGLE_CLIENT_SECRET }}
116+ OAUTH2_REDIRECT_URI=${{ secrets.OAUTH2_REDIRECT_URI }}
117+ AUTH_KEY=${{ secrets.AUTH_KEY }}
118+ MAIL_HOST=${{ secrets.MAIL_HOST }}
119+ MAIL_PORT=${{ secrets.MAIL_PORT }}
120+ MAIL_USERNAME=${{ secrets.MAIL_USERNAME }}
121+ MAIL_PASSWORD=${{ secrets.MAIL_PASSWORD }}
122+ MAIL_SMTP_AUTH=true
123+ MAIL_SMTP_STARTTLS_ENABLE=true
124+ EMAIL_REDIRECT_URI=${{ secrets.EMAIL_REDIRECT_URI }}
125+ EMAIL_OTP_EXPIRY_MINUTES=${{ secrets.EMAIL_OTP_EXPIRY_MINUTES }}
126+ R2_ACCOUNT_ID=${{ secrets.R2_ACCOUNT_ID }}
127+ R2_ACCESS_KEY=${{ secrets.R2_ACCESS_KEY }}
128+ R2_SECRET_KEY=${{ secrets.R2_SECRET_KEY }}
129+ R2_BUCKET_NAME=${{ secrets.R2_BUCKET_NAME }}
130+ R2_PUBLIC_DOMAIN=${{ secrets.R2_PUBLIC_DOMAIN }}
131+ DEFAULT_PROFILE_IMAGE=${{ secrets.DEFAULT_PROFILE_IMAGE }}
132+ DISCORD_WEBHOOK_URL=${{ secrets.DISCORD_WEBHOOK }}
133+ GRAFANA_ADMIN_USER=${{ secrets.GRAFANA_ADMIN_USER }}
134+ GRAFANA_ADMIN_PASSWORD=${{ secrets.GRAFANA_ADMIN_PASSWORD }}
135+ EOF
136+
65137 # Docker 로그인
66138 echo ${{ secrets.DOCKERHUB_TOKEN }} | /usr/bin/docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin
67139
68140 # 최신 이미지 pull
69141 /usr/bin/docker pull ${{ secrets.DOCKERHUB_USERNAME }}/kkambbak:develop
142+ /usr/bin/docker pull ${{ secrets.DOCKERHUB_USERNAME }}/kkambbak-scheduler:develop
70143
71144 # Docker 네트워크 생성 (없으면)
72145 /usr/bin/docker network create kkambbak-network || true
@@ -91,41 +164,95 @@ jobs:
91164 /usr/bin/docker stop kkambbak || true
92165 /usr/bin/docker rm kkambbak || true
93166
167+ # 로그 디렉토리 생성
168+ mkdir -p /home/ubuntu/kkambbak/logs
169+
94170 # 애플리케이션 컨테이너 실행 (포트 8080)
95171 /usr/bin/docker run -d \
96172 --name kkambbak \
97173 --restart unless-stopped \
98174 --network kkambbak-network \
99175 -p 8080:8080 \
100- -e "DB_URL=${{ secrets.DB_URL }}" \
101- -e "DB_USERNAME=${{ secrets.DB_USERNAME }}" \
102- -e "DB_PASSWORD=${{ secrets.DB_PASSWORD }}" \
103- -e "DB_DRIVER=${{ secrets.DB_DRIVER }}" \
104- -e "JPA_DDL_AUTO=${{ secrets.JPA_DDL_AUTO }}" \
105- -e "JPA_DIALECT=${{ secrets.JPA_DIALECT }}" \
106- -e REDIS_HOST=kkambbak-redis \
107- -e REDIS_PORT=6379 \
108- -e "JWT_SECRET=${{ secrets.JWT_SECRET }}" \
109- -e "JWT_ACCESS_TOKEN_EXPIRATION=${{ secrets.JWT_ACCESS_TOKEN_EXPIRATION }}" \
110- -e "JWT_REFRESH_TOKEN_EXPIRATION=${{ secrets.JWT_REFRESH_TOKEN_EXPIRATION }}" \
111- -e "GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID }}" \
112- -e "GOOGLE_CLIENT_SECRET=${{ secrets.GOOGLE_CLIENT_SECRET }}" \
113- -e "OAUTH2_REDIRECT_URI=${{ secrets.OAUTH2_REDIRECT_URI }}" \
114- -e "AUTH_KEY=${{ secrets.AUTH_KEY }}" \
115- -e "MAIL_HOST=${{ secrets.MAIL_HOST }}" \
116- -e "MAIL_PORT=${{ secrets.MAIL_PORT }}" \
117- -e "MAIL_USERNAME=${{ secrets.MAIL_USERNAME }}" \
118- -e "MAIL_PASSWORD=${{ secrets.MAIL_PASSWORD }}" \
119- -e "EMAIL_REDIRECT_URI=${{ secrets.EMAIL_REDIRECT_URI }}" \
120- -e "EMAIL_OTP_EXPIRY_MINUTES=${{ secrets.EMAIL_OTP_EXPIRY_MINUTES }}" \
121- -e "R2_ACCOUNT_ID=${{ secrets.R2_ACCOUNT_ID }}" \
122- -e "R2_ACCESS_KEY=${{ secrets.R2_ACCESS_KEY }}" \
123- -e "R2_SECRET_KEY=${{ secrets.R2_SECRET_KEY }}" \
124- -e "R2_BUCKET_NAME=${{ secrets.R2_BUCKET_NAME }}" \
125- -e "R2_PUBLIC_DOMAIN=${{ secrets.R2_PUBLIC_DOMAIN }}" \
126- -e "DEFAULT_PROFILE_IMAGE=${{ secrets.DEFAULT_PROFILE_IMAGE }}" \
176+ -v /home/ubuntu/kkambbak/logs:/app/logs \
177+ --env-file /tmp/.env \
127178 ${{ secrets.DOCKERHUB_USERNAME }}/kkambbak:develop
128179
180+ # 기존 스케줄러 컨테이너 중지 및 제거
181+ /usr/bin/docker stop kkambbak-scheduler || true
182+ /usr/bin/docker rm kkambbak-scheduler || true
183+
184+ # 스케줄러 컨테이너 실행
185+ /usr/bin/docker run -d \
186+ --name kkambbak-scheduler \
187+ --restart unless-stopped \
188+ --network kkambbak-network \
189+ -v /home/ubuntu/kkambbak/logs:/app/logs \
190+ --env-file /tmp/.env \
191+ ${{ secrets.DOCKERHUB_USERNAME }}/kkambbak-scheduler:develop
192+
193+ # 모니터링 스택 배포
194+
195+ # 기존 모니터링 컨테이너 중지 및 제거
196+ /usr/bin/docker stop kkambbak-prometheus || true
197+ /usr/bin/docker rm kkambbak-prometheus || true
198+ /usr/bin/docker stop kkambbak-loki || true
199+ /usr/bin/docker rm kkambbak-loki || true
200+ /usr/bin/docker stop kkambbak-promtail || true
201+ /usr/bin/docker rm kkambbak-promtail || true
202+ /usr/bin/docker stop kkambbak-grafana || true
203+ /usr/bin/docker rm kkambbak-grafana || true
204+
205+ # 모니터링 볼륨 생성
206+ /usr/bin/docker volume create prometheus-data || true
207+ /usr/bin/docker volume create loki-data || true
208+ /usr/bin/docker volume create grafana-data || true
209+
210+ # Prometheus 실행
211+ /usr/bin/docker run -d \
212+ --name kkambbak-prometheus \
213+ --restart unless-stopped \
214+ --network kkambbak-network \
215+ -p 9090:9090 \
216+ -v /home/ubuntu/kkambbak/monitoring/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml \
217+ -v prometheus-data:/prometheus \
218+ prom/prometheus:latest \
219+ --config.file=/etc/prometheus/prometheus.yml \
220+ --storage.tsdb.path=/prometheus
221+
222+ # Loki 실행
223+ /usr/bin/docker run -d \
224+ --name kkambbak-loki \
225+ --restart unless-stopped \
226+ --network kkambbak-network \
227+ -p 3100:3100 \
228+ -v /home/ubuntu/kkambbak/monitoring/loki/loki-config.yml:/etc/loki/local-config.yaml \
229+ -v loki-data:/loki \
230+ grafana/loki:latest \
231+ -config.file=/etc/loki/local-config.yaml
232+
233+ # Promtail 실행
234+ /usr/bin/docker run -d \
235+ --name kkambbak-promtail \
236+ --restart unless-stopped \
237+ --network kkambbak-network \
238+ -v /home/ubuntu/kkambbak/monitoring/promtail/promtail-config.yml:/etc/promtail/config.yml \
239+ -v /home/ubuntu/kkambbak/logs:/var/log/app \
240+ grafana/promtail:latest \
241+ -config.file=/etc/promtail/config.yml
242+
243+ # Grafana 실행
244+ /usr/bin/docker run -d \
245+ --name kkambbak-grafana \
246+ --restart unless-stopped \
247+ --network kkambbak-network \
248+ -p 3001:3000 \
249+ -v grafana-data:/var/lib/grafana \
250+ -v /home/ubuntu/kkambbak/monitoring/grafana/provisioning:/etc/grafana/provisioning \
251+ -e GF_SECURITY_ADMIN_USER=${{ secrets.GRAFANA_ADMIN_USER }} \
252+ -e GF_SECURITY_ADMIN_PASSWORD=${{ secrets.GRAFANA_ADMIN_PASSWORD }} \
253+ -e GF_USERS_ALLOW_SIGN_UP=false \
254+ grafana/grafana:latest
255+
129256 # 사용하지 않는 이미지 정리
130257 /usr/bin/docker image prune -af
131258
0 commit comments