Skip to content
Build & Deploy Backend (GHCR → EC2)

Update deploy.yml #9

Sign in to view logs

Update deploy.yml

Update deploy.yml #9

Workflow file for this run

.github/workflows/deploy.yml at 2745901
name: Build & Deploy Backend (GHCR → EC2)
on:
push:
branches: [ main ]
permissions:
contents: read
packages: write
jobs:
build-push-deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
# (Spring) 빌드
- uses: actions/setup-java@v4
with:
distribution: temurin
java-version: 17
- uses: actions/cache@v4
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: gradle-${{ runner.os }}-${{ hashFiles('**/*.gradle*','**/gradle-wrapper.properties') }}
- run: ./gradlew clean bootJar --no-daemon
# GHCR 로그인(액션에서만 필요)
- uses: docker/setup-buildx-action@v3
- uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# 이미지 푸시 (latest + sha)
- uses: docker/build-push-action@v6
with:
context: .
push: true
tags: |
ghcr.io/dmu-debugvisual/debugvisual-backend:latest
ghcr.io/dmu-debugvisual/debugvisual-backend:${{ github.sha }}
# EC2 배포 (익명 pull)
- name: Deploy on EC2 (compose pull/up)
env:
HOST: ${{ secrets.EC2_HOST }}
USER: ${{ secrets.EC2_USER }}
run: |
mkdir -p ~/.ssh
echo "${{ secrets.EC2_KEY }}" > ~/.ssh/id_rsa
sed -i 's/\r$//' ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
ssh-keyscan -H "$HOST" >> ~/.ssh/known_hosts
# (선택) 배포 충돌 방지용 락
ssh "$USER@$HOST" "bash -s" << 'EOSSH'
set -e
LOCK=/tmp/debugvisual.deploy.lock
(
flock -n 9 || { echo 'Another deploy is running. Skip.'; exit 0; }
cd ~/apps/debugvisual
docker logout ghcr.io || true # 익명 pull 강제
docker compose pull --ignore-pull-failures backend
docker compose up -d --wait --remove-orphans backend
docker image prune -af || true
curl -skI https://api.zivorp.com/healthz | head -n1
) 9>$LOCK
EOSSH