1313 runs-on : ubuntu-latest
1414 steps :
1515 - uses : actions/checkout@v4
16+
17+ # (Spring) 빌드
1618 - uses : actions/setup-java@v4
1719 with :
1820 distribution : temurin
@@ -25,13 +27,15 @@ jobs:
2527key : gradle-${{ runner.os }}-${{ hashFiles('**/*.gradle*','**/gradle-wrapper.properties') }}
2628 - run : ./gradlew clean bootJar --no-daemon
2729
30+ # GHCR 로그인(액션에서만 필요)
2831 - uses : docker/setup-buildx-action@v3
2932 - uses : docker/login-action@v3
3033 with :
3134 registry : ghcr.io
3235 username : ${{ github.actor }}
3336 password : ${{ secrets.GITHUB_TOKEN }}
3437
38+ # 이미지 푸시 (latest + sha)
3539 - uses : docker/build-push-action@v6
3640 with :
3741 context : .
4044 ghcr.io/dmu-debugvisual/debugvisual-backend:latest
4145 ghcr.io/dmu-debugvisual/debugvisual-backend:${{ github.sha }}
4246
47+ # EC2 배포 (익명 pull)
4348 - name : Deploy on EC2 (compose pull/up)
4449 env :
4550 HOST : ${{ secrets.EC2_HOST }}
5055 sed -i 's/\r$//' ~/.ssh/id_rsa
5156 chmod 600 ~/.ssh/id_rsa
5257 ssh-keyscan -H "$HOST" >> ~/.ssh/known_hosts
53- ssh "$USER@$HOST" "\
54- docker login ghcr.io -u ${{ github.actor }} -p ${{ secrets.GITHUB_TOKEN }} && \
55- cd ~/apps/debugvisual && \
56- docker compose pull && docker compose up -d && \
57- docker image prune -af || true"
58+
59+ # (선택) 배포 충돌 방지용 락
60+ ssh "$USER@$HOST" "bash -s" << 'EOSSH'
61+ set -e
62+ LOCK=/tmp/debugvisual.deploy.lock
63+ (
64+ flock -n 9 || { echo 'Another deploy is running. Skip.'; exit 0; }
65+ cd ~/apps/debugvisual
66+ docker logout ghcr.io || true # 익명 pull 강제
67+ docker compose pull --ignore-pull-failures backend
68+ docker compose up -d --wait --remove-orphans backend
69+ docker image prune -af || true
70+ curl -skI https://api.zivorp.com/healthz | head -n1
71+ ) 9>$LOCK
72+ EOSSH
0 commit comments