|
1 | | -FROM python:3.9-slim-buster |
2 | | - |
3 | | -WORKDIR /usr/src/app |
4 | | - |
5 | | -# Python ์๋ฒ ํ์ผ ๋ณต์ฌ |
6 | | -COPY server/app.py . |
7 | | -COPY server/code ./code |
8 | | - |
9 | | -# requirements.txt ๋ณต์ฌ โ ๊ผญ ์์ด์ผ ํจ |
10 | | -COPY requirements.txt ./ |
11 | | - |
12 | | -# ๋ชจ๋ ์ธ์ด์ entrypoint ์คํฌ๋ฆฝํธ ๋ณต์ฌ |
13 | | -COPY docker/python/entrypoint.sh ./entrypoint_python.sh |
14 | | -COPY docker/java/entrypoint.sh ./entrypoint_java.sh |
15 | | -COPY docker/c/entrypoint.sh ./entrypoint_c.sh |
16 | | - |
17 | | -# ์คํ ๊ถํ ๋ถ์ฌ |
18 | | -RUN chmod +x entrypoint_*.sh |
19 | | - |
20 | | -# ํ์ํ Python ํจํค์ง ์ค์น (Flask + OpenAI + dotenv ๋ฑ ์ ๋ถ) |
21 | | -RUN pip install --no-cache-dir -r requirements.txt |
22 | | - |
23 | | -# ํ์ํ ํจํค์ง ์ค์น ์ ์บ์ ํด๋ฆฌ์ด |
24 | | -RUN apt-get update && apt-get install -y \ |
25 | | - ca-certificates \ |
26 | | - curl \ |
27 | | - gnupg \ |
28 | | - lsb-release && \ |
29 | | - curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg && \ |
30 | | - echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker.list && \ |
31 | | - apt-get update && \ |
32 | | - apt-get install -y docker-ce docker-ce-cli containerd.io && \ |
33 | | - ln -s /usr/bin/docker /usr/local/bin/docker && \ |
34 | | - apt-get clean && \ |
35 | | - rm -rf /var/lib/apt/lists/* /var/cache/apt/* |
36 | | - |
37 | | -# Python ๋ฒํผ๋ง ๋นํ์ฑํ |
38 | | -ENV PYTHONUNBUFFERED=1 |
39 | | - |
40 | | -EXPOSE 5050 |
41 | | - |
42 | | -CMD ["python", "-Xutf8", "app.py"] |
| 1 | +name: Build & Deploy Spike (GHCR โ EC2) |
| 2 | + |
| 3 | +on: |
| 4 | + push: |
| 5 | + branches: [ main ] |
| 6 | + |
| 7 | +permissions: |
| 8 | + contents: read |
| 9 | + packages: write # GHCR ํธ์ ๊ถํ |
| 10 | + |
| 11 | +jobs: |
| 12 | + build-push-deploy: |
| 13 | + runs-on: ubuntu-latest |
| 14 | + |
| 15 | + steps: |
| 16 | + - name: Checkout |
| 17 | + uses: actions/checkout@v4 |
| 18 | + |
| 19 | + - name: Set up Docker Buildx |
| 20 | + uses: docker/setup-buildx-action@v3 |
| 21 | + |
| 22 | + - name: Login to GHCR |
| 23 | + uses: docker/login-action@v3 |
| 24 | + with: |
| 25 | + registry: ghcr.io |
| 26 | + username: ${{ github.actor }} |
| 27 | + password: ${{ secrets.GITHUB_TOKEN }} |
| 28 | + |
| 29 | + # ๐ฅ ๋ฃจํธ์ Dockerfile(๋ค๊ฐ ์ค ๊ฒ)๋ก ๋น๋ํฉ๋๋ค. |
| 30 | + - name: Build & Push spike image |
| 31 | + uses: docker/build-push-action@v6 |
| 32 | + with: |
| 33 | + context: . |
| 34 | + file: ./Dockerfile |
| 35 | + push: true |
| 36 | + tags: | |
| 37 | + ghcr.io/dmu-debugvisual/debugvisual-spike:latest |
| 38 | + ghcr.io/dmu-debugvisual/debugvisual-spike:${{ github.sha }} |
| 39 | + |
| 40 | + # ์ ํ: EC2์ ๋ฐ๋ก ๋ฐฐํฌ (Secrets: EC2_HOST / EC2_USER / EC2_KEY ํ์) |
| 41 | + - name: Deploy on EC2 (compose pull/up) |
| 42 | + env: |
| 43 | + HOST: ${{ secrets.EC2_HOST }} |
| 44 | + USER: ${{ secrets.EC2_USER }} |
| 45 | + run: | |
| 46 | + mkdir -p ~/.ssh |
| 47 | + echo "${{ secrets.EC2_KEY }}" > ~/.ssh/id_rsa |
| 48 | + # ์๋์ฐ ๊ฐํ ๋ฐฉ์ง |
| 49 | + sed -i 's/\r$//' ~/.ssh/id_rsa |
| 50 | + chmod 600 ~/.ssh/id_rsa |
| 51 | + ssh-keyscan -H "$HOST" >> ~/.ssh/known_hosts |
| 52 | + ssh "$USER@$HOST" "\ |
| 53 | + docker login ghcr.io -u ${{ github.actor }} -p ${{ secrets.GITHUB_TOKEN }} && \ |
| 54 | + cd ~/apps/debugvisual && \ |
| 55 | + docker compose pull && \ |
| 56 | + docker compose up -d && \ |
| 57 | + docker image prune -af || true" |
0 commit comments