feat: 어드민 멘토 승격 요청 페이징 조회 기능 추가 (#576) #134
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "[DEV] Build Gradle and Deploy" | |
| on: | |
| push: | |
| branches: [ "develop" ] | |
| workflow_dispatch: | |
| jobs: | |
| # --- Job 1: 빌드 및 이미지 푸시 (쓰기 권한 필요) --- | |
| build-and-push: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| outputs: | |
| image_tag: ${{ steps.image_meta.outputs.image_tag }} | |
| steps: | |
| - name: Checkout the code | |
| uses: actions/checkout@v4 | |
| with: | |
| token: ${{ secrets.SUBMODULE_ACCESS_TOKEN }} | |
| submodules: true | |
| # --- Java, Gradle 설정 --- | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| - name: Setup Gradle | |
| uses: gradle/actions/setup-gradle@v3 | |
| - name: Grant execute permission for Gradle wrapper | |
| run: chmod +x ./gradlew | |
| - name: Build with Gradle | |
| run: ./gradlew bootJar | |
| # --- Docker 설정 --- | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| platforms: linux/arm64 | |
| - name: Log in to GitHub Container Registry (GHCR) | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| # --- 이미지 메타데이터 정의 --- | |
| - name: Define image name and tag | |
| id: image_meta | |
| run: | | |
| OWNER_LOWERCASE=$(echo "${{ github.repository_owner }}" | tr '[:upper:]' '[:lower:]') | |
| IMAGE_TAG=$(date +'%Y%m%d-%H%M%S') | |
| echo "image_name=ghcr.io/${OWNER_LOWERCASE}/solid-connection-dev" >> $GITHUB_OUTPUT | |
| echo "image_tag=${IMAGE_TAG}" >> $GITHUB_OUTPUT | |
| # --- Docker 빌드 및 푸시 --- | |
| - name: Build, push, and cache Docker image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| platforms: linux/arm64 | |
| push: true | |
| tags: ${{ format('{0}:{1}', steps.image_meta.outputs.image_name, steps.image_meta.outputs.image_tag) }} | |
| cache-from: type=registry,ref=${{ steps.image_meta.outputs.image_name }}:buildcache | |
| cache-to: type=registry,ref=${{ steps.image_meta.outputs.image_name }}:buildcache,mode=max | |
| # --- 이미지 정리 (이전 Job에 있던 것) --- | |
| - name: Clean up old image versions from GHCR | |
| uses: snok/container-retention-policy@v2 | |
| with: | |
| token: ${{ secrets.PACKAGE_DELETE_TOKEN }} | |
| image-names: solid-connection-dev | |
| delete-untagged: true | |
| keep-n-tags: 5 | |
| account-type: org | |
| org-name: ${{ github.repository_owner }} | |
| cut-off: '7 days ago UTC' | |
| # --- Job 2: 배포 (읽기 권한만 필요) --- | |
| deploy: | |
| needs: build-and-push | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: read | |
| steps: | |
| # 설정 파일 전송을 위해 코드 체크아웃 (서브모듈 불필요) | |
| - name: Checkout config files | |
| uses: actions/checkout@v4 | |
| with: | |
| sparse-checkout: | | |
| docker-compose.dev.yml | |
| docs/infra-config | |
| sparse-checkout-cone-mode: false | |
| # --- 설정 파일 전송 --- | |
| - name: Copy config files to remote | |
| run: | | |
| echo "${{ secrets.DEV_PRIVATE_KEY }}" > deploy_key.pem | |
| chmod 600 deploy_key.pem | |
| scp -i deploy_key.pem \ | |
| -o StrictHostKeyChecking=no \ | |
| ./docker-compose.dev.yml \ | |
| ./docs/infra-config/config.alloy \ | |
| ./docs/infra-config/nginx.dev.conf \ | |
| ${{ secrets.DEV_USERNAME }}@${{ secrets.DEV_HOST }}:/home/${{ secrets.DEV_USERNAME }}/solid-connection-dev/ | |
| # --- 서버에서 Docker Pull 및 재시작 --- | |
| - name: Run docker compose and apply nginx config | |
| run: | | |
| # GITHUB_TOKEN을 이용해 서버에서 로그인 (App Token 불필요) | |
| ssh -i deploy_key.pem \ | |
| -o StrictHostKeyChecking=no \ | |
| ${{ secrets.DEV_USERNAME }}@${{ secrets.DEV_HOST }} \ | |
| ' | |
| set -e | |
| # 1. 환경 변수 설정 (이전 Job의 Output 사용) | |
| export OWNER_LOWERCASE=$(echo "${{ github.repository_owner }}" | tr "[:upper:]" "[:lower:]") | |
| export IMAGE_TAG_ONLY="${{ needs.build-and-push.outputs.image_tag }}" | |
| export FULL_IMAGE_NAME="ghcr.io/${OWNER_LOWERCASE}/solid-connection-dev:${IMAGE_TAG_ONLY}" | |
| # 2. 서버가 GHCR에 로그인 (GITHUB_TOKEN 사용) | |
| # App Token 대신 현재 워크플로우의 임시 토큰을 넘겨줍니다. | |
| echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
| # 3. Docker Pull | |
| echo "Pulling new image: $FULL_IMAGE_NAME" | |
| docker pull $FULL_IMAGE_NAME | |
| # 4. 작업 및 Nginx 설정 적용 | |
| cd /home/${{ secrets.DEV_USERNAME }}/solid-connection-dev | |
| mkdir -p ./nginx | |
| mv ./nginx.dev.conf ./nginx/default.conf | |
| sudo cp ./nginx/default.conf /etc/nginx/conf.d/default.conf | |
| sudo nginx -t | |
| sudo nginx -s reload | |
| # 5. Docker Compose 재시작 | |
| echo "Restarting Docker Compose with tag: $IMAGE_TAG_ONLY" | |
| docker compose -f docker-compose.dev.yml down | |
| IMAGE_TAG=$IMAGE_TAG_ONLY docker compose -f docker-compose.dev.yml up -d | |
| # 6. 정리 작업 | |
| echo "Pruning dangling images..." | |
| docker image prune -f | |
| echo "Cleaning up old tagged images (keeping last 5)..." | |
| IMAGE_NAME_BASE="ghcr.io/${OWNER_LOWERCASE}/solid-connection-dev" | |
| docker images "${IMAGE_NAME_BASE}" --format "{{.Tag}}" | \ | |
| sort -r | \ | |
| tail -n +6 | \ | |
| xargs -I {} docker rmi "${IMAGE_NAME_BASE}:{}" || true | |
| echo "Deployment finished successfully." | |
| ' |