fix: CD workflow #52
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: NextJS CD | |
| on: | |
| release: | |
| types: [created] | |
| push: | |
| branches: | |
| - MF-361-Next.js-CD-Github-Action | |
| workflow_dispatch: | |
| repository_dispatch: | |
| env: | |
| KCR_REGISTRY: dkation.kr-central-2.kcr.dev | |
| KCR_REPOSITORY: dkation-prod-front/dkation-prod-fe | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v2 | |
| with: | |
| fetch-depth: 0 | |
| - name: Get release tag or commit hash | |
| id: get_version | |
| run: | | |
| if [[ ${{ github.event_name }} == 'release' ]]; then | |
| echo "version=${{ github.event.release.tag_name }}" >> $GITHUB_OUTPUT | |
| else | |
| git fetch --tags | |
| latest_tag=$(git describe --tags --abbrev=0) | |
| echo "version=$latest_tag" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Setup SSH | |
| uses: webfactory/[email protected] | |
| with: | |
| ssh-private-key: ${{ secrets.SSH_KEY }} | |
| - name: Add known hosts | |
| run: | | |
| mkdir -p ~/.ssh | |
| ssh-keyscan -H ${{ secrets.BASTION_IP }} >> ~/.ssh/known_hosts | |
| echo "${{ secrets.WEB_IPS }}" | tr ',' '\n' | while read ip; do | |
| ssh-keyscan -H $ip >> ~/.ssh/known_hosts | |
| done | |
| - name: Setup SSH config | |
| run: | | |
| echo "Host bastion" > ~/.ssh/config | |
| echo " HostName ${{ secrets.BASTION_IP }}" >> ~/.ssh/config | |
| echo " User ${{ secrets.USER }}" >> ~/.ssh/config | |
| echo " IdentityFile ~/.ssh/id_rsa" >> ~/.ssh/config | |
| echo "" >> ~/.ssh/config | |
| echo "Host webserver" >> ~/.ssh/config | |
| echo " ProxyCommand ssh -W %h:%p bastion" >> ~/.ssh/config | |
| echo " User ${{ secrets.USER }}" >> ~/.ssh/config | |
| echo " IdentityFile ~/.ssh/id_rsa" >> ~/.ssh/config | |
| - name: Deploy to FE | |
| env: | |
| WEB_IPS: ${{ secrets.WEB_IPS }} | |
| ACCESS_KEY: ${{ secrets.ACCESS_KEY }} | |
| ACCESS_SECRET_KEY: ${{ secrets.ACCESS_SECRET_KEY }} | |
| run: | | |
| IFS=',' read -r -a HOSTS <<< "$WEB_IPS" | |
| for host in "${HOSTS[@]}" | |
| do | |
| echo "Deploying to $host" | |
| ssh -o ProxyCommand="ssh -W %h:%p bastion" ${{ secrets.USER }}@$host << EOF | |
| set -e | |
| echo "Stopping and removing existing containers" | |
| docker ps -q --filter ancestor=$KCR_REGISTRY/$KCR_REPOSITORY | xargs -r docker stop || true | |
| docker ps -aq --filter ancestor=$KCR_REGISTRY/$KCR_REPOSITORY | xargs -r docker rm || true | |
| echo "Removing old Docker images" | |
| docker images $KCR_REGISTRY/$KCR_REPOSITORY --format '{{.ID}}' | xargs -r docker rmi || true | |
| echo "Login to KCR" | |
| echo "$ACCESS_SECRET_KEY" | docker login $KCR_REGISTRY --username $ACCESS_KEY --password-stdin | |
| echo "Pulling new Docker image" | |
| docker pull $KCR_REGISTRY/$KCR_REPOSITORY:${{ steps.get_version.outputs.version }} | |
| echo "Running new Docker container" | |
| docker run -d -p 80:3000 --name frontend $KCR_REGISTRY/$KCR_REPOSITORY:${{ steps.get_version.outputs.version }} | |
| echo "Checking container health" | |
| max_retries=5 | |
| retries=0 | |
| until docker ps | grep frontend | grep -q "Up" || [ $retries -eq $max_retries ] | |
| do | |
| echo "Waiting for container to be healthy..." | |
| sleep 5 | |
| retries=$((retries+1)) | |
| done | |
| if [ $retries -eq $max_retries ]; then | |
| echo "Container failed to start properly" | |
| exit 1 | |
| fi | |
| echo "Container is up and running" | |
| EOF | |
| if [ $? -ne 0 ]; then | |
| echo "Deployment to $host failed" | |
| exit 1 | |
| fi | |
| done | |
| echo "Deployment completed successfully" |