Files
taxbaik/.gitea/workflows/deploy.yml
T
kjh2064 5f5b8f7d69
TaxBaik CI/CD / build-and-deploy (push) Failing after 39s
SSH 키 처리 개선: base64 인코딩/디코딩 사용
문제:
- 직접 echo로 SSH 키 작성 시 개행 문자 손실
- "error in libcrypto" 오류 발생
- SSH 키 형식 손상

해결:
- ${{ secrets.DEPLOY_SSH_KEY }}를 base64 인코딩된 형식으로 저장
- CI에서 base64 -d로 디코딩하여 원본 키 복원
- UserKnownHostsFile /dev/null 추가 (known_hosts 자동 관리)
- 설정 검증 로깅 추가

사용자 조치 필요:
1. SSH 개인 키를 base64로 인코딩: `cat ~/.ssh/id_ed25519 | base64`
2. 결과를 DEPLOY_SSH_KEY secret에 저장

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-06-26 17:23:43 +09:00

140 lines
5.0 KiB
YAML

name: TaxBaik CI/CD
on:
push:
branches:
- master
jobs:
build-and-deploy:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup .NET
uses: actions/setup-dotnet@v4
with:
dotnet-version: '10.0'
- name: Restore dependencies
run: dotnet restore TaxBaik.sln
- name: Build solution
run: dotnet build TaxBaik.sln -c Release --no-restore
- name: Publish Web
run: dotnet publish TaxBaik.Web/ -c Release -o ./publish/web
- name: Publish Admin
run: dotnet publish TaxBaik.Admin/ -c Release -o ./publish/admin
- name: Copy migrations to publish
run: |
cp -r db/migrations ./publish/web/migrations || true
cp -r db/migrations ./publish/admin/migrations || true
- name: Generate build info
run: |
mkdir -p ./publish/web/wwwroot ./publish/admin/wwwroot
COMMIT_HASH=$(git rev-parse --short HEAD)
BUILD_TIME=$(date -u +'%Y-%m-%d %H:%M:%S UTC')
echo "Version: $COMMIT_HASH" > ./publish/web/wwwroot/version.txt
echo "Built: $BUILD_TIME" >> ./publish/web/wwwroot/version.txt
echo "Version: $COMMIT_HASH" > ./publish/admin/wwwroot/version.txt
echo "Built: $BUILD_TIME" >> ./publish/admin/wwwroot/version.txt
echo "✓ Version files created:"
cat ./publish/web/wwwroot/version.txt
- name: Setup SSH key
run: |
mkdir -p ~/.ssh
echo "${{ secrets.DEPLOY_SSH_KEY }}" | base64 -d > ~/.ssh/deploy_key
chmod 600 ~/.ssh/deploy_key
cat >> ~/.ssh/config << 'EOF'
Host deploy
HostName ${{ secrets.DEPLOY_HOST }}
User ${{ secrets.DEPLOY_USER }}
IdentityFile ~/.ssh/deploy_key
StrictHostKeyChecking no
UserKnownHostsFile /dev/null
EOF
chmod 644 ~/.ssh/config
echo "=== SSH Key Setup Complete ==="
ls -la ~/.ssh/
- name: Deploy Web
run: |
WEB_TIMESTAMP=$(date +%Y%m%d_%H%M%S)
tar -czf web_publish.tar.gz -C publish web
scp web_publish.tar.gz deploy:/tmp/
ssh deploy /bin/bash << 'EOF'
WEB_TIMESTAMP=$(date +%Y%m%d_%H%M%S)
WEB_DEPLOY_DIR="/home/${{ secrets.DEPLOY_USER }}/deployments/taxbaik_${WEB_TIMESTAMP}"
mkdir -p "$WEB_DEPLOY_DIR"
echo "=== Extracting deployment package ==="
tar -xzf /tmp/web_publish.tar.gz -C "$WEB_DEPLOY_DIR"
ln -sfn "$WEB_DEPLOY_DIR/web" ~/taxbaik_active
echo "=== Stopping existing TaxBaik.Web processes ==="
pkill -9 -f "TaxBaik.Web" || true
sleep 5
echo "=== Verifying processes stopped ==="
ps aux | grep -E 'TaxBaik.Web|5001' | grep -v grep || echo "✓ All processes stopped"
echo "=== Starting new TaxBaik.Web process ==="
cd ~/taxbaik_active
export ConnectionStrings__Default="Host=localhost;Database=taxbaikdb;Username=taxbaik;Password=taxbaik123"
export ASPNETCORE_ENVIRONMENT=Production
export ASPNETCORE_URLS=http://127.0.0.1:5001
nohup /usr/local/dotnet/dotnet TaxBaik.Web.dll > web.log 2>&1 &
sleep 3
echo "=== Verifying new process started ==="
ps aux | grep TaxBaik.Web | grep -v grep
cat ~/taxbaik_active/wwwroot/version.txt || echo "! Version file not found"
rm /tmp/web_publish.tar.gz
EOF
- name: Deploy Admin
run: |
ADMIN_TIMESTAMP=$(date +%Y%m%d_%H%M%S)
tar -czf admin_publish.tar.gz -C publish admin
scp admin_publish.tar.gz deploy:/tmp/
ssh deploy /bin/bash << 'EOF'
ADMIN_TIMESTAMP=$(date +%Y%m%d_%H%M%S)
ADMIN_DEPLOY_DIR="/home/${{ secrets.DEPLOY_USER }}/deployments/taxbaik_admin_${ADMIN_TIMESTAMP}"
mkdir -p "$ADMIN_DEPLOY_DIR"
echo "=== Extracting deployment package ==="
tar -xzf /tmp/admin_publish.tar.gz -C "$ADMIN_DEPLOY_DIR"
ln -sfn "$ADMIN_DEPLOY_DIR/admin" ~/taxbaik_admin_active
echo "=== Stopping existing TaxBaik.Admin processes ==="
pkill -9 -f "TaxBaik.Admin" || true
sleep 5
echo "=== Verifying processes stopped ==="
ps aux | grep -E 'TaxBaik.Admin|5002' | grep -v grep || echo "✓ All processes stopped"
echo "=== Starting new TaxBaik.Admin process ==="
cd ~/taxbaik_admin_active
export ConnectionStrings__Default="Host=localhost;Database=taxbaikdb;Username=taxbaik;Password=taxbaik123"
export ASPNETCORE_ENVIRONMENT=Production
export ASPNETCORE_URLS=http://127.0.0.1:5002
nohup /usr/local/dotnet/dotnet TaxBaik.Admin.dll > admin.log 2>&1 &
sleep 3
echo "=== Verifying new process started ==="
ps aux | grep TaxBaik.Admin | grep -v grep
cat ~/taxbaik_admin_active/wwwroot/version.txt || echo "! Version file not found"
rm /tmp/admin_publish.tar.gz
EOF