92 lines
4.0 KiB
YAML
92 lines
4.0 KiB
YAML
name: TaxBaik CI/CD
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- master
|
|
|
|
jobs:
|
|
build-and-deploy:
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Setup .NET
|
|
uses: actions/setup-dotnet@v4
|
|
with:
|
|
dotnet-version: '10.0'
|
|
|
|
- name: Restore dependencies
|
|
run: dotnet restore TaxBaik.sln
|
|
|
|
- name: Build solution
|
|
run: |
|
|
dotnet clean TaxBaik.sln -c Release
|
|
dotnet build TaxBaik.sln -c Release --no-restore
|
|
|
|
- name: Publish Web (통합 앱)
|
|
run: dotnet publish TaxBaik.Web/ -c Release -o ./publish --no-restore
|
|
|
|
- name: Copy migrations to publish
|
|
run: |
|
|
cp -r db/migrations ./publish/migrations || true
|
|
|
|
- name: Generate build info
|
|
run: |
|
|
mkdir -p ./publish/wwwroot
|
|
COMMIT_HASH=$(git rev-parse --short HEAD)
|
|
BUILD_TIME=$(date -u +'%Y-%m-%d %H:%M:%S UTC')
|
|
echo "Version: $COMMIT_HASH" > ./publish/wwwroot/version.txt
|
|
echo "Built: $BUILD_TIME" >> ./publish/wwwroot/version.txt
|
|
echo "✓ Version: $COMMIT_HASH"
|
|
|
|
- name: Deploy (CI only, 통합 Web)
|
|
run: |
|
|
set -e
|
|
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
|
|
DEPLOY_HOME="/home/kjh2064"
|
|
DEPLOY_DIR="$DEPLOY_HOME/deployments/taxbaik_${TIMESTAMP}"
|
|
DEPLOY_HOST="${{ secrets.DEPLOY_HOST }}"
|
|
DEPLOY_USER="${{ secrets.DEPLOY_USER }}"
|
|
|
|
echo "=== Deploying TaxBaik v$(git rev-parse --short HEAD) ==="
|
|
mkdir -p "$DEPLOY_DIR"
|
|
cp -r ./publish/* "$DEPLOY_DIR/"
|
|
ln -sfn "$DEPLOY_DIR" "$DEPLOY_HOME/taxbaik_active"
|
|
echo "✓ Deployed to $DEPLOY_DIR"
|
|
|
|
# 서버에서 systemd로 서비스를 재시작
|
|
echo "=== Restarting service on server ==="
|
|
mkdir -p ~/.ssh
|
|
printf '%s\n' "${{ secrets.DEPLOY_SSH_KEY }}" > ~/.ssh/id_ed25519
|
|
chmod 600 ~/.ssh/id_ed25519
|
|
ssh-keyscan -H "$DEPLOY_HOST" >> ~/.ssh/known_hosts 2>/dev/null || true
|
|
ssh -i ~/.ssh/id_ed25519 -o StrictHostKeyChecking=yes "$DEPLOY_USER@$DEPLOY_HOST" "sudo systemctl restart taxbaik"
|
|
sleep 5
|
|
echo "✓ Deployment complete"
|
|
|
|
- name: Verify deployment
|
|
run: |
|
|
set -e
|
|
DEPLOY_HOST="${{ secrets.DEPLOY_HOST }}"
|
|
DEPLOY_USER="${{ secrets.DEPLOY_USER }}"
|
|
mkdir -p ~/.ssh
|
|
printf '%s\n' "${{ secrets.DEPLOY_SSH_KEY }}" > ~/.ssh/id_ed25519
|
|
chmod 600 ~/.ssh/id_ed25519
|
|
ssh-keyscan -H "$DEPLOY_HOST" >> ~/.ssh/known_hosts 2>/dev/null || true
|
|
sleep 10
|
|
HOME_STATUS=$(ssh -i ~/.ssh/id_ed25519 -o StrictHostKeyChecking=yes "$DEPLOY_USER@$DEPLOY_HOST" "curl -s -o /dev/null -w '%{http_code}' http://127.0.0.1:5001/taxbaik/" || echo "000")
|
|
LOGIN_STATUS=$(ssh -i ~/.ssh/id_ed25519 -o StrictHostKeyChecking=yes "$DEPLOY_USER@$DEPLOY_HOST" "curl -s -o /dev/null -w '%{http_code}' http://127.0.0.1:5001/taxbaik/admin/login" || echo "000")
|
|
ADMIN_TEST_PASSWORD="${{ secrets.TAXBAIK_ADMIN_TEST_PASSWORD }}"
|
|
AUTH_BODY=$(ssh -i ~/.ssh/id_ed25519 -o StrictHostKeyChecking=yes "$DEPLOY_USER@$DEPLOY_HOST" "python3 - <<'PY'\nimport json, urllib.request\nreq = urllib.request.Request('http://127.0.0.1:5001/taxbaik/api/auth/login', data=json.dumps({'username':'admin','password':'${ADMIN_TEST_PASSWORD}'}).encode(), headers={'Content-Type':'application/json'}, method='POST')\ntry:\n with urllib.request.urlopen(req, timeout=20) as r:\n print(r.read().decode())\nexcept Exception as e:\n print(type(e).__name__, e)\nPY" || echo "")
|
|
echo "Home Status: $HOME_STATUS"
|
|
echo "Login Status: $LOGIN_STATUS"
|
|
echo "Auth Body: $AUTH_BODY"
|
|
if [ "$HOME_STATUS" = "200" ] && [ "$LOGIN_STATUS" = "200" ] && echo "$AUTH_BODY" | grep -q '"token"'; then
|
|
echo "✓ Service is running"
|
|
else
|
|
echo "⚠ Service may not be running (home: $HOME_STATUS, login: $LOGIN_STATUS, auth: $AUTH_BODY)"
|
|
fi
|