항상 각종 Secret Key를 어떻게 하는지 궁금했는데,
처리하는 방법을 배움!
이게 원래 배우려던 주제는 아니고...
Docker로 CI/CD를 어떻게 처리하는지 이해할 수 있었다.
3주짜리 짧은 강의였지만 유익했음.
중간에 삽질을 좀 하긴 했으나 꼭 필요했던 지식이라 뿌듯하다.
Dockerfile
FROM python:3.8-slim AS builder
ADD requirements.txt requirements.txt
RUN pip install -r requirements.txt
FROM python:3.8-slim-buster
COPY --from=builder /usr/local/lib/python3.8/site-packages/ /usr/local/lib/python3.8/site-packages/
ADD templates templates
ADD app.py .
ADD utils.py .
CMD ["python", "app.py"]ci-pipeline.yaml
name: ci-cd-pipeline
on:
push:
branches:
- main
jobs:
run-test-code:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-python@v2
with:
python-version: "3.8"
- run: pip install -r requirements.dev.txt
- run: pytest
build-image:
needs: run-test-code
runs-on: ubuntu-latest
steps:
-
name: Set up QEMU
uses: docker/setup-qemu-action@v1
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
-
name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
-
name: Build and push
id: docker_build
uses: docker/build-push-action@v2
with:
push: true
tags: ${{ secrets.DOCKERHUB_USERNAME }}/memo:latest
-
name: Image digest
run: echo ${{ steps.docker_build.outputs.digest }}
cd-pipeline:
needs: build-image
name: continuos deploy
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- name: copy file via ssh password
uses: appleboy/scp-action@master
with:
host: ${{ secrets.HOST }}
username: ec2-user
key: ${{ secrets.PRIVATE_KEY }}
port: 22
source: "docker-compose.yaml"
target: "/home/ec2-user/"
- name: executing remote ssh commands using password
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.HOST }}
username: ec2-user
key: ${{ secrets.PRIVATE_KEY }}
port: 22
script: "docker-compose pull && docker-compose up -d"