ci: 웹 이미지 빌드 시 공개 분석 환경변수 주입 로직 추가 (#62) #20
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # main 브랜치 push 시 api, web 이미지 빌드 → Artifact Registry 푸시 → Cloud Run 배포 | |
| name: Deploy to Cloud Run | |
| on: | |
| push: | |
| branches: [main] | |
| env: | |
| GCP_REGION: ${{ secrets.GCP_REGION }} | |
| GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }} | |
| AR_REPO: lms | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| id-token: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Authenticate to GCP | |
| uses: google-github-actions/auth@v2 | |
| with: | |
| credentials_json: ${{ secrets.GCP_SA_KEY }} | |
| - name: Set up Cloud SDK | |
| uses: google-github-actions/setup-gcloud@v2 | |
| with: | |
| project_id: ${{ secrets.GCP_PROJECT_ID }} | |
| - name: Create Artifact Registry repository (if not exists) | |
| run: | | |
| if ! gcloud artifacts repositories describe ${{ env.AR_REPO }} --location=${{ env.GCP_REGION }} 2>/dev/null; then | |
| gcloud artifacts repositories create ${{ env.AR_REPO }} \ | |
| --repository-format=docker \ | |
| --location=${{ env.GCP_REGION }} \ | |
| --description="LMS Docker images" | |
| fi | |
| - name: Configure Docker for Artifact Registry | |
| run: gcloud auth configure-docker ${{ env.GCP_REGION }}-docker.pkg.dev --quiet | |
| - name: Build and push API image | |
| run: | | |
| SHORT_SHA=$(echo ${{ github.sha }} | cut -c1-7) | |
| IMAGE="${{ env.GCP_REGION }}-docker.pkg.dev/${{ env.GCP_PROJECT_ID }}/${{ env.AR_REPO }}/lms-api" | |
| docker build -f api/Dockerfile -t ${IMAGE}:${SHORT_SHA} -t ${IMAGE}:latest ./api | |
| docker push ${IMAGE}:${SHORT_SHA} | |
| docker push ${IMAGE}:latest | |
| - name: Build and push Web image | |
| env: | |
| CLOUD_RUN_ENV_WEB: ${{ secrets.CLOUD_RUN_ENV_WEB }} | |
| run: | | |
| SHORT_SHA=$(echo ${{ github.sha }} | cut -c1-7) | |
| IMAGE="${{ env.GCP_REGION }}-docker.pkg.dev/${{ env.GCP_PROJECT_ID }}/${{ env.AR_REPO }}/lms-web" | |
| NEXT_PUBLIC_ANALYTICS_PROVIDER=$(echo "$CLOUD_RUN_ENV_WEB" | awk -F': ' '/^NEXT_PUBLIC_ANALYTICS_PROVIDER:/{gsub(/"/,"",$2);print $2}') | |
| NEXT_PUBLIC_GA4_MEASUREMENT_ID=$(echo "$CLOUD_RUN_ENV_WEB" | awk -F': ' '/^NEXT_PUBLIC_GA4_MEASUREMENT_ID:/{gsub(/"/,"",$2);print $2}') | |
| if [ -z "${NEXT_PUBLIC_ANALYTICS_PROVIDER}" ] || [ -z "${NEXT_PUBLIC_GA4_MEASUREMENT_ID}" ]; then | |
| echo "ERROR: NEXT_PUBLIC_ANALYTICS_PROVIDER 또는 NEXT_PUBLIC_GA4_MEASUREMENT_ID 값이 비어 있습니다." | |
| exit 1 | |
| fi | |
| docker build -f web/Dockerfile \ | |
| --build-arg NEXT_PUBLIC_ANALYTICS_PROVIDER="${NEXT_PUBLIC_ANALYTICS_PROVIDER}" \ | |
| --build-arg NEXT_PUBLIC_GA4_MEASUREMENT_ID="${NEXT_PUBLIC_GA4_MEASUREMENT_ID}" \ | |
| -t ${IMAGE}:${SHORT_SHA} -t ${IMAGE}:latest ./web | |
| docker push ${IMAGE}:${SHORT_SHA} | |
| docker push ${IMAGE}:latest | |
| - name: Deploy API to Cloud Run | |
| env: | |
| CLOUD_RUN_ENV_API: ${{ secrets.CLOUD_RUN_ENV_API }} | |
| run: | | |
| SHORT_SHA=$(echo ${{ github.sha }} | cut -c1-7) | |
| if [ -n "$CLOUD_RUN_ENV_API" ]; then | |
| echo "$CLOUD_RUN_ENV_API" > /tmp/api-env.yaml | |
| gcloud run deploy lms-api \ | |
| --image ${{ env.GCP_REGION }}-docker.pkg.dev/${{ env.GCP_PROJECT_ID }}/${{ env.AR_REPO }}/lms-api:${SHORT_SHA} \ | |
| --region ${{ env.GCP_REGION }} \ | |
| --platform managed \ | |
| --memory 512Mi \ | |
| --timeout 300 \ | |
| --allow-unauthenticated \ | |
| --env-vars-file /tmp/api-env.yaml | |
| else | |
| gcloud run deploy lms-api \ | |
| --image ${{ env.GCP_REGION }}-docker.pkg.dev/${{ env.GCP_PROJECT_ID }}/${{ env.AR_REPO }}/lms-api:${SHORT_SHA} \ | |
| --region ${{ env.GCP_REGION }} \ | |
| --platform managed \ | |
| --memory 512Mi \ | |
| --timeout 300 \ | |
| --allow-unauthenticated | |
| fi | |
| - name: Deploy Web to Cloud Run | |
| env: | |
| CLOUD_RUN_ENV_WEB: ${{ secrets.CLOUD_RUN_ENV_WEB }} | |
| run: | | |
| SHORT_SHA=$(echo ${{ github.sha }} | cut -c1-7) | |
| if [ -n "$CLOUD_RUN_ENV_WEB" ]; then | |
| echo "$CLOUD_RUN_ENV_WEB" > /tmp/web-env.yaml | |
| gcloud run deploy lms-web \ | |
| --image ${{ env.GCP_REGION }}-docker.pkg.dev/${{ env.GCP_PROJECT_ID }}/${{ env.AR_REPO }}/lms-web:${SHORT_SHA} \ | |
| --region ${{ env.GCP_REGION }} \ | |
| --platform managed \ | |
| --allow-unauthenticated \ | |
| --env-vars-file /tmp/web-env.yaml | |
| else | |
| gcloud run deploy lms-web \ | |
| --image ${{ env.GCP_REGION }}-docker.pkg.dev/${{ env.GCP_PROJECT_ID }}/${{ env.AR_REPO }}/lms-web:${SHORT_SHA} \ | |
| --region ${{ env.GCP_REGION }} \ | |
| --platform managed \ | |
| --allow-unauthenticated | |
| fi |