diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index 2a41dff..f1cbc7c 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -9,20 +9,15 @@ jobs: deploy: runs-on: ubuntu-latest steps: - - name: Verify required secrets - run: | - [ -n "${{ secrets.DEPLOY_SSH_KEY }}" ] || { echo "::error::DEPLOY_SSH_KEY secret 누락"; exit 1; } - [ -n "${{ secrets.DEPLOY_HOST }}" ] || { echo "::error::DEPLOY_HOST secret 누락"; exit 1; } - [ -n "${{ secrets.DEPLOY_USER }}" ] || { echo "::error::DEPLOY_USER secret 누락"; exit 1; } - [ -n "${{ secrets.DATABASE_URL }}" ] || { echo "::error::DATABASE_URL secret 누락"; exit 1; } - echo "✔ secrets present" + - name: Checkout code + uses: actions/checkout@v4 - name: Setup SSH run: | mkdir -p ~/.ssh - printf '%s\n' "${{ secrets.DEPLOY_SSH_KEY }}" > ~/.ssh/id_rsa + echo "${{ secrets.DEPLOY_SSH_KEY }}" > ~/.ssh/id_rsa chmod 600 ~/.ssh/id_rsa - ssh-keyscan -H "${{ secrets.DEPLOY_HOST }}" >> ~/.ssh/known_hosts 2>/dev/null || true + ssh-keyscan -H ${{ secrets.DEPLOY_HOST }} >> ~/.ssh/known_hosts 2>/dev/null - name: Deploy via SSH env: @@ -33,42 +28,18 @@ jobs: NEXTAUTH_SECRET: ${{ secrets.NEXTAUTH_SECRET }} MASTER_PWD: ${{ secrets.MASTER_PWD }} AES_KEY: ${{ secrets.AES_KEY }} - SMTP_HOST: ${{ secrets.SMTP_HOST }} - SMTP_PORT: ${{ secrets.SMTP_PORT }} - SMTP_USER: ${{ secrets.SMTP_USER }} - SMTP_PASS: ${{ secrets.SMTP_PASS }} - SMTP_FROM: ${{ secrets.SMTP_FROM }} - MOMO_BANK_ACCOUNT: ${{ secrets.MOMO_BANK_ACCOUNT }} - MOMO_PHONE: ${{ secrets.MOMO_PHONE }} run: | - # 환경변수를 원격 셸로 전달하기 위해 export 한 뒤 -E 로 보내거나, heredoc 안에서 GitHub-style 변수 보간 사용 - ssh -o StrictHostKeyChecking=no -o ConnectTimeout=15 "$SSH_USER@$SSH_HOST" \ - "DATABASE_URL='$DATABASE_URL' \ - NEXTAUTH_URL='$NEXTAUTH_URL' \ - NEXTAUTH_SECRET='$NEXTAUTH_SECRET' \ - MASTER_PWD='$MASTER_PWD' \ - AES_KEY='$AES_KEY' \ - SMTP_HOST='$SMTP_HOST' \ - SMTP_PORT='$SMTP_PORT' \ - SMTP_USER='$SMTP_USER' \ - SMTP_PASS='$SMTP_PASS' \ - SMTP_FROM='$SMTP_FROM' \ - MOMO_BANK_ACCOUNT='$MOMO_BANK_ACCOUNT' \ - MOMO_PHONE='$MOMO_PHONE' \ - bash -s" <<'REMOTE_SCRIPT' + ssh -o StrictHostKeyChecking=no "$SSH_USER@$SSH_HOST" bash -s << 'REMOTE' set -e DEPLOY_DIR="$HOME/momo-erp/source" mkdir -p "$HOME/momo-erp" if [ -d "$DEPLOY_DIR/.git" ]; then - cd "$DEPLOY_DIR" - git fetch origin - git reset --hard origin/main + cd "$DEPLOY_DIR" && git fetch origin && git reset --hard origin/main else git clone https://git.junggomoa.com/chpark/distribution_erp.git "$DEPLOY_DIR" cd "$DEPLOY_DIR" fi - - cat > .env.production < .env.production <