ci: gitea runner가 sshpass로 직접 ssh 배포 (git push만으로 자동반영)
Deploy momo-erp / deploy (push) Failing after 1m10s
Deploy momo-erp / deploy (push) Failing after 1m10s
This commit is contained in:
chpark
+60
-22
@@ -1,4 +1,4 @@
|
||||
name: Deploy momo-erp via webhook
|
||||
name: Deploy momo-erp
|
||||
|
||||
on:
|
||||
push:
|
||||
@@ -9,35 +9,73 @@ jobs:
|
||||
deploy:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Trigger deploy webhook
|
||||
- name: Install sshpass
|
||||
run: |
|
||||
apt-get update -qq && apt-get install -y -qq sshpass openssh-client || \
|
||||
sudo apt-get update -qq && sudo apt-get install -y -qq sshpass openssh-client
|
||||
|
||||
- name: Deploy via SSH (password auth)
|
||||
run: |
|
||||
set -e
|
||||
# 토큰은 .env.production 의 DEPLOY_WEBHOOK_TOKEN 과 일치해야 함
|
||||
# secrets 참조 안 하므로 시크릿 등록 불필요
|
||||
TOKEN="momo-deploy-2026-secure"
|
||||
echo "POST https://momo.junggomoa.com/api/deploy/webhook"
|
||||
HTTP_CODE=$(curl -sS -o /tmp/resp.json -w "%{http_code}" -X POST \
|
||||
-H "X-Deploy-Token: $TOKEN" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d '{"branch":"main"}' \
|
||||
https://momo.junggomoa.com/api/deploy/webhook || echo "000")
|
||||
echo "HTTP=$HTTP_CODE"
|
||||
cat /tmp/resp.json 2>/dev/null || echo "(no response body)"
|
||||
echo ""
|
||||
if [ "$HTTP_CODE" != "200" ]; then
|
||||
echo "::warning::Webhook 실패: HTTP $HTTP_CODE — 운영 서버에 새 docker-compose.prod.yml 1회 수동 적용 필요"
|
||||
export SSHPASS='qlalfqjsgh11'
|
||||
mkdir -p ~/.ssh
|
||||
ssh-keyscan -H 183.99.177.40 >> ~/.ssh/known_hosts 2>/dev/null || true
|
||||
|
||||
sshpass -e ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null \
|
||||
chpark@183.99.177.40 'bash -s' <<'REMOTE_SCRIPT'
|
||||
set -e
|
||||
DEPLOY_DIR="$HOME/momo-erp/source"
|
||||
mkdir -p "$HOME/momo-erp"
|
||||
|
||||
if [ -d "$DEPLOY_DIR/.git" ]; then
|
||||
cd "$DEPLOY_DIR"
|
||||
git fetch origin
|
||||
git reset --hard origin/main
|
||||
else
|
||||
git clone https://git.junggomoa.com/chpark/distribution_erp.git "$DEPLOY_DIR"
|
||||
cd "$DEPLOY_DIR"
|
||||
fi
|
||||
|
||||
- name: Wait for deploy + healthcheck
|
||||
# .env.production 갱신 (SMTP/MOMO 포함)
|
||||
cat > .env.production <<'ENVEOF'
|
||||
DATABASE_URL=postgresql://momo_app:qlalfqjsgh11@183.99.177.40:5432/distribution
|
||||
NEXTAUTH_URL=https://momo.junggomoa.com
|
||||
NEXTAUTH_SECRET=2b1f94cca798f49ff62822b01617503b019d118df9d249ee61f835a7dca1946e
|
||||
NEXT_PUBLIC_APP_NAME=유통관리 ERP
|
||||
NEXT_PUBLIC_COMPANY_NAME=모모유통
|
||||
MASTER_PWD=qlalfqjsgh11
|
||||
AES_KEY=ILJIAESSECRETKEY
|
||||
FILE_STORAGE_PATH=/data_storage
|
||||
LOG_LEVEL=info
|
||||
SMTP_HOST=mail.coa-soft.com
|
||||
SMTP_PORT=465
|
||||
SMTP_USER=chpark@coa-soft.com
|
||||
SMTP_PASS=1321Qkrckd!!!!!!
|
||||
SMTP_FROM=모모유통 <chpark@coa-soft.com>
|
||||
MOMO_BANK_ACCOUNT=기업은행 434-115361-01-016
|
||||
MOMO_PHONE=010-6624-5315
|
||||
DEPLOY_WEBHOOK_TOKEN=momo-deploy-2026-secure
|
||||
ENVEOF
|
||||
|
||||
docker compose -f docker-compose.prod.yml up -d --build
|
||||
|
||||
# 마이그레이션 (idempotent)
|
||||
docker compose -f docker-compose.prod.yml exec -T momo-erp npm run migrate:momo || \
|
||||
echo "::warning::migration skipped"
|
||||
|
||||
docker compose -f docker-compose.prod.yml ps
|
||||
echo "✔ 배포 완료"
|
||||
REMOTE_SCRIPT
|
||||
|
||||
- name: Healthcheck
|
||||
run: |
|
||||
echo "헬스체크 폴링 (최대 5분)..."
|
||||
for i in 1 2 3 4 5 6 7 8 9 10; do
|
||||
sleep 30
|
||||
CODE=$(curl -s -o /dev/null -w "%{http_code}" https://momo.junggomoa.com/ || echo "000")
|
||||
sleep 15
|
||||
CODE=$(curl -s -o /dev/null -w "%{http_code}" https://momo.junggomoa.com/ || echo 000)
|
||||
echo " ${i}/10: HTTP $CODE"
|
||||
if [ "$CODE" = "200" ]; then
|
||||
echo "::notice::헬스체크 OK"
|
||||
echo "::notice::서비스 정상 응답"
|
||||
exit 0
|
||||
fi
|
||||
done
|
||||
echo "::warning::5분 안에 200 응답 없음"
|
||||
echo "::warning::헬스체크 실패"
|
||||
|
||||
Reference in New Issue
Block a user