From 0076eefda2db2656789150e4e13e78fbf7135d5e Mon Sep 17 00:00:00 2001 From: sm4640 Date: Thu, 26 Mar 2026 00:42:35 +0900 Subject: [PATCH] =?UTF-8?q?Fix:=20[main]=20cicd=20=ED=95=A0=EB=95=8C=20md?= =?UTF-8?q?=20=ED=8C=8C=EC=9D=BC=20=EB=B3=80=ED=99=94=EB=8A=94=20=EC=A0=9C?= =?UTF-8?q?=EC=99=B8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .gitea/workflows/cicd.yml | 100 +++++++++++++++++++++++++++++--------- 1 file changed, 78 insertions(+), 22 deletions(-) diff --git a/.gitea/workflows/cicd.yml b/.gitea/workflows/cicd.yml index f33f00e..3c0e215 100644 --- a/.gitea/workflows/cicd.yml +++ b/.gitea/workflows/cicd.yml @@ -4,23 +4,46 @@ on: push: branches: ["main"] paths-ignore: - - "**.md" - - "docs/**" + - "**/*.md" jobs: build_push_deploy: runs-on: ubuntu-latest steps: - - name: Manual checkout (supports /gitea subpath) + - name: Setup SSH for Gitea env: - ACTOR: ${{ github.actor }} - REPO: ${{ github.repository }} - SHA: ${{ github.sha }} - TOKEN: ${{ secrets.NKEY_PAT }} + SSH_PRIVATE_KEY: ${{ secrets.NKEY_SSH_PRIVATE_KEY }} run: | set -euo pipefail + + mkdir -p ~/.ssh + chmod 700 ~/.ssh + + echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_ed25519 + chmod 600 ~/.ssh/id_ed25519 + + ssh-keyscan -p 2222 -t rsa,ed25519 nkeystudy.site >> ~/.ssh/known_hosts + chmod 644 ~/.ssh/known_hosts + + cat >> ~/.ssh/config <<'EOF' + Host nkey-gitea + HostName nkeystudy.site + User git + Port 2222 + IdentityFile ~/.ssh/id_ed25519 + IdentitiesOnly yes + EOF + chmod 600 ~/.ssh/config + + - name: Manual checkout via SSH + env: + REPO: ${{ github.repository }} + SHA: ${{ github.sha }} + run: | + set -euo pipefail + git init . - git remote add origin "https://${ACTOR}:${TOKEN}@nkeystudy.site/gitea/${REPO}.git" + git remote add origin "nkey-gitea:${REPO}.git" git fetch --no-tags --prune --depth=1 origin "${SHA}" git checkout -q FETCH_HEAD @@ -29,8 +52,8 @@ jobs: set -euo pipefail docker version if ! docker compose version >/dev/null 2>&1; then - # docker:24-git(Alpine) 기준 - apk add --no-cache docker-cli-compose + sudo apt-get update + sudo apt-get install -y docker-compose-plugin fi docker compose version @@ -42,41 +65,74 @@ jobs: set -euo pipefail echo "${DOCKERHUB_TOKEN}" | docker login -u "${DOCKERHUB_USER}" --password-stdin - - name: Build & push image + - name: Extract image version from commit message + id: version + env: + COMMIT_MESSAGE: ${{ github.event.head_commit.message }} + run: | + set -euo pipefail + + VERSION_TAG="" + if printf '%s' "${COMMIT_MESSAGE}" | grep -Eq '\[[0-9]+\.[0-9]+\.[0-9]+\]'; then + VERSION_TAG="$(printf '%s' "${COMMIT_MESSAGE}" | sed -nE 's/.*\[([0-9]+\.[0-9]+\.[0-9]+)\].*/\1/p' | head -n1)" + fi + + echo "version_tag=${VERSION_TAG}" >> "$GITHUB_OUTPUT" + + - name: Build and push image env: DOCKERHUB_USER: ${{ secrets.DOCKERHUB_USERNAME }} IMAGE_NAME: baekjoon-bot + VERSION_TAG: ${{ steps.version.outputs.version_tag }} run: | set -euo pipefail + IMAGE="${DOCKERHUB_USER}/${IMAGE_NAME}:latest" - docker build -t "${IMAGE}" . + if [ -n "${VERSION_TAG}" ]; then + VERSIONED_IMAGE="${DOCKERHUB_USER}/${IMAGE_NAME}:${VERSION_TAG}" + docker build -t "${IMAGE}" -t "${VERSIONED_IMAGE}" . + docker push "${VERSIONED_IMAGE}" + else + docker build -t "${IMAGE}" . + fi + docker push "${IMAGE}" - name: Deploy on server (compose pull/up) run: | - docker compose -f /nkeysworld/compose.apps.yml pull baekjoon-bot - docker compose -f /nkeysworld/compose.apps.yml up -d baekjoon-bot + set -euo pipefail + docker compose -p nkeys-apps -f /nkeysworld/compose.apps.yml pull baekjoon-bot + docker compose -p nkeys-apps -f /nkeysworld/compose.apps.yml up -d baekjoon-bot docker image prune -f - name: Discord Notification - if: always() # 빌드 성공/실패 여부와 상관없이 항상 실행 + if: always() env: DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }} run: | + set -euo pipefail if [ "${{ job.status }}" = "success" ]; then - MESSAGE="🚀 **Build & Deploy Success!**" - COLOR=3066993 # 녹색 계열 + STATUS="SUCCESS" + COLOR=3066993 + DESC="Baekjoon bot build/push/deploy succeeded." else - MESSAGE="⚠️ **Build or Deploy Failed!**" - COLOR=15158332 # 빨간색 계열 + STATUS="FAILURE" + COLOR=15158332 + DESC="Baekjoon bot build or deploy failed." fi curl -X POST -H "Content-Type: application/json" \ -d '{ "embeds": [{ - "title": "'"$MESSAGE"'", - "description": "**Repo:** ${{ github.repository }}\n**Commit:** ${{ github.sha }}\n**Actor:** ${{ github.actor }}", + "title": "Baekjoon Bot CI/CD - '"$STATUS"'", + "description": "'"$DESC"'", + "fields": [ + { "name": "Repo", "value": "${{ github.repository }}", "inline": true }, + { "name": "Commit", "value": "`${{ github.sha }}`", "inline": true }, + { "name": "Actor", "value": "${{ github.actor }}", "inline": true }, + { "name": "Image Version", "value": "`${{ steps.version.outputs.version_tag || 'latest only' }}`", "inline": true } + ], "color": '"$COLOR"', "timestamp": "'$(date -u +%Y-%m-%dT%H:%M:%SZ)'" }] - }' $DISCORD_WEBHOOK + }' "${DISCORD_WEBHOOK}"