gc/kcg-monitoring
7
0
포크 0
코드 이슈 풀 리퀘스트 1 Actions 위키 활동

fix(deploy): SSH 기반 백엔드 자동 재시작 (#35)
Some checks failed
Deploy KCG / deploy (push) Failing after 1m8s
Details

소스 검색 
Co-authored-by: htlee <htlee@gcsc.co.kr>
Co-committed-by: htlee <htlee@gcsc.co.kr>
This commit is contained in:
htlee 2026-03-18 06:34:24 +09:00 committed by claude-bot
부모 49c493b9da
커밋 282adff6a7
3개의 변경된 파일48개의 추가작업 그리고 50개의 파일을 삭제
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
.gitea/workflows/deploy.yml
파일 보기

@ -34,7 +34,7 @@ jobs:
- name: Install JDK 21 + Maven - name: Install JDK 21 + Maven
run: | run: |
apt-get update -qq apt-get update -qq
apt-get install -y -qq wget apt-transport-https gpg maven > /dev/null 2>&1 apt-get install -y -qq wget apt-transport-https gpg maven openssh-client > /dev/null 2>&1
wget -qO - https://packages.adoptium.net/artifactory/api/gpg/key/public | gpg --dearmor -o /usr/share/keyrings/adoptium.gpg wget -qO - https://packages.adoptium.net/artifactory/api/gpg/key/public | gpg --dearmor -o /usr/share/keyrings/adoptium.gpg
echo "deb [signed-by=/usr/share/keyrings/adoptium.gpg] https://packages.adoptium.net/artifactory/deb bookworm main" > /etc/apt/sources.list.d/adoptium.list echo "deb [signed-by=/usr/share/keyrings/adoptium.gpg] https://packages.adoptium.net/artifactory/deb bookworm main" > /etc/apt/sources.list.d/adoptium.list
apt-get update -qq apt-get update -qq
@ -48,7 +48,7 @@ jobs:
working-directory: backend working-directory: backend
run: mvn -B clean package -DskipTests run: mvn -B clean package -DskipTests
- name: Deploy backend - name: Deploy backend files
env: env:
GOOGLE_CLIENT_ID: ${{ secrets.GOOGLE_CLIENT_ID }} GOOGLE_CLIENT_ID: ${{ secrets.GOOGLE_CLIENT_ID }}
JWT_SECRET: ${{ secrets.JWT_SECRET }} JWT_SECRET: ${{ secrets.JWT_SECRET }}
@ -63,7 +63,7 @@ jobs:
ls -t $DEPLOY_DIR/backup/*.jar | tail -n +6 | xargs -r rm ls -t $DEPLOY_DIR/backup/*.jar | tail -n +6 | xargs -r rm
fi fi
# Secrets → 환경변수 파일 (빈 값은 제외) # Secrets → 환경변수 파일
: > $DEPLOY_DIR/.env : > $DEPLOY_DIR/.env
[ -n "$GOOGLE_CLIENT_ID" ] && echo "GOOGLE_CLIENT_ID=${GOOGLE_CLIENT_ID}" >> $DEPLOY_DIR/.env [ -n "$GOOGLE_CLIENT_ID" ] && echo "GOOGLE_CLIENT_ID=${GOOGLE_CLIENT_ID}" >> $DEPLOY_DIR/.env
[ -n "$JWT_SECRET" ] && echo "JWT_SECRET=${JWT_SECRET}" >> $DEPLOY_DIR/.env [ -n "$JWT_SECRET" ] && echo "JWT_SECRET=${JWT_SECRET}" >> $DEPLOY_DIR/.env
@ -75,30 +75,54 @@ jobs:
echo "JAR 내부 application-prod.yml 감지 → 외부 파일 제거" echo "JAR 내부 application-prod.yml 감지 → 외부 파일 제거"
fi fi
# systemd 서비스 파일 배포 (watcher가 반영) # systemd 서비스 파일 배포
cp deploy/kcg-backend.service $DEPLOY_DIR/kcg-backend.service cp deploy/kcg-backend.service $DEPLOY_DIR/kcg-backend.service
cp deploy/kcg-backend-watcher.service $DEPLOY_DIR/kcg-backend-watcher.service
cp deploy/kcg-backend-watcher.path $DEPLOY_DIR/kcg-backend-watcher.path
# JAR 교체 # JAR 교체
cp backend/target/kcg.jar $DEPLOY_DIR/kcg.jar cp backend/target/kcg.jar $DEPLOY_DIR/kcg.jar
echo "Backend deployed at $(date '+%Y-%m-%d %H:%M:%S')" echo "Backend files deployed at $(date '+%Y-%m-%d %H:%M:%S')"
- name: Restart backend service - name: Restart backend via SSH
env:
DEPLOY_KEY: ${{ secrets.DEPLOY_SSH_KEY }}
run: | run: |
# systemd 서비스 파일 갱신 + 백엔드 재시작 (호스트 네임스페이스) mkdir -p ~/.ssh
nsenter -t 1 -m -- /bin/bash -c ' echo "$DEPLOY_KEY" > ~/.ssh/id_deploy
DEPLOY_DIR=/devdata/services/kcg/backend chmod 600 ~/.ssh/id_deploy
SYSTEMD_DIR=/etc/systemd/system ssh-keyscan localhost >> ~/.ssh/known_hosts 2>/dev/null || true
CHANGED=0
for f in kcg-backend.service kcg-backend-watcher.service kcg-backend-watcher.path; do SSH_CMD="ssh -i ~/.ssh/id_deploy -o StrictHostKeyChecking=no root@localhost"
if [ -f "$DEPLOY_DIR/$f" ] && ! diff -q "$DEPLOY_DIR/$f" "$SYSTEMD_DIR/$f" >/dev/null 2>&1; then
cp "$DEPLOY_DIR/$f" "$SYSTEMD_DIR/$f" $SSH_CMD bash -s << 'RESTART'
CHANGED=1 set -e
fi DEPLOY_DIR=/devdata/services/kcg/backend
done SYSTEMD_DIR=/etc/systemd/system
[ "$CHANGED" = "1" ] && systemctl daemon-reload
systemctl restart kcg-backend # systemd 서비스 파일 갱신
sleep 5 CHANGED=0
systemctl is-active kcg-backend && echo "Backend restarted successfully" || echo "Backend failed to start" if [ -f "$DEPLOY_DIR/kcg-backend.service" ] && ! diff -q "$DEPLOY_DIR/kcg-backend.service" "$SYSTEMD_DIR/kcg-backend.service" >/dev/null 2>&1; then
' cp "$DEPLOY_DIR/kcg-backend.service" "$SYSTEMD_DIR/kcg-backend.service"
CHANGED=1
fi
[ "$CHANGED" = "1" ] && systemctl daemon-reload
# 백엔드 재시작
echo "--- Restarting kcg-backend ---"
systemctl restart kcg-backend
# 기동 확인 (최대 30초)
for i in $(seq 1 30); do
if curl -sf http://localhost:8080/api/aircraft > /dev/null 2>&1; then
echo "Backend started successfully (${i}s)"
exit 0
fi
sleep 1
done
echo "WARNING: Startup timeout. Recent logs:"
journalctl -u kcg-backend --no-pager -n 20
exit 1
RESTART
- name: Cleanup
if: always()
run: rm -f ~/.ssh/id_deploy

9
deploy/kcg-backend-watcher.path
파일 보기

@ -1,9 +0,0 @@
[Unit]
Description=Watch for KCG Backend deploy trigger
[Path]
PathModified=/devdata/services/kcg/backend/.deploy-trigger
Unit=kcg-backend-watcher.service
[Install]
WantedBy=multi-user.target

17
deploy/kcg-backend-watcher.service
파일 보기

@ -1,17 +0,0 @@
[Unit]
Description=Restart KCG Backend on deploy
[Service]
Type=oneshot
ExecStart=/bin/bash -c '\
DEPLOY_DIR=/devdata/services/kcg/backend; \
SYSTEMD_DIR=/etc/systemd/system; \
CHANGED=0; \
for f in kcg-backend.service kcg-backend-watcher.service kcg-backend-watcher.path; do \
if [ -f "$DEPLOY_DIR/$f" ] && ! diff -q "$DEPLOY_DIR/$f" "$SYSTEMD_DIR/$f" >/dev/null 2>&1; then \
cp "$DEPLOY_DIR/$f" "$SYSTEMD_DIR/$f"; \
CHANGED=1; \
fi; \
done; \
[ "$CHANGED" = "1" ] && systemctl daemon-reload; \
systemctl restart kcg-backend'