From 2d053146db552bca7146d44cff221b24d23c9f1b Mon Sep 17 00:00:00 2001 From: injoon2019 Date: Tue, 23 Jul 2024 00:30:25 +0900 Subject: [PATCH] =?UTF-8?q?feat:=20github=20action=20ip=EB=A5=BC=20?= =?UTF-8?q?=EB=8F=99=EC=A0=81=EC=9C=BC=EB=A1=9C=20=EC=B6=94=EA=B0=80?= =?UTF-8?q?=ED=95=98=EA=B3=A0=20=EC=82=AD=EC=A0=9C=ED=95=9C=EB=8B=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/deploy-workflow.yml | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/.github/workflows/deploy-workflow.yml b/.github/workflows/deploy-workflow.yml index 0e29cbe9..c99b537c 100644 --- a/.github/workflows/deploy-workflow.yml +++ b/.github/workflows/deploy-workflow.yml @@ -37,6 +37,21 @@ jobs: docker build --platform linux/amd64 -f Dockerfile -t ${{ secrets.DOCKER_USERNAME }}/bottles:$DOCKER_TAG . docker push ${{ secrets.DOCKER_USERNAME }}/bottles:$DOCKER_TAG + - name: Get Github Actions IP + id: ip + uses: haythem/public-ip@v1.2 + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ap-northeast-2 + + - name: Add Github Actions IP to Security group + run: | + aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32 + - name: Transfer file using SCP env: SERVER_HOST: ${{ secrets.SERVER_HOST }} @@ -76,3 +91,7 @@ jobs: cd /home/${{ secrets.SERVER_USER_NAME }}/deploy sudo chmod +x deploy.sh notify_error.sh ./deploy.sh + + - name: Remove Github Actions IP From Security Group + run: | + aws ec2 revoke-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32