Update deploy.yml

Leeka99 · web-flow · commit debcbb01462f · 2025-10-12T14:31:35.000+09:00
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -92,54 +92,62 @@ jobs:
             cd $HOME/project
             
             echo "Updating .env file with latest Secret Manager values..."
+
+            # 오류 발생 시 즉시 종료
+            set -e
             
             # .env 파일 백업
             cp .env .env.backup.$(date +%Y%m%d_%H%M%S)
+
+            # 임시 파일 생성
+            NEW_ENV=$(mktemp)
             
-            # Secret Manager 관련 라인들 제거
-            sed -i '/^DB_URL=/d' .env
-            sed -i '/^JWT_SECRET=/d' .env
-            sed -i '/^GOOGLE_CLIENT_ID=/d' .env
-            sed -i '/^GOOGLE_CLIENT_SECRET=/d' .env
-            sed -i '/^GOOGLE_API_KEY=/d' .env
-            sed -i '/^GOOGLE_CALENDAR_REDIRECT_URI=/d' .env
-            sed -i '/^OAUTH_REDIRECT_URI=/d' .env
-            sed -i '/^KAKAO_CLIENT_ID=/d' .env
-            sed -i '/^KAKAO_CLIENT_SECRET=/d' .env
-            sed -i '/^KAKAO_API_KEY=/d' .env
-            sed -i '/^ZOOM_ACCOUNT_ID=/d' .env
-            sed -i '/^ZOOM_CLIENT_ID=/d' .env
-            sed -i '/^ZOOM_CLIENT_SECRET=/d' .env
-            sed -i '/^GCP_IP=/d' .env
-            sed -i '/^FRONT_DOMAIN_A=/d' .env
-            sed -i '/^FRONT_DOMAIN_B=/d' .env
-            sed -i '/^FRONT_CALLBACK=/d' .env
-            sed -i '/^REDIS_HOST=/d' .env
-            sed -i '/^REDIS_PORT=/d' .env
+            # # Secret Manager 관련 라인들 제거
+            # sed -i '/^DB_URL=/d' .env
+            # sed -i '/^JWT_SECRET=/d' .env
+            # sed -i '/^GOOGLE_CLIENT_ID=/d' .env
+            # sed -i '/^GOOGLE_CLIENT_SECRET=/d' .env
+            # sed -i '/^GOOGLE_API_KEY=/d' .env
+            # sed -i '/^GOOGLE_CALENDAR_REDIRECT_URI=/d' .env
+            # sed -i '/^OAUTH_REDIRECT_URI=/d' .env
+            # sed -i '/^KAKAO_CLIENT_ID=/d' .env
+            # sed -i '/^KAKAO_CLIENT_SECRET=/d' .env
+            # sed -i '/^KAKAO_API_KEY=/d' .env
+            # sed -i '/^ZOOM_ACCOUNT_ID=/d' .env
+            # sed -i '/^ZOOM_CLIENT_ID=/d' .env
+            # sed -i '/^ZOOM_CLIENT_SECRET=/d' .env
+            # sed -i '/^GCP_IP=/d' .env
+            # sed -i '/^FRONT_DOMAIN_A=/d' .env
+            # sed -i '/^FRONT_DOMAIN_B=/d' .env
+            # sed -i '/^FRONT_CALLBACK=/d' .env
+            # sed -i '/^REDIS_HOST=/d' .env
+            # sed -i '/^REDIS_PORT=/d' .env
             
-            # Secret Manager에서 최신 값들을 가져와서 .env에 추가
-            echo "" >> .env
-            echo "DB_URL=$(gcloud secrets versions access latest --secret='db-url')" >> .env
-            echo "JWT_SECRET=$(gcloud secrets versions access latest --secret='jwt-secret')" >> .env
-            echo "GOOGLE_CLIENT_ID=$(gcloud secrets versions access latest --secret='google-client-id')" >> .env
-            echo "GOOGLE_CLIENT_SECRET=$(gcloud secrets versions access latest --secret='google-client-secret')" >> .env
+            # Secret Manager에서 최신 값들을 가져와서 임시 파일에 추가
+            echo "DB_URL=$(gcloud secrets versions access latest --secret='db-url')" >> $NEW_ENV
+            echo "JWT_SECRET=$(gcloud secrets versions access latest --secret='jwt-secret')" >> $NEW_ENV
+            echo "GOOGLE_CLIENT_ID=$(gcloud secrets versions access latest --secret='google-client-id')" >> $NEW_ENV
+            echo "GOOGLE_CLIENT_SECRET=$(gcloud secrets versions access latest --secret='google-client-secret')" >> $NEW_ENV
             echo "GOOGLE_API_KEY=$(gcloud secrets versions access latest --secret='google-api-key')" >> .env
-            echo "GOOGLE_CALENDAR_REDIRECT_URI=$(gcloud secrets versions access latest --secret='google-calendar-redirect-uri')" >> .env
-            echo "OAUTH_REDIRECT_URI=$(gcloud secrets versions access latest --secret='oauth-redirect-uri')" >> .env
-            echo "KAKAO_CLIENT_ID=$(gcloud secrets versions access latest --secret='kakao-client-id')" >> .env
-            echo "KAKAO_CLIENT_SECRET=$(gcloud secrets versions access latest --secret='kakao-client-secret')" >> .env
-            echo "KAKAO_API_KEY=$(gcloud secrets versions access latest --secret='kakao-api-key')" >> .env
-            echo "ZOOM_ACCOUNT_ID=$(gcloud secrets versions access latest --secret='zoom-account-id')" >> .env
-            echo "ZOOM_CLIENT_ID=$(gcloud secrets versions access latest --secret='zoom-client-id')" >> .env
-            echo "ZOOM_CLIENT_SECRET=$(gcloud secrets versions access latest --secret='zoom-client-secret')" >> .env
-            echo "GCP_IP=$(gcloud secrets versions access latest --secret='gcp-ip')" >> .env
-            echo "FRONT_DOMAIN_A=$(gcloud secrets versions access latest --secret='front-domain-A')" >> .env
-            echo "FRONT_DOMAIN_B=$(gcloud secrets versions access latest --secret='front-domain-B')" >> .env
-            echo "FRONT_CALLBACK=$(gcloud secrets versions access latest --secret='front-callback')" >> .env
-            echo "REDIS_HOST=$(gcloud secrets versions access latest --secret='redis-host')" >> .env
-            echo "REDIS_PORT=$(gcloud secrets versions access latest --secret='redis-port')" >> .env
+            echo "GOOGLE_CALENDAR_REDIRECT_URI=$(gcloud secrets versions access latest --secret='google-calendar-redirect-uri')" >> $NEW_ENV
+            echo "OAUTH_REDIRECT_URI=$(gcloud secrets versions access latest --secret='oauth-redirect-uri')" >> $NEW_ENV
+            echo "KAKAO_CLIENT_ID=$(gcloud secrets versions access latest --secret='kakao-client-id')" >> $NEW_ENV
+            echo "KAKAO_CLIENT_SECRET=$(gcloud secrets versions access latest --secret='kakao-client-secret')" >> $NEW_ENV
+            echo "KAKAO_API_KEY=$(gcloud secrets versions access latest --secret='kakao-api-key')" >> $NEW_ENV
+            echo "ZOOM_ACCOUNT_ID=$(gcloud secrets versions access latest --secret='zoom-account-id')" >> $NEW_ENV
+            echo "ZOOM_CLIENT_ID=$(gcloud secrets versions access latest --secret='zoom-client-id')" >> $NEW_ENV
+            echo "ZOOM_CLIENT_SECRET=$(gcloud secrets versions access latest --secret='zoom-client-secret')" >> $NEW_ENV
+            echo "GCP_IP=$(gcloud secrets versions access latest --secret='gcp-ip')" >> $NEW_ENV
+            echo "FRONT_DOMAIN_A=$(gcloud secrets versions access latest --secret='front-domain-A')" >> $NEW_ENV
+            echo "FRONT_DOMAIN_B=$(gcloud secrets versions access latest --secret='front-domain-B')" >> $NEW_ENV
+            echo "FRONT_CALLBACK=$(gcloud secrets versions access latest --secret='front-callback')" >> $NEW_ENV
+            echo "REDIS_HOST=$(gcloud secrets versions access latest --secret='redis-host')" >> $NEW_ENV
+            echo "REDIS_PORT=$(gcloud secrets versions access latest --secret='redis-port')" >> $NEW_ENV
+
+            # 기존 .env 교체
+            mv "$NEW_ENV" .env
             
-            echo "Updated Secret Manager Values"
+            echo "Updated Secret Manager Values successfully"
             
             echo "Stopping existing containers..."
             sudo docker-compose down || true
@@ -178,4 +186,4 @@ jobs:
           echo "Deployment completed successfully"
           echo "Deployed commit: ${{ github.sha }}"
           echo "Repository: ${{ github.repository }}"
-          echo "Secret Manager values automatically updated"
+          echo "Secret Manager values automatically updated"
