pipeline { agent any parameters { choice(name: 'ACTION', choices: ['deploy', 'rollback'], description: '배포 또는 롤백') choice(name: 'ROLLBACK_TARGET', choices: ['production', 'stage'], description: '롤백 대상 환경') string(name: 'ROLLBACK_RELEASE', defaultValue: '', description: '롤백할 릴리스 ID (예: 20260310_120000). 비워두면 직전 릴리스로 롤백') } options { disableConcurrentBuilds() } environment { DEPLOY_USER = 'hskwon' RELEASE_ID = new Date().format('yyyyMMdd_HHmmss') PROD_SERVER = '211.117.60.189' } stages { // ── 롤백: 릴리스 목록 조회 ── stage('Rollback: List Releases') { when { expression { params.ACTION == 'rollback' } } steps { script { def basePath = params.ROLLBACK_TARGET == 'production' ? '/home/webservice/api' : '/home/webservice/api-stage' sshagent(credentials: ['deploy-ssh-key']) { def releases = sh(script: "ssh ${DEPLOY_USER}@${PROD_SERVER} 'ls -1dt ${basePath}/releases/*/ | head -6 | xargs -I{} basename {}'", returnStdout: true).trim() def current = sh(script: "ssh ${DEPLOY_USER}@${PROD_SERVER} 'basename \$(readlink -f ${basePath}/current)'", returnStdout: true).trim() echo "=== ${params.ROLLBACK_TARGET} 릴리스 목록 ===" echo "현재 활성: ${current}" echo "사용 가능:\n${releases}" } } } } // ── 롤백: symlink 전환 ── stage('Rollback: Switch Release') { when { expression { params.ACTION == 'rollback' } } steps { script { def basePath = params.ROLLBACK_TARGET == 'production' ? '/home/webservice/api' : '/home/webservice/api-stage' sshagent(credentials: ['deploy-ssh-key']) { def targetRelease = params.ROLLBACK_RELEASE if (!targetRelease?.trim()) { // 비워두면 직전 릴리스로 롤백 targetRelease = sh(script: "ssh ${DEPLOY_USER}@${PROD_SERVER} 'ls -1dt ${basePath}/releases/*/ | sed -n 2p | xargs basename'", returnStdout: true).trim() } // 릴리스 존재 여부 확인 sh "ssh ${DEPLOY_USER}@${PROD_SERVER} 'test -d ${basePath}/releases/${targetRelease}'" slackSend channel: '#deploy_api', color: '#FF9800', tokenCredentialId: 'slack-token', message: "🔄 *api* ${params.ROLLBACK_TARGET} 롤백 시작 → ${targetRelease}\n<${env.BUILD_URL}|빌드 #${env.BUILD_NUMBER}>" sh """ ssh ${DEPLOY_USER}@${PROD_SERVER} ' ln -sfn ${basePath}/releases/${targetRelease} ${basePath}/current && cd ${basePath}/current && php artisan config:cache && php artisan route:cache && php artisan view:cache && sudo systemctl reload php8.4-fpm ' """ if (params.ROLLBACK_TARGET == 'production') { sh "ssh ${DEPLOY_USER}@${PROD_SERVER} 'sudo supervisorctl restart sam-queue-worker:*'" } slackSend channel: '#deploy_api', color: 'good', tokenCredentialId: 'slack-token', message: "✅ *api* ${params.ROLLBACK_TARGET} 롤백 완료 → ${targetRelease}\n<${env.BUILD_URL}|빌드 #${env.BUILD_NUMBER}>" } } } } // ── 일반 배포: Checkout ── stage('Checkout') { when { expression { params.ACTION == 'deploy' } } steps { checkout scm script { env.GIT_COMMIT_MSG = sh(script: "git log -1 --pretty=format:'%s'", returnStdout: true).trim() } slackSend channel: '#deploy_api', color: '#439FE0', tokenCredentialId: 'slack-token', message: "🚀 *api* 빌드 시작 (`${env.BRANCH_NAME}`)\n${env.GIT_COMMIT_MSG}\n<${env.BUILD_URL}|빌드 #${env.BUILD_NUMBER}>" } } // ── main → 운영서버 Stage 배포 ── stage('Deploy Stage') { when { allOf { branch 'main' expression { params.ACTION == 'deploy' } } } steps { sshagent(credentials: ['deploy-ssh-key']) { sh """ ssh ${DEPLOY_USER}@${PROD_SERVER} 'mkdir -p /home/webservice/api-stage/releases/${RELEASE_ID}' rsync -az --delete \ --exclude='.git' --exclude='.env' \ --exclude='storage/app' --exclude='storage/logs' \ --exclude='storage/framework/sessions' --exclude='storage/framework/cache' \ . ${DEPLOY_USER}@${PROD_SERVER}:/home/webservice/api-stage/releases/${RELEASE_ID}/ ssh ${DEPLOY_USER}@${PROD_SERVER} ' cd /home/webservice/api-stage/releases/${RELEASE_ID} && mkdir -p bootstrap/cache storage/framework/{views,cache/data,sessions} storage/logs && sudo chown -R www-data:webservice storage bootstrap/cache && sudo chmod -R 775 storage bootstrap/cache && ln -sfn /home/webservice/api-stage/shared/.env .env && sudo chmod 640 /home/webservice/api-stage/shared/.env && ln -sfn /home/webservice/api-stage/shared/storage/app storage/app && composer install --no-dev --optimize-autoloader --no-interaction && php artisan config:cache && php artisan route:cache && php artisan view:cache && php artisan migrate --force && ln -sfn /home/webservice/api-stage/releases/${RELEASE_ID} /home/webservice/api-stage/current && sudo systemctl reload php8.4-fpm && cd /home/webservice/api-stage/releases && ls -1dt */ | tail -n +4 | xargs rm -rf 2>/dev/null || true ' """ } } } // ── 운영 배포 승인 (런칭 후 활성화) ── // stage('Production Approval') { // when { branch 'main' } // steps { // slackSend channel: '#product_deploy', color: '#FF9800', tokenCredentialId: 'slack-token', // message: "🔔 *api* 운영 배포 승인 대기 중\n${env.GIT_COMMIT_MSG}\nStage API: https://stage-api.sam.it.kr\n<${env.BUILD_URL}input|승인하러 가기>" // timeout(time: 24, unit: 'HOURS') { // input message: 'Stage 확인 후 운영 배포를 진행하시겠습니까?\nStage API: https://stage-api.sam.it.kr', // ok: '운영 배포 진행' // } // } // } // ── main → 운영서버 Production 배포 ── stage('Deploy Production') { when { allOf { branch 'main' expression { params.ACTION == 'deploy' } } } steps { sshagent(credentials: ['deploy-ssh-key']) { sh """ ssh ${DEPLOY_USER}@${PROD_SERVER} 'mkdir -p /home/webservice/api/releases/${RELEASE_ID}' rsync -az --delete \ --exclude='.git' --exclude='.env' \ --exclude='storage/app' --exclude='storage/logs' \ --exclude='storage/framework/sessions' --exclude='storage/framework/cache' \ . ${DEPLOY_USER}@${PROD_SERVER}:/home/webservice/api/releases/${RELEASE_ID}/ ssh ${DEPLOY_USER}@${PROD_SERVER} ' cd /home/webservice/api/releases/${RELEASE_ID} && mkdir -p bootstrap/cache storage/framework/{views,cache/data,sessions} storage/logs && sudo chown -R www-data:webservice storage bootstrap/cache && sudo chmod -R 775 storage bootstrap/cache && ln -sfn /home/webservice/api/shared/.env .env && sudo chmod 640 /home/webservice/api/shared/.env && ln -sfn /home/webservice/api/shared/storage/app storage/app && composer install --no-dev --optimize-autoloader --no-interaction && php artisan config:cache && php artisan route:cache && php artisan view:cache && php artisan migrate --force && ln -sfn /home/webservice/api/releases/${RELEASE_ID} /home/webservice/api/current && sudo systemctl reload php8.4-fpm && sudo supervisorctl restart sam-queue-worker:* && cd /home/webservice/api/releases && ls -1dt */ | tail -n +6 | xargs rm -rf 2>/dev/null || true ' """ } } } // develop → Jenkins 관여 안함 (기존 post-update hook 유지) } post { success { script { if (params.ACTION == 'deploy') { slackSend channel: '#deploy_api', color: 'good', tokenCredentialId: 'slack-token', message: "✅ *api* 배포 성공 (`${env.BRANCH_NAME}`)\n${env.GIT_COMMIT_MSG}\n<${env.BUILD_URL}|빌드 #${env.BUILD_NUMBER}>" } } } failure { script { if (params.ACTION == 'deploy') { slackSend channel: '#deploy_api', color: 'danger', tokenCredentialId: 'slack-token', message: "❌ *api* 배포 실패 (`${env.BRANCH_NAME}`)\n${env.GIT_COMMIT_MSG}\n<${env.BUILD_URL}|빌드 #${env.BUILD_NUMBER}>" if (env.BRANCH_NAME == 'main') { sshagent(credentials: ['deploy-ssh-key']) { sh """ ssh ${DEPLOY_USER}@${PROD_SERVER} ' PREV=\$(ls -1dt /home/webservice/api/releases/*/ | sed -n "2p" | xargs basename 2>/dev/null) && [ -n "\$PREV" ] && ln -sfn /home/webservice/api/releases/\$PREV /home/webservice/api/current && sudo systemctl reload php8.4-fpm ' || true """ } } } else { slackSend channel: '#deploy_api', color: 'danger', tokenCredentialId: 'slack-token', message: "❌ *api* ${params.ROLLBACK_TARGET} 롤백 실패\n<${env.BUILD_URL}|빌드 #${env.BUILD_NUMBER}>" } } } } }