Skip to content
ci/cd action

dev -> main #243

Sign in to view logs

dev -> main

dev -> main #243

Workflow file for this run

.github/workflows/aws-cicd.yml at 45777d5
name: ci/cd action
on:
push:
branches:
- develop
- main
pull_request:
branches:
- develop
- main
jobs:
setup:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
outputs:
deploy_target: ${{ steps.set-env.outputs.DEPLOY_TARGET }}
steps:
- name: Setup Environment Variables
id: set-env
run: |
if [[ "${GITHUB_REF}" == "refs/heads/main" ]]; then
echo "DEPLOY_TARGET=prod" >> $GITHUB_OUTPUT
else
echo "DEPLOY_TARGET=dev" >> $GITHUB_OUTPUT
fi
build:
name: build
needs: [ setup ]
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
env:
APPLICATION_SECRET_PROPERTIES: ${{ secrets.AWS_APPLICATION_SECRET_PROPERTIES }}
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Setup Java
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'corretto'
- name: Cache Gradle packages
uses: actions/cache@v3
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
- name: Setup Gradle
uses: gradle/gradle-build-action@bd5760595778326ba7f1441bcf7e88b49de61a25
- name: Create application-secret.properties
run: |
echo "${APPLICATION_SECRET_PROPERTIES}" > ./layer-api/src/main/resources/application-secret.properties
- name: Build layer-api module
run: ./gradlew build
- name: Upload Test Report # 실패시 원인 파악을 하기 위한 단계
uses: actions/upload-artifact@v4
if: always()
with:
name: test-report
path: layer-api/build/reports/tests/test/
- name: Upload built jar
uses: actions/upload-artifact@v4
with:
name: built-jar
path: layer-api/build/libs/*.jar
deploy:
name: Deploy
needs: [ build, setup ]
runs-on: ubuntu-latest
if: github.event_name != 'pull_request'
env:
DEPLOY_TARGET: ${{ needs.setup.outputs.deploy_target }}
REGISTRY: "docker.io"
NAMESPACE: "layerapp"
IMAGE_NAME: "layer-repo"
APPLICATION_SECRET_PROPERTIES: ${{ secrets.AWS_APPLICATION_SECRET_PROPERTIES }}
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Download built jar
uses: actions/download-artifact@v4
with:
name: built-jar
path: layer-api/build/libs/
- name: Docker Hub Login
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_ACCESS_TOKEN }}
- name: Build & Push Docker Image
uses: docker/build-push-action@v4
with:
context: ./layer-api
file: ./layer-api/Dockerfile # Dockerfile 이름 지정
platforms: linux/amd64
push: true
tags: |
${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:${{ env.DEPLOY_TARGET }}
build-args: |
SPRING_PROFILE=${{ env.DEPLOY_TARGET }}
- name: application-secret.properties 생성
run: |
echo "${{ secrets.APPLICATION_SECRET_PROPERTIES }}" > ./layer-api/infra/${{ env.DEPLOY_TARGET }}/application-secret.properties
- name: 배포 파일 압축
run: |
tar -cvzf layer-api.tar.gz ./layer-api/infra/
- name: 압축된 배포 파일 송신
uses: appleboy/scp-action@master
with:
host: ${{ secrets.AWS_DEV_INSTANCE_HOST }}
username: ubuntu
key: ${{ secrets.AWS_INSTANCE_PEM }}
port: 22
source: "layer-api.tar.gz"
target: "/home/ubuntu"
- name: 서버에서 압축된 파일 추출 및 권한 설정
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.AWS_DEV_INSTANCE_HOST }}
username: ubuntu
key: ${{ secrets.AWS_INSTANCE_PEM }}
port: 22
script: |
cd /home/ubuntu
tar -xvzf layer-api.tar.gz
sudo chmod -R 755 /home/ubuntu/layer-api/infra/
sudo chown -R ubuntu:ubuntu /home/ubuntu/layer-api/infra/
- name: 도커 로그인 및 배포스크립트 실행
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.AWS_DEV_INSTANCE_HOST }}
username: ubuntu
key: ${{ secrets.AWS_INSTANCE_PEM }}
port: 22
script: |
sudo docker login --username ${{ secrets.DOCKER_USERNAME }} --password ${{ secrets.DOCKER_ACCESS_TOKEN }}
cd /home/ubuntu/layer-api/infra/${{ env.DEPLOY_TARGET }}
chmod 755 ./deploy.sh
./deploy.sh
sudo docker image prune -a -f