This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow uses actions that are not certified by GitHub. | |
| # They are provided by a third-party and are governed by | |
| # separate terms of service, privacy policy, and support | |
| # documentation. | |
| # This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time | |
| # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle | |
| name: Ohhanahana CD Pipeline | |
| on: | |
| push: | |
| branches: [ "develop" ] | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: checkout | |
| uses: actions/checkout@v4 | |
| # Docker Buildx를 설정합니다. | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v1 | |
| # AWS CLI 설치 | |
| - name: Install AWS CLI | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y awscli | |
| # AWS ECR에 로그인합니다. | |
| - name: Login to AWS ECR | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| run: | | |
| aws ecr get-login-password --region ${{ secrets.REGION }} | docker login --username AWS --password-stdin ${{ secrets.ECR_REGISTRY }} | |
| # 기존 이미지를 삭제합니다. 이미지가 없는 경우 무시하고 넘어갑니다. | |
| - name: Delete existing Docker images in ECR | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| AWS_REGION: ${{ secrets.REGION }} | |
| ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} | |
| run: | | |
| IMAGE_TAG=latest | |
| REPO_NAME=$ECR_REPOSITORY | |
| REGISTRY_ID=$(aws sts get-caller-identity --query "Account" --output text --region $AWS_REGION) | |
| echo "Debug: REGISTRY_ID=$REGISTRY_ID, REPO_NAME=$REPO_NAME, IMAGE_TAG=$IMAGE_TAG" | |
| IMAGE_IDS=$(aws ecr list-images --repository-name $REPO_NAME --query "imageIds[?imageTag=='$IMAGE_TAG']" --output json --region $AWS_REGION --debug) | |
| echo "Debug: IMAGE_IDS=$IMAGE_IDS" | |
| if [ "$IMAGE_IDS" != "[]" ]; then | |
| aws ecr batch-delete-image --repository-name $REPO_NAME --image-ids imageTag=$IMAGE_TAG --region $AWS_REGION --debug | |
| fi | |
| # Build를 위한 JDK 설치 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v2 | |
| with: | |
| distribution: 'adopt' | |
| java-version: '17' | |
| # 서브모듈을 포함하여 소스 코드를 다시 체크아웃합니다. | |
| - name: Checkout submodule | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| token: ${{ secrets.ACTIONS_TOKEN }} | |
| # 서브모듈을 업데이트합니다. | |
| - name: Update submodule | |
| run: | | |
| git submodule update --remote --recursive | |
| # 권한 부여 | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x ./gradlew | |
| # 빌드(test는 제외) | |
| - name: Build with Gradle | |
| uses: gradle/gradle-build-action@v4 | |
| with: | |
| arguments: clean build -x test | |
| # Docker 이미지를 빌드하고 ECR에 푸시합니다. | |
| - name: Build and push Docker image | |
| env: | |
| ECR_REGISTRY: ${{ secrets.ECR_REGISTRY }} | |
| ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} | |
| IMAGE_TAG: latest # 동적으로 태그 설정 가능 | |
| run: | | |
| # Active profile을 main으로 지정해서 build | |
| docker build --build-arg SPRING_PROFILE=main -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . | |
| docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG | |
| # 환경 변수 저장 | |
| - name: Save environment variables to file | |
| run: | | |
| echo "ECR_REGISTRY=${{ secrets.ECR_REGISTRY }}" > scripts/env.sh | |
| echo "ECR_REPOSITORY=${{ secrets.ECR_REPOSITORY }}" >> scripts/env.sh | |
| echo "AWS_REGION=${{ secrets.REGION }}" >> scripts/env.sh | |
| echo "AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }}" >> scripts/env.sh | |
| echo "AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }}" >> scripts/env.sh | |
| # 배포 파일 패키징 | |
| - name: Package deployment files | |
| run: zip -r deployment.zip appspec.yml scripts/ | |
| # S3에 업로드 | |
| - name: Upload to S3 | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| AWS_REGION: ${{ secrets.REGION }} | |
| run: | | |
| aws s3 cp deployment.zip s3://${{ secrets.S3_BUCKET }}/deployment.zip --region $AWS_REGION | |
| # CodeDeploy를 사용하여 EC2에 배포 | |
| - name: Deploy to EC2 using CodeDeploy | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| AWS_REGION: ${{ secrets.REGION }} | |
| APPLICATION_NAME: ${{ secrets.CODEDEPLOY_APP_NAME }} | |
| DEPLOYMENT_GROUP_NAME: ${{ secrets.CODEDEPLOY_GROUP_NAME }} | |
| S3_BUCKET: ${{ secrets.S3_BUCKET }} | |
| run: | | |
| aws deploy create-deployment \ | |
| --application-name $APPLICATION_NAME \ | |
| --deployment-group-name $DEPLOYMENT_GROUP_NAME \ | |
| --deployment-config-name CodeDeployDefault.OneAtATime \ | |
| --s3-location bucket=$S3_BUCKET,key=deployment.zip,bundleType=zip \ | |
| --description "Deploying the latest Docker image" \ | |
| --region $AWS_REGION |