.github/workflows/cd-dev.yml

name: Continuous Deployment for SOPT makers Authentication Development Server

on:
  workflow_dispatch:
  push:
    branches: [ dev ]

jobs:

  build-and-push-image:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v3

      - name: ✅ Set up JDK 21
        uses: actions/setup-java@v3
        with:
          java-version: 21
          distribution: 'corretto'
          cache: gradle

      - name: 🔒 Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v1
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }}
          aws-region: ${{ secrets.AWS_REGION }}

      - name: ⚙️ Create Property File
        run: |
          touch ./gradle.properties
          echo "${{ secrets.PROPERTY_GRADLE }}" >> ./gradle.properties

      - name: 🧱 Build Image and Push to ECR
        env:
          AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
          AWS_ECR_REPO: ${{ secrets.AWS_ECR_REPO_DEV }}
        run: |
          aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws
          docker build --build-arg PROFILE=dev -t $AWS_ECR_REPO .
          docker tag $AWS_ECR_REPO:latest public.ecr.aws/$AWS_ACCOUNT_ID/$AWS_ECR_REPO:latest
          docker push public.ecr.aws/$AWS_ACCOUNT_ID/$AWS_ECR_REPO:latest

  deploy:
    needs: build-and-push-image
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v3

      - name: 🔒 Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v1
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }}
          aws-region: ${{ secrets.AWS_REGION }}

      - name: 🔑 Copy Key File
        env:
          REGION: ${{ secrets.AWS_REGION }}
          APPLE_KEY: ${{ secrets.APPLE_KEY }}
          JWT_PUBLIC_KEY: ${{ secrets.JWT_PUBLIC_KEY }}
          JWT_PRIVATE_KEY: ${{ secrets.JWT_PRIVATE_KEY }}
          S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }}
        run: |
          aws s3 cp --region $REGION \
            s3://$S3_BUCKET/dev/static/$JWT_PUBLIC_KEY ./$JWT_PUBLIC_KEY
          aws s3 cp --region $REGION \
            s3://$S3_BUCKET/dev/static/$JWT_PRIVATE_KEY ./$JWT_PRIVATE_KEY
          aws s3 cp --region $REGION \
            s3://$S3_BUCKET/dev/static/$APPLE_KEY ./$APPLE_KEY

      - name: 📝 Copy Script and Property File
        env:
          REGION: ${{ secrets.AWS_REGION }}
          S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }}
          S3_ENV_FILE_NAME: ${{ secrets.ENV_FILE_NAME_DEV }}
        run: |
          aws s3 cp --region $REGION \
            s3://$S3_BUCKET/dev/script/deploy.sh ./deploy.sh
          aws s3 cp --region $REGION \
            s3://$S3_BUCKET/dev/script/switch.sh ./switch.sh
          aws s3 cp --region $REGION \
            s3://$S3_BUCKET/dev/script/valid.sh ./valid.sh
      
          aws s3 cp --region $REGION \
            s3://$S3_BUCKET/dev/$S3_ENV_FILE_NAME ./application.env

      - name: 🔄 Transfer Files to Server
        uses: appleboy/scp-action@master
        with:
          host: ${{ secrets.HOST_DEV }}
          username: ubuntu
          key: ${{ secrets.PEM_KEY_DEV }}
          port: 22
          source: "deploy.sh,switch.sh,valid.sh,application.env,${{ secrets.APPLE_KEY }},${{ secrets.JWT_PUBLIC_KEY }},${{ secrets.JWT_PRIVATE_KEY }}"
          target: /home/ubuntu/deploy-temp/auth

      - name: 🚀SSH command deploy
        uses: appleboy/ssh-action@master
        with:
          host: ${{ secrets.HOST_DEV }}
          username: ubuntu
          key: ${{ secrets.PEM_KEY_DEV }}
          port: 22
          script: |
            mkdir -p /home/ubuntu/script/auth
            mkdir -p /home/ubuntu/property/auth/key
            mkdir -p /home/ubuntu/property/auth/pem
            mkdir -p /home/ubuntu/env/auth
            
            cp -f /home/ubuntu/deploy-temp/auth/deploy.sh /home/ubuntu/script/auth/deploy.sh
            cp -f /home/ubuntu/deploy-temp/auth/switch.sh /home/ubuntu/script/auth/switch.sh
            cp -f /home/ubuntu/deploy-temp/auth/valid.sh /home/ubuntu/script/auth/valid.sh
            cp -f /home/ubuntu/deploy-temp/auth/application.env /home/ubuntu/env/auth/application.env
            cp -f /home/ubuntu/deploy-temp/auth/${{ secrets.APPLE_KEY }} /home/ubuntu/property/auth/key/${{ secrets.APPLE_KEY }}
            cp -f /home/ubuntu/deploy-temp/auth/${{ secrets.JWT_PUBLIC_KEY }} /home/ubuntu/property/auth/pem/${{ secrets.JWT_PUBLIC_KEY }}
            cp -f /home/ubuntu/deploy-temp/auth/${{ secrets.JWT_PRIVATE_KEY }} /home/ubuntu/property/auth/pem/${{ secrets.JWT_PRIVATE_KEY }}
            
            sudo chmod +x /home/ubuntu/script/auth/deploy.sh
            sudo chmod +x /home/ubuntu/script/auth/switch.sh
            sudo chmod +x /home/ubuntu/script/auth/valid.sh
            sudo chmod +r /home/ubuntu/env/auth/application.env
            sudo chmod +r /home/ubuntu/property/auth/key/${{ secrets.APPLE_KEY }}
            sudo chmod +r /home/ubuntu/property/auth/pem/${{ secrets.JWT_PUBLIC_KEY }}
            sudo chmod +r /home/ubuntu/property/auth/pem/${{ secrets.JWT_PRIVATE_KEY }}
            
            /home/ubuntu/script/auth/deploy.sh
            /home/ubuntu/script/auth/switch.sh
            /home/ubuntu/script/auth/valid.sh