Skip to content

fix : SecurityConfig 생성 - swagger cors해결 #24

fix : SecurityConfig 생성 - swagger cors해결

fix : SecurityConfig 생성 - swagger cors해결 #24

Workflow file for this run

name: ICURRI_DEPLOY
on:
push:
branches: [ "main", "release" ]
jobs:
ci:
name: CI
runs-on: ubuntu-latest
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_REGION: ap-northeast-2
ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }}
ECR_URI: ${{ secrets.ECR_URI }}
IMAGE_TAG: ${{ github.sha }}
steps:
# 체크아웃
- name: Checkout code
uses: actions/checkout@v4
# JDK 설치
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'temurin'
# 서브 모듈 접근
- name: Checkout repo
uses: actions/checkout@v3
with:
token: ${{ secrets.SUBMODULE_ACTION_TOKEN }}
submodules: true
# 서브 모듈 변경점 있으면 update
- name: Git Submodule Update
run: |
git submodule update --remote --recursive
# gradlew 권한 변경
- name: Grant execute permission for gradlew
run: chmod +x gradlew
# 빌드(test는 제외)
- name: Build with Gradle
uses: gradle/gradle-build-action@v2
with:
arguments: clean build -x test
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
## Release Branch Build
- name: Build, Tag (Release Branch)
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
if: github.ref == 'refs/heads/release'
run: |
docker build --build-arg SPRING_PROFILE=dev -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
## Main Branch Build
- name: Build, Tag (Main Branch)
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
if: github.ref == 'refs/heads/main'
run: |
docker build --build-arg SPRING_PROFILE=prod -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
- name: AWS ECR Push
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
run: |
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"
cd:
needs: ci
name: CD
runs-on: ubuntu-latest
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
steps:
# Deploy to EC2 (Release Branch)
- name: Deploy to EC2 (Release Branch)
if: github.ref == 'refs/heads/release'
uses: appleboy/ssh-action@master
env:
ENV_FILE: "/home/ubuntu/.env"
COMPOSE: "/home/ubuntu/docker-compose.yml"
with:
host: ${{ secrets.RELEASE_EC2_HOST }}
username: ubuntu
key: ${{ secrets.RELEASE_SSH_KEY }}
script: |
echo "ECR_URI=${{ secrets.ECR_URI }}" > /home/ubuntu/.env
echo "GITHUB_SHA=${{ github.sha }}" >> /home/ubuntu/.env
echo "SPRING_PROFILES=dev" >> /home/ubuntu/.env
sudo docker stop $(sudo docker ps -a -q) || true
sudo docker rm $(sudo docker ps -a -q) || true
sudo docker images -q | xargs -r docker rmi || true
sudo docker system prune -af
aws ecr get-login-password --region ap-northeast-2 | sudo docker login --username AWS --password-stdin ${{ secrets.ECR_URI }} && sudo docker pull ${{ secrets.ECR_URI }}:${{ github.sha }}
# Docker Compose로 배포
sudo -E docker-compose -f /home/ubuntu/docker-compose.yml up -d
# Deploy to EC2 (Main Branch)
- name: Deploy to EC2 (Main Branch)
if: github.ref == 'refs/heads/main'
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.MAIN_EC2_HOST }}
username: ubuntu
key: ${{ secrets.MAIN_SSH_KEY }}
script: |
echo "ECR_URI=${{ secrets.ECR_URI }}" > /home/ubuntu/.env
echo "GITHUB_SHA=${{ github.sha }}" >> /home/ubuntu/.env
echo "SPRING_PROFILES=prod" >> /home/ubuntu/.env
sudo docker stop $(sudo docker ps -a -q) || true
sudo docker rm $(sudo docker ps -a -q) || true
sudo docker images -q | xargs -r docker rmi || true
sudo docker system prune -af
aws ecr get-login-password --region ap-northeast-2 | sudo docker login --username AWS --password-stdin ${{ secrets.ECR_URI }} && sudo docker pull ${{ secrets.ECR_URI }}:${{ github.sha }}
# Docker Compose로 배포
sudo -E docker-compose -f /home/ubuntu/docker-compose.yml up -d