From 68fe8c5d29c009aead0da8f44ee7a127e21d066c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=EA=B9=80=EC=88=98=ED=99=98?= <101265039+genius00hwan@users.noreply.github.com> Date: Thu, 21 Nov 2024 00:10:00 +0900 Subject: [PATCH] [Feat] CI/CD (#52) * Create icurri_deploy.yml * Update icurri_deploy.yml --- .github/workflows/icurri_deploy.yml | 103 ++++++++++++++++++++++++++++ 1 file changed, 103 insertions(+) create mode 100644 .github/workflows/icurri_deploy.yml diff --git a/.github/workflows/icurri_deploy.yml b/.github/workflows/icurri_deploy.yml new file mode 100644 index 0000000..f226007 --- /dev/null +++ b/.github/workflows/icurri_deploy.yml @@ -0,0 +1,103 @@ +name: DOTFLOW_SERVER_DEPLOY + +on: + push: + branches: [ "release" ] + +jobs: + ci: + name: CI + runs-on: ubuntu-latest + env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + AWS_REGION: ap-northeast-2 + ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} + ECR_URI: ${{ secrets.ECR_URI }} + IMAGE_TAG: ${{ github.sha }} + + steps: + #체크아웃 + - name: Checkout code + uses: actions/checkout@v2 + + # JDK 설치 + - name: Set up JDK 17 + uses: actions/setup-java@v3 + with: + java-version: '17' + distribution: 'temurin' + + #서브 모듈 접근 + - name: Checkout repo + uses: actions/checkout@v3 + with: + token: ${{ secrets.SUBMODULE_ACTION_TOKEN }} + submodules: true + + # 서브 모듈 변경 점 있으면 update + - name: Git Submodule Update + run: | + git submodule update --remote --recursive + + # gradlew 권한 변경 + - name: Grant execute permission for gradlew + run: chmod +x gradlew + + # 빌드(test는 제외) + - name: Build with Gradle + uses: gradle/gradle-build-action@v2 + with: + arguments: clean build -x test + + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + + + ## Release Branch Build + - name: Build, Tag (Release Branch) + env: + ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} + if: github.ref == 'refs/heads/release' + run: | + docker build --build-arg SPRING_PROFILE=dev -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . + + ## Main Branch Build + - name: Build, Tag (Main Branch) + env: + ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} + if: github.ref == 'refs/heads/main' + run: | + docker build --build-arg SPRING_PROFILE=dev -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . + - name: AWS ECR Push + env: + ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} + run: | + docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG + echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" + + cd: + needs: ci + name: CD + runs-on: ubuntu-latest + env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + + steps: + # Deploy to EC2 (Release Branch) + - name: Deploy to EC2 (Release Branch) + if: github.ref == 'refs/heads/release' + uses: appleboy/ssh-action@master + with: + host: ${{ secrets.RELEASE_EC2_HOST }} + username: ubuntu + key: ${{ secrets.RELEASE_SSH_KEY }} + script: | + sudo docker stop $(sudo docker ps -a -q) || true + sudo docker rm $(sudo docker ps -a -q) || true + sudo docker images -q | xargs -r docker rmi || true + sudo docker system prune -af + aws ecr get-login-password --region ap-northeast-2 | sudo docker login --username AWS --password-stdin ${{ secrets.ECR_URI }} && sudo docker pull ${{ secrets.ECR_URI }}:${{ github.sha }} + sudo docker run --name dotflow-dev-repo -d -e SPRING_PROFILE=dev -e TZ=Asia/Seoul -e SERVER=true -p 8080:8080 ${{ secrets.ECR_URI }}:${{ github.sha }}