Merge pull request #46 from Sirius506775/develope #13
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and Deploy Server to AWS EC2 | |
on: | |
push: | |
branches: [ "main" ] | |
env: | |
PROJECT_NAME: motus_project | |
BUCKET_NAME: motus-buket | |
AWS_REGION: ap-northeast-2 | |
CODE_DEPLOY_APP_NAME: motus_CICD | |
DEPLOYMENT_GROUP_NAME: motus_CICD_group | |
RESOURCE_PATH: /home/runner/work/MotuS-Backend/MotuS-Backend/src/main/resources | |
permissions: # Set permissions for workflow | |
contents: read # Grant permission to read the contents of the code repository | |
checks: write # Grant write permissions to check workflow results | |
jobs: | |
build_and_deploy: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
# Install JDK 11 | |
- name: Set up JDK 11 | |
uses: actions/setup-java@v3 | |
with: | |
java-version: '11' | |
distribution: 'temurin' | |
# Obtain permission to execute Gradle Wrapper script | |
- name: Run chmod to make gradlew executable | |
run: chmod +x ./gradlew | |
# Decrypt the encrypted application-secret.yml file | |
- name: Decrypt application-secret yml | |
run: gpg --quiet --batch --yes --always-trust --decrypt --passphrase=${{ secrets.APPLICATION_SECRET_YML }} --output $RESOURCE_PATH/application.tar $RESOURCE_PATH/application.tar.gpg | |
shell: bash | |
# Unzip the application.tar file | |
- name: Unzip application.tar file to application-secret.yml | |
run: | | |
cd $RESOURCE_PATH | |
tar xvf application.tar | |
shell: bash | |
# gradle build | |
- name: Build with Gradle | |
run: ./gradlew build -x test | |
# Record test results as comments in PR | |
- name: Write test results in comments to Pull Request | |
uses: EnricoMi/publish-unit-test-result-action@v1 | |
if: always() | |
with: | |
files: '**/build/test-results/test/TEST-*.xml' | |
# If a test fails, write a check comment to the failed code line | |
- name: If a test fails, write a check comment to the failed code line | |
uses: mikepenz/action-junit-report@v3 | |
if: always() | |
with: | |
report_paths: '**/build/test-results/test/TEST-*.xml' | |
token: ${{ github.token }} | |
# Make Zip File | |
- name: Make Zip File | |
run: zip -qq -r $GITHUB_SHA.zip . | |
shell: bash | |
# Configure AWS credentials | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.CICD_ACCESS_KEY}} | |
aws-secret-access-key: ${{ secrets.CICD_SECRET_KEY }} | |
aws-region: ${{ env.AWS_REGION }} | |
# Upload Zip File to S3 | |
- name: Upload Zip File to S3 | |
run: aws s3 cp --region $AWS_REGION ./$GITHUB_SHA.zip s3://$BUCKET_NAME/$PROJECT_NAME/$GITHUB_SHA.zip | |
# Deploy source code file uploaded to S3 to EC2 | |
- name: Code Deploy to EC2 | |
run: aws deploy create-deployment --application-name $CODE_DEPLOY_APP_NAME --deployment-config-name CodeDeployDefault.OneAtATime --deployment-group-name $DEPLOYMENT_GROUP_NAME --s3-location bucket=$BUCKET_NAME,bundleType=zip,key=$PROJECT_NAME/$GITHUB_SHA.zip |