chore: dev-aws-CI-CD.yml #3
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: dev - CI/CD to Amazon ECS | |
| on: | |
| push: | |
| branches: [ "develop" ] | |
| pull_request: | |
| branches: [ "develop" ] | |
| permissions: | |
| contents: read | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'push' || github.event_name == 'pull_request' | |
| env: | |
| JASYPT_ENCRYPTOR_PASSWORD: ${{ secrets.JASYPT_ENCRYPTOR_PASSWORD }} | |
| steps: | |
| - name: checkout | |
| uses: actions/checkout@v3 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| - name: Gradle Caching | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.gradle/caches | |
| ~/.gradle/wrapper | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: | | |
| ${{ runner.os }}-gradle- | |
| - name: Grant Execute Permission For Gradlew | |
| run: chmod +x gradlew | |
| - name: Build With Gradle | |
| run: ./gradlew build -x test | |
| ## build Test | |
| - name: 테스트 코드 실행 | |
| run: ./gradlew --info test | |
| - name: Publish Unit Test Results | |
| uses: EnricoMi/publish-unit-test-result-action@v1 | |
| if: ${{ always() }} | |
| with: | |
| files: build/test-results/**/*.xml | |
| - name: Publish Test Report | |
| uses: mikepenz/action-junit-report@v3 | |
| if: success() || failure() # always run even if the previous step fails | |
| with: | |
| report_paths: '**/build/test-results/test/TEST-*.xml' | |
| deploy: | |
| name: Deploy | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'push' # push일 때만 실행 | |
| needs: build # build 작업이 끝난 후 실행 | |
| env: | |
| JASYPT_ENCRYPTOR_PASSWORD: ${{ secrets.JASYPT_ENCRYPTOR_PASSWORD }} | |
| steps: | |
| # 도커 컴포즈 설정 파일 서버로 전달하기(복사 후 붙여넣기) | |
| - name: Send docker-compose.yml | |
| uses: appleboy/scp-action@master | |
| with: | |
| username: ubuntu | |
| host: ${{ secrets.AWS_DEV_HOSTNAME }} | |
| key: ${{ secrets.AWS_DEV_PRIVATE_KEY }} | |
| source: "./docker-compose.yml" | |
| target: "/home/ubuntu/" | |
| ## nginx 설정 파일 서버로 전달하기(복사 후 붙여넣기) | |
| - name: Send nginx.conf | |
| uses: appleboy/scp-action@master | |
| with: | |
| username: ubuntu | |
| host: ${{ secrets.AWS_DEV_HOSTNAME }} | |
| key: ${{ secrets.AWS_DEV_PRIVATE_KEY }} | |
| source: "./nginx/nginx.conf" | |
| target: "/home/ubuntu/" | |
| ## springboot 도커 이미지 빌드 후 도커허브에 push하기 | |
| - name: Docker build & Push | |
| env: | |
| JASYPT_ENCRYPTOR_PASSWORD: ${{ secrets.JASYPT_ENCRYPTOR_PASSWORD }} | |
| run: | | |
| docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} | |
| docker build -t ${{ secrets.DOCKER_REPOSITORY }} . # 태그를 명시하지 않으면 :latest로 처리됨 | |
| docker push ${{ secrets.DOCKER_REPOSITORY }} | |
| # 도커 허브에서 jar파일 및 pull후에 컴포즈 up | |
| - name: Deploy to Dev | |
| uses: appleboy/ssh-action@master | |
| with: | |
| username: ubuntu | |
| host: ${{ secrets.AWS_DEV_HOSTNAME }} | |
| key: ${{ secrets.AWS_DEV_PRIVATE_KEY }} | |
| script: | | |
| docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} | |
| sudo docker pull ${{ secrets.DOCKER_USERNAME }}/${{ secrets.DOCKER_REPOSITORY }} | |
| sudo cp /home/ubuntu/nginx/nginx.conf /home/ubuntu/src/main/resources/backend-config/nginx/nginx.conf | |
| # 기존 Docker 컨테이너와 이미지를 정리 | |
| docker-compose -f /home/ubuntu/docker-compose.yml down | |
| docker rmi $(docker images -q) | |
| # 새로운 Docker Compose 실행 | |
| docker-compose -f /home/ubuntu/docker-compose.yml up -d | |
| discord-notify: | |
| name: Discord Notify | |
| runs-on: ubuntu-latest | |
| needs: [ build, deploy ] # build와 deploy 작업이 끝난 후 실행 | |
| steps: | |
| - name: Send Discord Notification | |
| uses: sarisia/actions-status-discord@v1 | |
| if: always() # 항상 실행되도록 설정 | |
| with: | |
| webhook: ${{ secrets.DISCORD_WEBHOOK_URL }} | |
| status: ${{ job.status }} # 현재 작업(job)의 상태 (성공, 실패 등) | |
| title: "CI/CD Pipeline Status" | |
| description: | | |
| ${{ github.event_name == 'push' && format( | |
| 'The CI/CD pipeline has completed.\n- **Build Job Status**: {0}\n- **Deploy Job Status**: {1}\n- **Branch**: {2}\n- **Commit**: {3}\n- **Author**: {4}', | |
| needs.build.result, | |
| needs.deploy.result, | |
| github.ref, | |
| github.sha, | |
| github.actor | |
| ) || github.event_name == 'pull_request' && format( | |
| 'The Build job for pull request has completed.\n- **Build Job Status**: {0}\n- **Branch**: {1}\n- **Commit**: {2}\n- **Author**: {3}', | |
| needs.build.result, | |
| github.ref, | |
| github.sha, | |
| github.actor | |
| ) }} | |
| url: "https://github.com/sarisia/actions-status-discord" | |
| username: GitHub Actions Bot |