chore: dev-aws-CI-CD.yml #9
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: dev - CI/CD to Amazon ECS | ||
on: | ||
push: | ||
branches: [ "develop" ] | ||
pull_request: | ||
branches: [ "develop" ] | ||
permissions: | ||
contents: read | ||
jobs: | ||
build: | ||
runs-on: ubuntu-latest | ||
environment: dev # 환경을 명시적으로 설정 | ||
if: github.event_name == 'push' || github.event_name == 'pull_request' | ||
env: | ||
jasypt.encryptor.password: ${{ secrets.JASYPT_ENCRYPTOR_PASSWORD }} # 이름 변경 | ||
steps: | ||
- name: checkout | ||
uses: actions/checkout@v3 | ||
- name: Set up JDK 17 | ||
uses: actions/setup-java@v3 | ||
with: | ||
java-version: '17' | ||
distribution: 'temurin' | ||
- name: Gradle Caching | ||
uses: actions/cache@v3 | ||
with: | ||
path: | | ||
~/.gradle/caches | ||
~/.gradle/wrapper | ||
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | ||
restore-keys: | | ||
${{ runner.os }}-gradle- | ||
- name: Grant Execute Permission For Gradlew | ||
run: chmod +x gradlew | ||
- name: Build With Gradle | ||
run: ./gradlew build -x test --warning-mode all # 모든 경고를 표시 | ||
## build Test | ||
- name: 테스트 코드 실행 | ||
run: ./gradlew --info test | ||
- name: Publish Unit Test Results | ||
uses: EnricoMi/publish-unit-test-result-action@v1 | ||
if: ${{ always() }} | ||
with: | ||
files: build/test-results/**/*.xml | ||
- name: Publish Test Report | ||
uses: mikepenz/action-junit-report@v3 | ||
if: success() || failure() # always run even if the previous step fails | ||
with: | ||
report_paths: '**/build/test-results/test/TEST-*.xml' | ||
deploy: | ||
name: Deploy | ||
runs-on: ubuntu-latest | ||
environment: dev # 환경을 명시적으로 설정 | ||
if: github.event_name == 'push' # push일 때만 실행 | ||
needs: build # build 작업이 끝난 후 실행 | ||
env: | ||
jasypt.encryptor.password: ${{ secrets.JASYPT_ENCRYPTOR_PASSWORD }} # 이름 변경 | ||
steps: | ||
# 도커 컴포즈 설정 파일 서버로 전달하기(복사 후 붙여넣기) | ||
- name: Send docker-compose.yml | ||
uses: appleboy/scp-action@master | ||
with: | ||
username: ubuntu | ||
host: ${{ secrets.AWS_DEV_HOSTNAME }} | ||
key: ${{ secrets.AWS_DEV_PRIVATE_KEY }} | ||
source: "./docker-compose.yml" | ||
target: "/home/ubuntu/" | ||
## nginx 설정 파일 서버로 전달하기(복사 후 붙여넣기) | ||
- name: Send nginx.conf | ||
uses: appleboy/scp-action@master | ||
with: | ||
username: ubuntu | ||
host: ${{ secrets.AWS_DEV_HOSTNAME }} | ||
key: ${{ secrets.AWS_DEV_PRIVATE_KEY }} | ||
source: "./nginx/nginx.conf" | ||
target: "/home/ubuntu/" | ||
## springboot 도커 이미지 빌드 후 도커허브에 push하기 | ||
- name: Docker build & Push | ||
run: | | ||
docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} | ||
docker build -t ${{ secrets.DOCKER_REPOSITORY }} . # 태그를 명시하지 않으면 :latest로 처리됨 | ||
docker push ${{ secrets.DOCKER_REPOSITORY }} | ||
# 도커 허브에서 jar파일 및 pull후에 컴포즈 up | ||
- name: Deploy to Dev | ||
uses: appleboy/ssh-action@master | ||
with: | ||
username: ubuntu | ||
host: ${{ secrets.AWS_DEV_HOSTNAME }} | ||
key: ${{ secrets.AWS_DEV_PRIVATE_KEY }} | ||
script: | | ||
docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} | ||
sudo docker pull ${{ secrets.DOCKER_USERNAME }}/${{ secrets.DOCKER_REPOSITORY }} | ||
sudo cp /home/ubuntu/nginx/nginx.conf /home/ubuntu/src/main/resources/backend-config/nginx/nginx.conf | ||
# 기존 Docker 컨테이너와 이미지를 정리 | ||
docker-compose -f /home/ubuntu/docker-compose.yml down | ||
docker rmi $(docker images -q) | ||
# 새로운 Docker Compose 실행 | ||
docker-compose -f /home/ubuntu/docker-compose.yml up -d | ||
discord-notify: | ||
name: Discord Notify | ||
runs-on: ubuntu-latest | ||
environment: dev | ||
needs: [ build, deploy ] # build와 deploy 작업이 끝난 후 실행 | ||
if: always() # 항상 실행되도록 설정 | ||
env: | ||
jasypt.encryptor.password: ${{ secrets.JASYPT_ENCRYPTOR_PASSWORD }} | ||
steps: | ||
- name: Send Discord Notification | ||
uses: sarisia/actions-status-discord@v1 | ||
with: | ||
webhook: ${{ secrets.DISCORD_WEBHOOK_URL }} | ||
status: ${{ job.status }} # 현재 작업(job)의 상태 (성공, 실패 등) | ||
title: "CI/CD Pipeline Status" | ||
description: | | ||
${{ format( | ||
'The CI/CD pipeline has completed.\n- **Build Job Status**: {0}\n- **Deploy Job Status**: {1}\n- **Branch**: {2}\n- **Commit**: {3}\n- **Author**: {4}', | ||
needs.build.result, | ||
needs.deploy.result, | ||
github.ref, | ||
github.sha, | ||
github.actor | ||
) }} | ||
url: "https://github.com/sarisia/actions-status-discord" | ||
username: GitHub Actions Bot |