chore: dev-aws-CI-CD.yml 수정 #14
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: dev - CI/CD to Amazon ECS | |
| on: | |
| push: | |
| branches: [ "develop" ] | |
| pull_request: | |
| branches: [ "develop" ] | |
| permissions: | |
| contents: read | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| environment: dev | |
| if: github.event_name == 'push' || github.event_name == 'pull_request' | |
| env: | |
| jasypt.encryptor.password: ${{ secrets.JASYPT_ENCRYPTOR_PASSWORD }} | |
| DOCKER_REPOSITORY: ${{ secrets.DOCKER_REPOSITORY }} | |
| DOCKER_REPOSITORY_NGINX: ${{ secrets.DOCKER_REPOSITORY_NGINX }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| - name: Gradle Caching | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.gradle/caches | |
| ~/.gradle/wrapper | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: | | |
| ${{ runner.os }}-gradle- | |
| - name: Grant Execute Permission For Gradlew | |
| run: chmod +x gradlew | |
| - name: Build With Gradle | |
| run: ./gradlew build -x test --warning-mode all | |
| ## Build and test | |
| - name: 테스트 코드 실행 | |
| run: ./gradlew --info test | |
| - name: Publish Unit Test Results | |
| uses: EnricoMi/publish-unit-test-result-action@v1 | |
| if: ${{ always() }} | |
| with: | |
| files: build/test-results/**/*.xml | |
| - name: Publish Test Report | |
| uses: mikepenz/action-junit-report@v3 | |
| if: success() || failure() | |
| with: | |
| report_paths: '**/build/test-results/test/TEST-*.xml' | |
| deploy: | |
| name: Deploy | |
| runs-on: ubuntu-latest | |
| environment: dev | |
| if: github.event_name == 'push' | |
| needs: build | |
| env: | |
| JASYPT_ENCRYPTOR_PASSWORD: ${{ secrets.JASYPT_ENCRYPTOR_PASSWORD }} | |
| DOCKER_REPOSITORY: ${{ secrets.DOCKER_REPOSITORY }} | |
| DOCKER_REPOSITORY_NGINX: ${{ secrets.DOCKER_REPOSITORY_NGINX }} | |
| steps: | |
| - name: Send docker-compose.yml | |
| uses: appleboy/scp-action@master | |
| with: | |
| username: ubuntu | |
| host: ${{ secrets.AWS_DEV_HOSTNAME }} | |
| key: ${{ secrets.AWS_DEV_PRIVATE_KEY }} | |
| source: "./docker-compose.yml" | |
| target: "/home/ubuntu/" | |
| - name: Send nginx.conf | |
| uses: appleboy/scp-action@master | |
| with: | |
| username: ubuntu | |
| host: ${{ secrets.AWS_DEV_HOSTNAME }} | |
| key: ${{ secrets.AWS_DEV_PRIVATE_KEY }} | |
| source: "./nginx/nginx.conf" | |
| target: "/home/ubuntu/" | |
| ## Docker login | |
| - name: Docker Login | |
| run: | | |
| docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} | |
| ## Nginx 도커 이미지 빌드 후 도커허브에 push하기 | |
| - name: Docker build & Push for Nginx | |
| run: | | |
| docker build -f dockerfile-nginx -t ${{ secrets.DOCKER_REPOSITORY_NGINX }} . | |
| docker push ${{ secrets.DOCKER_REPOSITORY_NGINX }} | |
| ## Spring Boot 도커 이미지 빌드 후 도커허브에 push하기 | |
| - name: Docker build & Push for Spring Boot | |
| run: | | |
| docker build -t ${{ secrets.DOCKER_REPOSITORY }} . | |
| docker push ${{ secrets.DOCKER_REPOSITORY }} | |
| # 도커 허브에서 이미지 Pull 및 Docker Compose로 컨테이너 실행 | |
| - name: Deploy to Dev with Docker Compose | |
| uses: appleboy/ssh-action@master | |
| with: | |
| username: ubuntu | |
| host: ${{ secrets.AWS_DEV_HOSTNAME }} | |
| key: ${{ secrets.AWS_DEV_PRIVATE_KEY }} | |
| run: | | |
| docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} | |
| export DOCKER_REPOSITORY=${{ secrets.DOCKER_REPOSITORY }} | |
| export DOCKER_REPOSITORY_NGINX=${{ secrets.DOCKER_REPOSITORY_NGINX }} | |
| export JASYPT_ENCRYPTOR_PASSWORD=${{ secrets.JASYPT_ENCRYPTOR_PASSWORD }} | |
| # Pull 최신 이미지 | |
| docker-compose -f /home/ubuntu/docker-compose.yml pull | |
| # 새 컨테이너 실행 | |
| docker-compose -f /home/ubuntu/docker-compose.yml up -d --build | |
| discord-notify: | |
| name: Discord Notify | |
| runs-on: ubuntu-latest | |
| environment: dev # 환경을 명시적으로 설정 | |
| needs: [ build, deploy ] # build와 deploy 작업이 끝난 후 실행 | |
| if: always() # 항상 실행되도록 설정 | |
| env: | |
| jasypt.encryptor.password: ${{ secrets.JASYPT_ENCRYPTOR_PASSWORD }} | |
| steps: | |
| - name: Send Discord Notification | |
| uses: sarisia/actions-status-discord@v1 | |
| with: | |
| webhook: ${{ secrets.DISCORD_WEBHOOK_URL }} | |
| status: ${{ job.status }} # 현재 작업(job)의 상태 (성공, 실패 등) | |
| title: "CI/CD Pipeline Status" | |
| description: | | |
| ${{ format( | |
| 'The CI/CD pipeline has completed.\n- **Build Job Status**: {0}\n- **Deploy Job Status**: {1}\n- **Branch**: {2}\n- **Commit**: {3}\n- **Author**: {4}', | |
| needs.build.result, | |
| needs.deploy.result, | |
| github.ref, | |
| github.sha, | |
| github.actor | |
| ) }} | |
| url: "https://github.com/sarisia/actions-status-discord" | |
| username: GitHub Actions Bot |