-
Notifications
You must be signed in to change notification settings - Fork 1
151 lines (134 loc) · 5.15 KB
/
dev-aws-CI-CD.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
name: dev - CI/CD to Amazon ECS
on:
push:
branches: [ "develop" ]
pull_request:
branches: [ "develop" ]
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-latest
environment: dev
if: github.event_name == 'push' || github.event_name == 'pull_request'
env:
jasypt.encryptor.password: ${{ secrets.JASYPT_ENCRYPTOR_PASSWORD }}
DOCKER_REPOSITORY: ${{ secrets.DOCKER_REPOSITORY }}
DOCKER_REPOSITORY_NGINX: ${{ secrets.DOCKER_REPOSITORY_NGINX }}
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'temurin'
- name: Gradle Caching
uses: actions/cache@v3
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
restore-keys: |
${{ runner.os }}-gradle-
- name: Grant Execute Permission For Gradlew
run: chmod +x gradlew
- name: Build With Gradle
run: ./gradlew build -x test --warning-mode all
## Build and test
- name: 테스트 코드 실행
run: ./gradlew --info test
- name: Publish Unit Test Results
uses: EnricoMi/publish-unit-test-result-action@v1
if: ${{ always() }}
with:
files: build/test-results/**/*.xml
- name: Publish Test Report
uses: mikepenz/action-junit-report@v3
if: success() || failure()
with:
report_paths: '**/build/test-results/test/TEST-*.xml'
deploy:
name: Deploy
runs-on: ubuntu-latest
environment: dev
if: github.event_name == 'push'
needs: build
env:
JASYPT_ENCRYPTOR_PASSWORD: ${{ secrets.JASYPT_ENCRYPTOR_PASSWORD }}
DOCKER_REPOSITORY: ${{ secrets.DOCKER_REPOSITORY }}
DOCKER_REPOSITORY_NGINX: ${{ secrets.DOCKER_REPOSITORY_NGINX }}
steps:
- name: Send docker-compose.yml
uses: appleboy/scp-action@master
with:
username: ubuntu
host: ${{ secrets.AWS_DEV_HOSTNAME }}
key: ${{ secrets.AWS_DEV_PRIVATE_KEY }}
source: "./docker-compose.yml"
target: "/home/ubuntu/"
- name: Send nginx.conf
uses: appleboy/scp-action@master
with:
username: ubuntu
host: ${{ secrets.AWS_DEV_HOSTNAME }}
key: ${{ secrets.AWS_DEV_PRIVATE_KEY }}
source: "./nginx/nginx.conf"
target: "/home/ubuntu/"
## Docker login
- name: Docker Login
run: |
docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }}
## Nginx 도커 이미지 빌드 후 도커허브에 push하기
- name: Docker build & Push for Nginx
run: |
docker build -f dockerfile-nginx -t ${{ secrets.DOCKER_REPOSITORY_NGINX }} .
docker push ${{ secrets.DOCKER_REPOSITORY_NGINX }}
## Spring Boot 도커 이미지 빌드 후 도커허브에 push하기
- name: Docker build & Push for Spring Boot
run: |
docker build -t ${{ secrets.DOCKER_REPOSITORY }} .
docker push ${{ secrets.DOCKER_REPOSITORY }}
# 도커 허브에서 이미지 Pull 및 Docker Compose로 컨테이너 실행
- name: Deploy to Dev with Docker Compose
uses: appleboy/ssh-action@master
with:
username: ubuntu
host: ${{ secrets.AWS_DEV_HOSTNAME }}
key: ${{ secrets.AWS_DEV_PRIVATE_KEY }}
run: |
docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }}
export DOCKER_REPOSITORY=${{ secrets.DOCKER_REPOSITORY }}
export DOCKER_REPOSITORY_NGINX=${{ secrets.DOCKER_REPOSITORY_NGINX }}
export JASYPT_ENCRYPTOR_PASSWORD=${{ secrets.JASYPT_ENCRYPTOR_PASSWORD }}
# Pull 최신 이미지
docker-compose -f /home/ubuntu/docker-compose.yml pull
# 새 컨테이너 실행
docker-compose -f /home/ubuntu/docker-compose.yml up -d --build
discord-notify:
name: Discord Notify
runs-on: ubuntu-latest
environment: dev # 환경을 명시적으로 설정
needs: [ build, deploy ] # build와 deploy 작업이 끝난 후 실행
if: always() # 항상 실행되도록 설정
env:
jasypt.encryptor.password: ${{ secrets.JASYPT_ENCRYPTOR_PASSWORD }}
steps:
- name: Send Discord Notification
uses: sarisia/actions-status-discord@v1
with:
webhook: ${{ secrets.DISCORD_WEBHOOK_URL }}
status: ${{ job.status }} # 현재 작업(job)의 상태 (성공, 실패 등)
title: "CI/CD Pipeline Status"
description: |
${{ format(
'The CI/CD pipeline has completed.\n- **Build Job Status**: {0}\n- **Deploy Job Status**: {1}\n- **Branch**: {2}\n- **Commit**: {3}\n- **Author**: {4}',
needs.build.result,
needs.deploy.result,
github.ref,
github.sha,
github.actor
) }}
url: "https://github.com/sarisia/actions-status-discord"
username: GitHub Actions Bot