Skip to content

Merge remote-tracking branch 'origin/develop' into develop #161

Merge remote-tracking branch 'origin/develop' into develop

Merge remote-tracking branch 'origin/develop' into develop #161

Workflow file for this run

# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle
# github repository Actions 페이지에 나타날 이름
name: Pickly Backend CI / CD
# develop 브렌치에 Push되었을 경우 Workflow Trigger을 실행한다.
on:
push:
branches: [ "develop" ]
workflow_dispatch:
permissions:
contents: read
env:
IMAGE_TAG : ${{ github.sha }}
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up JDK 17
uses: actions/setup-java@v1
with:
java-version: 17
- name: Cache Gradle
uses: actions/cache@v2
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
restore-keys: |
${{ runner.os }}-gradle-
- name: Grant execute permission for gradlew
run: chmod +x gradlew
- name: Create firebase config key
run: |
cd ./pickly-service/src/main/resources
echo "${{ secrets.SERVICE_FIREBASE_CONFIG }}" > ./firebase.json
shell: bash
- name: Create extension encrypt key
run: |
cd ./pickly-service/src/main/resources
echo "${{ secrets.ET_KEY }}" > ./extension.json
shell: bash
- name: Build Gradle wrapper
run: gradle wrap
- name: Build with Gradle
run: ./gradlew clean :pickly-service:build -x test
shell: bash
## docker build & push to AWS Registry
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Build, tag, and push image to Amazon ECR
id: build-image
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: pickly-service
run: |
cd pickly-service
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"
- name: Cleanup Gradle Cache
# Remove some files from the Gradle cache, so they aren't cached by GitHub Actions.
# Restoring these files from a GitHub Actions cache might cause problems for future builds.
if: ${{ always() }}
run: |
rm -f ~/.gradle/caches/modules-2/modules-2.lock
rm -f ~/.gradle/caches/modules-2/gc.properties
deploy:
needs: build
name: Deploy to EC2
runs-on: ubuntu-latest
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Setup SSH
run: |
mkdir -p ~/.ssh
echo "${{ secrets.AWS_PRIVATE_KEY }}" > ~/.ssh/pickly.pem
chmod 600 ~/.ssh/pickly.pem
- name: SSH and deploy to EC2
env:
ECR_REGISTRY: ${{ secrets.AWS_ECR_REGISTRY }}
AWS_PUBLIC_IP_V4: ${{ secrets.AWS_PUBLIC_IP_V4 }}
run: |
ssh -tt -o StrictHostKeyChecking=no -i ~/.ssh/pickly.pem $AWS_PUBLIC_IP_V4 << 'EOF'
export AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY }}
export AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }}
export AWS_REGION=${{ secrets.AWS_REGION }}
export ECR_REGISTRY=${{ secrets.AWS_ECR_REGISTRY }}
aws ecr get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin $ECR_REGISTRY
if docker ps -a --format '{{.Names}}' | grep -q pickly-service; then
docker stop pickly-service
docker rm pickly-service
else
echo "pickly-service container does not exist. Skipping container stop and removal."
fi
echo "docker pull"
docker pull $ECR_REGISTRY:${{ github.sha }}
echo "docker ps"
if docker ps -a --format '{{.Names}}' | grep -q pickly-service; then
docker rm -f $(docker ps -aq --filter name=pickly-service)
else
echo "pickly-service container does not exist. Skipping container removal."
fi
echo "docker run"
docker run -d --name pickly-service -p 8080:8080 -e DB_DBNAME=${{ secrets.DB_DBNAME }} -e DB_USERNAME=${{ secrets.DB_USERNAME }} -e DEV_DB_HOST=${{ secrets.DEV_DB_HOST }} -e DEV_DB_PORT=${{ secrets.DEV_DB_PORT }} -e DEV_DB_PASSWORD=${{ secrets.DEV_DB_PASSWORD }} $ECR_REGISTRY:${{ github.sha }}
docker ps -a
exit
EOF