-
Notifications
You must be signed in to change notification settings - Fork 1
130 lines (113 loc) · 4.28 KB
/
develop_build_deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
name: Build and Deploy to Develop
on:
push:
branches:
- develop
permissions:
id-token: write
pull-requests: write
env:
IMAGE_NAME: gdsc-server
jobs:
build-deploy:
runs-on: ubuntu-latest
environment: develop
strategy:
matrix:
java-version: [17]
distribution: ["temurin"]
steps:
# 체크아웃
- name: Checkout
uses: actions/checkout@v4
# JDK 17 버전으로 세팅
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
java-version: ${{ matrix.java-version }}
distribution: ${{ matrix.distribution }}
# Gradlew 실행 허용
- name: Run chmod to make gradlew executable
run: chmod +x ./gradlew
# Redis 컨테이너 실행
- name: Start containers
run: docker compose -f docker-compose-test.yaml up -d
# Gradle 빌드
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v3
with:
cache-read-only: ${{ github.ref != 'refs/heads/main' && github.ref != 'refs/heads/develop' }} # feature 브랜치는 캐시를 읽기 전용으로 설정
cache-encryption-key: ${{ secrets.GRADLE_CACHE_ENCRYPTION_KEY }}
add-job-summary-as-pr-comment: always
build-scan-publish: true
build-scan-terms-of-use-url: "https://gradle.com/help/legal-terms-of-use"
build-scan-terms-of-use-agree: "yes"
- name: Build with Gradle
id: gradle
run: ./gradlew build --configuration-cache
# Dockerhub 로그인
- name: Login to Dockerhub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
# Docker 메타데이터 추출
- name: Extract Docker metadata
id: metadata
uses: docker/[email protected]
env:
DOCKERHUB_IMAGE_FULL_NAME: ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.IMAGE_NAME }}
with:
images: ${{ env.DOCKERHUB_IMAGE_FULL_NAME }}
tags: |
type=sha,prefix=
# 이미지 빌드 및 Dockerhub에 푸시
- name: Docker Build and Push
uses: docker/build-push-action@v5
with:
context: .
push: true
tags: ${{ steps.metadata.outputs.tags }}
# AWS 로그인
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
aws-region: ap-northeast-2
output-config: true
# 복사 경로 환경변수 설정
- name: Set up S3 copy path
env:
S3_DEPLOY_BUCKET_NAME: ${{ secrets.S3_DEPLOY_BUCKET_NAME }}
run: echo "S3_COPY_PATH=$(echo s3://${S3_DEPLOY_BUCKET_NAME}/gdsc/docker-compose-dev.yml)" >> $GITHUB_ENV
# S3로 docker-compose 파일 전송
- name: Copy docker-compose file to S3
run: aws s3 cp docker-compose.yml ${{ env.S3_COPY_PATH }}
# EC2로 배포
- name: Deploy to EC2 Server
uses: appleboy/ssh-action@master
env:
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
IMAGE_FULL_URL: ${{ steps.metadata.outputs.tags }}
with:
host: ${{ secrets.EC2_HOST }}
username: ${{ secrets.EC2_USERNAME }}
key: ${{ secrets.EC2_PRIVATE_KEY }}
envs: IMAGE_FULL_URL # docker-compose.yml 에서 사용할 환경 변수
script: |
aws s3 cp ${{ env.S3_COPY_PATH }} docker-compose.yml
echo "${{ secrets.DOCKERHUB_TOKEN }}" | docker login -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin
docker pull ${{ env.IMAGE_FULL_URL }}
docker compose up -d
docker image prune -a -f
# Slack 알림
- name: Send Deploy Result to Slack
uses: rtCamp/action-slack-notify@v2
env:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
SLACK_USERNAME: 둘기봇
SLACK_ICON: https://github.com/GDSC-Hongik/gdsc-server/assets/91878695/1d3861bd-672d-4ee7-8de4-f06c9a06f514
SLACK_TITLE: "Deploy Summary - Develop"
SLACK_MESSAGE: |
- image tag: `${{ steps.metadata.outputs.tags }}`
- build scan report: ${{ steps.gradle.outputs.build-scan-url }}