.github/workflows/develop_build_deploy.yml

name: Build and Deploy to Develop

on:
  push:
    branches:
      - develop

permissions:
  id-token: write
  pull-requests: write

env:
  IMAGE_NAME: gdsc-server

jobs:
  build-deploy:
    runs-on: ubuntu-latest
    environment: develop
    strategy:
      matrix:
        java-version: [17]
        distribution: ["temurin"]
    steps:
      # 체크아웃
      - name: Checkout
        uses: actions/checkout@v4

      # JDK 17 버전으로 세팅
      - name: Set up JDK 17
        uses: actions/setup-java@v4
        with:
          java-version: ${{ matrix.java-version }}
          distribution: ${{ matrix.distribution }}

      # Gradlew 실행 허용
      - name: Run chmod to make gradlew executable
        run: chmod +x ./gradlew

      # Redis 컨테이너 실행
      - name: Start containers
        run: docker compose -f docker-compose-test.yaml up -d

      # Gradle 빌드
      - name: Setup Gradle
        uses: gradle/actions/setup-gradle@v3
        with:
          cache-read-only: ${{ github.ref != 'refs/heads/main' && github.ref != 'refs/heads/develop' }} # feature 브랜치는 캐시를 읽기 전용으로 설정
          cache-encryption-key: ${{ secrets.GRADLE_CACHE_ENCRYPTION_KEY }}
          add-job-summary-as-pr-comment: always
          build-scan-publish: true
          build-scan-terms-of-use-url: "https://gradle.com/help/legal-terms-of-use"
          build-scan-terms-of-use-agree: "yes"

      - name: Build with Gradle
        id: gradle
        run: ./gradlew build --configuration-cache

      # Dockerhub 로그인
      - name: Login to Dockerhub
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      # Docker 메타데이터 추출
      - name: Extract Docker metadata
        id: metadata
        uses: docker/metadata-action@v5.5.0
        env:
          DOCKERHUB_IMAGE_FULL_NAME: ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.IMAGE_NAME }}
        with:
          images: ${{ env.DOCKERHUB_IMAGE_FULL_NAME }}
          tags: |
            type=sha,prefix=

      # 이미지 빌드 및 Dockerhub에 푸시
      - name: Docker Build and Push
        uses: docker/build-push-action@v5
        with:
          context: .
          push: true
          tags: ${{ steps.metadata.outputs.tags }}

      # AWS 로그인
      - name: Configure AWS Credentials
        uses: aws-actions/configure-aws-credentials@v4
        with:
          role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
          aws-region: ap-northeast-2
          output-config: true

      # 복사 경로 환경변수 설정
      - name: Set up S3 copy path
        env:
          S3_DEPLOY_BUCKET_NAME: ${{ secrets.S3_DEPLOY_BUCKET_NAME }}
        run: echo "S3_COPY_PATH=$(echo s3://${S3_DEPLOY_BUCKET_NAME}/gdsc/docker-compose-dev.yml)" >> $GITHUB_ENV

      # S3로 docker-compose 파일 전송
      - name: Copy docker-compose file to S3
        run: aws s3 cp docker-compose.yml ${{ env.S3_COPY_PATH }}

      # EC2로 배포
      - name: Deploy to EC2 Server
        uses: appleboy/ssh-action@master
        env:
          DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
          IMAGE_FULL_URL: ${{ steps.metadata.outputs.tags }}
        with:
          host: ${{ secrets.EC2_HOST }}
          username: ${{ secrets.EC2_USERNAME }}
          key: ${{ secrets.EC2_PRIVATE_KEY }}
          envs: IMAGE_FULL_URL # docker-compose.yml 에서 사용할 환경 변수
          script: |
            aws s3 cp ${{ env.S3_COPY_PATH }} docker-compose.yml
            echo "${{ secrets.DOCKERHUB_TOKEN }}" | docker login -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin
            docker pull ${{ env.IMAGE_FULL_URL }}
            docker compose up -d
            docker image prune -a -f

      # Slack 알림
      - name: Send Deploy Result to Slack
        uses: rtCamp/action-slack-notify@v2
        env:
          SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
          SLACK_USERNAME: 둘기봇
          SLACK_ICON: https://github.com/GDSC-Hongik/gdsc-server/assets/91878695/1d3861bd-672d-4ee7-8de4-f06c9a06f514
          SLACK_TITLE: "Deploy Summary - Develop"
          SLACK_MESSAGE: |
            - image tag: `${{ steps.metadata.outputs.tags }}`
            - build scan report: ${{ steps.gradle.outputs.build-scan-url }}