[Feat#38] Github Action 및 docker compose를 활용한 배포 파이프라인 구현 #11
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | ||
| on: [ pull_request, workflow_dispatch ] | ||
| jobs: | ||
| style: | ||
| name: CheckStyle | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v2 | ||
| with: | ||
| fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis | ||
| - name: Set up JDK 17 | ||
| uses: actions/setup-java@v1 | ||
| with: | ||
| java-version: 17 | ||
| - name: Run Checkstyle | ||
| run: ./gradlew checkstyleMain checkstyleTest | ||
| - name: Make firebase-adminsdk.json | ||
| run: | | ||
| touch src/main/resources/timeet-firebase-adminsdk.json | ||
| echo "${{ secrets.FIREBASE_ADMINSDK }}" | base64 --decode > src/main/resources/timeet-firebase-adminsdk.json | ||
| - name: Make application-prod.yml | ||
| run: | | ||
| touch src/main/resources/application-prod.yml | ||
| echo "${{ secrets.APPLICATION_PROD }}" | base64 --decode > src/main/resources/application-prod.yml | ||
| - name: Make application-test.yml | ||
| run: | | ||
| touch src/main/resources/application-test.yml | ||
| echo "${{ secrets.APPLICATION_TEST }}" | base64 --decode > src/main/resources/application-test.yml | ||
| - name: Cache SonarQube packages | ||
| uses: actions/cache@v1 | ||
| with: | ||
| path: ~/.sonar/cache | ||
| key: ${{ runner.os }}-sonar | ||
| restore-keys: ${{ runner.os }}-sonar | ||
| - name: Cache Gradle packages | ||
| uses: actions/cache@v1 | ||
| with: | ||
| path: ~/.gradle/caches | ||
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }} | ||
| restore-keys: ${{ runner.os }}-gradle | ||
| - name: Build and analyze | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any | ||
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | ||
| SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} | ||
| run: ./gradlew clean build sonar --info | ||
| - name: Verify JAR File Exists | ||
| run: | | ||
| ls -l ./build/libs/ | ||
| if [ -z "$(ls -A ./build/libs/*.jar)" ]; then | ||
| echo "No JAR files found in ./build/libs directory." | ||
| exit 1 | ||
| fi | ||
| build: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| # repository checkout | ||
| - uses: actions/checkout@v2 | ||
| - name: Set up JDK 17 | ||
| uses: actions/setup-java@v1 | ||
| with: | ||
| java-version: 17 | ||
| - name: Run Checkstyle | ||
| run: ./gradlew checkstyleMain checkstyleTest | ||
| - name: Make firebase-adminsdk.json | ||
| run: | | ||
| touch src/main/resources/timeet-firebase-adminsdk.json | ||
| echo "${{ secrets.FIREBASE_ADMINSDK }}" | base64 --decode > src/main/resources/timeet-firebase-adminsdk.json | ||
| - name: Make application-prod.yml | ||
| run: | | ||
| touch src/main/resources/application-prod.yml | ||
| echo "${{ secrets.APPLICATION_PROD }}" | base64 --decode > src/main/resources/application-prod.yml | ||
| - name: Make application-test.yml | ||
| run: | | ||
| touch src/main/resources/application-test.yml | ||
| echo "${{ secrets.APPLICATION_TEST }}" | base64 --decode > src/main/resources/application-test.yml | ||
| - name: Set output | ||
| id: vars | ||
| run: echo ::set-output name=tag::${GITHUB_REF#refs/*/} | ||
| - name: Build and analyze | ||
| run: ./gradlew clean build --info | ||
| - name: Docker Setup QEMU | ||
| uses: docker/[email protected] | ||
| - name: Docker Setup Buildx | ||
| uses: docker/[email protected] | ||
| - name: Docker Login | ||
| uses: docker/[email protected] | ||
| with: | ||
| username: ${{ secrets.DOCKER_USERNAME }} | ||
| password: ${{ secrets.DOCKER_TOKEN }} | ||
| - name: Build and Push Docker Image | ||
| run: | | ||
| JAR_FILE=$(ls ./build/libs/*.jar | head -n 1) | ||
| docker buildx build --platform linux/amd64,linux/arm64 \ | ||
| -t syw5141/dnd-10th-2-backend:latest \ | ||
| --build-arg JAR_FILE="$JAR_FILE" \ | ||
| --push . | ||
| deploy: | ||
| needs: docker | ||
| name: Deploy | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Set output | ||
| id: vars | ||
| run: echo ::set-output name=tag::${GITHUB_REF#refs/*/} | ||
| - name: Deploy on rpi4 server using docker | ||
| uses: appleboy/[email protected] | ||
| with: | ||
| host: ${{ secrets.HOST }} | ||
| username: ${{ secrets.USERNAME }} | ||
| password: ${{ secrets.PASSWORD }} | ||
| port: ${{ secrets.PORT }} | ||
| script: | | ||
| cd ~/dnd-10th-2-backend | ||
| docker-compose pull | ||
| docker-compose up --force-recreate --build -d | ||
| docker image prune -f | ||
