Merge pull request #112 from soma-baekgu/develop #25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 'CI/CD MAIN' | |
| on: | |
| push: | |
| branches: | |
| - 'main' | |
| env: | |
| AWS_REGION: ap-northeast-2 | |
| jobs: | |
| build-api: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/[email protected] | |
| - name: AWS IAM | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-access-key-id: ${{ secrets.ECR_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.ECR_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'temurin' | |
| java-version: 17 | |
| - name: Cache Gradle packages | |
| uses: actions/[email protected] | |
| with: | |
| path: ~/.gradle/caches | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: | | |
| ${{ runner.os }}-gradle- | |
| - name: make application.yaml | |
| run: | | |
| cd ./api/src/main/resources/ | |
| touch ./application.yaml | |
| echo "${{ secrets.YAML_PROD_API }}" > ./application.yaml | |
| shell: bash | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x gradlew | |
| - name: Build with Gradle | |
| run: ./gradlew :api:build -x test | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Delete existing image with same tag | |
| run: | | |
| if aws ecr list-images \ | |
| --repository-name backgu-repository \ | |
| --region ${{env.AWS_REGION}} \ | |
| --query 'imageIds[?imageTag==`api`]' \ | |
| --output text | grep -q 'api'; then | |
| aws ecr batch-delete-image \ | |
| --repository-name backgu-repository \ | |
| --image-ids imageTag=api \ | |
| --region ap-northeast-2 | |
| echo "Image with tag 'api' deleted successfully." | |
| else | |
| echo "Image with tag 'api' not found. No action taken." | |
| fi | |
| - name: Build, tag, and push docker image to Amazon ECR | |
| env: | |
| REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| REPOSITORY: backgu-repository | |
| IMAGE_TAG: api | |
| run: | | |
| docker build -t $REGISTRY/$REPOSITORY:$IMAGE_TAG -f Dockerfile-api . | |
| docker push $REGISTRY/$REPOSITORY:$IMAGE_TAG | |
| - name: Deploy Images with Docker compose | |
| uses: appleboy/[email protected] | |
| env: | |
| APP: "backgu-api" | |
| COMPOSE: "/home/ec2-user/compose/docker-compose-api.yaml" | |
| with: | |
| host: ${{secrets.EC2_PROD_BASTION}} | |
| username: ec2-user | |
| key: ${{secrets.EC2_PROD_PRIVATE_KEY}} | |
| port: 22 | |
| envs: APP, COMPOSE | |
| script_stop: true | |
| script: | | |
| ssh api1 "aws ecr get-login-password --region ${{ env.AWS_REGION }} | docker login --username AWS --password-stdin ${{ secrets.AWS_ECR_REGISTRY }}" | |
| ssh api1 docker-compose -f $COMPOSE down | |
| ssh api1 docker pull ${{secrets.IMAGE_API}} | |
| ssh api1 docker-compose -p api -f $COMPOSE up -d | |
| build-notification: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/[email protected] | |
| - name: AWS IAM | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-access-key-id: ${{ secrets.ECR_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.ECR_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'temurin' | |
| java-version: 17 | |
| - name: Cache Gradle packages | |
| uses: actions/[email protected] | |
| with: | |
| path: ~/.gradle/caches | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: | | |
| ${{ runner.os }}-gradle- | |
| - name: make application.yaml | |
| run: | | |
| cd ./notification/src/main/resources/ | |
| touch ./application.yaml | |
| echo "${{ secrets.YAML_PROD_NOTIFICATION }}" > ./application.yaml | |
| mkdir -p firebase | |
| echo "${{ secrets.FCM_ACCOUNT }}" > ./firebase/fcm.json | |
| shell: bash | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x gradlew | |
| - name: Build with Gradle | |
| run: ./gradlew :notification:build -x test | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Delete existing image with same tag | |
| run: | | |
| if aws ecr list-images \ | |
| --repository-name backgu-repository \ | |
| --region ${{env.AWS_REGION}} \ | |
| --query 'imageIds[?imageTag==`notification`]' \ | |
| --output text | grep -q 'notification'; then | |
| aws ecr batch-delete-image \ | |
| --repository-name backgu-repository \ | |
| --image-ids imageTag=notification \ | |
| --region ap-northeast-2 | |
| echo "Image with tag 'notification' deleted successfully." | |
| else | |
| echo "Image with tag 'notification' not found. No action taken." | |
| fi | |
| - name: Build, tag, and push docker image to Amazon ECR | |
| env: | |
| REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| REPOSITORY: backgu-repository | |
| IMAGE_TAG: notification | |
| run: | | |
| docker build -t $REGISTRY/$REPOSITORY:$IMAGE_TAG -f Dockerfile-notification . | |
| docker push $REGISTRY/$REPOSITORY:$IMAGE_TAG | |
| - name: Deploy Images with Docker compose | |
| uses: appleboy/[email protected] | |
| env: | |
| APP: "backgu-notification" | |
| COMPOSE: "/home/ec2-user/compose/docker-compose-notification.yaml" | |
| with: | |
| host: ${{secrets.EC2_PROD_BASTION}} | |
| username: ec2-user | |
| key: ${{secrets.EC2_PROD_PRIVATE_KEY}} | |
| port: 22 | |
| envs: APP, COMPOSE | |
| script_stop: true | |
| script: | | |
| ssh notification1 "aws ecr get-login-password --region ${{ env.AWS_REGION }} | docker login --username AWS --password-stdin ${{ secrets.AWS_ECR_REGISTRY }}" | |
| ssh notification1 docker-compose -f $COMPOSE down | |
| ssh notification1 docker pull ${{secrets.IMAGE_NOTIFICATION}} | |
| ssh notification1 docker-compose -p notification -f $COMPOSE up -d | |
| build-batch: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/[email protected] | |
| - name: AWS IAM | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-access-key-id: ${{ secrets.ECR_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.ECR_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'temurin' | |
| java-version: 17 | |
| - name: Cache Gradle packages | |
| uses: actions/[email protected] | |
| with: | |
| path: ~/.gradle/caches | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: | | |
| ${{ runner.os }}-gradle- | |
| - name: make application.yaml | |
| run: | | |
| cd ./batch/src/main/resources/ | |
| touch ./application.yaml | |
| echo "${{ secrets.YAML_PROD_BATCH }}" > ./application.yaml | |
| shell: bash | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x gradlew | |
| - name: Build with Gradle | |
| run: ./gradlew :batch:build -x test | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Delete existing image with same tag | |
| run: | | |
| if aws ecr list-images \ | |
| --repository-name backgu-repository \ | |
| --region ${{env.AWS_REGION}} \ | |
| --query 'imageIds[?imageTag==`batch`]' \ | |
| --output text | grep -q 'batch'; then | |
| aws ecr batch-delete-image \ | |
| --repository-name backgu-repository \ | |
| --image-ids imageTag=batch \ | |
| --region ap-northeast-2 | |
| echo "Image with tag 'batch' deleted successfully." | |
| else | |
| echo "Image with tag 'batch' not found. No action taken." | |
| fi | |
| - name: Build, tag, and push docker image to Amazon ECR | |
| env: | |
| REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| REPOSITORY: backgu-repository | |
| IMAGE_TAG: batch | |
| run: | | |
| docker build -t $REGISTRY/$REPOSITORY:$IMAGE_TAG -f Dockerfile-batch . | |
| docker push $REGISTRY/$REPOSITORY:$IMAGE_TAG | |
| - name: Deploy Images with Docker compose | |
| uses: appleboy/[email protected] | |
| env: | |
| APP: "backgu-batch" | |
| COMPOSE: "/home/ec2-user/compose/docker-compose-batch.yaml" | |
| with: | |
| host: ${{secrets.EC2_PROD_BASTION}} | |
| username: ec2-user | |
| key: ${{secrets.EC2_PROD_PRIVATE_KEY}} | |
| port: 22 | |
| envs: APP, COMPOSE | |
| script_stop: true | |
| script: | | |
| ssh batch1 "aws ecr get-login-password --region ${{ env.AWS_REGION }} | docker login --username AWS --password-stdin ${{ secrets.AWS_ECR_REGISTRY }}" | |
| ssh batch1 docker-compose -f $COMPOSE down | |
| ssh batch1 docker pull ${{secrets.IMAGE_BATCH}} | |
| ssh batch1 docker-compose -p batch -f $COMPOSE up -d | |
| build-realtime: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/[email protected] | |
| - name: AWS IAM | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-access-key-id: ${{ secrets.ECR_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.ECR_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'temurin' | |
| java-version: 17 | |
| - name: Cache Gradle packages | |
| uses: actions/[email protected] | |
| with: | |
| path: ~/.gradle/caches | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: | | |
| ${{ runner.os }}-gradle- | |
| - name: make application.yaml | |
| run: | | |
| cd ./realtime/src/main/resources/ | |
| touch ./application.yaml | |
| echo "${{ secrets.YAML_PROD_REALTIME }}" > ./application.yaml | |
| shell: bash | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x gradlew | |
| - name: Build with Gradle | |
| run: ./gradlew :realtime:build -x test | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Delete existing image with same tag | |
| run: | | |
| if aws ecr list-images \ | |
| --repository-name backgu-repository \ | |
| --region ${{env.AWS_REGION}} \ | |
| --query 'imageIds[?imageTag==`realtime`]' \ | |
| --output text | grep -q 'realtime'; then | |
| aws ecr batch-delete-image \ | |
| --repository-name backgu-repository \ | |
| --image-ids imageTag=realtime \ | |
| --region ap-northeast-2 | |
| echo "Image with tag 'realtime' deleted successfully." | |
| else | |
| echo "Image with tag 'realtime' not found. No action taken." | |
| fi | |
| - name: Build, tag, and push docker image to Amazon ECR | |
| env: | |
| REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| REPOSITORY: backgu-repository | |
| IMAGE_TAG: realtime | |
| run: | | |
| docker build -t $REGISTRY/$REPOSITORY:$IMAGE_TAG -f Dockerfile-realtime . | |
| docker push $REGISTRY/$REPOSITORY:$IMAGE_TAG | |
| - name: Deploy Images with Docker compose | |
| uses: appleboy/[email protected] | |
| env: | |
| APP: "backgu-realtime" | |
| COMPOSE: "/home/ec2-user/compose/docker-compose-realtime.yaml" | |
| with: | |
| host: ${{secrets.EC2_PROD_BASTION}} | |
| username: ec2-user | |
| key: ${{secrets.EC2_PROD_PRIVATE_KEY}} | |
| port: 22 | |
| envs: APP, COMPOSE | |
| script_stop: true | |
| script: | | |
| ssh realtime1 "aws ecr get-login-password --region ${{ env.AWS_REGION }} | docker login --username AWS --password-stdin ${{ secrets.AWS_ECR_REGISTRY }}" | |
| ssh realtime1 docker-compose -f $COMPOSE down | |
| ssh realtime1 docker pull ${{secrets.IMAGE_REALTIME}} | |
| ssh realtime1 docker-compose -p realtime -f $COMPOSE up -d | |