Merge pull request #119 from soma-baekgu/develop #27
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 'CI/CD MAIN' | |
| on: | |
| push: | |
| branches: | |
| - 'main' | |
| env: | |
| AWS_REGION: ap-northeast-2 | |
| jobs: | |
| build-api: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/[email protected] | |
| - name: AWS IAM | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-access-key-id: ${{ secrets.ECR_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.ECR_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'temurin' | |
| java-version: 17 | |
| - name: Cache Gradle packages | |
| uses: actions/[email protected] | |
| with: | |
| path: ~/.gradle/caches | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: | | |
| ${{ runner.os }}-gradle- | |
| - name: make application.yaml | |
| run: | | |
| cd ./api/src/main/resources/ | |
| touch ./application.yaml | |
| echo "${{ secrets.YAML_PROD_API }}" > ./application.yaml | |
| shell: bash | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x gradlew | |
| - name: Build with Gradle | |
| run: ./gradlew :api:build -x test | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Delete existing image with same tag | |
| run: | | |
| if aws ecr list-images \ | |
| --repository-name backgu-repository \ | |
| --region ${{env.AWS_REGION}} \ | |
| --query 'imageIds[?imageTag==`api`]' \ | |
| --output text | grep -q 'api'; then | |
| aws ecr batch-delete-image \ | |
| --repository-name backgu-repository \ | |
| --image-ids imageTag=api \ | |
| --region ap-northeast-2 | |
| echo "Image with tag 'api' deleted successfully." | |
| else | |
| echo "Image with tag 'api' not found. No action taken." | |
| fi | |
| - name: Build, tag, and push docker image to Amazon ECR | |
| env: | |
| REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| REPOSITORY: backgu-repository | |
| IMAGE_TAG: api | |
| run: | | |
| docker build -t $REGISTRY/$REPOSITORY:$IMAGE_TAG -f Dockerfile-api . | |
| docker push $REGISTRY/$REPOSITORY:$IMAGE_TAG | |
| - name: Deploy Images with Docker compose | |
| uses: appleboy/[email protected] | |
| env: | |
| APP: "backgu-api" | |
| COMPOSE: "/home/ec2-user/compose/docker-compose-api.yaml" | |
| with: | |
| host: ${{secrets.EC2_PROD_BASTION}} | |
| username: ec2-user | |
| key: ${{secrets.EC2_PROD_PRIVATE_KEY}} | |
| port: 22 | |
| envs: APP, COMPOSE | |
| script_stop: true | |
| script: | | |
| ssh api01 "aws ecr get-login-password --region ${{ env.AWS_REGION }} | docker login --username AWS --password-stdin ${{ secrets.AWS_ECR_REGISTRY }}" | |
| ssh api01 docker-compose -f $COMPOSE down | |
| ssh api01 docker pull ${{secrets.IMAGE_API}} | |
| ssh api01 docker-compose -p api -f $COMPOSE up -d | |
| build-notification: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/[email protected] | |
| - name: AWS IAM | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-access-key-id: ${{ secrets.ECR_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.ECR_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'temurin' | |
| java-version: 17 | |
| - name: Cache Gradle packages | |
| uses: actions/[email protected] | |
| with: | |
| path: ~/.gradle/caches | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: | | |
| ${{ runner.os }}-gradle- | |
| - name: make application.yaml | |
| run: | | |
| cd ./notification/src/main/resources/ | |
| touch ./application.yaml | |
| echo "${{ secrets.YAML_PROD_NOTIFICATION }}" > ./application.yaml | |
| mkdir -p firebase | |
| echo "${{ secrets.FCM_ACCOUNT }}" > ./firebase/fcm.json | |
| shell: bash | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x gradlew | |
| - name: Build with Gradle | |
| run: ./gradlew :notification:build -x test | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Delete existing image with same tag | |
| run: | | |
| if aws ecr list-images \ | |
| --repository-name backgu-repository \ | |
| --region ${{env.AWS_REGION}} \ | |
| --query 'imageIds[?imageTag==`notification`]' \ | |
| --output text | grep -q 'notification'; then | |
| aws ecr batch-delete-image \ | |
| --repository-name backgu-repository \ | |
| --image-ids imageTag=notification \ | |
| --region ap-northeast-2 | |
| echo "Image with tag 'notification' deleted successfully." | |
| else | |
| echo "Image with tag 'notification' not found. No action taken." | |
| fi | |
| - name: Build, tag, and push docker image to Amazon ECR | |
| env: | |
| REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| REPOSITORY: backgu-repository | |
| IMAGE_TAG: notification | |
| run: | | |
| docker build -t $REGISTRY/$REPOSITORY:$IMAGE_TAG -f Dockerfile-notification . | |
| docker push $REGISTRY/$REPOSITORY:$IMAGE_TAG | |
| - name: Deploy Images with Docker compose | |
| uses: appleboy/[email protected] | |
| env: | |
| APP: "backgu-notification" | |
| COMPOSE: "/home/ec2-user/compose/docker-compose-notification.yaml" | |
| with: | |
| host: ${{secrets.EC2_PROD_BASTION}} | |
| username: ec2-user | |
| key: ${{secrets.EC2_PROD_PRIVATE_KEY}} | |
| port: 22 | |
| envs: APP, COMPOSE | |
| script_stop: true | |
| script: | | |
| ssh notification01 "aws ecr get-login-password --region ${{ env.AWS_REGION }} | docker login --username AWS --password-stdin ${{ secrets.AWS_ECR_REGISTRY }}" | |
| ssh notification01 docker-compose -f $COMPOSE down | |
| ssh notification01 docker pull ${{secrets.IMAGE_NOTIFICATION}} | |
| ssh notification01 docker-compose -p notification -f $COMPOSE up -d | |
| build-batch: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/[email protected] | |
| - name: AWS IAM | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-access-key-id: ${{ secrets.ECR_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.ECR_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'temurin' | |
| java-version: 17 | |
| - name: Cache Gradle packages | |
| uses: actions/[email protected] | |
| with: | |
| path: ~/.gradle/caches | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: | | |
| ${{ runner.os }}-gradle- | |
| - name: make application.yaml | |
| run: | | |
| cd ./batch/src/main/resources/ | |
| touch ./application.yaml | |
| echo "${{ secrets.YAML_PROD_BATCH }}" > ./application.yaml | |
| shell: bash | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x gradlew | |
| - name: Build with Gradle | |
| run: ./gradlew :batch:build -x test | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Delete existing image with same tag | |
| run: | | |
| if aws ecr list-images \ | |
| --repository-name backgu-repository \ | |
| --region ${{env.AWS_REGION}} \ | |
| --query 'imageIds[?imageTag==`batch`]' \ | |
| --output text | grep -q 'batch'; then | |
| aws ecr batch-delete-image \ | |
| --repository-name backgu-repository \ | |
| --image-ids imageTag=batch \ | |
| --region ap-northeast-2 | |
| echo "Image with tag 'batch' deleted successfully." | |
| else | |
| echo "Image with tag 'batch' not found. No action taken." | |
| fi | |
| - name: Build, tag, and push docker image to Amazon ECR | |
| env: | |
| REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| REPOSITORY: backgu-repository | |
| IMAGE_TAG: batch | |
| run: | | |
| docker build -t $REGISTRY/$REPOSITORY:$IMAGE_TAG -f Dockerfile-batch . | |
| docker push $REGISTRY/$REPOSITORY:$IMAGE_TAG | |
| - name: Deploy Images with Docker compose | |
| uses: appleboy/[email protected] | |
| env: | |
| APP: "backgu-batch" | |
| COMPOSE: "/home/ec2-user/compose/docker-compose-batch.yaml" | |
| with: | |
| host: ${{secrets.EC2_PROD_BASTION}} | |
| username: ec2-user | |
| key: ${{secrets.EC2_PROD_PRIVATE_KEY}} | |
| port: 22 | |
| envs: APP, COMPOSE | |
| script_stop: true | |
| script: | | |
| ssh batch01 "aws ecr get-login-password --region ${{ env.AWS_REGION }} | docker login --username AWS --password-stdin ${{ secrets.AWS_ECR_REGISTRY }}" | |
| ssh batch01 docker-compose -f $COMPOSE down | |
| ssh batch01 docker pull ${{secrets.IMAGE_BATCH}} | |
| ssh batch01 docker-compose -p batch -f $COMPOSE up -d | |
| build-realtime: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/[email protected] | |
| - name: AWS IAM | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-access-key-id: ${{ secrets.ECR_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.ECR_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'temurin' | |
| java-version: 17 | |
| - name: Cache Gradle packages | |
| uses: actions/[email protected] | |
| with: | |
| path: ~/.gradle/caches | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: | | |
| ${{ runner.os }}-gradle- | |
| - name: make application.yaml | |
| run: | | |
| cd ./realtime/src/main/resources/ | |
| touch ./application.yaml | |
| echo "${{ secrets.YAML_PROD_REALTIME }}" > ./application.yaml | |
| shell: bash | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x gradlew | |
| - name: Build with Gradle | |
| run: ./gradlew :realtime:build -x test | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Delete existing image with same tag | |
| run: | | |
| if aws ecr list-images \ | |
| --repository-name backgu-repository \ | |
| --region ${{env.AWS_REGION}} \ | |
| --query 'imageIds[?imageTag==`realtime`]' \ | |
| --output text | grep -q 'realtime'; then | |
| aws ecr batch-delete-image \ | |
| --repository-name backgu-repository \ | |
| --image-ids imageTag=realtime \ | |
| --region ap-northeast-2 | |
| echo "Image with tag 'realtime' deleted successfully." | |
| else | |
| echo "Image with tag 'realtime' not found. No action taken." | |
| fi | |
| - name: Build, tag, and push docker image to Amazon ECR | |
| env: | |
| REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| REPOSITORY: backgu-repository | |
| IMAGE_TAG: realtime | |
| run: | | |
| docker build -t $REGISTRY/$REPOSITORY:$IMAGE_TAG -f Dockerfile-realtime . | |
| docker push $REGISTRY/$REPOSITORY:$IMAGE_TAG | |
| - name: Deploy Images with Docker compose | |
| uses: appleboy/[email protected] | |
| env: | |
| APP: "backgu-realtime" | |
| COMPOSE: "/home/ec2-user/compose/docker-compose-realtime.yaml" | |
| with: | |
| host: ${{secrets.EC2_PROD_BASTION}} | |
| username: ec2-user | |
| key: ${{secrets.EC2_PROD_PRIVATE_KEY}} | |
| port: 22 | |
| envs: APP, COMPOSE | |
| script_stop: true | |
| script: | | |
| ssh realtime01 "aws ecr get-login-password --region ${{ env.AWS_REGION }} | docker login --username AWS --password-stdin ${{ secrets.AWS_ECR_REGISTRY }}" | |
| ssh realtime01 docker-compose -f $COMPOSE down | |
| ssh realtime01 docker pull ${{secrets.IMAGE_REALTIME}} | |
| ssh realtime01 docker-compose -p realtime -f $COMPOSE up -d | |