Merge remote-tracking branch 'origin/develop' into feat/#1

9oormthon-univ · Mar 18, 2024 · 674e84b · 674e84b
2 parents dd3e100 + dc8387a
commit 674e84b
Show file tree

Hide file tree

Showing 4 changed files with 144 additions and 46 deletions.
diff --git a/.github/workflows/CD.yml b/.github/workflows/CD.yml
@@ -4,70 +4,144 @@ on:
   push:
     branches:
       - master
+      - develop
+
+permissions:
+  contents: read
+  actions: read
+  id-token: write
 
 jobs:
-  deploy:
+  deploy_master:
     runs-on: ubuntu-latest
+    name: Deploy to Amazon ECS (master)
+
+    if: github.ref == 'refs/heads/master'
 
     steps:
       - name: Checkout code
         uses: actions/checkout@v3
         with:
           token: ${{ secrets.GIT_TOKEN }}
           submodules: true
-
       - name: Setup Java 17
         uses: actions/setup-java@v3
         with:
           java-version: '17'
           distribution: 'adopt'
-
       - name: Update Git submodules
         run: git submodule update --remote --recursive
-
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: arn:aws:iam::125183404358:role/VacgomGithubActionAssumeRole
+          aws-region: ap-northeast-2
+      - name: Login to Amazon ECR
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v1
+      - name: Invoke Gradle
+        uses: gradle/gradle-build-action@v2
       - name: Grant execute permission for gradlew
         run: chmod +x gradlew
-
-      - name: Build with Gradle
-        run: ./gradlew clean build --debug
-
-      - name: Get current time
-        uses: 1466587594/get-current-time@v2
-        id: current-time
+      - name: Build, tag, and push image to Amazon ECR
+        env:
+          PROFILE: dev
+          IMAGE_REPO_URL: ${{ steps.login-ecr.outputs.registry }}/vacgom
+          IMAGE_TAG: ${{ github.sha }}_master
+        run: ./gradlew jib --parallel
+      - name: Download Task Definition
+        run: |
+          aws ecs describe-task-definition \
+          --task-definition vacgom-taskdef \
+          --query taskDefinition \
+          > task-definition.json
+      - name: Update Task Definition
+        id: task-def
+        uses: aws-actions/amazon-ecs-render-task-definition@v1
+        with:
+          task-definition: task-definition.json
+          container-name: backend
+          image: ${{ steps.login-ecr.outputs.registry }}/vacgom:${{ github.sha }}_master
+      - name: Deploy Amazon ECS task definition
+        uses: aws-actions/amazon-ecs-deploy-task-definition@v1
         with:
-          format: YYYY-MM-DDTHH-mm-ss
-          utcOffset: "+09:00"
+          task-definition: ${{ steps.task-def.outputs.task-definition }}
+          service: vacgom-best-service
+          cluster: vacgom-cluster
+          wait-for-service-stability: true
+      - name: Send Slack notification
+        uses: 8398a7/action-slack@v3
+        with:
+          status: ${{ job.status }}
+          author_name: 백곰
+          fields: repo,message,commit,author,action,eventName,ref,workflow,job,took
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+        if: always()
+
+  deploy_develop:
+    runs-on: ubuntu-latest
+    name: Deploy to Amazon ECS (develop)
 
-      - name: Show Current Time
-        run: echo "CurrentTime=${{steps.current-time.outputs.formattedTime}}"
+    if: github.ref == 'refs/heads/develop'
 
-      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v1
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          token: ${{ secrets.GIT_TOKEN }}
+          submodules: true
+      - name: Setup Java 17
+        uses: actions/setup-java@v3
+        with:
+          java-version: '17'
+          distribution: 'adopt'
+      - name: Update Git submodules
+        run: git submodule update --remote --recursive
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v4
         with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          role-to-assume: arn:aws:iam::125183404358:role/VacgomGithubActionAssumeRole
           aws-region: ap-northeast-2
-
       - name: Login to Amazon ECR
         id: login-ecr
         uses: aws-actions/amazon-ecr-login@v1
-
+      - name: Invoke Gradle
+        uses: gradle/gradle-build-action@v2
+      - name: Grant execute permission for gradlew
+        run: chmod +x gradlew
       - name: Build, tag, and push image to Amazon ECR
+        env:
+          PROFILE: dev
+          IMAGE_REPO_URL: ${{ steps.login-ecr.outputs.registry }}/vacgom
+          IMAGE_TAG: ${{ github.sha }}_dev
+        run: ./gradlew jib --parallel
+      - name: Download Task Definition
         run: |
-          docker build -t vacgom:${{steps.current-time.outputs.formattedTime}} .
-          docker tag vacgom:${{steps.current-time.outputs.formattedTime}} ${{ secrets.ECR_URI }}:${{steps.current-time.outputs.formattedTime}}
-          docker push ${{ secrets.ECR_URI }}:${{steps.current-time.outputs.formattedTime}}
-
-      - name: SSH into EC2 instance
-        uses: appleboy/ssh-action@master
+          aws ecs describe-task-definition \
+          --task-definition vacgom-taskdef-dev \
+          --query taskDefinition \
+          > task-definition.json
+      - name: Update Task Definition
+        id: task-def
+        uses: aws-actions/amazon-ecs-render-task-definition@v1
+        with:
+          task-definition: task-definition.json
+          container-name: backend
+          image: ${{ steps.login-ecr.outputs.registry }}/vacgom:${{ github.sha }}_dev
+      - name: Deploy Amazon ECS task definition
+        uses: aws-actions/amazon-ecs-deploy-task-definition@v1
+        with:
+          task-definition: ${{ steps.task-def.outputs.task-definition }}
+          service: vacgom-service-dev
+          cluster: vacgom-cluster
+          wait-for-service-stability: true
+      - name: Send Slack notification
+        uses: 8398a7/action-slack@v3
         with:
-          host: ${{ secrets.EC2_HOST }}
-          username: ${{ secrets.EC2_USERNAME }}
-          key: ${{ secrets.EC2_PRIVATE_KEY }}
-          port: ${{ secrets.EC2_SSH_PORT }}
-          script: |
-            aws ecr get-login-password | docker login --username AWS --password-stdin ${{ secrets.ECR_URI }}
-            docker pull ${{ secrets.ECR_URI }}:${{ steps.current-time.outputs.formattedTime }}
-            docker ps -f name=vacgom-api -q | xargs --no-run-if-empty docker container stop
-            docker ps -a -f name=vacgom-api -q | xargs --no-run-if-empty docker container rm
-            docker run -d --name vacgom-api -p 80:8080 ${{ secrets.ECR_URI }}:${{ steps.current-time.outputs.formattedTime }}
+          status: ${{ job.status }}
+          author_name: 백곰
+          fields: repo,message,commit,author,action,eventName,ref,workflow,job,took
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+        if: always()
diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml
@@ -25,8 +25,11 @@ jobs:
           java-version: '17'
           distribution: 'adopt'
 
-      - name: Update Git submodules
-        run: git submodule update --remote --recursive
+      - name: Setup Gradle
+        uses: gradle/gradle-build-action@v2
+
+      - name: (Set Up) Grant Execute permission for gradlew
+        run: chmod 777 gradlew
 
       - name: Grant execute permission for gradlew
         run: chmod +x gradlew

diff --git a/CONFIG b/CONFIG
diff --git a/build.gradle.kts b/build.gradle.kts
@@ -1,12 +1,17 @@
 import org.jetbrains.kotlin.gradle.tasks.KotlinCompile
 
+val activeProfile = System.getenv("PROFILE") ?: "dev"
+val imageTag = System.getenv("IMAGE_TAG") ?: "latest"
+val repoURL: String? = System.getenv("IMAGE_REPO_URL")
+
 plugins {
     id("org.springframework.boot") version "3.2.3"
     id("io.spring.dependency-management") version "1.1.4"
-    kotlin("jvm") version "1.9.23"
-    kotlin("plugin.spring") version "1.9.23"
-    kotlin("plugin.jpa") version "1.9.23"
-    kotlin("plugin.allopen") version "1.9.23"
+    id("com.google.cloud.tools.jib") version "3.4.1"
+    kotlin("jvm") version "1.9.22"
+    kotlin("plugin.spring") version "1.9.22"
+    kotlin("plugin.jpa") version "1.9.22"
+    kotlin("plugin.allopen") version "1.9.22"
 }
 
 group = "com.vacgom"
@@ -25,6 +30,7 @@ dependencies {
     implementation("org.springframework.boot:spring-boot-starter-security")
     implementation("org.springframework.boot:spring-boot-starter-web")
     implementation("org.springframework.boot:spring-boot-starter-validation")
+
     implementation("com.fasterxml.jackson.module:jackson-module-kotlin")
     implementation("org.flywaydb:flyway-core")
     implementation("org.flywaydb:flyway-mysql")
@@ -33,6 +39,7 @@ dependencies {
     runtimeOnly("com.mysql:mysql-connector-j")
     testImplementation("org.springframework.boot:spring-boot-starter-test")
     testImplementation("org.springframework.security:spring-security-test")
+
     implementation("io.jsonwebtoken:jjwt-api:0.11.5")
     implementation("io.jsonwebtoken:jjwt-gson:0.11.5")
     runtimeOnly("io.jsonwebtoken:jjwt-impl:0.11.5")
@@ -60,6 +67,20 @@ tasks.register<Copy>("initConfig") {
     into("./src/main/resources")
 }
 
-allOpen {
-    annotation("jakarta.persistence.Entity")
+jib {
+    from {
+        image = "amazoncorretto:17-alpine3.18"
+    }
+    to {
+        image = repoURL
+        tags = setOf(imageTag)
+    }
+    container {
+        jvmFlags = listOf(
+                "-Dspring.profiles.active=${activeProfile}",
+                "-Dserver.port=8080",
+                "-XX:+UseContainerSupport",
+        )
+        ports = listOf("8080")
+    }
 }