Update docker-gradle-poc.yml #19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow uses actions that are not certified by GitHub. | |
| # They are provided by a third-party and are governed by | |
| # separate terms of service, privacy policy, and support | |
| # documentation. | |
| # This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time | |
| # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle | |
| name: docker hero-alignlab-api CI/CD | |
| on: | |
| push: | |
| branches: [ "main" ] | |
| pull_request: | |
| branches: [ main ] | |
| # 해당 스크립트에서 사용될 환경 변수 | |
| env: | |
| ACTIVE_PROFILE: "prod" | |
| AWS_REGION: ap-northeast-2 | |
| PROJECT_NAME: hero-alignlab-api | |
| S3_BUCKET_NAME: alignlab | |
| CODE_DEPLOY_APP_NAME: hero-alignlab-api | |
| CODE_DEPLOY_DEPLOYMENT_GROUP_NAME: hero-align-lab-deploy | |
| permissions: | |
| contents: read | |
| jobs: | |
| build: | |
| # Github의 워크플로에서 실행될 OS 선택 | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| # JDK 17, Corretto 17 | |
| - name: Set up Corretto JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| # Secret Setup - application.yml | |
| - name: Inject env-values to application.yml | |
| uses: microsoft/variable-substitution@v1 | |
| with: | |
| files: ./src/main/resources/config/application.yml | |
| env: | |
| # Aws Credentials 환경 변수 주입 | |
| cloud.aws.credentials.access-key: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| cloud.aws.credentials.secret-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| # Jwt Secret Key 환경 변수 주입 | |
| auth.jwt.secret: ${{ secrets.AUTH_JWT_SECRET }} | |
| # Encrypt 환경 변수 주입 | |
| encrypt.key: ${{ secrets.ENCRYPT_KEY }} | |
| encrypt.algorithm: ${{ secrets.ENCRYPT_ALGORITHM }} | |
| # dev resource 환경 변수 주입 | |
| hero-alignlab.dev.resource.key: ${{ secrets.HERO_ALIGNLAB_DEV_RESOURCE_KEY }} | |
| # OAuth-Kakao 환경 변수 주입 | |
| oauth.kakao.rest-api-key: ${{ secrets.OAUTH_KAKAO_REST_API_KEY }} | |
| oauth.kakao.client-secret-code: ${{ secrets.OAUTH_KAKAO_CLIENT_SECRET_CODE }} | |
| oauth.kakao.admin-key: ${{ secrets.OAUTH_KAKAO_ADMIN_KEY }} | |
| # Secret Setup - application-prod.yml | |
| - name: Inject env-values to application-prod.yml | |
| uses: microsoft/variable-substitution@v1 | |
| with: | |
| files: ./src/main/resources/config/application-prod.yml | |
| env: | |
| # Database 환경 변수 주입 | |
| hero.master.datasource.url: ${{ secrets.HERO_MASTER_DATASOURCE_URL }} | |
| hero.master.datasource.username: ${{ secrets.HERO_MASTER_DATASOURCE_USERNAME }} | |
| hero.master.datasource.password: ${{ secrets.HERO_MASTER_DATASOURCE_PASSWORD }} | |
| # gradlew 파일 실행권한 설정 | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x ./gradlew | |
| shell: bash | |
| # Gradle build (Test 제외) | |
| - name: Build with Gradle | |
| run: ./gradlew clean --stacktrace --info build | |
| shell: bash | |
| - name: Make image tag | |
| run: echo "IMAGE_TAG=$ACTIVE_PROFILE-${GITHUB_SHA::7}" >> $GITHUB_ENV # activeProfile-커밋 hash 값 | |
| # DockerHub 로그인 | |
| - name: docker login | |
| uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_TOKEN }} | |
| # Docker 이미지 빌드 | |
| - name: docker image build | |
| run: docker build -t ${{ secrets.DOCKER_USERNAME }}/hero-alignlab-api:${{env.IMAGE_TAG}} . | |
| # Docker Hub 이미지 푸시 | |
| - name: docker Hub push | |
| run: docker push ${{ secrets.DOCKER_USERNAME }}/hero-alignlab-api:${{env.IMAGE_TAG}} | |
| # Deploy Hero Service | |
| - name: Deploy and Start Spring Boot Application | |
| uses: appleboy/ssh-action@master | |
| with: | |
| host: ${{ secrets.HOST_PROD }} | |
| username: ubuntu | |
| key: ${{ secrets.PRIVATE_KEY }} | |
| script: | | |
| sudo echo "IMAGE_TAG=${{ env.IMAGE_TAG }}" >> .env | |
| echo "${{ secrets.DOCKER_TOKEN }}" | sudo docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin | |
| sudo docker ps | |
| sudo docker pull ${{ secrets.DOCKER_USERNAME }}/hero-alignlab-api:${{env.IMAGE_TAG}} | |
| sudo docker stop server || true | |
| sudo docker rm server || true # 중복된 이름 문제 해결 | |
| sudo docker run -d -p 8080:8080 --name server ${{ secrets.DOCKER_USERNAME }}/hero-alignlab-api:${{env.IMAGE_TAG}} | |
| sudo docker image prune -f |