Skip to content

Merge pull request #132 from HongYeseul/docs/readme #38

Merge pull request #132 from HongYeseul/docs/readme

Merge pull request #132 from HongYeseul/docs/readme #38

name: Build Gradle And Deploy to K8S
on:
push:
branches: [ "release" ]
jobs:
jar-build:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v4
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'temurin'
- name: Setup Gradle
uses: gradle/actions/setup-gradle@417ae3ccd767c252f5661f1ace9f835f9654f2b5
- name: Build with Gradle Wrapper
run: ./gradlew build --daemon --parallel
- name: Upload Jar
uses: actions/upload-artifact@v3
with:
name: grassdiary-jar
path: build/libs/grassdiary-0.0.1-SNAPSHOT.jar
docker-build:
needs: jar-build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Download Jar
uses: actions/download-artifact@v3
with:
name: grassdiary-jar
path: build/libs
- name: Login to Docker Hub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_PASSWORD }}
- name: Docker build and push
run: |
docker buildx create --use
docker buildx build --platform linux/arm64,linux/amd64 -t yeseulhong/grass-diary:${{ github.sha }} --push .
echo "::set-output name=image_tag::${{ github.sha }}"
update-secrets:
needs: docker-build
runs-on: ubuntu-latest
steps:
- name: Setup SSH key
run: |
echo "${{ secrets.K8S_PRIVATE_KEY }}" > private_key.pem
chmod 600 private_key.pem
- name: Update Kubernetes Secrets
run: |
ssh -i private_key.pem -o StrictHostKeyChecking=no ${{ secrets.K8S_USER }}@${{ secrets.K8S_HOST }} "
kubectl create secret generic google-secrets --from-literal=GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID }} --from-literal=GOOGLE_CLIENT_SECRET=${{ secrets.GOOGLE_CLIENT_SECRET }} --dry-run=client -o yaml | kubectl apply -f -
kubectl create secret generic jwt-secrets --from-literal=JWT_ACCESS_SECRET_KEY=${{ secrets.JWT_ACCESS_SECRET_KEY }} --from-literal=JWT_REFRESH_SECRET_KEY=${{ secrets.JWT_REFRESH_SECRET_KEY }} --dry-run=client -o yaml | kubectl apply -f -
kubectl create secret generic db-secrets --from-literal=DB_SERVER_URL=${{ secrets.DB_SERVER_URL }} --from-literal=DB_USER_ID=${{ secrets.DB_USER_ID }} --from-literal=DB_USER_PW=${{ secrets.DB_USER_PW }} --dry-run=client -o yaml | kubectl apply -f -
kubectl create secret generic s3-secrets --from-literal=S3_ACCESS_PUBLIC_KEY=${{ secrets.S3_ACCESS_PUBLIC_KEY }} --from-literal=S3_ACCESS_SECRET_KEY=${{ secrets.S3_ACCESS_SECRET_KEY }} --from-literal=S3_BUCKET_NAME=${{ secrets.S3_BUCKET_NAME }} --dry-run=client -o yaml | kubectl apply -f -
"
deployK8S:
needs: update-secrets
runs-on: ubuntu-latest
env:
K8S_USER: ${{ secrets.K8S_USER }}
K8S_PRIVATE_KEY: ${{ secrets.K8S_PRIVATE_KEY }}
K8S_HOST: ${{ secrets.K8S_HOST }}
steps:
- uses: actions/checkout@v2
- name: Setup SSH key
run: |
echo "${K8S_PRIVATE_KEY}" > private_key.pem
chmod 600 private_key.pem
- name: Copy Kubernetes Manifests
run: |
sed -i 's/\${IMAGE_TAG}/'"${{ github.sha }}"'/g' k8s/deployment.yaml
scp -i private_key.pem -o StrictHostKeyChecking=no k8s/deployment.yaml k8s/service.yaml k8s/ingress.yaml ${K8S_USER}@${K8S_HOST}:~/
- name: Deploy to K8s
run: |
ssh -i private_key.pem -o StrictHostKeyChecking=no ${K8S_USER}@${K8S_HOST} "
kubectl apply -f ~/deployment.yaml
kubectl apply -f ~/service.yaml
kubectl apply -f ~/ingress.yaml
"