.github/workflows/jisungin_dev.yml

name: jisungin_dev

on:
  push:
    branches: [ "develop" ]
  pull_request:
    branches: [ "develop" ]

jobs:
  develop:
    # 실행 환경
    runs-on: ubuntu-22.04
    steps:
      - name: Checkout
        uses: actions/checkout@v3

      # JDK 17
      - name: Set up JDK 17
        uses: actions/setup-java@v3
        with:
          java-version: '17'
          distribution: 'temurin'

      # Gradle Caching
      - name: Gradle Caching
        uses: actions/cache@v3
        with:
          path: |
            ~/.gradle/caches
            ~/.gradle/wrapper
          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
          restore-keys: |
            ${{ runner.os }}-gradle-

      # application-dev.yml
      - name: Copy dev Secret
        env:
          DEV_SECRET: ${{ secrets.APPLICATION_DEV_YML }}
          DEV_SECRET_DIR: src/main/resources
          DEV_SECRET_DIR_FILE_NAME: application-dev.yml
        run: echo $DEV_SECRET | base64 --decode >> $DEV_SECRET_DIR/$DEV_SECRET_DIR_FILE_NAME

      # application-oauth.yml
      - name: Copy oauth Secret
        env:
          DEV_SECRET: ${{ secrets.APPLICATION_OAUTH_YML }}
          DEV_SECRET_DIR: src/main/resources
          DEV_SECRET_DIR_FILE_NAME: application-oauth.yml
        run: echo $DEV_SECRET | base64 --decode >> $DEV_SECRET_DIR/$DEV_SECRET_DIR_FILE_NAME

      # application-crawler.yml
      - name: Copy crawler Secret
        env:
          DEV_SECRET: ${{ secrets.APPLICATION_CRAWLER_YML }}
          DEV_SECRET_DIR: src/main/resources
          DEV_SECRET_DIR_FILE_NAME: application-crawler.yml
        run: echo $DEV_SECRET | base64 --decode >> $DEV_SECRET_DIR/$DEV_SECRET_DIR_FILE_NAME

        # application-s3.yml
      - name: Copy s3 Secret
        env:
          DEV_SECRET: ${{ secrets.APPLICATION_S3_YML }}
          DEV_SECRET_DIR: src/main/resources
          DEV_SECRET_DIR_FILE_NAME: application-s3.yml
        run: echo $DEV_SECRET | base64 --decode >> $DEV_SECRET_DIR/$DEV_SECRET_DIR_FILE_NAME

      # application-jwt.yml
      # - name: Copy jwt Secret
      #   env:
      #     DEV_SECRET: ${{ secrets.APPLICATION_JWT_YML }}
      #     DEV_SECRET_DIR: src/main/resources
      #     DEV_SECRET_DIR_FILE_NAME: application-jwt.yml
      #   run: echo $DEV_SECRET | base64 --decode >> $DEV_SECRET_DIR/$DEV_SECRET_DIR_FILE_NAME

      # ./gradlew 권한 설정
      - name: ./gradlew 권한 설정
        run: chmod +x ./gradlew

      # Gradle Build
      - name: Build with Gradle
        run: |
          ./gradlew clean
          ./gradlew compileJava
          ./gradlew build

      # Docker Build하고 DockerHub에 Push
      - name: Docker Build & Push to DockerHub
        run: |
          docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }}
          docker build -t ${{ secrets.DOCKER_USERNAME }}/${{ secrets.DOCKER_REPO }}:latest .
          docker push ${{ secrets.DOCKER_USERNAME }}/${{ secrets.DOCKER_REPO }}:latest

      # GitHub IP를 요청
      - name: Get GitHub IP
        id: ip
        uses: haythem/public-ip@v1.2

      # AWS 세팅
      - name: AWS Setting
        uses: aws-actions/configure-aws-credentials@v1
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }}
          aws-region: ap-northeast-2

      # GitHub IP를 AWS에 추가
      - name: Add GitHub IP to AWS
        run: |
          aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32

      # docker-compose.yml 파일 EC2로 복사
      - name: Copy docker-compose.yml to EC2
        uses: appleboy/scp-action@master
        with:
          host: ${{ secrets.EC2_HOST }}
          username: ${{ secrets.EC2_USERNAME }}
          key: ${{ secrets.KEY }}
          port: 22
          source: "./docker-compose.yml"
          target: "./jisungin"

      # SSH Key로 서버에 접속하고 docker-compose image를 pull 받고 실행하기
      - name: Access Server with SSH Key, pull and execute docker-compose image
        uses: appleboy/ssh-action@v0.1.6
        env:
          REDIS_PASSWORD: ${{ secrets.REDIS_PASSWORD }}
        with:
          host: ${{ secrets.EC2_HOST }}
          username: ${{ secrets.EC2_USERNAME }}
          key: ${{ secrets.KEY }}
          port: 22
          script: |
            cd jisungin
            echo "REDIS_PASSWORD=${{ secrets.REDIS_PASSWORD }}" > .env
            sudo docker-compose down
            sudo docker-compose pull
            sudo docker-compose up -d
            sudo docker image prune -f

      # Security Group에서 Github IP를 삭제
      - name: Remove Github IP From Security Group
        run: |
          aws ec2 revoke-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32