Skip to content
CD workflow

[release] μˆ˜μ •μ‚¬ν•­ λ°˜μ˜μ„ μœ„ν•΄ λ°°ν¬ν•©λ‹ˆλ‹€. #35

Sign in to view logs

[release] μˆ˜μ •μ‚¬ν•­ λ°˜μ˜μ„ μœ„ν•΄ λ°°ν¬ν•©λ‹ˆλ‹€.

[release] μˆ˜μ •μ‚¬ν•­ λ°˜μ˜μ„ μœ„ν•΄ λ°°ν¬ν•©λ‹ˆλ‹€. #35

Workflow file for this run

.github/workflows/workflow-main.yml at 5a435d8
# Workflow 이름
name: CD workflow
# Event Trigger ν™˜κ²½
on:
pull_request:
branches: [ "main" ] # pushκ°€ main λΈŒλžœμΉ˜μ— μƒμ„±λ˜λ©΄ 트리거
permissions: # μ›Œν¬ν”Œλ‘œμš° κΆŒν•œ
id-token: write
contents: read # 읽기
jobs:
build:
# μ‹€ν–‰ν™˜κ²½ μ„€μ •
runs-on: ubuntu-24.04
# Action을 μ‚¬μš©ν•˜μ—¬ Step을 ꡬ성
steps:
# GitHub repository μ½”λ“œ 체크아웃
- name: Checkout the repository
uses: actions/checkout@v4
# JDK 21 μ„€μΉ˜
- name: Set up JDK 21
uses: actions/setup-java@v4
with:
java-version: '21'
distribution: 'temurin'
# resources 폴더 생성
- name: Create resources folder if not exist
run: |
if [ ! -d "./src/main/resources" ]; then
mkdir -p ./src/main/resources
fi
# application.yml 파일 생성
- name: make application.yml
run: |
touch ./src/main/resources/application.yml
echo "${{ secrets.APPLICATION_YML }}" > ./src/main/resources/application.yml
shell: bash
# cloud 폴더 생성
- name: Create cloud folder if not exist
run: |
if [ ! -d "./src/main/resources/cloud" ]; then
mkdir -p ./src/main/resources/cloud
fi
# application-cloud.yml 파일 생성
- name: make application-cloud.yml
run: |
touch ./src/main/resources/cloud/application-cloud.yml
echo "${{ secrets.APPLICATION_CLOUD_YML }}" > ./src/main/resources/cloud/application-cloud.yml
shell: bash
# openapi 폴더 생성
- name: Create cloud folder if not exist
run: |
if [ ! -d "./src/main/resources/openapi" ]; then
mkdir -p ./src/main/resources/openapi
fi
# application-spotify.yml 파일 생성
- name: make application-spotify.yml
run: |
touch ./src/main/resources/openapi/application-spotify.yml
echo "${{ secrets.APPLICATION_SPOTIFY_YML }}" > ./src/main/resources/openapi/application-spotify.yml
shell: bash
# λΉŒλ“œ 속도 ν–₯상을 μœ„ν•œ Gradle 캐싱
- name: Gradle Caching
uses: actions/cache@v4
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: gradle-${{ runner.os }}-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
restore-keys: |
gradle-${{ runner.os }}-
# λΉŒλ“œλ₯Ό μœ„ν•œ κΆŒν•œ λΆ€μ—¬
- name: Grant execute permission for gradlew
run: chmod +x gradlew # Gradle wrapper에 μ‹€ν–‰ κΆŒν•œ λΆ€μ—¬
# Gradle을 μ‚¬μš©ν•˜μ—¬ λΉŒλ“œ μ‹€ν–‰
- name: Build with Gradle Wrapper
run: ./gradlew clean build -x test
# Docker 둜그인
- name: login docker hub
uses: docker/[email protected]
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
# Docker λΉŒλ“œ 및 ν‘Έμ‹œ
- name: install docker buildx
uses: docker/[email protected]
- name: docker image build & push
run: |
docker build --platform linux/amd64 -t confetiserver/deploy .
docker push confetiserver/deploy
deploy:
needs: build
# μ‹€ν–‰ν™˜κ²½ μ„€μ •
runs-on: ubuntu-24.04
environment: production
# Action을 μ‚¬μš©ν•˜μ—¬ Step을 ꡬ성
steps:
# Github Action ν™˜κ²½μ˜ Public IP κ°€μ Έμ˜€κΈ°
- name: Get Github action IP
id: ip
uses: haythem/[email protected]
# AWS 인증
- name: configure aws credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_NAME }}
aws-region: ${{ secrets.AWS_DEFAULT_REGION }}
# AWS ECR 둜그인
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
with:
mask-password: true
# λ³΄μ•ˆ κ·œμΉ™μ— ssh IP μΆ”κ°€
- name: Add Github Actions IP to Security group
run: |
aws ec2 authorize-security-group-ingress --group-name ${{ secrets.AWS_SG_NAME }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32
# 원격 μ„œλ²„μ— 배포
- name: docker container deploy
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.PRIVATE_KEY }}
port: ${{ secrets.PORT }}
script: |
cd ~
docker login -u "${{ secrets.DOCKER_USERNAME }}" -p "${{ secrets.DOCKER_PASSWORD }}"
./deploy.sh
# λ³΄μ•ˆ κ·œμΉ™μ— ssh IP μ‚­μ œ
- name: Remove Github Actions IP from security group
run: |
aws ec2 revoke-security-group-ingress --group-name ${{ secrets.AWS_SG_NAME }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32