Skip to content

Fix: staging 환경 property github secret에 추가 후 반영 #133

Fix: staging 환경 property github secret에 추가 후 반영

Fix: staging 환경 property github secret에 추가 후 반영 #133

Workflow file for this run

# github repository actions 페이지에 나타날 이름
name: CI/CD using github actions & docker
# event trigger
# main이나 staging 브랜치에 push가 되었을 때 실행
on:
push:
branches: [ "main", "staging" ]
env:
AWS_REGION: ap-northeast-2
S3_BUCKET_NAME: genti-deploy
CODE_DEPLOY_APPLICATION_NAME: genti
CODE_DEPLOY_DEPLOYMENT_GROUP_NAME: genti-deploy-group
permissions:
contents: read
jobs:
CI-CD:
runs-on: ubuntu-22.04
steps:
# JDK setting - github actions에서 사용할 JDK 설정 (프로젝트나 AWS의 java 버전과 달라도 무방)
- uses: actions/checkout@v3
- name: Set up JDK 21
uses: actions/setup-java@v3
with:
java-version: '21'
distribution: 'temurin'
# gradle caching - 빌드 시간 향상
- name: Gradle Caching
uses: actions/cache@v3
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
restore-keys: |
${{ runner.os }}-gradle-
# 공통 yml 파일 생성 - secret
- name: make application-secret.yml
if: contains(github.ref, 'staging') || contains(github.ref, 'main')
run: |
cd ./genti-api/src/main/resources
touch ./application-secret.yml
echo "${{ secrets.APPLICATION_SECRET }}" > ./application-secret.yml
shell: bash
# 환경별 yml 파일 생성(3) - deploy
- name: make application-deploy.yml
if: contains(github.ref, 'main')
run: |
cd ./genti-api/src/main/resources
touch ./application-deploy.yml
echo "${{ secrets.APPLICATION_DEPLOY }}" > ./application-deploy.yml
shell: bash
# 환경별 yml 파일 생성(3) - staging
- name: make application-staging.yml
if: contains(github.ref, 'staging')
run: |
cd ./genti-api/src/main/resources
touch ./application-staging.yml
echo "${{ secrets.APPLICATION_STAGING }}" > ./application-staging.yml
shell: bash
# gradle build
- name: Setup Gradle Wrapper
uses: gradle/actions/setup-gradle@417ae3ccd767c252f5661f1ace9f835f9654f2b5 # v3.1.0
- name: Build with Gradle Wrapper
run: |
chmod +x ./gradlew
./gradlew clean build -x test
- name: Get Github action IP
id: ip
uses: haythem/[email protected]
- name: Setting environment variables
run: |
echo "AWS_DEFAULT_REGION=ap-northeast-2" >> $GITHUB_ENV
echo "AWS_SG_NAME=github-actions" >> $GITHUB_ENV
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ap-northeast-2
- name: Add Github Actions IP to Security group
run: |
aws ec2 authorize-security-group-ingress --group-name ${{ env.AWS_SG_NAME }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: ap-northeast-2
- name: Upload docker compose file to deploy server
if: contains(github.ref, 'main')
uses: appleboy/scp-action@master
with:
host: ${{ secrets.HOST_DEPLOY }}
username: ubuntu
key: ${{ secrets.EC2_KEY }}
port: 22
source: "./docker/deploy/*"
target: "/home/ubuntu/workspace/"
- name: Upload docker compose file to staging server
if: contains(github.ref, 'staging')
uses: appleboy/scp-action@master
with:
host: ${{ secrets.HOST_STAGING }}
username: ubuntu
key: ${{ secrets.EC2_KEY }}
port: 22
source: "./docker/staging/*"
target: "/home/ubuntu/workspace/"
# docker build & push to deploy server
- name: Docker build & push to deploy
if: contains(github.ref, 'main')
run: |
docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }}
docker build -f Dockerfile_deploy -t ${{ secrets.DOCKER_USERNAME }}/genti-deploy .
docker push ${{ secrets.DOCKER_USERNAME }}/genti-deploy
# docker build & push to staging
- name: Docker build & push to staging
if: contains(github.ref, 'staging')
run: |
docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }}
docker build -f Dockerfile_staging -t ${{ secrets.DOCKER_USERNAME }}/genti-staging .
docker push ${{ secrets.DOCKER_USERNAME }}/genti-staging
## deploy to deploy server
- name: Deploy to deploy server
uses: appleboy/ssh-action@master
id: deploy-deploy
if: contains(github.ref, 'main')
with:
host: ${{ secrets.HOST_DEPLOY }} # EC2 퍼블릭 IPv4 DNS
username: ubuntu
key: ${{ secrets.EC2_KEY }}
envs: GITHUB_SHA
script: |
sudo docker ps
cd /home/ubuntu/workspace/docker/deploy
docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }}
sudo docker pull ${{ secrets.DOCKER_USERNAME }}/genti-deploy
sudo docker compose up -d
sudo docker image prune -f
## deploy to staging server
- name: Deploy to staging server
uses: appleboy/ssh-action@master
id: deploy-staging
if: contains(github.ref, 'staging')
with:
host: ${{ secrets.HOST_STAGING }} # EC2 퍼블릭 IPv4 DNS
username: ubuntu
password: ${{ secrets.PASSWORD }}
port: 22
key: ${{ secrets.EC2_KEY }}
script: |
sudo docker ps
cd /home/ubuntu/workspace/docker/staging
docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }}
sudo docker pull ${{ secrets.DOCKER_USERNAME }}/genti-staging
sudo docker compose up -d
sudo docker image prune -f
- name: delete github actions ip from aws security group
run: |
aws ec2 revoke-security-group-ingress --group-name ${{ env.AWS_SG_NAME }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: ap-northeast-2