Merge pull request #159

Update: #158 개발서버 Subnet 이동
Genti2024 · Sep 11, 2024 · 01d6a65 · 01d6a65
2 parents 14453cc + ff5a197
commit 01d6a65
Show file tree

Hide file tree

Showing 2 changed files with 93 additions and 54 deletions.
diff --git a/.github/workflows/cicd-ec2.yml b/.github/workflows/cicd-ec2.yml
@@ -10,7 +10,9 @@ on:
 env:
   AWS_REGION: ap-northeast-2
   S3_BUCKET_NAME: genti-deploy
+  S3_BUCKET_NAME_STAGING: genti-staging
   CODE_DEPLOY_APPLICATION_NAME: genti
+  CODE_DEPLOY_APPLICATION_NAME_STAGING: genti-dev
 
 permissions:
   contents: read
@@ -105,13 +107,13 @@ jobs:
         run: |
           chmod +x ./gradlew
           ./gradlew clean build -x test
+        
 
-
-      - name: Get Github action IP
-        if: contains(github.ref, 'staging')
-        id: ip
-        uses: haythem/[email protected]
-
+        #      - name: Get Github action IP
+      #        if: contains(github.ref, 'staging')
+      #        id: ip
+      #        uses: haythem/[email protected]
+      #
       - name: Setting environment variables
         run: |
           echo "AWS_DEFAULT_REGION=ap-northeast-2" >> $GITHUB_ENV
@@ -123,14 +125,14 @@ jobs:
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
           aws-region: ap-northeast-2
 
-      - name: Add Github Actions IP to Security group
-        if: contains(github.ref, 'staging')
-        run: |
-          aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32
-        env:
-          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          AWS_DEFAULT_REGION: ap-northeast-2
+        #      - name: Add Github Actions IP to Security group
+      #        if: contains(github.ref, 'staging')
+      #        run: |
+      #          aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32
+      #        env:
+      #          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+      #          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+      #          AWS_DEFAULT_REGION: ap-northeast-2
 
 
       - name: Login to aws ECR
@@ -148,6 +150,15 @@ jobs:
           docker build -f ./Dockerfile_deploy -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
           docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
 
+      - name: Build, tag, and push image to aws ECR
+        if: contains(github.ref, 'staging')
+        env:
+          ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
+          ECR_REPOSITORY: genti-staging
+          IMAGE_TAG: latest
+        run: |
+          docker build -f ./Dockerfile_staging -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
+          docker push $ECR_REGISTRY/$ECR_REPOSITORY:
 
       - name: Upload docker-compose, appspec, afterInstall file to S3
         if: contains(github.ref, 'main')
@@ -169,16 +180,36 @@ jobs:
           # Clean up the temporary directory
           rm -rf temp_dir
 
-      - name: Upload docker compose file to staging server
+      - name: Upload docker-compose, appspec, afterInstall file to S3
         if: contains(github.ref, 'staging')
-        uses: appleboy/scp-action@master
-        with:
-          host: ${{ secrets.HOST_STAGING }}
-          username: ubuntu
-          key: ${{ secrets.EC2_KEY }}
-          port: 22
-          source: "./docker/staging/*"
-          target: "/home/ubuntu/workspace/"
+        run: |
+          # Create a temporary directory for the zip contents
+          mkdir -p temp_dir/scripts
+          cp -r ./scripts/* temp_dir/scripts/
+          cp appspec.yml temp_dir/
+          cp ./docker/staging/docker-compose.yml temp_dir/docker-compose.yml
+          
+          # Navigate to the temporary directory and create the zip file
+          cd temp_dir
+          zip -r ../$GITHUB_SHA.zip ./*
+          
+          # Move back to the initial directory and upload the zip file to S3
+          cd ..
+          aws s3 cp --region ap-northeast-2 ./$GITHUB_SHA.zip s3://$S3_BUCKET_NAME_STAGING
+          
+          # Clean up the temporary directory
+          rm -rf temp_dir
+
+      #      - name: Upload docker compose file to staging server
+      #        if: contains(github.ref, 'staging')
+      #        uses: appleboy/scp-action@master
+      #        with:
+      #          host: ${{ secrets.HOST_STAGING }}
+      #          username: ubuntu
+      #          key: ${{ secrets.EC2_KEY }}
+      #          port: 22
+      #          source: "./docker/staging/*"
+      #          target: "/home/ubuntu/workspace/"
 
       # docker build & push to deploy server
       - name: Deploy to EC2 with CodeDeploy
@@ -189,38 +220,45 @@ jobs:
           --deployment-group-name ${{ secrets.CODE_DEPLOY_DEPLOYMENT_GROUP_NAME }} \
           --s3-location bucket=$S3_BUCKET_NAME,key=$GITHUB_SHA.zip,bundleType=zip
 
-      # docker build & push to staging
-      - name: Docker build & push to staging
+      - name: Staging Deploy to EC2 with CodeDeploy
         if: contains(github.ref, 'staging')
         run: |
-          docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }}
-          docker build -f Dockerfile_staging -t ${{ secrets.DOCKER_USERNAME }}/genti-staging .
-          docker push ${{ secrets.DOCKER_USERNAME }}/genti-staging
+          aws deploy create-deployment \
+          --application-name ${{ env.CODE_DEPLOY_APPLICATION_NAME_STAGING }} \
+          --deployment-group-name genti-tg-staging \
+          --s3-location bucket=$S3_BUCKET_NAME,key=$GITHUB_SHA.zip,bundleType=zip
+      # docker build & push to staging
+      #      - name: Docker build & push to staging
+      #        if: contains(github.ref, 'staging')
+      #        run: |
+      #          docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }}
+      #          docker build -f Dockerfile_staging -t ${{ secrets.DOCKER_USERNAME }}/genti-staging .
+      #          docker push ${{ secrets.DOCKER_USERNAME }}/genti-staging
 
       ## deploy to staging server
-      - name: Deploy to staging server
-        uses: appleboy/ssh-action@master
-        id: deploy-staging
-        if: contains(github.ref, 'staging')
-        with:
-          host: ${{ secrets.HOST_STAGING }} # EC2 퍼블릭 IPv4 DNS
-          username: ubuntu
-          password: ${{ secrets.PASSWORD }}
-          port: 22
-          key: ${{ secrets.EC2_KEY }}
-          script: |
-            sudo docker ps
-            cd /home/ubuntu/workspace/docker/staging
-            docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }}
-            sudo docker pull ${{ secrets.DOCKER_USERNAME }}/genti-staging
-            sudo docker-compose up -d
-            sudo docker image prune -f
-
-      - name: delete github actions ip from aws security group
-        if: contains(github.ref, 'staging')
-        run: |
-          aws ec2 revoke-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32
-        env:
-          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          AWS_DEFAULT_REGION: ap-northeast-2
+      #      - name: Deploy to staging server
+      #        uses: appleboy/ssh-action@master
+      #        id: deploy-staging
+      #        if: contains(github.ref, 'staging')
+      #        with:
+      #          host: ${{ secrets.HOST_STAGING }} # EC2 퍼블릭 IPv4 DNS
+      #          username: ubuntu
+      #          password: ${{ secrets.PASSWORD }}
+      #          port: 22
+      #          key: ${{ secrets.EC2_KEY }}
+      #          script: |
+      #            sudo docker ps
+      #            cd /home/ubuntu/workspace/docker/staging
+      #            docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }}
+      #            sudo docker pull ${{ secrets.DOCKER_USERNAME }}/genti-staging
+      #            sudo docker-compose up -d
+      #            sudo docker image prune -f
+
+#      - name: delete github actions ip from aws security group
+#        if: contains(github.ref, 'staging')
+#        run: |
+#          aws ec2 revoke-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32
+#        env:
+#          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+#          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+#          AWS_DEFAULT_REGION: ap-northeast-2
diff --git a/.gitignore b/.gitignore
@@ -66,3 +66,4 @@ firebase-genti.json
 
 AuthKey_ZRZMQQX883.p8
 /genti-api/src/main/resources/static/swagger.json
+update-github-secret.sh