Merge pull request #144 from Team-Umbba/feat/#123-reroll_question #13
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # 워크플로우의 이름 지정 | |
| name: Umbba Notification Server CD (Develop) | |
| # 해당 workflow가 언제 실행될 것인지에 대한 트리거를 지정 | |
| on: | |
| push: | |
| branches: [ "develop" ] | |
| paths: | |
| - umbba-notification/** | |
| - umbba-domain/** | |
| - umbba-common/** | |
| - umbba-external/** | |
| - .github/workflows/** | |
| env: | |
| S3_BUCKET_NAME: umbba-develop-storage | |
| jobs: | |
| build: | |
| name: Code deployment | |
| # 실행 환경 | |
| runs-on: ubuntu-latest | |
| steps: | |
| # 1) 워크플로우 실행 전 기본적으로 체크아웃 필요 | |
| - name: checkout | |
| uses: actions/checkout@v3 | |
| # 2) JDK 11버전 설치, 다른 JDK 버전을 사용하다면 수정 | |
| - name: Set up JDK 11 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '11' | |
| distribution: 'temurin' | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_DEVELOP_ACCESS_KEY }} | |
| aws-secret-access-key: ${{ secrets.AWS_DEVELOP_SECRET_KEY }} | |
| aws-region: ap-northeast-2 | |
| # 3) AWS Secrets Manger 환경변수 사용 | |
| - name: Read secrets from AWS Secrets Manager into environment variables | |
| uses: abhilash1in/[email protected] | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_DEVELOP_ACCESS_KEY }} | |
| aws-secret-access-key: ${{ secrets.AWS_DEVELOP_SECRET_KEY }} | |
| aws-region: ap-northeast-2 | |
| secrets: /secret/umbba-secret | |
| parse-json: false | |
| # 4) FCM secret key 파일 생성 | |
| - name: FCM secret key 파일 생성 | |
| run: | | |
| cd ./umbba-notification/src/main/resources | |
| mkdir ./firebase | |
| cd ./firebase | |
| aws s3 cp --region ap-northeast-2 s3://${{ secrets.S3_DEVELOP_BUCKET_NAME }}/json/umbba-fcm-firebase-adminsdk.json . | |
| shell: bash | |
| # 이 워크플로우는 gradle build | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x gradlew | |
| - name: Build with Gradle # 실제 application build(-x 옵션을 통해 test는 제외) | |
| run: ./gradlew umbba-notification:bootJar -x test | |
| # 디렉토리 생성 | |
| - name: Make Directory | |
| run: mkdir -p deploy | |
| # Jar 파일 복사 | |
| - name: Copy Jar | |
| run: cp ./umbba-notification/build/libs/*.jar ./deploy | |
| # run: cp -r src/main/* ./deploy | |
| # appspec.yml, script files 파일 복사 | |
| - name: Copy files | |
| run: cp ./scripts/umbba-notification-dev/* ./deploy | |
| - name: Make zip file | |
| run: zip -r ./umbba-notification.zip ./deploy | |
| shell: bash | |
| - name: Upload to S3 | |
| run: aws s3 cp --region ap-northeast-2 ./umbba-notification.zip s3://$S3_BUCKET_NAME/ | |
| # Deploy | |
| - name: Deploy | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_DEVELOP_ACCESS_KEY }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_DEVELOP_SECRET_KEY }} | |
| run: | |
| aws deploy create-deployment | |
| --application-name umbba-develop-server-codedeploy | |
| --deployment-group-name umbba-notification-server-codedeploy-group | |
| --file-exists-behavior OVERWRITE | |
| --s3-location bucket=umbba-develop-storage,bundleType=zip,key=umbba-notification.zip | |
| --region ap-northeast-2 |