Create README.md #10
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Docker Image CICD | |
| # main 브랜치에 push, PR 이벤트 발생시 동작. | |
| on: | |
| push: | |
| branches: [ "main" ] | |
| pull_request: | |
| branches: [ "main" ] | |
| env: | |
| AWS_REGION: ap-northeast-2 | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| # (0) JDK 17 세팅 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'corretto' | |
| java-version: '17' | |
| # (1) application.properties, application-dev.properties 파일 생성 | |
| - uses: actions/checkout@v3 | |
| - run: mkdir ./src/main/resources | |
| - run: touch ./src/main/resources/application.properties | |
| - run: touch ./src/main/resources/application-dev.properties | |
| - run: echo "${{ secrets.APPLICATION }}" > ./src/main/resources/application.properties | |
| - run: echo "${{ secrets.APPLICTION_DEV}}" > ./src/main/resources/application-dev.properties | |
| - run: cat ./src/main/resources/application.properties | |
| - run: cat ./src/main/resources/application-dev.properties | |
| # (2) Grant execute permission for gradlew | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x ./gradlew | |
| # (3) gradle 캐싱 | |
| - name: Gradle Caching | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.gradle/caches | |
| ~/.gradle/wrapper | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: | | |
| ${{ runner.os }}-gradle- | |
| # (4) Spring Boot 어플리케이션 Build | |
| - name: Build with Gradle | |
| run: ./gradlew build -x test | |
| # (5) Docker 이미지 Build | |
| - name: docker image build | |
| run: docker build -t ${{ secrets.DOCKERHUB_USERNAME }}/pure-basket . | |
| # (6) DockerHub Login | |
| - name: docker login | |
| uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| # (7) Docker Hub push | |
| - name: docker Hub push | |
| run: docker push ${{ secrets.DOCKERHUB_USERNAME }}/pure-basket | |
| # (8) GET GitHub IP | |
| - name: get GitHub IP | |
| id: ip | |
| uses: haythem/[email protected] | |
| # (9) Configure AWS Credentials - AWS 접근 권한 취득(IAM) | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| # (10) Add GitHub ip to AWS | |
| - name: Add GitHub IP to AWS | |
| run: | | |
| aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port ${{ secrets.EC2_SSH_PORT }} --cidr ${{ steps.ip.outputs.ipv4 }}/32 | |
| # (11) AWS EC2 Server Connect & Docker 명령어 실행 | |
| - name: AWS EC2 Connection | |
| uses: appleboy/[email protected] | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USERNAME }} | |
| key: ${{ secrets.SSH_PRIVATE_KEY }} | |
| port: ${{ secrets.EC2_SSH_PORT }} | |
| timeout: 60s | |
| script: | | |
| sudo docker pull ${{ secrets.DOCKERHUB_USERNAME }}/pure-basket | |
| # sudo docker stop pure-basket-container | |
| # sudo docker rm pure-basket-container | |
| sudo docker-compose -f down | |
| sudo docker-compose up -d | |
| # sudo docker run --name pure-basket-container -it -d -p 8080:8080 ${{ secrets.DOCKERHUB_USERNAME }}/pure-basket | |
| sudo docker system prune -f | |
| # (12) REMOVE Github IP FROM security group | |
| - name: Remove IP FROM security group | |
| run: | | |
| aws ec2 revoke-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port ${{ secrets.EC2_SSH_PORT }} --cidr ${{ steps.ip.outputs.ipv4 }}/32 | |
| # time | |
| - name: Get Current Time | |
| uses: 1466587594/get-current-time@v2 | |
| id: current-time | |
| with: | |
| format: YYYY-MM-DDTHH:mm:ss | |
| utcOffset: "+09:00" # 기준이 UTC이기 때문에 한국시간인 KST를 맞추기 위해 +9시간 추가 | |
| - name: Print Current Time | |
| run: echo "Current Time=${{steps.current-time.outputs.formattedTime}}" # current-time 에서 지정한 포맷대로 현재 시간 출력 | |
| shell: bash | |
| # slack | |
| # - name: Slack Alarm | |
| # uses: 8398a7/action-slack@v3 | |
| # with: | |
| # status: ${{ job.status }} | |
| # author_name: GitHub-Actions CI/CD # default: 8398a7@action-slack | |
| # fields: repo,message,commit,author,action,eventName,workflow,ref,job,took | |
| # env: | |
| # SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} # required | |
| # if: always() # Pick up events even if the job fails or is canceled. |