-
Notifications
You must be signed in to change notification settings - Fork 3
135 lines (114 loc) · 4.63 KB
/
docker-image.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
name: Docker Image CICD
# main 브랜치에 push, PR 이벤트 발생시 동작.
on:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
env:
AWS_REGION: ap-northeast-2
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
# (0) JDK 17 세팅
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
distribution: 'corretto'
java-version: '17'
# (1) application.properties, application-dev.properties 파일 생성
- uses: actions/checkout@v3
- run: mkdir ./src/main/resources
- run: touch ./src/main/resources/application.properties
- run: touch ./src/main/resources/application-dev.properties
- run: echo "${{ secrets.APPLICATION }}" > ./src/main/resources/application.properties
- run: echo "${{ secrets.APPLICTION_DEV}}" > ./src/main/resources/application-dev.properties
- run: cat ./src/main/resources/application.properties
- run: cat ./src/main/resources/application-dev.properties
# (2) Grant execute permission for gradlew
- name: Grant execute permission for gradlew
run: chmod +x ./gradlew
# (3) gradle 캐싱
- name: Gradle Caching
uses: actions/cache@v3
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
restore-keys: |
${{ runner.os }}-gradle-
# (4) Spring Boot 어플리케이션 Build
- name: Build with Gradle
run: ./gradlew build -x test
# (5) Docker 이미지 Build
- name: docker image build
run: docker build -t ${{ secrets.DOCKERHUB_USERNAME }}/pure-basket .
# (6) DockerHub Login
- name: docker login
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
# (7) Docker Hub push
- name: docker Hub push
run: docker push ${{ secrets.DOCKERHUB_USERNAME }}/pure-basket
# (8) GET GitHub IP
- name: get GitHub IP
id: ip
uses: haythem/[email protected]
# (9) Configure AWS Credentials - AWS 접근 권한 취득(IAM)
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION }}
# (10) Add GitHub ip to AWS
- name: Add GitHub IP to AWS
run: |
aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port ${{ secrets.EC2_SSH_PORT }} --cidr ${{ steps.ip.outputs.ipv4 }}/32
# (11) AWS EC2 Server Connect & Docker 명령어 실행
- name: AWS EC2 Connection
uses: appleboy/[email protected]
with:
host: ${{ secrets.EC2_HOST }}
username: ${{ secrets.EC2_USERNAME }}
key: ${{ secrets.SSH_PRIVATE_KEY }}
port: ${{ secrets.EC2_SSH_PORT }}
timeout: 60s
script: |
sudo docker pull ${{ secrets.DOCKERHUB_USERNAME }}/pure-basket
# sudo docker stop pure-basket-container
# sudo docker rm pure-basket-container
sudo docker-compose -f down
sudo docker-compose up -d
# sudo docker run --name pure-basket-container -it -d -p 8080:8080 ${{ secrets.DOCKERHUB_USERNAME }}/pure-basket
sudo docker system prune -f
# (12) REMOVE Github IP FROM security group
- name: Remove IP FROM security group
run: |
aws ec2 revoke-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port ${{ secrets.EC2_SSH_PORT }} --cidr ${{ steps.ip.outputs.ipv4 }}/32
# time
- name: Get Current Time
uses: 1466587594/get-current-time@v2
id: current-time
with:
format: YYYY-MM-DDTHH:mm:ss
utcOffset: "+09:00" # 기준이 UTC이기 때문에 한국시간인 KST를 맞추기 위해 +9시간 추가
- name: Print Current Time
run: echo "Current Time=${{steps.current-time.outputs.formattedTime}}" # current-time 에서 지정한 포맷대로 현재 시간 출력
shell: bash
# slack
# - name: Slack Alarm
# uses: 8398a7/action-slack@v3
# with:
# status: ${{ job.status }}
# author_name: GitHub-Actions CI/CD # default: 8398a7@action-slack
# fields: repo,message,commit,author,action,eventName,workflow,ref,job,took
# env:
# SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} # required
# if: always() # Pick up events even if the job fails or is canceled.