Merge pull request #237 from SWM-NM/dev #9
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow uses actions that are not certified by GitHub. | |
| # They are provided by a third-party and are governed by | |
| # separate terms of service, privacy policy, and support | |
| # documentation. | |
| # This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time | |
| # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle | |
| name: CICD Pipeline | |
| on: | |
| push: | |
| branches: [ "master" ] | |
| env: | |
| AWS_REGION: ap-northeast-2 | |
| ECR_REPOSITORY: morandi-backend | |
| ECR_REGISTRY: public.ecr.aws/s7z8j0e6/morandi-backend | |
| EC2_HOST: 3.38.102.140 | |
| GITHUB_SHA: ${{ github.sha }} | |
| permissions: | |
| contents: read | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| # Gradle 빌드를 추가합니다. | |
| - name: Set up JDK 11 | |
| uses: actions/setup-java@v2 | |
| with: | |
| distribution: 'adopt' | |
| java-version: '11' | |
| - name: Build with Gradle | |
| run: ./gradlew clean bootJar -x test | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| mask-aws-account-id: true # AWS 계정 ID를 마스킹하여 보안 강화 | |
| - name: Login to Public ECR | |
| run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/s7z8j0e6 | |
| - name: Build Docker Image | |
| run: docker build -t morandi-backend . | |
| - name: Tag Docker Image | |
| run: docker tag morandi-backend:latest public.ecr.aws/s7z8j0e6/morandi-backend:latest | |
| - name: Push Docker Image to ECR | |
| run: docker push public.ecr.aws/s7z8j0e6/morandi-backend:latest | |
| - name: appleboy SSH and Deploy to EC2 | |
| uses: appleboy/ssh-action@master # ssh 접속하는 오픈소스 | |
| with: | |
| host: ${{ env.EC2_HOST }} | |
| debug: true | |
| username: ubuntu | |
| key: ${{ secrets.SSH_SECRET_ACCESS_KEY }} | |
| port: 22 | |
| script: | | |
| export TAG=${{env.GITHUB_SHA}} | |
| cd /home/ubuntu/morandi-backend | |
| docker-compose down | |
| # ECR에서 이미지 가져오기 | |
| # docker pull public.ecr.aws/s7z8j0e6/morandi-backend:latest | |
| # docker pull ${ECR_REPOSITORY}:${TAG} | |
| docker pull ${ECR_REGISTRY}/${ECR_REPOSITORY}:latest | |
| docker-compose up -d |