Skip to content

Merge pull request #357 from SWM-NM/feat/#356 #48

Merge pull request #357 from SWM-NM/feat/#356

Merge pull request #357 from SWM-NM/feat/#356 #48

Workflow file for this run

# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle
name: Dev ECR image deploy Pipeline
on:
push:
branches: [ "dev" ]
env:
AWS_REGION: ap-northeast-2
ECR_REPOSITORY: morandi-backend-dev
ECR_REGISTRY: ${{ secrets.ECR_REGISTRY_DEV }}
GITHUB_SHA: ${{ github.sha }}
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
# Gradle 빌드를 추가합니다.
- name: Set up JDK 17
uses: actions/setup-java@v2
with:
distribution: 'adopt'
java-version: '17'
# GitHub Secret에서 application-dev.yml 내용을 불러와 파일로 저장
# 로컬용 Docker image는 MAC에서 주로 사용할 예정이기 때문에 ARM Base image를 사용합니다.
- name: Create application-dev.yml from GitHub Secret
run: |
echo "${{ secrets.APPLICATION_DEV_YML }}" > src/main/resources/application.yml
# 로컬용 ARM Base Image를 사용하는 Dockerfile로 변경
echo '${{ secrets.DOCKERFILE_FOR_DEV }}' > Dockerfile
- name: Build with Gradle
run: ./gradlew clean bootJar -x test
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION }}
mask-aws-account-id: true # AWS 계정 ID를 마스킹하여 보안 강화
- name: Login to Public ECR
run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/s7z8j0e6
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
# 캐시 복원
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Build and Push Docker image
run: |
docker buildx create --use
docker buildx build \
--cache-from=type=local,src=/tmp/.buildx-cache \
--cache-to=type=local,dest=/tmp/.buildx-cache \
--platform linux/arm64 \
-t ${{ env.ECR_REGISTRY }}:latest \
--push .