Dev ECR image deploy Pipeline #63
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow uses actions that are not certified by GitHub. | |
| # They are provided by a third-party and are governed by | |
| # separate terms of service, privacy policy, and support | |
| # documentation. | |
| # This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time | |
| # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle | |
| name: Dev ECR image deploy Pipeline | |
| on: | |
| push: | |
| branches: [ "dev" ] | |
| env: | |
| AWS_REGION: ap-northeast-2 | |
| ECR_REPOSITORY: morandi-backend-dev | |
| ECR_REGISTRY: ${{ secrets.ECR_REGISTRY_DEV }} | |
| GITHUB_SHA: ${{ github.sha }} | |
| permissions: | |
| contents: read | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| # Gradle 빌드를 추가합니다. | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v2 | |
| with: | |
| distribution: 'adopt' | |
| java-version: '17' | |
| # GitHub Secret에서 application-dev.yml 내용을 불러와 파일로 저장 | |
| # 로컬용 Docker image는 MAC에서 주로 사용할 예정이기 때문에 ARM Base image를 사용합니다. | |
| - name: Create application-dev.yml from GitHub Secret | |
| run: | | |
| echo "${{ secrets.APPLICATION_DEV_YML }}" > src/main/resources/application.yml | |
| # 로컬용 ARM Base Image를 사용하는 Dockerfile로 변경 | |
| echo '${{ secrets.DOCKERFILE_FOR_DEV }}' > Dockerfile | |
| - name: Build with Gradle | |
| run: ./gradlew clean bootJar -x test | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| mask-aws-account-id: true # AWS 계정 ID를 마스킹하여 보안 강화 | |
| - name: Login to Public ECR | |
| run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/s7z8j0e6 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v2 | |
| # 캐시 복원 | |
| - name: Cache Docker layers | |
| uses: actions/cache@v2 | |
| with: | |
| path: /tmp/.buildx-cache | |
| key: ${{ runner.os }}-buildx-${{ github.sha }} | |
| restore-keys: | | |
| ${{ runner.os }}-buildx- | |
| - name: Build and Push Docker image | |
| run: | | |
| docker buildx create --use | |
| docker buildx build \ | |
| --cache-from=type=local,src=/tmp/.buildx-cache \ | |
| --cache-to=type=local,dest=/tmp/.buildx-cache \ | |
| --platform linux/arm64 \ | |
| -t ${{ env.ECR_REGISTRY }}:latest \ | |
| --push . |