#152 - Setup CI/CD 1️⃣1️⃣ 🫸🌀✏️📗 🐧🐳 #10
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy Spring Boot App | |
on: | |
push: | |
branches: | |
- master | |
env: | |
ENV_GITHUB: ${{ vars.ENV_GITHUB }} | |
IMAGE_TAG: ${{ github.run_number }} | |
CONTAINER_NAME: hikaricp | |
REGISTRY: docker.io | |
IMAGE_NAME: ${{ github.actor }}/hikaricp:latest | |
jobs: | |
project-build: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up JDK 21 | |
uses: actions/setup-java@v4 | |
with: | |
java-version: '21' | |
distribution: 'corretto' | |
- name: Set up the Maven dependencies caching | |
uses: actions/cache@v4 | |
with: | |
path: ~/.m2 | |
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} | |
restore-keys: ${{ runner.os }}-m2 | |
- name: Install Maven dependencies | |
run: mvn clean install | |
- name: Run tests | |
run: mvn clean --batch-mode --update-snapshots verify | |
push-to-ecr: | |
runs-on: ubuntu-latest | |
needs: project-build | |
env: | |
IMAGE_TAG: ${{ github.run_number }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
# - run: docker build --tag hikaricp:$IMAGE_TAG . | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Log into the Docker Hub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Scrape build info | |
run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV | |
# - name: Build and push | |
# uses: docker/build-push-action@v5 | |
# with: | |
# context: . | |
# file: Dockerfile | |
# push: true | |
# labels: ${{ steps.meta.outputs.labels }} | |
## tags: ${{secrets.AWS_ECR_REPO}}:${{ github.run_number }} | |
# tags: 267023985114.dkr.ecr.ap-southeast-1.amazonaws.com/hikaricp:${{ github.run_number }} | |
# build-args: | | |
# GIT_VERSION_TAG=${{ env.RELEASE_VERSION }} | |
# GIT_COMMIT_MESSAGE=${{ github.event.head_commit.message }} | |
# GIT_VERSION_HASH=${{ github.sha }} | |
- name: Push to ECR | |
env: | |
ECR_REGISTRY: ${{ steps.login-pf-aws-ecr.outputs.registry }} | |
ECR_REPOSITORY: ${{secrets.AWS_ECR_REPO}} | |
IMAGE_TAG: ${{ github.run_number }} | |
id: ecr | |
uses: jwalton/gh-ecr-push@v1 | |
with: | |
access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
region: ${{ secrets.AWS_REGION }} | |
image: hikaricp:$IMAGE_TAG | |
deploy: | |
needs: push-to-ecr | |
name: deploy image | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v3 | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: ${{ secrets.AWS_REGION }} | |
- name: install ssh keys | |
# check this thread to understand why its needed: | |
# <https://stackoverflow.com/a/70447517> | |
run: | | |
install -m 600 -D /dev/null ~/.ssh/id_rsa | |
echo "${{ secrets.SSH_KEY }}" > ~/.ssh/id_rsa | |
ssh-keyscan -H ${{ secrets.HOST }} > ~/.ssh/known_hosts | |
- name: Login to Amazon ECR | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v2 | |
- name: Docker pull & run from github | |
uses: appleboy/ssh-action@master | |
env: | |
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
ECR_REPOSITORY: ${{ secrets.AWS_ECR_REPO }} | |
IMAGE_TAG: ${{ github.run_number }} | |
with: | |
host: ${{ secrets.HOST }} | |
username: ${{ secrets.SSH_USER }} | |
key: ${{ secrets.SSH_KEY }} | |
envs: ECR_REGISTRY, CONTAINER_NAME, IMAGE_TAG | |
allenvs: true | |
script: | | |
docker pull $ECR_REGISTRY/$CONTAINER_NAME:$IMAGE_TAG | |
docker system prune -af | |
docker stop hikaricp | |
docker rm hikaricp | |
docker run -d --rm --name hikaricp -p 3000:3000 $ECR_REGISTRY/$CONTAINER_NAME:$IMAGE_TAG | |