-
Notifications
You must be signed in to change notification settings - Fork 0
102 lines (86 loc) · 3.48 KB
/
cicd.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle
name: CI/CD
#event trigger
on:
push:
branches: [ "main" ]
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
# JDK 17 설정
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'temurin'
cache: gradle
# Gradle 설정
- name: Setup Gradle
uses: gradle/gradle-build-action@v2
# 배포 시작 알림 전송
- name: Start Deployment
continue-on-error: true
run: |
curl -X POST -H "Content-Type: application/json" --data '{"content":"🚀 Deployment has started."}' ${{ secrets.DISCORD_WEBHOOK }}
# Docker Hub 로그인
- name: Login to Docker Hub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
# gradlew 파일 권한 지정
- name: Grant execute permission for gradlew
run: chmod +x gradlew
# gradle Jib를 이용해 이미지를 만들고 원격 저장소에 Push
- name: Setup Jib with Gradle
run: ./gradlew jib
# GET GitHub IP
- name: Get Github Actions IP
id: ip
uses: haythem/[email protected]
# AWS 접근 권한 취득(IAM)
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ap-northeast-2
# github ip AWS 보안 그룹에 추가
- name: Add Github Actions IP to Security group
run: |
aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32
# ssh로 접속해 재배포
- name: Deploy
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.REMOTE_IP }}
username: ${{ secrets.REMOTE_SSH_ID }}
key: ${{ secrets.REMOTE_SSH_KEY }}
port: ${{ secrets.REMOTE_SSH_PORT }}
script: |
cd docker
docker-compose pull
docker-compose up -d
# 배포 후 보안 그룹에서 github ip 삭제
- name: Remove Github Actions IP From Security Group
if: always()
run: |
aws ec2 revoke-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32
# 배포 완료 알림 전송
- name: Notify Deployment Completed
if: success()
run: |
curl -X POST -H "Content-Type: application/json" --data '{"content":"✅ Deployment completed successfully!"}' ${{ secrets.DISCORD_WEBHOOK }}
- name: Notify Deployment Failed
if: failure()
run: |
curl -X POST -H "Content-Type: application/json" --data '{"content":"❌ Deployment failed...😢 Check the logs and try again!"}' ${{ secrets.DISCORD_WEBHOOK }}