Backend Prod CD #25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Backend Prod CD | |
on: | |
workflow_dispatch: | |
push: | |
branches: [ 'main' ] | |
jobs: | |
detect-changes: | |
runs-on: ubuntu-latest | |
permissions: | |
pull-requests: read | |
outputs: | |
backend: ${{ steps.filter.outputs.backend }} | |
frontend: ${{ steps.filter.outputs.frontend }} | |
manual: ${{ steps.manual-check.outputs.manual }} | |
steps: | |
- id: manual-check | |
if: ${{ github.event_name == 'workflow_dispatch' }} | |
run: echo "manual=true" >> "$GITHUB_OUTPUT" | |
- uses: actions/checkout@v4 # Push 이벤트이기 때문에 checkout 해야 함 | |
with: | |
ref: main | |
submodules: recursive | |
token: ${{ secrets.PAT_TOKEN }} | |
- uses: dorny/paths-filter@v3 | |
if: ${{ github.event_name != 'workflow_dispatch' }} | |
id: filter | |
with: | |
base: 'main' # 해당 브랜치의 last commit과 변경점 비교 | |
filters: | | |
backend: | |
- 'backend/**' | |
frontend: | |
- 'frontend/**' | |
be-build: | |
needs: detect-changes | |
if: ${{ needs.detect-changes.outputs.backend == 'true' || needs.detect-changes.outputs.manual == 'true' }} | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
shell: bash | |
working-directory: ./backend | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: main | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v4 | |
with: | |
java-version: '17' | |
distribution: 'temurin' | |
cache: gradle | |
- name: Setup Gradle | |
uses: gradle/actions/setup-gradle@v3 | |
- name: Grant gradlew execute permission | |
run: chmod +x ./gradlew | |
- name: Build with Gradle (clean) | |
run: ./gradlew clean bootJar | |
# Docker 이미지 빌드 | |
- name: Docker image build | |
run: docker build -t ${{ secrets.DOCKERHUB_USERNAME }}/momo-api-prod . | |
# DockerHub 로그인 | |
- name: Docker login | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
# Docker Hub 이미지 푸시 | |
- name: Docker Hub push | |
run: docker push ${{ secrets.DOCKERHUB_USERNAME }}/momo-api-prod | |
be-depoly: | |
needs: be-build | |
strategy: | |
matrix: | |
# 매트릭스 전략으로 여러 runner를 사용할 수 있도록 설정 | |
runner: [ prod-a, prod-b ] | |
# fail-fast 옵션을 명시적으로 설정 | |
fail-fast: true | |
runs-on: [ self-hosted, linux, ARM64, "${{ matrix.runner }}" ] | |
defaults: | |
run: | |
shell: bash | |
working-directory: ./ | |
steps: | |
- name: checkout security submodule | |
uses: actions/checkout@v4 | |
with: | |
repository: woowacourse-teams/2024-momo-config | |
token: ${{ secrets.PAT_TOKEN }} | |
- name: copy security config | |
run: mkdir -p $HOME/security; \cp -f *.yml ~/security | |
# 1. 최신 도커 이미지 pull | |
- name: docker pull | |
run: docker pull ${{ secrets.DOCKERHUB_USERNAME }}/momo-api-prod | |
# 2. 블루그린 배포 스크립트 실행 | |
- name: Launch Blue-Green Deployment | |
run: chmod +x $HOME/security/deploy.sh; $HOME/security/deploy.sh | |
# 3. 미사용 이미지 정리 | |
- name: delete old docker image | |
run: docker system prune -f |