Feat: making application port as a secret variable in order to manage #27
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI-CD | |
| on: | |
| push: | |
| branches: | |
| - main | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| services: | |
| postgres: | |
| image: postgres:13 | |
| env: | |
| POSTGRES_USER: ${{ secrets.DB_USER }} | |
| POSTGRES_PASSWORD: ${{ secrets.DB_PASSWORD }} | |
| POSTGRES_DB: ${{ secrets.DB_NAME }} | |
| ports: | |
| - 5432:5432 | |
| options: >- | |
| --health-cmd="pg_isready -U postgres -d testdb" | |
| --health-interval=10s | |
| --health-timeout=5s | |
| --health-retries=5 | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: 'corretto' | |
| java-version: '17' | |
| - name: Cache Gradle packages | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.gradle/caches | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: | | |
| ${{ runner.os }}-gradle- | |
| - name: Create application-secrets.yml | |
| run: | | |
| cd ./src/main/resources | |
| touch ./application-secrets.yml | |
| echo "${{ secrets.SECRETS }}" > ./application-secrets.yml | |
| shell: bash | |
| - name: Build with Gradle | |
| run: ./gradlew build --scan | |
| - name: Log in to Docker Hub | |
| uses: docker/login-action@v1 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v2 | |
| with: | |
| context: . | |
| file: ./Dockerfile | |
| push: true | |
| tags: ${{ secrets.DOCKER_USERNAME }}/blogue | |
| deploy: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| steps: | |
| - name: SSH to EC2 and pull Docker image | |
| uses: appleboy/ssh-action@master | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USERNAME }} | |
| key: ${{ secrets.EC2_SSH_KEY }} | |
| port: ${{ secrets.EC2_PORT }} | |
| script: | | |
| sudo docker login -u "${{ secrets.DOCKER_USERNAME }}" -p "${{ secrets.DOCKER_PASSWORD }}" | |
| sudo docker pull ${{ secrets.DOCKER_USERNAME }}/blogue | |
| sudo docker stop blogue || true | |
| sudo docker rm blogue || true | |
| sudo docker run -d --name blogue -p 80:8080 ${{ secrets.DOCKER_USERNAME }}/blogue |