Merge pull request #146 from Menjil-Menjil/develop #4

Summary
Jobs
- build
- deploy
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/cd-main.yml at fd8bdca

	name: CD in main branch

	on:
	push:
	branches: [ "main" ]

	permissions:
	contents: read

	jobs:
	build:
	runs-on: ubuntu-latest

	services:
	mongodb:
	image: mongo:4.4
	options: >-
	--health-cmd mongo
	--health-interval 10s
	--health-timeout 5s
	--health-retries 5
	ports:
	- 27017:27017

	mysql:
	image: mysql:8.0
	env:
	MYSQL_DATABASE: menjil-test
	MYSQL_ROOT_PASSWORD: root
	# MYSQL_USER: root
	# MYSQL_PASSWORD: root33
	ports:
	- 3306:3306
	options: >-
	--health-cmd="mysqladmin ping"
	--health-interval=10s
	--health-timeout=5s
	--health-retries=3

	steps:
	# workflow 실행 전 기본적으로 checkout 필요
	- uses: actions/checkout@v4
	- name: Install Ubuntu dependencies
	run: sudo apt-get update

	- name: Set up JDK 17
	uses: actions/setup-java@v4
	with:
	distribution: 'temurin' # Eclipse Temurin
	java-version: '17'

	## Create secret yml files before build
	- name: create application-common, local, prod, test.yml
	shell: bash
	run: \|
	touch ./src/main/resources/application-common.yml
	echo "${{secrets.APPLICATION_COMMON}}" > ./src/main/resources/application-common.yml
	touch ./src/main/resources/application-local.yml
	echo "${{secrets.APPLICATION_LOCAL}}" > ./src/main/resources/application-local.yml
	touch ./src/main/resources/application-prod.yml
	echo "${{secrets.APPLICATION_PROD}}" > ./src/main/resources/application-prod.yml
	touch ./src/main/resources/application-test.yml
	echo "${{secrets.APPLICATION_TEST}}" > ./src/main/resources/application-test.yml

	## Gradle
	- name: Cache gradle packages
	uses: actions/cache@v3
	with:
	path: \|
	~/.gradle/caches
	~/.gradle/wrapper
	key: ${{ runner.os }}-gradle-${{ hashFiles('*/.gradle', '*/gradle-wrapper.properties') }}
	restore-keys: \|
	${{ runner.os }}-gradle-

	- name: Grant execute permission for gradlew
	run: chmod +x gradlew

	- name: Verify MySQL connection
	run: \|
	sleep 30
	mysql --host 127.0.0.1 --port 3306 --user root --password=root -e "SHOW DATABASES;"

	## Build
	- name: Build with Gradle
	run: ./gradlew clean build

	- name: Set up JDK 17
	uses: actions/setup-java@v4
	with:
	distribution: 'temurin' # Eclipse Temurin
	java-version: '17'

	## Create secret yml files before build
	- name: create application-common, local, prod, test.yml
	shell: bash
	run: \|
	touch ./src/main/resources/application-common.yml
	echo "${{secrets.APPLICATION_COMMON}}" > ./src/main/resources/application-common.yml
	touch ./src/main/resources/application-local.yml
	echo "${{secrets.APPLICATION_LOCAL}}" > ./src/main/resources/application-local.yml
	touch ./src/main/resources/application-prod.yml
	echo "${{secrets.APPLICATION_PROD}}" > ./src/main/resources/application-prod.yml
	touch ./src/main/resources/application-test.yml
	echo "${{secrets.APPLICATION_TEST}}" > ./src/main/resources/application-test.yml

	## Gradle
	- name: Cache gradle packages
	uses: actions/cache@v3
	with:
	path: \|
	~/.gradle/caches
	~/.gradle/wrapper
	key: ${{ runner.os }}-gradle-${{ hashFiles('*/.gradle', '*/gradle-wrapper.properties') }}
	restore-keys: \|
	${{ runner.os }}-gradle-

	- name: Grant execute permission for gradlew
	run: chmod +x gradlew

	## Docker
	- name: Login to Docker Hub
	uses: docker/login-action@v2
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_TOKEN }}

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v2

	- name: Build and push
	uses: docker/build-push-action@v4
	with:
	context: .
	file: ./Dockerfile
	platforms: linux/amd64
	push: true
	tags: ${{ secrets.DOCKERHUB_REPO }}:latest

	deploy:
	needs: build # Run after build
	runs-on: ubuntu-latest
	steps:
	- name: Get Github Action's ip address
	id: ip
	uses: haythem/[email protected]

	## access-key-id, secret-access-key의 경우 AWS IAM User의 정보 사용
	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v2
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: ap-northeast-2

	- name: Add Github Action's ip address to Security Group
	run: aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SECURITY_GROUP_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32

	- name: connect EC2 instance and deploy docker images to main server
	uses: appleboy/[email protected]
	with:
	host: ${{ secrets.AWS_EC2_HOST_IP }}
	username: ${{ secrets.AWS_EC2_USERNAME }}
	key: ${{ secrets.AWS_SSH_KEY }}
	# port: ${{ secrets.AWS_SSH_PORT }} # 생략하면 default 22

	## kill container -> remove container -> remove image -> pull new image -> run
	script: \|
	sudo docker kill ${{ secrets.PROJECT_NAME }}
	sudo docker rm ${{ secrets.PROJECT_NAME }}
	sudo docker rmi ${{ secrets.DOCKERHUB_REPO }}

	sudo docker pull ${{ secrets.DOCKERHUB_REPO }}:latest
	sudo docker run -d --name ${{ secrets.PROJECT_NAME }} -p 80:8080 ${{ secrets.DOCKERHUB_REPO }}:latest

	- name: Remove Github Action's ip address from Security Group
	run: aws ec2 revoke-security-group-ingress --group-id ${{ secrets.AWS_SECURITY_GROUP_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge pull request #146 from Menjil-Menjil/develop #4

Workflow file

Merge pull request #146 from Menjil-Menjil/develop #4

Jobs

Run details

Workflow file for this run