-
Notifications
You must be signed in to change notification settings - Fork 5
144 lines (123 loc) · 5.2 KB
/
cicd-prod.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
name: Project CI/CD with AWS
on:
push:
branches: [ "main" ]
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: "17"
distribution: "temurin"
- name: Replace SQL Queries
run: |
dir_path="./module-domain/src/main/resources/db/migration"
old_text="changeRequired"
new_text="${{ secrets.PUBLIC_KEY }}"
find "$dir_path" -type f -name "*.sql" -exec sed -i "s|$old_text|$new_text|g" {} +
- name: Set application yml file (api)
uses: microsoft/variable-substitution@v1
with:
files: ./module-api/src/main/resources/application.yml
env:
spring.profiles.active: "prod"
- name: Set application yml file (batch)
uses: microsoft/variable-substitution@v1
with:
files: ./module-batch/src/main/resources/application.yml
env:
spring.profiles.active: "prod"
- name: Set application-prod yml file (api)
uses: microsoft/variable-substitution@v1
with:
files: ./module-api/src/main/resources/application-prod.yml
env:
spring.datasource.url: ${{ secrets.DB_URL_AWS }}
spring.datasource.username: ${{ secrets.DB_USER }}
spring.datasource.password: ${{ secrets.DB_PW }}
spring.mail.username: ${{ secrets.SMTP_GOOGLE_EMAIL }}
spring.mail.password: ${{ secrets.SMTP_PASSWORD }}
spring.data.redis.host: ${{ secrets.REDIS_PROD_HOST }}
spring.data.redis.password: ${{ secrets.REDIS_PROD_PASSWORD }}
constants.host-url: ${{ secrets.PROD_HOST_URL }}
aws.credentials.access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws.credentials.secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws.s3.bucket.name: ${{ secrets.AWS_S3_BUCKET_NAME }}
aws.s3.bucket.url: ${{ secrets.AWS_S3_BUCKET_URL }}
- name: Set application-dev yml file (batch)
uses: microsoft/variable-substitution@v1
with:
files: ./module-batch/src/main/resources/application-prod.yml
env:
spring.datasource.url: ${{ secrets.DB_URL_AWS }}
spring.datasource.username: ${{ secrets.DB_USER }}
spring.datasource.password: ${{ secrets.DB_PW }}
external.ecolife-api.path: ${{ secrets.ECOLIFE_PATH }}
external.ecolife-api.service-key: ${{ secrets.ECOLIFE_KEY }}
- name: Grant execute permission And Build with Gradle (api)
working-directory: ./module-api
run: |
chmod +x ./gradlew
./gradlew bootJar
- name: Grant execute permission And Build with Gradle (batch)
working-directory: ./module-batch
run: |
chmod +x ./gradlew
./gradlew bootJar
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v3
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ap-northeast-2
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
- name: Build, tag, and push docker image to Amazon ECR (api)
working-directory: ./module-api
env:
REGISTRY: ${{ steps.login-ecr.outputs.registry }}
REPOSITORY: washfit-api
IMAGE_TAG: latest
run: |
docker build -t $REGISTRY/$REPOSITORY:$IMAGE_TAG .
docker push $REGISTRY/$REPOSITORY:$IMAGE_TAG
- name: Build, tag, and push docker image to Amazon ECR (batch)
working-directory: ./module-batch
env:
REGISTRY: ${{ steps.login-ecr.outputs.registry }}
REPOSITORY: washfit-batch
IMAGE_TAG: latest
run: |
docker build -t $REGISTRY/$REPOSITORY:$IMAGE_TAG .
docker push $REGISTRY/$REPOSITORY:$IMAGE_TAG
- name: Application Run
uses: appleboy/[email protected]
with:
host: ${{ secrets.AWS_EC2_HOST }}
username: ${{ secrets.AWS_USERNAME }}
key: ${{ secrets.AWS_KEY }}
script: |
# Install Docker and Docker Compose
sudo dnf update
sudo dnf install docker
sudo systemctl start docker
sudo systemctl enable docker
sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
# Docker Compose
mkdir -p deploy
cd deploy
sudo echo "${{ secrets.PROD_REDIS_CONF }}" > ./redis/redis.conf
sudo echo "${{ secrets.DOCKER_COMPOSE_AWS }}" > docker-compose.yml
aws ecr get-login-password --region ap-northeast-2 | docker login --username AWS --password-stdin ${{ steps.login-ecr.outputs.registry }}
docker image prune -af
docker-compose pull
docker-compose down
docker-compose up -d