Bitnagil-Server/.github/workflows/cicd-workflow.yml at 7c87e119d86ff482ad014772a2897367b8df1fac · YAPP-Github/Bitnagil-Server · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
name: Deploy to Amazon ECS

# release, develop 브랜치에 푸시되거나 PR이 닫힐 때마다 실행되는 워크플로우입니다.
on:
  push:
    branches:
      - "release"
      - "develop"

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:

      # 1. JDK 17 세팅
      - name: Set up JDK 17
        uses: actions/setup-java@v3
        with:
          java-version: '17'
          distribution: 'temurin'

      # 2. 환경변수(yml)가 있는 서브모듈 가져오기
      - name: Checkout
        uses: actions/checkout@v3
        with:
          token: ${{ secrets.ACTION_TOKEN }}
          submodules: true

      # 2-1. 환경변수(yml) 파일이 있는지 확인
      - name: Check if config files exist - dev
        if: github.ref == 'refs/heads/develop'
        run: |
          echo "Current Directory: $(pwd)"
          cd config
          echo "Current Directory: $(pwd)"
          cd dev
          echo "Current Directory: $(pwd)"
          ls -al

      - name: Check if config files exist - prod
        if: github.ref == 'refs/heads/release'
        run: |
          echo "Current Directory: $(pwd)"
          cd config
          echo "Current Directory: $(pwd)"
          cd prod
          echo "Current Directory: $(pwd)"
          ls -al

      # 3. Gradle 실행 권한 부여
      - name: Grant execute permission for Gradle
        run: chmod +x ./gradlew

      # 4. Gradle로 빌드
      - name: Build with Gradle
        run: ./gradlew clean build

      # 5. AWS 자격 증명 구성
      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v2
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: ap-northeast-2

      # 6. Amazon ECR에 로그인
      - name: Login to Amazon ECR
        id: login-ecr
        uses: aws-actions/amazon-ecr-login@v2

      # 7. Docker 이미지 빌드 및 태그, Amazon ECR에 이미지 푸시
      - name: Build Docker image and tag, push image to Amazon ECR - release
        if: github.ref == 'refs/heads/release'
        id: build-image-release
        run: |
          docker build --platform linux/amd64 -t ${{ secrets.ECR_REPO_NAME_PROD }} .
          docker tag ${{ secrets.ECR_REPO_NAME_PROD }}:latest ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.ap-northeast-2.amazonaws.com/${{ secrets.ECR_REPO_NAME_PROD }}:latest  # 이미지를 ECR 리포지토리로 태깅합니다.
          docker push ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.ap-northeast-2.amazonaws.com/${{ secrets.ECR_REPO_NAME_PROD }}:latest  # 이미지를 ECR에 푸시합니다.
          echo "image=${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.ap-northeast-2.amazonaws.com/${{ secrets.ECR_REPO_NAME_PROD }}:latest" >> $GITHUB_OUTPUT

      - name: Build Docker image and tag, push image to Amazon ECR - develop
        if: github.ref == 'refs/heads/develop'
        id: build-image-develop
        run: |
          docker build --platform linux/amd64 -t ${{ secrets.ECR_REPO_NAME_DEV }} .
          docker tag ${{ secrets.ECR_REPO_NAME_DEV }}:latest ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.ap-northeast-2.amazonaws.com/${{ secrets.ECR_REPO_NAME_DEV }}:latest  # 이미지를 ECR 리포지토리로 태깅합니다.
          docker push ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.ap-northeast-2.amazonaws.com/${{ secrets.ECR_REPO_NAME_DEV }}:latest  # 이미지를 ECR에 푸시합니다.
          echo "image=${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.ap-northeast-2.amazonaws.com/${{ secrets.ECR_REPO_NAME_DEV }}:latest" >> $GITHUB_OUTPUT

      # 8. Amazon ECS 태스크 정의에 새 이미지 ID 채우기
      - name: Fill in the new image ID in the Amazon ECS task definition - release
        if: github.ref == 'refs/heads/release'
        id: task-def-release
        uses: aws-actions/amazon-ecs-render-task-definition@v1
        with:
          task-definition: task-definition-prod.json
          container-name: ${{ secrets.ECS_CONTAINER_NAME_PROD }}
          image: ${{ steps.build-image-release.outputs.image }}

      - name: Mask ECS container name secret - release
        if: github.ref == 'refs/heads/release'
        run: |
          echo "ECS_CONTAINER_NAME_PROD is ${{ secrets.ECS_CONTAINER_NAME_PROD }}"
          echo "Container Names in task-definition-prod.json:"
          cat task-definition-prod.json | jq -r '.containerDefinitions[].name'

      - name: Fill in the new image ID in the Amazon ECS task definition - develop
        if: github.ref == 'refs/heads/develop'
        id: task-def-develop
        uses: aws-actions/amazon-ecs-render-task-definition@v1
        with:
          task-definition: task-definition-dev.json
          container-name: ${{ secrets.ECS_CONTAINER_NAME_DEV }}
          image: ${{ steps.build-image-develop.outputs.image }}

      # 9. ECS에 배포
      - name: Deploy to ECS - release
        if: github.ref == 'refs/heads/release'
        uses: aws-actions/amazon-ecs-deploy-task-definition@v1
        with:
          task-definition: ${{ steps.task-def-release.outputs.task-definition }}  # ECS 태스크 정의 파일을 지정합니다.
          service: ${{ secrets.ECS_SERVICE_NAME_PROD }}
          cluster: ${{ secrets.ECS_CLUSTER_NAME }}
          wait-for-service-stability: true  # 서비스가 안정화될 때까지 대기합니다.

      - name: Deploy to ECS - develop
        if: github.ref == 'refs/heads/develop'
        uses: aws-actions/amazon-ecs-deploy-task-definition@v1
        with:
          task-definition: ${{ steps.task-def-develop.outputs.task-definition }}  # ECS 태스크 정의 파일을 지정합니다.
          service: ${{ secrets.ECS_SERVICE_NAME_DEV }}
          cluster: ${{ secrets.ECS_CLUSTER_NAME }}
          wait-for-service-stability: true  # 서비스가 안정화될 때까지 대기합니다.