Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

🌏 Deploy - CICD Pipeline ꡬ좕 #21

Merged
merged 2 commits into from
Nov 18, 2024
Merged

🌏 Deploy - CICD Pipeline ꡬ좕 #21

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
b6eadd8
🌏Deploy/#20: add dev-cicd.yml
dongkyeomjang Nov 18, 2024
c950ce3
🌏Deploy/#20: add gradle-wrapper.jar
dongkyeomjang Nov 18, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
93 changes: 93 additions & 0 deletions .github/workflows/dev-cicd.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,93 @@
name: Web Application Develop Server CI/CD

on:
pull_request:
branches: [ "dev" ]
types:
- opened
- synchronize
- closed

jobs:
CI:
runs-on: ubuntu-20.04

steps:
- name: Checkout
uses: actions/checkout@v3

# Cache Gradle~
- name: Cache Gradle
uses: actions/cache@v3
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
restore-keys: |
${{ runner.os }}-gradle-

### runner application java μ„€μ •
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'temurin'

### application.yml μ„€μ •
- name: Set YML
run: |
echo "${{ secrets.APPLICATION_DEV_YML }}" | base64 --decode > ./src/main/resources/application-dev.yml

Comment on lines +38 to +41
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

πŸ› οΈ Refactor suggestion

Improve YAML file handling robustness

The current base64 decoding might be susceptible to newline issues. Consider using a more robust approach:

 - name: Set YML
   run: |
-    echo "${{ secrets.APPLICATION_DEV_YML }}" | base64 --decode > ./src/main/resources/application-dev.yml
+    echo "${{ secrets.APPLICATION_DEV_YML }}" | base64 -d | tr -d '\r' > ./src/main/resources/application-dev.yml
πŸ“ Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
- name: Set YML
run: |
echo "${{ secrets.APPLICATION_DEV_YML }}" | base64 --decode > ./src/main/resources/application-dev.yml
- name: Set YML
run: |
echo "${{ secrets.APPLICATION_DEV_YML }}" | base64 -d | tr -d '\r' > ./src/main/resources/application-dev.yml

### gradlew μ‹€ν–‰ κΆŒν•œ λΆ€μ—¬
- name: Grant execute Permission for gradlew
run: |
chmod +x gradlew

### project build
- name: Build with Gradle
run: |
./gradlew clean build -x test
Comment on lines +48 to +50
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Skipping tests in the build process is risky

The -x test flag skips all tests, which could lead to quality issues. Consider:

  1. Running essential tests at minimum
  2. Using test categories to run critical tests only
 - name: Build with Gradle
   run: |
-    ./gradlew clean build -x test
+    ./gradlew clean build
πŸ“ Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
- name: Build with Gradle
run: |
./gradlew clean build -x test
- name: Build with Gradle
run: |
./gradlew clean build


### Docker Image Build and Push
- name: Login to Docker Hub
if: github.event.pull_request.merged == true
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}

- name: Set up Docker Buildx
if: github.event.pull_request.merged == true
uses: docker/setup-buildx-action@v2

- name: Build and push
if: github.event.pull_request.merged == true
uses: docker/build-push-action@v4
with:
context: .
file: ./Dockerfile
push: true
tags: ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKERHUB_REPONAME }}
Comment on lines +64 to +71
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

πŸ› οΈ Refactor suggestion

Add version tagging for Docker images

Using only the latest tag makes rollbacks difficult and version tracking impossible.

 - name: Build and push
   if: github.event.pull_request.merged == true
   uses: docker/build-push-action@v4
   with:
     context: .
     file: ./Dockerfile
     push: true
-    tags: ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKERHUB_REPONAME }}
+    tags: |
+      ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKERHUB_REPONAME }}:latest
+      ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKERHUB_REPONAME }}:${{ github.sha }}
πŸ“ Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
- name: Build and push
if: github.event.pull_request.merged == true
uses: docker/build-push-action@v4
with:
context: .
file: ./Dockerfile
push: true
tags: ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKERHUB_REPONAME }}
- name: Build and push
if: github.event.pull_request.merged == true
uses: docker/build-push-action@v4
with:
context: .
file: ./Dockerfile
push: true
tags: |
${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKERHUB_REPONAME }}:latest
${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKERHUB_REPONAME }}:${{ github.sha }}


# closed에 λŒ€ν•œ server deploy
CD:
if: github.event.pull_request.merged == true
needs: [CI]

runs-on: ubuntu-20.04

steps:
### SSH Connect and Docker Image Pull and Container Run
- name: Docker Image Pull and Container Run
uses: appleboy/[email protected]
with:
host: ${{ secrets.DEV_SSH_HOST }}
username: ${{ secrets.DEV_SSH_USERNAME }}
key: ${{ secrets.DEV_SSH_KEY }}
port: ${{ secrets.DEV_SSH_PORT }}
script: |
docker stop api-server
docker rm api-server
docker image rm ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKERHUB_REPONAME }}
docker run -d -p 8080:8080 --name api-server --network ${{secrets.DOCKER_NETWORKNAME}} ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKERHUB_REPONAME }}
Comment on lines +89 to +93
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

πŸ› οΈ Refactor suggestion

Improve deployment reliability and minimize downtime

The current deployment process has several areas for improvement:

  1. No health checks after deployment
  2. No rollback strategy
  3. Potential downtime during container replacement
 script: |
+  # Pull new image first to minimize downtime
+  docker pull ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKERHUB_REPONAME }}
+  
+  # Backup current container name if exists
+  CURRENT_CONTAINER=$(docker ps -q -f name=api-server)
+  
+  # Start new container on different port
+  docker run -d -p 8081:8080 --name api-server-new --network ${{secrets.DOCKER_NETWORKNAME}} ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKERHUB_REPONAME }}
+  
+  # Wait for container to be healthy
+  sleep 10
+  if ! curl -f http://localhost:8081/health; then
+    echo "New container failed health check"
+    docker stop api-server-new
+    docker rm api-server-new
+    exit 1
+  fi
+  
+  # Stop and remove old container
   docker stop api-server
   docker rm api-server
-  docker image rm ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKERHUB_REPONAME }}
-  docker run -d -p 8080:8080 --name api-server --network ${{secrets.DOCKER_NETWORKNAME}} ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKERHUB_REPONAME }}
+  
+  # Rename new container
+  docker rename api-server-new api-server
+  
+  # Cleanup old images
+  docker image prune -f
πŸ“ Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
script: |
docker stop api-server
docker rm api-server
docker image rm ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKERHUB_REPONAME }}
docker run -d -p 8080:8080 --name api-server --network ${{secrets.DOCKER_NETWORKNAME}} ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKERHUB_REPONAME }}
script: |
# Pull new image first to minimize downtime
docker pull ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKERHUB_REPONAME }}
# Backup current container name if exists
CURRENT_CONTAINER=$(docker ps -q -f name=api-server)
# Start new container on different port
docker run -d -p 8081:8080 --name api-server-new --network ${{secrets.DOCKER_NETWORKNAME}} ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKERHUB_REPONAME }}
# Wait for container to be healthy
sleep 10
if ! curl -f http://localhost:8081/health; then
echo "New container failed health check"
docker stop api-server-new
docker rm api-server-new
exit 1
fi
# Stop and remove old container
docker stop api-server
docker rm api-server
# Rename new container
docker rename api-server-new api-server
# Cleanup old images
docker image prune -f
🧰 Tools
πŸͺ› yamllint

[error] 93-93: no new line character at the end of file

(new-line-at-end-of-file)

3 changes: 3 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -205,6 +205,9 @@ fabric.properties
*.tar.gz
*.rar

# Allow gradle-wrapper.jar
!gradle/wrapper/gradle-wrapper.jar

# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
hs_err_pid*
replay_pid*
Expand Down
Binary file added gradle/wrapper/gradle-wrapper.jar
View file
Open in desktop
Binary file not shown.
Loading