-
Notifications
You must be signed in to change notification settings - Fork 2
183 lines (156 loc) · 6.42 KB
/
gradle.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle
name: Java CI with Gradle
on:
push:
branches: [ "dev" ]
pull_request:
branches: [ "dev" ]
env:
AWS_REGION: ap-northeast-2
S3_BUCKET_NAME: s3-ttubeog
CODE_DEPLOY_APPLICATION_NAME: ttubeog-codedeploy
CODE_DEPLOY_DEPLOYMENT_GROUP_NAME: ttubeog-deploy-group
permissions:
contents: read
jobs:
build:
name: Build
runs-on: ubuntu-22.04
steps:
# 작업 엑세스 가능하게 $GITHUB_WORKSPACE에서 저장소를 체크아웃
- name: Checkout branch
uses: actions/checkout@v3
# java 버전 세팅
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'zulu'
# git ignore한 yml 파일들 github secret에서 복사해 오기
- name: Copy secret
env:
OCCUPY_SECRET: ${{ secrets.OCCUPY_SECRET }}
OCCUPY_DB_SECRET: ${{ secrets.OCCUPY_DB_SECRET }}
OCCUPY_OAUTH_SECRET: ${{ secrets.OCCUPY_OAUTH_SECRET }}
OCCUPY_LOGBACK_SECRET: ${{ secrets.OCCUPY_LOGBACK_SECRET }}
OCCUPY_SECRET_DIR: ./src/main/resources
OCCUPY_DB_SECRET_DIR: ./src/main/resources/database
OCCUPY_OAUTH_SECRET_DIR: ./src/main/resources/oauth2
OCCUPY_LOGBACK_SECRET_DIR: ./src/main/resources
OCCUPY_SECRET_DIR_FILE_NAME: application.yml
OCCUPY_DB_SECRET_DIR_FILE_NAME: application-database.yml
OCCUPY_OAUTH_SECRET_DIR_FILE_NAME: application-oauth2.yml
OCCUPY_LOGBACK_SECRET_DIR_FILE_NAME: logback-test.xml
run: |
mkdir $OCCUPY_DB_SECRET_DIR
mkdir $OCCUPY_OAUTH_SECRET_DIR
touch $OCCUPY_SECRET_DIR/$OCCUPY_SECRET_DIR_FILE_NAME
touch $OCCUPY_DB_SECRET_DIR/$OCCUPY_DB_SECRET_DIR_FILE_NAME
touch $OCCUPY_OAUTH_SECRET_DIR/$OCCUPY_OAUTH_SECRET_DIR_FILE_NAME
touch $OCCUPY_LOGBACK_SECRET_DIR/$OCCUPY_LOGBACK_SECRET_DIR_FILE_NAME
echo "$OCCUPY_SECRET" > $OCCUPY_SECRET_DIR/$OCCUPY_SECRET_DIR_FILE_NAME
echo "$OCCUPY_DB_SECRET" > $OCCUPY_DB_SECRET_DIR/$OCCUPY_DB_SECRET_DIR_FILE_NAME
echo "$OCCUPY_OAUTH_SECRET" > $OCCUPY_OAUTH_SECRET_DIR/$OCCUPY_OAUTH_SECRET_DIR_FILE_NAME
echo "$OCCUPY_LOGBACK_SECRET" > $OCCUPY_LOGBACK_SECRET_DIR/$OCCUPY_LOGBACK_SECRET_DIR_FILE_NAME
# gradlew 실행 권한 부여
- name: Run chmod to make gradlew executable
run: chmod +x ./gradlew
shell: bash
# Build -> jar 파일 생성
- name: Build with Gradle
run: ./gradlew clean build -x test
shell: bash
- name: Upload Build artifacts
uses: actions/upload-artifact@v2
with:
name: build-artifacts
path: |
build/libs/*.jar
# - name: Remove past EC2 raw sorce dir
# uses: appleboy/ssh-action@master
# with:
# key: ${{ secrets.EC2_KEY }}
# host: ${{ secrets.EC2_HOST }}
# username: ${{ secrets.EC2_USER }}
# command: sudo rm -rf /home/ubuntu/app/code
# port: 22
# - name: Upload raw sorce to EC2
# uses: appleboy/scp-action@master
# with:
# key: ${{ secrets.EC2_KEY }}
# host: ${{ secrets.EC2_HOST }}
# username: ${{ secrets.EC2_USER }}
# source: .
# target: "/home/ubuntu/app/code"
- name: Start redis-server
uses: appleboy/scp-action@master
with:
key: ${{ secrets.EC2_KEY }}
host: ${{ secrets.EC2_HOST }}
username: ${{ secrets.EC2_USER }}
target: /home/ubuntu # specify the target path if needed
source: . # specify the source directory or file if needed
command: sudo systemctl start redis-server
port: 22
timeout: 30s
command_timeout: 10m
tar_exec: tar
proxy_port: 22
proxy_timeout: 30s
deploy:
name: CD with SSH
needs: build
runs-on: ubuntu-22.04
steps:
# (6) AWS 인증 (IAM 사용자 Access Key, Secret Key 활용)
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION }}
# (7) 빌드 결과물을 S3 버킷에 업로드
# - name: Upload to AWS S3
# run: |
# aws deploy push \
# --application-name ${{ env.CODE_DEPLOY_APPLICATION_NAME }} \
# --s3-location s3://$S3_BUCKET_NAME/$GITHUB_SHA.zip \
# --source .
# # (8) S3 버킷에 있는 파일을 대상으로 CodeDeploy 실행
# - name: Deploy to AWS EC2 from S3
# run: |
# aws deploy create-deployment \
# --application-name ${{ env.CODE_DEPLOY_APPLICATION_NAME }} \
# --deployment-config-name CodeDeployDefault.AllAtOnce \
# --deployment-group-name ${{ env.CODE_DEPLOY_DEPLOYMENT_GROUP_NAME }} \
# --s3-location bucket=$S3_BUCKET_NAME,key=$GITHUB_SHA.zip,bundleType=zip
- name: Download build artifacts
uses: actions/download-artifact@v2
with:
name: build-artifacts
# JAR 파일을 EC2에 배포하는 step
- name: SCP JAR to EC2
uses: appleboy/scp-action@master
with:
key: ${{ secrets.EC2_KEY }}
host: ${{ secrets.EC2_HOST }}
username: ${{ secrets.EC2_USER }}
source: "*.jar"
target: "/home/ubuntu/app"
# EC2에 SSH로 배포 커맨드를 입력하는 step
- name: Deploy SSH
uses: appleboy/ssh-action@master
with:
key: ${{ secrets.EC2_KEY }}
host: ${{ secrets.EC2_HOST }}
username: ${{ secrets.EC2_USER }}
# 기존 실행 중인 서버 종료 후 jar 파일 실행
script: |
sudo fuser -k -n tcp 8080
sleep 15
sudo nohup java -jar /home/ubuntu/app/*.jar > ./nohup.out 2>&1 &