-
Notifications
You must be signed in to change notification settings - Fork 2
144 lines (123 loc) · 4.76 KB
/
gradle.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle
name: Java CI with Gradle
on:
push:
branches: [ "dev" ]
pull_request:
branches: [ "dev" ]
env:
AWS_REGION: ap-northeast-2
S3_BUCKET_NAME: s3-ttubeog
CODE_DEPLOY_APPLICATION_NAME: ttubeog-codedeploy
CODE_DEPLOY_DEPLOYMENT_GROUP_NAME: ttubeog-deploy-group
permissions:
contents: read
jobs:
build:
name: Build
runs-on: ubuntu-22.04
steps:
# 작업 엑세스 가능하게 $GITHUB_WORKSPACE에서 저장소를 체크아웃
- name: Checkout branch
uses: actions/checkout@v3
# java 버전 세팅
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'zulu'
# git ignore한 yml 파일들 github secret에서 복사해 오기
- name: Copy secret
env:
OCCUPY_SECRET: ${{ secrets.OCCUPY_SECRET }}
OCCUPY_DB_SECRET: ${{ secrets.OCCUPY_DB_SECRET }}
OCCUPY_OAUTH_SECRET: ${{ secrets.OCCUPY_OAUTH_SECRET }}
OCCUPY_SECRET_DIR: ./src/main/resources
OCCUPY_DB_SECRET_DIR: ./src/main/resources/database
OCCUPY_OAUTH_SECRET_DIR: ./src/main/resources/oauth2
OCCUPY_SECRET_DIR_FILE_NAME: application.yml
OCCUPY_DB_SECRET_DIR_FILE_NAME: application-database.yml
OCCUPY_OAUTH_SECRET_DIR_FILE_NAME: application-oauth2.yml
run: |
mkdir $OCCUPY_DB_SECRET_DIR
mkdir $OCCUPY_OAUTH_SECRET_DIR
touch $OCCUPY_SECRET_DIR/$OCCUPY_SECRET_DIR_FILE_NAME
touch $OCCUPY_DB_SECRET_DIR/$OCCUPY_DB_SECRET_DIR_FILE_NAME
touch $OCCUPY_OAUTH_SECRET_DIR/$OCCUPY_OAUTH_SECRET_DIR_FILE_NAME
echo "$OCCUPY_SECRET" > $OCCUPY_SECRET_DIR/$OCCUPY_SECRET_DIR_FILE_NAME
echo "$OCCUPY_DB_SECRET" > $OCCUPY_DB_SECRET_DIR/$OCCUPY_DB_SECRET_DIR_FILE_NAME
echo "$OCCUPY_OAUTH_SECRET" > $OCCUPY_OAUTH_SECRET_DIR/$OCCUPY_OAUTH_SECRET_DIR_FILE_NAME
# gradlew 실행 권한 부여
- name: Run chmod to make gradlew executable
run: chmod +x ./gradlew
shell: bash
# Build -> jar 파일 생성
- name: Build with Gradle
run: ./gradlew clean build -x test
shell: bash
- name: Upload Build artifacts
uses: actions/upload-artifact@v2
with:
name: build-artifacts
path: |
build/libs/*.jar
deploy:
name: CD with SSH
needs: build
runs-on: ubuntu-22.04
steps:
# # (6) AWS 인증 (IAM 사용자 Access Key, Secret Key 활용)
# - name: Configure AWS credentials
# uses: aws-actions/configure-aws-credentials@v1
# with:
# aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
# aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
# aws-region: ${{ env.AWS_REGION }}
#
# # (7) 빌드 결과물을 S3 버킷에 업로드
# - name: Upload to AWS S3
# run: |
# aws deploy push \
# --application-name ${{ env.CODE_DEPLOY_APPLICATION_NAME }} \
# --ignore-hidden-files \
# --s3-location s3://$S3_BUCKET_NAME/$GITHUB_SHA.zip \
# --source .
#
# # (8) S3 버킷에 있는 파일을 대상으로 CodeDeploy 실행
# - name: Deploy to AWS EC2 from S3
# run: |
# aws deploy create-deployment \
# --application-name ${{ env.CODE_DEPLOY_APPLICATION_NAME }} \
# --deployment-config-name CodeDeployDefault.AllAtOnce \
# --deployment-group-name ${{ env.CODE_DEPLOY_DEPLOYMENT_GROUP_NAME }} \
# --s3-location bucket=$S3_BUCKET_NAME,key=$GITHUB_SHA.zip,bundleType=zip
- name: Download build artifacts
uses: actions/download-artifact@v2
with:
name: build-artifacts
# JAR 파일을 EC2에 배포하는 step
- name: SCP JAR to EC2
uses: appleboy/scp-action@master
with:
key: ${{ secrets.EC2_KEY }}
host: ${{ secrets.EC2_HOST }}
username: ${{ secrets.EC2_USER }}
source: "*.jar"
target: "/home/ubuntu/app"
# EC2에 SSH로 배포 커맨드를 입력하는 step
- name: Deploy SSH
uses: appleboy/ssh-action@master
with:
key: ${{ secrets.EC2_KEY }}
host: ${{ secrets.EC2_HOST }}
username: ${{ secrets.EC2_USER }}
# 기존 실행 중인 서버 종료 후 jar 파일 실행
script: |
sudo fuser -k -n tcp 8080
sleep 15
sudo nohup java -jar /home/ubuntu/app/*.jar > ./nohup.out 2>&1 &