Update: main.yml #44
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and Deploy to EC2 | |
on: | |
push: | |
branches: [ "dev" ] | |
pull_request: | |
branches: [ "dev" ] | |
workflow_dispatch: | |
env: | |
AWS_REGION: ap-northeast-2 | |
S3_BUCKET_NAME: itpick-cicd-bucket | |
PROJECT_NAME: IT-Pick-Backend | |
CODE_DEPLOY_APPLICATION_NAME: itpick_cicd | |
CODE_DEPLOY_DEPLOYMENT_GROUP_NAME: itpick_instance | |
RESOURCE_PATH: ${{ secrets.RESOURCE_PATH }} | |
jobs: | |
build-project: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
steps: | |
# 체크아웃 | |
- name: checkout release | |
uses: actions/checkout@v4 | |
# JDK 17 세팅 | |
- name: set up JDK | |
uses: actions/setup-java@v4 | |
with: | |
distribution: 'temurin' | |
java-version: '17' | |
# gradlew 권한 설정 | |
- name: Make gradlew executable | |
run: chmod +x ./gradlew | |
# Build Gradle | |
- name: Build with Gradle | |
uses: gradle/actions/setup-gradle@417ae3ccd767c252f5661f1ace9f835f9654f2b5 | |
with: | |
arguments: clean build -x test | |
# zip 파일 생성 | |
- name: Make zip file | |
run: zip -qq -r ./$GITHUB_SHA.zip . | |
# AWS 인증 | |
- name: AWS configure credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: ${{ env.AWS_REGION }} | |
# 빌드 결과물 S3 버킷에 업로드 | |
- name: upload to AWS S3 | |
run: aws s3 cp --region ap-northeast-2 ./$GITHUB_SHA.zip s3://$S3_BUCKET_NAME/$PROJECT_NAME/$GITHUB_SHA.zip | |
- name: deploy with AWS codeDeploy | |
run: | | |
aws deploy create-deployment \ | |
--application-name ${{ env.CODE_DEPLOY_APPLICATION_NAME }} \ | |
--deployment-config-name CodeDeployDefault.AllAtOnce \ | |
--deployment-group-name ${{ env.CODE_DEPLOY_DEPLOYMENT_GROUP_NAME }} \ | |
--s3-location bucket=${{ env.S3_BUCKET_NAME }},key=${{ env.PROJECT_NAME }}/$GITHUB_SHA.zip,bundleType=zip | |
- name: Set yml file | |
uses: microsoft/variable-substitution@v1 | |
with: | |
files: ${{ env.RESOURCE_PATH }} | |
env: | |
spring.profile.active: local | |
spring.datasource.url: ${{ secrets.DATASOURCE_URL }} | |
spring.datasource.username: ${{ secrets.DATASOURCE_USERNAME }} | |
spring.datasource.password: ${{ secrets.DATASOURCE_PASSWORD }} | |
secret.jwt-secret-key: ${{ secrets.JWT_SECRET_KEY }} | |
secret.jwt-expired-in: ${{ secrets.JWT_EXPIRED_IN }} | |
naver.map.client.id: ${{ secrets.NAVER_CLIENT_ID }} | |
naver.map.client.secret: ${{ secrets.NAVER_CLIENT_SECRET }} | |
- name: Test AWS credentials | |
run: aws s3 ls |