Create backend_prod.yml #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Deploy Spring Docker Image | |
| on: | |
| push: | |
| branches: | |
| - 'main' | |
| jobs: | |
| build-docker-image: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| - name: Setup Gradle | |
| uses: gradle/actions/setup-gradle@417ae3ccd767c252f5661f1ace9f835f9654f2b5 # v3.1.0 | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x gradlew | |
| - name: Set application properties from GitHub Secrets | |
| run: | | |
| echo '${{ secrets.APP_CONFIG_JSON_PROD }}' > config.json | |
| mkdir -p src/main/resources | |
| jq -r 'to_entries|map("\(.key)=\(.value|tostring)")|.[]' config.json > src/main/resources/application.properties | |
| - name: Build with Gradle Wrapper | |
| run: ./gradlew build | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| - name: Login to Amazon ECR | |
| uses: aws-actions/amazon-ecr-login@v1 | |
| - name: Build and push Docker image to AWS ECR | |
| run: | | |
| docker build -t ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com/jumo_back_prod:latest . | |
| docker push ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com/jumo_back_prod:latest | |
| deploy: | |
| needs: build-docker-image | |
| runs-on: [prod] | |
| steps: | |
| - name: ecr get-login-password | |
| run: | | |
| aws ecr get-login-password --region ${{ secrets.AWS_REGION }} | docker login --username AWS --password-stdin ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com/jumo_back_prod | |
| - name: Pull Docker image from AWS ECR | |
| run: | | |
| docker pull ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com/jumo_back_dev:latest | |
| - name: stop Docker system | |
| run: | | |
| sudo docker stop $(sudo docker ps -aq) || true | |
| - name: Run new Docker container | |
| run: | | |
| docker run --rm -it -d -p 80:8080 --name jumo_back_prod ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com/jumo_back_prod:latest | |
| - name: Clean up unused Docker images after deployment | |
| run: | | |
| sudo docker image prune -a -f || true |