Merge branch 'main' into develop #87
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Default Setting | |
| name: Build and Deploy to DEV | |
| on: | |
| push: | |
| branches: [ "develop" ] | |
| # 환경 변수 $변수명으로 사용 | |
| env: | |
| PROJECT_NAME: "devdevdev" | |
| BUCKET_NAME: "dev-devdevdev-cicd-bucket" | |
| CODE_DEPLOY_APP: "dev-devdevdev-server" | |
| CODE_DEPLOY_DEPLOYMENT_GROUP: "dev-devdevdev-server-deployment-group" | |
| jobs: | |
| build: | |
| name: Build and Deploy to EC2 | |
| # 실행 환경 설정 | |
| runs-on: ubuntu-latest | |
| # 차례대로 실행 | |
| steps: | |
| # 작업에서 액세스할 수 있도록 $GITHUB_WORKSPACE에서 저장소를 체크아웃합니다. | |
| - uses: actions/checkout@v3 | |
| ## open jdk 21 버전 환경 세팅 | |
| - name: Set up JDK 21 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: 21 | |
| distribution: corretto | |
| # 환경파일 작성 : github에 올리지 못하는 정보의 설정파일을 runner에 삽입 | |
| ## create application-prod.yml | |
| - name: make application-dev.yml | |
| run: | | |
| ## create application-dev.yml | |
| cd ./src/main/resources | |
| echo "${{ secrets.application_dev }}" >> ./application-dev.yml | |
| echo "${{ secrets.application_jwt_dev }}" >> ./application-jwt-dev.yml | |
| echo "${{ secrets.application_oauth2_dev }}" >> ./application-oauth2-dev.yml | |
| echo "${{ secrets.application_storage_s3_dev }}" >> ./application-storage-s3-dev.yml | |
| echo "${{ secrets.application_open_ai }}" >> ./application-open-ai.yml | |
| echo "${{ secrets.application_opensearch_dev }}" >> ./application-opensearch-dev.yml | |
| # Dockerfile-dev 주입 | |
| - name: make Dockerfile-dev | |
| run: | | |
| cd $GITHUB_WORKSPACE | |
| ls | |
| rm -f Dockerfile | |
| cat ./Dockerfile-dev >> ./Dockerfile | |
| # appspec.yml, deploy.sh 주입 | |
| - name: make appspec.yml, deploy.sh | |
| run: | | |
| cd $GITHUB_WORKSPACE | |
| ls | |
| rm -f appspec.yml | |
| rm -f deploy.sh | |
| cat ./appspec-dev.yml >> ./appspec.yml | |
| cat ./deploy-dev.sh >> ./deploy.sh | |
| ## 테스트 코드에도 sotrage-s3, open-ai 가 필요함! | |
| - name: make application-test.yml | |
| run: | | |
| cd ./src/test/resources | |
| echo "${{ secrets.application_storage_s3 }}" >> ./application-storage-s3.yml | |
| echo "${{ secrets.application_open_ai }}" >> ./application-open-ai.yml | |
| echo "${{ secrets.application_opensearch_test }}" >> ./application-opensearch-test.yml | |
| shell: bash | |
| ## Springboot 프로젝트 빌드 | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x ./gradlew | |
| - name: Build and Test with Gradle | |
| run: ./gradlew bootJar | |
| # build한 후 프로젝트 코드 압축 | |
| - name: Make zip file | |
| run: zip -r ./$PROJECT_NAME.zip . | |
| shell: bash | |
| # aws 인증서비스 | |
| # github repository에서 Setting에서 사용할 암호화된 변수 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| aws-access-key-id: ${{ secrets.DEV_AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.DEV_AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| # S3에 빌드파일 업로드 | |
| - name: Upload to S3 | |
| run: aws s3 cp $PROJECT_NAME.zip s3://$BUCKET_NAME/deploy/$PROJECT_NAME.zip --region ap-northeast-2 | |
| ## CodeDeploy로 EC2에 서버 배포 | |
| - name: Code Deploy | |
| run: > | |
| aws deploy create-deployment --application-name $CODE_DEPLOY_APP | |
| --deployment-config-name CodeDeployDefault.AllAtOnce | |
| --deployment-group-name $CODE_DEPLOY_DEPLOYMENT_GROUP | |
| --s3-location bucket=$BUCKET_NAME,bundleType=zip,key=deploy/$PROJECT_NAME.zip | |
| ## Slack에 cicd 결과 전송 | |
| - name: action-slack | |
| uses: 8398a7/action-slack@v3 | |
| with: | |
| status: ${{ job.status }} | |
| author_name: "[DEV] 배포 결과를 알려드려요" # default: 8398a7@action-slack | |
| fields: repo,message,commit,author,eventName,ref,took | |
| env: | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} # required | |
| if: always() # Pick up events even if the job fails or is canceled. |