chore: build ci/cd pipeline #1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD FOR DEVELOP | |
| on: | |
| push: | |
| branches: | |
| - develop | |
| env: | |
| DOCKERHUB_REPOSITORY: fontory-server | |
| jobs: | |
| CI: | |
| name: Continuous Integration | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Get short SHA | |
| id: slug | |
| run: echo "sha7=$(echo ${GITHUB_SHA} | cut -c1-7)" >> $GITHUB_OUTPUT | |
| - name: Discord Webhook Action | |
| uses: tsickert/[email protected] | |
| with: | |
| webhook-url: ${{ secrets.DISCORD_WEBHOOK_URL }} | |
| content: | | |
| New Commit[${{ steps.slug.outputs.sha7 }}] detected on branch ${{ github.ref_name }} | |
| Commit Link: https://github.com/${{ github.repository }}/commit/${{ github.sha }} | |
| GitHub Action Link: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| - name: Setup MySQL | |
| uses: mirromutth/[email protected] | |
| with: | |
| mysql database: 'TESTDB' | |
| mysql user: 'fontory' | |
| mysql password: 'fontoryPW' | |
| - name: Setup Redis | |
| uses: supercharge/[email protected] | |
| with: | |
| redis-version: 6 | |
| - name: Setup Gradle | |
| uses: gradle/actions/setup-gradle@417ae3ccd767c252f5661f1ace9f835f9654f2b5 # v3.1.0 | |
| - name: Generate application.properties | |
| run: | | |
| echo "commit.hash=${{ steps.slug.outputs.sha7 }}" >> ./src/main/resources/application-prod.properties | |
| echo "spring.datasource.url=jdbc:mysql://${{ secrets.DATASOURCE_DB_URL }}:3306/FONTORY?characterEncoding=UTF-8&serverTimezone=Asia/Seoul" >> ./src/main/resources/application-prod.properties | |
| echo "spring.datasource.username=${{ secrets.DATASOURCE_DB_USERNAME }}" >> ./src/main/resources/application-prod.properties | |
| echo "spring.datasource.password=${{ secrets.DATASOURCE_DB_PASSWORD }}" >> ./src/main/resources/application-prod.properties | |
| - name: Build with Gradle Wrapper | |
| run: ./gradlew build | |
| - name: Upload jar file to Artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: jar_files | |
| path: build/libs/*.jar | |
| - name: Upload Dockerfile to Artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: Dockerfile | |
| path: ./Dockerfile | |
| CD_Delivery: | |
| name: Delivery | |
| needs: CI | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Download jar file from Artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: jar_files | |
| path: build/libs | |
| - name: Download Dockerfile file from Artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: Dockerfile | |
| path: ./ | |
| - name: Log in to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| - name: Get short SHA | |
| id: slug | |
| run: echo "sha7=$(echo ${GITHUB_SHA} | cut -c1-7)" >> $GITHUB_OUTPUT | |
| - name: Build, tag, and push image to DockerHub | |
| id: build-image | |
| env: | |
| USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
| IMAGE_TAG: ${{ steps.slug.outputs.sha7 }} | |
| run: | | |
| docker build -t $USERNAME/$DOCKERHUB_REPOSITORY:$IMAGE_TAG -t $USERNAME/$DOCKERHUB_REPOSITORY:latest . | |
| docker push $USERNAME/$DOCKERHUB_REPOSITORY --all-tags | |
| echo "image=$USERNAME/$DOCKERHUB_REPOSITORY:$IMAGE_TAG&latest" >> $GITHUB_OUTPUT | |
| CD_Deploy: | |
| name: Deploy | |
| needs: CD_Delivery | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Get short SHA | |
| id: slug | |
| run: echo "sha7=$(echo ${GITHUB_SHA} | cut -c1-7)" >> $GITHUB_OUTPUT | |
| - name: Executing remote ssh commands | |
| uses: appleboy/[email protected] # ssh 접속하는 오픈소스 | |
| with: | |
| host: ${{ secrets.REMOTE_IP }} # 인스턴스 IP | |
| username: ${{ secrets.REMOTE_USER }} # 우분투 아이디 | |
| key: ${{ secrets.REMOTE_PRIVATE_KEY }} # ec2 instance pem key | |
| port: ${{ secrets.REMOTE_SSH_PORT }} # 접속포트 | |
| script: | # 실행할 스크립트 | |
| cd /home/ubuntu/cicd/scripts | |
| ./rolling-update.sh | |
| - name: Discord Webhook Action | |
| uses: tsickert/[email protected] | |
| with: | |
| webhook-url: ${{ secrets.DISCORD_WEBHOOK_URL }} | |
| content: | | |
| :o: Server successfully updated! | |
| Commit: [${{ github.sha }}] | |
| Branch: ${{ github.ref_name }} | |
| Commit Link: https://github.com/${{ github.repository }}/commit/${{ github.sha }} | |
| GitHub Action Link: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} | |
| failure_notification: | |
| name: Failure Notification | |
| runs-on: ubuntu-latest | |
| if: failure() | |
| steps: | |
| - name: Discord Webhook Action on Failure | |
| uses: tsickert/[email protected] | |
| with: | |
| webhook-url: ${{ secrets.DISCORD_WEBHOOK_URL }} | |
| content: | | |
| :x: A job failed in the CI/CD pipeline! | |
| Commit: [${{ github.sha }}] | |
| Branch: ${{ github.ref_name }} | |
| Commit Link: https://github.com/${{ github.repository }}/commit/${{ github.sha }} | |
| GitHub Action Link: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} | |
| Please check the logs for more details. |