Update cicd-dev.yml #37
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI/CD | ||
on: | ||
push: | ||
branches: [ "develop" ] | ||
permissions: | ||
contents: read | ||
jobs: | ||
build: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Gradle 캐싱 | ||
uses: actions/cache@v3 | ||
with: | ||
path: | | ||
~/.gradle/caches | ||
~/.gradle/wrapper | ||
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | ||
restore-keys: ${{ runner.os }}-gradle- | ||
- uses: actions/checkout@v3 | ||
- name: java 코드 빌드 jdk 17 설정 | ||
uses: actions/setup-java@v3 | ||
with: | ||
java-version: '17' | ||
distribution: 'temurin' | ||
- name: application.yml 생성 | ||
run: | | ||
cd ./src/main/resources | ||
touch ./application-dev.yml | ||
echo "${{ secrets.APPLICATION_DEV_YML }}" > ./application-dev.yml | ||
cd ../../test | ||
mkdir resources | ||
cd ./resources | ||
touch ./application.yml | ||
echo "${{ secrets.APPLICATION_TEST_YML }}" > ./application.yml | ||
shell: bash | ||
- name: gradlew 권한 부여 | ||
run: chmod +x ./gradlew | ||
- name: Gradle 셋업 | ||
uses: gradle/gradle-build-action@bd5760595778326ba7f1441bcf7e88b49de61a25 # v2.6.0 | ||
- name: Gradle 빌드 | ||
run: ./gradlew build | ||
- name: AWS Configure 설정 | ||
uses: aws-actions/configure-aws-credentials@v4 | ||
with: | ||
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | ||
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | ||
aws-region: ap-northeast-2 | ||
- name: ECR 로그인 | ||
id: login-ecr | ||
uses: aws-actions/amazon-ecr-login@v2 | ||
- name: docker 빌드 및 ECR push | ||
id: build-image | ||
env: | ||
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | ||
ECR_REPOSITORY: shypolarbear-server | ||
IMAGE_TAG: ${{ github.sha }} | ||
run: | | ||
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . | ||
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG | ||
echo "IMAGE_NAME=$ECR_REGISTRY/$ECR_REPOSITORY" >> $GITHUB_OUTPUT | ||
echo "IMAGE_TAG=$IMAGE_TAG" >> $GITHUB_OUTPUT | ||
- name: get GitHub IP | ||
id: ip | ||
uses: haythem/[email protected] | ||
- name: Add Github Actions IP to Security group | ||
run: | | ||
aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32 | ||
- name: ECR image pull & EC2 Server 실행 | ||
uses: appleboy/ssh-action@master | ||
env: | ||
IMAGE_NAME : ${{ steps.build-image.outputs.IMAGE_NAME}} | ||
IMAGE_TAG : ${{ steps.build-image.outputs.IMAGE_TAG}} | ||
AWS_ACCOUNT: ${{ secrets.AWS_ACCOUNT }} | ||
with: | ||
host: ${{ secrets.EC2_DEV_HOST }} | ||
username: ec2-user | ||
key: ${{ secrets.EC2_DEV_KEY }} | ||
envs: IMAGE_NAME, IMAGE_TAG, AWS_ACCOUNT | ||
script: | | ||
aws ecr get-login-password --region ap-northeast-2 | docker login --username AWS --password-stdin $AWS_ACCOUNT | ||
docker pull $IMAGE_NAME:$IMAGE_TAG | ||
docker image tag $IMAGE_NAME:$IMAGE_TAG shypolarbear-server | ||
docker rm -f $(docker ps -qa) | ||
docker run -it -d -p 8080:8080 --name shypolarbear-server shypolarbear-server | ||
- name: Remove IP FROM security group | ||
run: | | ||
aws ec2 revoke-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32 | ||
- name: Send JANDI Notification | ||
run: | | ||
Check failure on line 106 in .github/workflows/cicd-dev.yml GitHub Actions / CI/CDInvalid workflow file
|
||
curl -X POST -H "Content-Type: application/json" -d '{ | ||
"body": "PR 빌드 및 테스트 결과: '${{ job.status }}'", | ||
"connectColor": "'${{ job.status == 'success' ? '#2ECC71' : '#FF6347' }}'", | ||
"connectBlocks": [ | ||
{ | ||
"type": "section", | ||
"text": { | ||
"type": "mrkdwn", | ||
"text": "*CI/CD 결과: '"${{ job.status }}"'*" | ||
} | ||
}, | ||
{ | ||
"type": "section", | ||
"fields": [ | ||
{ | ||
"type": "mrkdwn", | ||
"text": "*PR 이름:*\n${{ github.event.pull_request.title }}" | ||
} | ||
] | ||
} | ||
] | ||
}' "https://wh.jandi.com/connect-api/webhook/${{ secrets.JANDI_TOKEN }}" |