Merge pull request #30 from KONKUK-MAP-Service/feat-spot #23
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # workflow의 이름 | |
| name: CD | |
| # 해당 workflow가 언제 실행될 것인지에 대한 트리거를 지정 | |
| on: | |
| push: | |
| branches: | |
| - main # main branch로 push 될 때 실행됩니다. | |
| - cicd # cicd branch로 push 될 때도 실행됩니다. | |
| # 해당 yml 내에서 사용할 key - value | |
| env: | |
| S3_BUCKET_NAME: kusuk-bucket | |
| PROJECT_NAME: cicd | |
| jobs: | |
| build: | |
| name: CD | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| #githubsecrets yml 환경변수 주입. | |
| - name: Set Yaml | |
| uses: microsoft/variable-substitution@v1 | |
| with: | |
| files: ./src/main/resources/application.yml | |
| env: | |
| spring.datasource.url: ${{ secrets.DB_URL }} | |
| spring.datasource.username: ${{ secrets.DB_USERNAME }} | |
| spring.datasource.password: ${{ secrets.DB_PASSWORD }} | |
| spring.datasource.driver-class-name: ${{ secrets.DB_DRIVER }} | |
| spring.jwt.secret: ${{ secrets.JWT_SECRET }} | |
| spring.data.redis.host: ${{secrets.REDIS_HOST}} | |
| spring.data.redis.port: ${{secrets.REDIS_PORT}} | |
| spring.data.redis.password: ${{secrets.REDIS_PASSWORD}} | |
| spring.mail.username: ${{secrets.MAIL_USERNAME}} | |
| spring.mail.password: ${{secrets.MAIL_PASSWORD}} | |
| cloud.aws.credentials.accessKey: ${{secrets.S3_ACCESSKEY}} | |
| cloud.aws.credentials.secretKey: ${{secrets.S3_SECRETKEY}} | |
| cloud.aws.s3.bucketName: ${{secrets.S3_BUCKETNAME}} | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x ./gradlew | |
| shell: bash | |
| - name: Build with Gradle | |
| run: ./gradlew build -x test | |
| shell: bash | |
| - name: Make zip file | |
| run: zip -r ./$GITHUB_SHA.zip . | |
| shell: bash | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| # script files 복사 | |
| - name: Copy script | |
| run: cp ./scripts/*.sh ./deploy | |
| # S3에 업로드 | |
| - name: Upload to S3 | |
| run: aws s3 cp --region ap-northeast-2 ./$GITHUB_SHA.zip s3://$S3_BUCKET_NAME/$PROJECT_NAME/$GITHUB_SHA.zip | |
| # Deploy | |
| - name: Deploy | |
| run: | | |
| aws deploy create-deployment \ | |
| --application-name kusuk-project \ | |
| --deployment-config-name CodeDeployDefault.AllAtOnce \ | |
| --deployment-group-name cicd-kusuk \ | |
| --file-exists-behavior OVERWRITE \ | |
| --s3-location bucket=kusuk-bucket,bundleType=zip,key=cicd/$GITHUB_SHA.zip \ | |
| --region ap-northeast-2 \ | |