feat: 스케줄 포지션 옵셔널로 변경 #137
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD | |
| on: | |
| push: | |
| branches: [ main, develop ] | |
| pull_request: | |
| branches: [ main, develop ] | |
| jobs: | |
| build-and-test: | |
| runs-on: ubuntu-latest | |
| services: | |
| postgres: | |
| image: postgres:16-alpine | |
| env: | |
| POSTGRES_USER: postgres | |
| POSTGRES_PASSWORD: postgres | |
| POSTGRES_DB: nemonemo | |
| options: >- | |
| --health-cmd pg_isready | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| ports: | |
| - 5432:5432 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x gradlew | |
| - name: Build with Gradle | |
| run: ./gradlew build | |
| env: | |
| FIREBASE_SERVICE_ACCOUNT_KEY_JSON_BASE64: ${{ secrets.FIREBASE_SERVICE_ACCOUNT_KEY_JSON_BASE64 }} | |
| FIREBASE_STORAGE_BUCKET: ${{ secrets.FIREBASE_STORAGE_BUCKET }} | |
| - name: Run tests | |
| run: ./gradlew test | |
| env: | |
| SPRING_DATASOURCE_URL: jdbc:postgresql://localhost:5432/nemonemo | |
| SPRING_DATASOURCE_USERNAME: postgres | |
| SPRING_DATASOURCE_PASSWORD: postgres | |
| SPRING_PROFILES_ACTIVE: test | |
| FIREBASE_SERVICE_ACCOUNT_KEY_JSON_BASE64: ${{ secrets.FIREBASE_SERVICE_ACCOUNT_KEY_JSON_BASE64 }} | |
| FIREBASE_STORAGE_BUCKET: ${{ secrets.FIREBASE_STORAGE_BUCKET }} | |
| build-and-push-docker: | |
| needs: build-and-test | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/develop') | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ secrets.DOCKER_USERNAME }}/nemonemo-backend | |
| tags: | | |
| type=ref,event=branch | |
| type=sha,prefix={{branch}}- | |
| type=raw,value=latest,enable={{is_default_branch}} | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| deploy: | |
| needs: build-and-push-docker | |
| runs-on: ubuntu-latest | |
| # main 브랜치 또는 deploy/ 로 시작하는 브랜치에서만 배포 실행 | |
| if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/deploy/')) | |
| permissions: | |
| id-token: write # OIDC 토큰 발급용 | |
| contents: read # 리포지토리 코드 읽기용 | |
| env: | |
| AWS_REGION: ${{ secrets.AWS_REGION }} # 예: ap-northeast-2 | |
| S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }} # 예: nemonemo-deploy-bucket | |
| S3_KEY: nemonemo-${{ github.sha }}.zip # S3에 업로드될 ZIP 파일 이름 | |
| CODEDEPLOY_APPLICATION_NAME: ${{ secrets.CODEDEPLOY_APPLICATION_NAME }} # CodeDeploy 애플리케이션 이름 | |
| CODEDEPLOY_DEPLOYMENT_GROUP: ${{ secrets.CODEDEPLOY_DEPLOYMENT_GROUP }} # CodeDeploy 배포 그룹 이름 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x gradlew | |
| - name: Build project (for CodeDeploy bundle) | |
| run: ./gradlew clean build | |
| - name: Create deployment bundle (ZIP) | |
| run: | | |
| echo "Creating ZIP bundle: $S3_KEY" | |
| zip -r "$S3_KEY" . \ | |
| -x "*.git*" \ | |
| -x "*/build/tmp/*" | |
| - name: Configure AWS credentials (OIDC) | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ secrets.AWS_ROLE_ARN }} # OIDC용 IAM Role ARN | |
| role-session-name: nemonemo-github-actions | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Upload bundle to S3 | |
| run: | | |
| echo "Uploading $S3_KEY to s3://$S3_BUCKET/$S3_KEY" | |
| aws s3 cp "$S3_KEY" "s3://$S3_BUCKET/$S3_KEY" | |
| - name: Deploy with CodeDeploy | |
| run: | | |
| echo "Creating deployment to CodeDeploy..." | |
| aws deploy create-deployment \ | |
| --application-name "${CODEDEPLOY_APPLICATION_NAME}" \ | |
| --deployment-group-name "${CODEDEPLOY_DEPLOYMENT_GROUP}" \ | |
| --deployment-config-name "CodeDeployDefault.AllAtOnce" \ | |
| --s3-location bucket="${S3_BUCKET}",key="${S3_KEY}",bundleType=zip \ | |
| --region "${AWS_REGION}" | |