feat: app/ 에 쓰기 권한 부여 #6
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD Pipeline | |
| #on: | |
| # push: | |
| # branches: | |
| # - main | |
| on: | |
| push: | |
| branches: | |
| - feature/setup-cd | |
| jobs: | |
| build-and-test: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: get repository code | |
| uses: actions/checkout@v4 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| - name: Setup Gradle | |
| uses: gradle/actions/setup-gradle@v3 | |
| with: | |
| cache-write-only: true | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x gradlew | |
| - name: build code and test | |
| run: ./gradlew clean build | |
| - name: Set up AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-region: ap-northeast-2 | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| - name: Download New Relic Files | |
| run: | | |
| mkdir -p newrelic | |
| aws s3 cp s3://newzet-newrelic/newrelic.jar ./newrelic/newrelic.jar | |
| aws s3 cp s3://newzet-newrelic/newrelic.yml ./newrelic/newrelic.yml | |
| - name: Login to DockerHub | |
| uses: docker/login-action@v1 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Build image and push image to Docker Hub | |
| env: | |
| DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} | |
| IMAGE_TAG: ${{ github.sha }} | |
| run: | | |
| docker build -t "$DOCKERHUB_USERNAME/newzet-apm:$IMAGE_TAG" . | |
| docker push "$DOCKERHUB_USERNAME/newzet-apm:$IMAGE_TAG" | |
| echo "IMAGE_TAG=$IMAGE_TAG" >> $GITHUB_ENV | |
| - name: Start Canary EC2 | |
| run: | | |
| aws ec2 start-instances --instance-ids ${{ secrets.AWS_CANARY_EC2_ID }} | |
| aws ec2 wait instance-running --instance-ids ${{ secrets.AWS_CANARY_EC2_ID }} | |
| - name: Ensure app directory exists on Canary EC2 | |
| uses: appleboy/ssh-action@master | |
| with: | |
| host: ${{ secrets.AWS_CANARY_EC2_HOST }} | |
| username: ubuntu | |
| key: ${{ secrets.AWS_EC2_SSH_KEY }} | |
| script: | | |
| mkdir -p /home/ubuntu/app | |
| chmod -R 755 /home/ubuntu/app | |
| - name: Upload files to Canary EC2 | |
| uses: appleboy/scp-action@master | |
| with: | |
| host: ${{ secrets.AWS_CANARY_EC2_HOST }} | |
| username: ubuntu | |
| key: ${{ secrets.AWS_EC2_SSH_KEY }} | |
| source: "docker-compose.yml,deploy.sh" | |
| target: "/home/ubuntu/app/" | |
| - name: Deploy to Canary EC2 | |
| uses: appleboy/ssh-action@master | |
| with: | |
| host: ${{ secrets.AWS_CANARY_EC2_HOST }} | |
| username: ubuntu | |
| key: ${{ secrets.AWS_EC2_SSH_KEY }} | |
| script: | | |
| chmod +x /home/ubuntu/app/deploy.sh | |
| /home/ubuntu/app/deploy.sh ${{ env.IMAGE_TAG }} | |
| - name: Register Canary EC2 to ALB | |
| run: | | |
| aws elbv2 register-targets \ | |
| --target-group-arn ${{ secrets.AWS_CANARY_TG_ARN }} \ | |
| --targets Id=${{ secrets.AWS_CANARY_EC2_ID }},Port=8080 | |
| aws elbv2 modify-listener \ | |
| --listener-arn ${{ secrets.AWS_ALB_LISTENER_ARN }} \ | |
| --default-actions '[{"Type":"forward","ForwardConfig":{"TargetGroups":[{"TargetGroupArn":"${{ secrets.AWS_LIVE_TG_ARN }}","Weight":80},{"TargetGroupArn":"${{ secrets.AWS_CANARY_TG_ARN }}","Weight":20}]}}' |