Merge pull request #73 from next-engineer/feature/72-docs-readme-update #4
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: ECR - Build & Push | |
| on: | |
| push: | |
| branches: [develop] | |
| workflow_dispatch: | |
| concurrency: | |
| group: ecr-main | |
| cancel-in-progress: false | |
| permissions: | |
| contents: write # repository_dispatch에 필요 | |
| env: | |
| AWS_REGION: ap-northeast-2 | |
| ECR_REPOSITORY: kickytime-repo | |
| jobs: | |
| build_and_push: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Configure AWS credentials (Access Keys) | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Login to Amazon ECR | |
| id: ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Set TAG from commit SHA | |
| id: tag | |
| run: echo "TAG=${GITHUB_SHA::12}" >> $GITHUB_OUTPUT | |
| - name: Build & Push ARM64 image | |
| id: build | |
| run: | | |
| set -e | |
| REGISTRY="${{ steps.ecr.outputs.registry }}" | |
| TAG="${{ steps.tag.outputs.TAG }}" | |
| IMAGE_URI="$REGISTRY/${{ env.ECR_REPOSITORY }}:$TAG" | |
| LATEST_URI="$REGISTRY/${{ env.ECR_REPOSITORY }}:latest" | |
| docker buildx build \ | |
| --platform linux/arm64 \ | |
| --push \ | |
| --tag "$IMAGE_URI" \ | |
| --tag "$LATEST_URI" \ | |
| . | |
| echo "IMAGE_URI=$IMAGE_URI" >> $GITHUB_OUTPUT | |
| - name: Verify ARM64 architecture | |
| run: | | |
| REGISTRY="${{ steps.ecr.outputs.registry }}" | |
| TAG="${{ steps.tag.outputs.TAG }}" | |
| IMAGE_URI="$REGISTRY/${{ env.ECR_REPOSITORY }}:$TAG" | |
| ARCH=$(docker manifest inspect "$IMAGE_URI" | jq -r '.manifests[0].platform.architecture // .architecture') | |
| [ "$ARCH" = "arm64" ] || (echo "Expected arm64, got $ARCH" && exit 1) | |
| # repository_dispatch 전송 + HTTP 204 확인 | |
| - name: Trigger ECS Deploy via repository_dispatch | |
| if: success() | |
| run: | | |
| set -e | |
| image_uri="${{ steps.build.outputs.IMAGE_URI }}" | |
| tag="${{ steps.tag.outputs.TAG }}" | |
| branch="${{ github.ref_name }}" | |
| sha="${{ github.sha }}" | |
| resp=$(curl -s -o /tmp/resp.txt -w "%{http_code}" -X POST \ | |
| "https://api.github.com/repos/${{ github.repository }}/dispatches" \ | |
| -H "Accept: application/vnd.github+json" \ | |
| -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ | |
| -d "{\"event_type\":\"deploy-ecs\",\"client_payload\":{\"image_uri\":\"$image_uri\",\"tag\":\"$tag\",\"branch\":\"$branch\",\"sha\":\"$sha\"}}") | |
| [ "$resp" = "204" ] || (cat /tmp/resp.txt && exit 1) | |
| resp2=$(curl -s -o /tmp/resp2.txt -w "%{http_code}" -X POST \ | |
| "https://api.github.com/repos/${{ github.repository }}/dispatches" \ | |
| -H "Accept: application/vnd.github+json" \ | |
| -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ | |
| -d "{\"event_type\":\"deploy-ec2\",\"client_payload\":{\"image_uri\":\"$image_uri\",\"tag\":\"$tag\",\"branch\":\"$branch\",\"sha\":\"$sha\"}}") | |
| [ "$resp2" = "204" ] || (cat /tmp/resp2.txt && exit 1) | |
| - name: Summary | |
| run: | | |
| echo "### ✅ ECR Push & Dispatch OK" >> $GITHUB_STEP_SUMMARY | |
| echo "- Repo: \`${{ env.ECR_REPOSITORY }}\`" >> $GITHUB_STEP_SUMMARY | |
| echo "- Tag: \`${{ steps.tag.outputs.TAG }}\`" >> $GITHUB_STEP_SUMMARY | |
| echo "- Image: \`${{ steps.build.outputs.IMAGE_URI }}\`" >> $GITHUB_STEP_SUMMARY | |
| echo "- Sent: \`repository_dispatch: deploy-ecs\`" >> $GITHUB_STEP_SUMMARY | |
| echo "- Sent: \`repository_dispatch: deploy-ec2\`" >> $GITHUB_STEP_SUMMARY |