|
1 | | -name: Deploy purchase API to ECS |
| 1 | +name: deploy-purchase-to-ecs |
2 | 2 |
|
3 | 3 | on: |
4 | 4 | push: |
5 | | - branches: ["main"] |
6 | | - workflow_dispatch: |
| 5 | + branches: [ "main" ] |
7 | 6 |
|
8 | 7 | env: |
9 | | - AWS_REGION: ${{ secrets.AWS_REGION }} |
10 | | - ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} |
11 | | - ECS_CLUSTER: ${{ secrets.ECS_CLUSTER }} |
12 | | - ECS_SERVICE: ${{ secrets.ECS_SERVICE }} |
13 | | - CONTAINER_NAME: ${{ secrets.CONTAINER_NAME }} |
14 | | - IMAGE_TAG_PREFIX: purchase |
| 8 | + AWS_REGION: ap-northeast-2 |
| 9 | + ECR_REPOSITORY: shop-repo |
| 10 | + ECS_CLUSTER: shop-cluster |
| 11 | + ECS_SERVICE: purchase-api-service |
| 12 | + CONTAINER_NAME: purchase |
15 | 13 |
|
16 | 14 | jobs: |
17 | 15 | deploy: |
18 | 16 | runs-on: ubuntu-latest |
| 17 | + permissions: |
| 18 | + id-token: write |
| 19 | + contents: read |
| 20 | + |
19 | 21 | steps: |
20 | 22 | - uses: actions/checkout@v4 |
21 | 23 |
|
22 | | - - name: Set IMAGE_TAG |
23 | | - id: vars |
24 | | - run: echo "IMAGE_TAG=${{ env.IMAGE_TAG_PREFIX }}-${GITHUB_SHA::7}" >> $GITHUB_OUTPUT |
25 | | - |
26 | | - - name: Configure AWS credentials |
27 | | - uses: aws-actions/configure-aws-credentials@v4 |
| 24 | + - uses: aws-actions/configure-aws-credentials@v4 |
28 | 25 | with: |
| 26 | + # access key 사용 시 |
29 | 27 | aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} |
30 | 28 | aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} |
31 | 29 | aws-region: ${{ env.AWS_REGION }} |
32 | 30 |
|
33 | | - - name: Login to Amazon ECR |
34 | | - id: login-ecr |
35 | | - uses: aws-actions/amazon-ecr-login@v1 |
36 | | - |
37 | | - - name: Build image |
38 | | - run: docker build -t ${{ steps.login-ecr.outputs.registry }}/${{ env.ECR_REPOSITORY }}:${{ steps.vars.outputs.IMAGE_TAG }} . |
| 31 | + - id: login-ecr |
| 32 | + uses: aws-actions/amazon-ecr-login@v2 |
39 | 33 |
|
40 | | - - name: Push image |
41 | | - run: docker push ${{ steps.login-ecr.outputs.registry }}/${{ env.ECR_REPOSITORY }}:${{ steps.vars.outputs.IMAGE_TAG }} |
| 34 | + - name: Build & Push |
| 35 | + run: | |
| 36 | + IMAGE_URI=${{ steps.login-ecr.outputs.registry }}/${ECR_REPOSITORY}:${GITHUB_SHA} |
| 37 | + docker build -t ${ECR_REPOSITORY}:${GITHUB_SHA} . |
| 38 | + docker tag ${ECR_REPOSITORY}:${GITHUB_SHA} ${IMAGE_URI} |
| 39 | + docker push ${IMAGE_URI} |
| 40 | + echo "IMAGE_URI=${IMAGE_URI}" >> $GITHUB_ENV |
42 | 41 |
|
43 | | - - name: Render task definition |
44 | | - id: render |
| 42 | + - id: render |
45 | 43 | uses: aws-actions/amazon-ecs-render-task-definition@v1 |
46 | 44 | with: |
47 | | - task-definition: ecs-taskdef.json |
| 45 | + task-definition: .github/ecs/task-definition.json |
48 | 46 | container-name: ${{ env.CONTAINER_NAME }} |
49 | | - image: ${{ steps.login-ecr.outputs.registry }}/${{ env.ECR_REPOSITORY }}:${{ steps.vars.outputs.IMAGE_TAG }} |
| 47 | + image: ${{ env.IMAGE_URI }} |
50 | 48 |
|
51 | | - - name: Deploy ECS task definition |
| 49 | + - name: Deploy |
52 | 50 | uses: aws-actions/amazon-ecs-deploy-task-definition@v2 |
53 | 51 | with: |
54 | 52 | task-definition: ${{ steps.render.outputs.task-definition }} |
|
0 commit comments