Skip to content
Deploy workflow on production environment

현재까지 개발된 사항 메인 브랜치 통합 #45

Sign in to view logs

현재까지 개발된 사항 메인 브랜치 통합

현재까지 개발된 사항 메인 브랜치 통합 #45

Workflow file for this run

.github/workflows/ci.cd.prod.yml at 5a7087a
name: Deploy workflow on production environment
on:
pull_request:
branches:
- main
types:
- closed
workflow_dispatch: # 수동 실행 가능
# 병합됐을 때
jobs:
Build:
runs-on: ubuntu-latest
steps:
# 체크아웃
- uses: actions/checkout@v4
# Gradle 권한 설정
- name: Grant execute permission for gradlew
run: chmod +x ./gradlew
# JDK 21 세팅
- name: Set up JDK 21
uses: actions/setup-java@v4
with:
java-version: 21
distribution: 'temurin'
# application.yml 운영 환경 용 생성
- name: Make application.yml
run: |
mkdir -p ./src/main/resources
chmod -R 777 ./src/main/resources
cd ./src/main/resources
touch ./application.yml
touch ./application-prod.yml
touch ./application-prod-secret.yml
echo "${{ secrets.PROD_COMMON }}" | base64 --decode > ./application.yml
echo "${{ secrets.PROD }}" | base64 --decode > ./application-prod.yml
echo "${{ secrets.PROD_SECRET }}" | base64 --decode > ./application-prod-secret.yml
# Gradle cache 설정
- name: Cache Gradle packages
uses: actions/cache@v4
with:
path: ~/.gradle/caches
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
restore-keys: ${{ runner.os }}-gradle
- name: MySQL 컨테이너 실행
run: |
docker run --name log4u-mysql \
-e MYSQL_ROOT_PASSWORD=root \
-e MYSQL_DATABASE=log4u \
-e MYSQL_USER=dev \
-e MYSQL_PASSWORD=devcos4-team08 \
-d \
-p 3307:3306 \
mysql:8.0.33
- name: Build and analyze
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
DB_URL: jdbc:mysql://localhost:3307/log4u
DB_USERNAME: dev
DB_PASSWORD: devcos4-team08
# 테스트용으로 dev 프로필 사용(시크릿 제외하고 prod 와 동일)
run: |
chmod +x ./gradlew
./gradlew build jacocoTestReport -Pprofile=dev
- name: Docker MySQL 종료 및 제거
run: |
docker stop log4u-mysql
docker rm log4u-mysql
# AWS 인증 (IAM 사용자 Access Key, Secret Key 활용)
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Secret 파일 수동 생성
run: |
mkdir -p ./src/main/resources
echo "${{ secrets.PROD_SECRET }}" | base64 --decode > ./src/main/resources/application-prod-secret.yml
mkdir -p ./deploy-package/src/main/resources
rsync -av --exclude='deploy-package' ./ ./deploy-package
cp ./src/main/resources/application-prod-secret.yml ./deploy-package/src/main/resources/application-prod-secret.yml
- name: 빌드 결과 수동 생성
run: |
mkdir -p ./deploy-package/build/libs
cp build/libs/Log4U-0.0.1-SNAPSHOT.jar ./deploy-package/build/libs/
# 빌드 결과물을 S3 버킷에 업로드
- name: Upload to AWS S3
run: |
aws deploy push \
--application-name ${{ secrets.CODE_DEPLOY_APP_NAME }} \
--ignore-hidden-files \
--s3-location s3://${{ secrets.S3_BUCKET_NAME }}/prod/${{ github.sha }}.zip \
--source ./deploy-package
# S3 버킷에 있는 파일을 대상으로 CodeDeploy 실행
- name: Deploy to AWS EC2 from S3g
run: |
aws deploy create-deployment \
--application-name ${{ secrets.CODE_DEPLOY_APP_NAME }} \
--deployment-config-name CodeDeployDefault.AllAtOnce \
--deployment-group-name ${{ secrets.CODE_DEPLOY_DEPLOYMENT_GROUP_NAME }} \
--s3-location bucket=${{ secrets.S3_BUCKET_NAME }},key=prod/${{ github.sha }}.zip,bundleType=zip
# 향후 빌드 파일 개선용 주석
# - name: 필요한 파일 수동 생성
# run: |
# mkdir -p ./deploy-package/src/main/resources
#
# # appspec.yml 복사
# cp ./appspec.yml ./deploy-package/
#
# # scripts 디렉토리 및 내부 .sh 파일 복사
# cp -r ./scripts/*.sh ./deploy-package/
#
# # yml 복사
# cp ./src/main/resources/application*.yml ./deploy-package/
#
# # jar 복사
# cp ./build/libs/Log4U-0.0.1-SNAPSHOT.jar ./deploy-package/