Merge pull request #125 from prgrms-web-devcourse-final-project/feat#113 #9
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD Pipeline | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - develop | |
| pull_request: | |
| branches: | |
| - main | |
| env: | |
| AWS_REGION: ap-northeast-2 | |
| JAVA_VERSION: 21 | |
| jobs: | |
| test: | |
| name: Run Tests | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Make gradlew executable | |
| run: chmod +x ./gradlew | |
| - name: Set up JDK 21 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '21' | |
| distribution: 'temurin' | |
| - name: Setup Gradle | |
| uses: gradle/gradle-build-action@v2 | |
| - name: Build application | |
| run: ./gradlew build -x test --no-daemon | |
| - name: Upload test results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: test-results | |
| path: build/test-results/ | |
| if-no-files-found: ignore | |
| build: | |
| name: Build and Push Image | |
| runs-on: ubuntu-latest | |
| needs: test | |
| if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/develop' | |
| outputs: | |
| image: ${{ steps.image.outputs.image }} | |
| tag: ${{ steps.image.outputs.tag }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set environment | |
| id: env | |
| run: | | |
| if [[ $GITHUB_REF == 'refs/heads/main' ]]; then | |
| echo "environment=prod" >> $GITHUB_OUTPUT | |
| else | |
| echo "environment=dev" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v1 | |
| - name: Build, tag, and push image to Amazon ECR | |
| id: image | |
| env: | |
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| ENVIRONMENT: ${{ steps.env.outputs.environment }} | |
| PG_TOSS_CLIENT_KEY: ${{ secrets.PG_TOSS_CLIENT_KEY }} | |
| PG_TOSS_SECRET_KEY: ${{ secrets.PG_TOSS_SECRET_KEY }} | |
| run: | | |
| IMAGE_TAG=$GITHUB_SHA | |
| IMAGE_URI=$ECR_REGISTRY/team12-ecr-1:$IMAGE_TAG | |
| docker build \ | |
| --build-arg PG_TOSS_SECRET_KEY=${{ env.PG_TOSS_SECRET_KEY }} \ | |
| --build-arg PG_TOSS_CLIENT_KEY=${{ env.PG_TOSS_CLIENT_KEY }} \ | |
| -t $IMAGE_URI . | |
| docker push $IMAGE_URI | |
| echo "image=$IMAGE_URI" >> $GITHUB_OUTPUT | |
| echo "tag=$IMAGE_TAG" >> $GITHUB_OUTPUT | |
| # Also tag as latest | |
| docker tag $IMAGE_URI $ECR_REGISTRY/team12-ecr-1:latest | |
| docker push $ECR_REGISTRY/team12-ecr-1:latest | |
| deploy-dev: | |
| name: Deploy to Development | |
| runs-on: ubuntu-latest | |
| needs: build | |
| if: github.ref == 'refs/heads/develop' | |
| environment: development | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Deploy Application | |
| run: | | |
| # Trigger instance refresh to deploy new version | |
| aws autoscaling start-instance-refresh \ | |
| --auto-scaling-group-name team12-asg-1 \ | |
| --preferences '{"MinHealthyPercentage": 50}' | |
| echo "Deployment initiated for team12-asg-1" | |
| echo "Instance refresh started. Waiting 5 minutes for deployment..." | |
| sleep 300 | |
| - name: Health Check | |
| run: | | |
| echo "Running health check on https://api.bid-market.shop" | |
| for i in {1..30}; do | |
| if curl -f https://api.bid-market.shop/actuator/health; then | |
| echo "Health check passed!" | |
| exit 0 | |
| fi | |
| echo "Waiting for application... ($i/30)" | |
| sleep 10 | |
| done | |
| echo "Health check failed!" | |
| exit 1 | |
| deploy-prod: | |
| name: Deploy to Production | |
| runs-on: ubuntu-latest | |
| needs: build | |
| if: github.ref == 'refs/heads/main' | |
| environment: production | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v2 | |
| with: | |
| terraform_version: 1.5.0 | |
| - name: Terraform Init | |
| run: | | |
| cd terraform/environments/prod | |
| terraform init | |
| - name: Terraform Apply | |
| run: | | |
| cd terraform/environments/prod | |
| terraform apply -auto-approve | |
| - name: Deploy Application | |
| run: | | |
| # Trigger instance refresh to deploy new version (Production) | |
| aws autoscaling start-instance-refresh \ | |
| --auto-scaling-group-name team12-asg-1 \ | |
| --preferences '{"MinHealthyPercentage": 90, "InstanceWarmup": 300}' | |
| echo "Production deployment initiated for team12-asg-1" | |
| echo "Instance refresh started. Waiting 8 minutes for deployment..." | |
| sleep 480 | |
| - name: Health Check | |
| run: | | |
| echo "Running health check on https://api.bid-market.shop" | |
| for i in {1..30}; do | |
| if curl -f https://api.bid-market.shop/actuator/health; then | |
| echo "Production deployment successful!" | |
| exit 0 | |
| fi | |
| echo "Waiting for application... ($i/30)" | |
| sleep 10 | |
| done | |
| echo "Health check failed!" | |
| exit 1 |