README.md 작성 (3) 인프라 구조 #24
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Execute CD | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: [ "develop" ] | |
| permissions: | |
| contents: read | |
| # 변수 선언 | |
| env: | |
| BUCKET_NAME: space-club-be-bucket | |
| DIRECTORY_NAME: space-club-be-directory | |
| CODE_DEPLOY_APP_NAME: space-club-be-deploy | |
| DEPLOYMENT_GROUP_NAME: space-club-be-deploy-group | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check Repo code With Submodules | |
| uses: actions/checkout@v3 | |
| with: | |
| submodules: 'true' | |
| token: ${{secrets.GH_ACCESS_TOKEN}} | |
| - name: Set encrypt Secret key | |
| run: echo ${{ secrets.encrypt }} > scripts/properties.sh | |
| shell: bash | |
| - name: Setup JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| - name: Cache Gradle packages # gradle cache를 통한 workflow 속도 개선 | |
| uses: actions/cache@v2 | |
| with: | |
| path: | | |
| ~/.gradle/caches | |
| ~/.gradle/wrapper | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: | | |
| ${{ runner.os }}-gradle- | |
| - name: Permission for gradlew | |
| run: chmod +x ./gradlew | |
| shell: bash | |
| - name: Gradle Build Action | |
| uses: gradle/gradle-build-action@bd5760595778326ba7f1441bcf7e88b49de61a25 | |
| with: | |
| arguments: bootJar | |
| - name: Make Zip File # appspec.yml, scripts 폴더, jar 파일, bad_word_list.txt만 압축 | |
| run: zip -qq -r ./$GITHUB_SHA.zip ./appspec.yml ./scripts/ ${{ env.JAR_PATH }} ${{ env.FORBIDDEN_WORD_LIST }} | |
| shell: bash | |
| env: | |
| JAR_PATH: ./build/libs/*SNAPSHOT.jar | |
| FORBIDDEN_WORD_LIST: ./src/main/resources/secrets/bad_word_list.txt | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v3 | |
| with: | |
| aws-access-key-id: ${{ secrets.ACCESS_KEY }} | |
| aws-secret-access-key: ${{ secrets.PRIVATE_KEY }} | |
| aws-region: ap-northeast-2 | |
| - name: Upload to S3 | |
| run: aws s3 cp --region ap-northeast-2 ./$GITHUB_SHA.zip s3://$BUCKET_NAME/$DIRECTORY_NAME/$GITHUB_SHA.zip | |
| - name: Deploy to EC2 Instance | |
| run: aws deploy create-deployment --application-name $CODE_DEPLOY_APP_NAME --deployment-group-name $DEPLOYMENT_GROUP_NAME --deployment-config-name CodeDeployDefault.OneAtATime --s3-location bucket=$BUCKET_NAME,bundleType=zip,key=$DIRECTORY_NAME/$GITHUB_SHA.zip |