-
Notifications
You must be signed in to change notification settings - Fork 2
87 lines (81 loc) · 3.27 KB
/
prod-cicd.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
name: 프로덕션 워크플로우
on:
push:
branches: [ 'main' ]
paths:
- 'gateway/**' # Gateway 모듈 변경
- 'member/**' # Member 모듈 변경
- 'common/**' # Common 모듈 변경
- 'family/**' # Family 모듈 변경
- 'post/**' # Post 모듈 변경
- 'mission/**' # Mission 모듈 변경
- '.github/workflows/**' # 워크플로우와 관련된 파일이 변경된 경우
- 'build.gradle' # Parent Gradle 모듈 설정이 변경된 경우
- 'settings.gradle' # Parent Gradle 설정이 변경된 경우
env:
ECR_REPOSITORY_NAME: bibbi-backend-prod
SPRING_PROFILE: prod
ECS_SERVICE: bibbi-backend-prod
ECS_CLUSTER: bibbi-cluster-prod
ECR_TASK_DEFINITION: bibbi-backend-prod
concurrency:
group: production
jobs:
prepare-variables:
name: 환경변수 준비하기
runs-on: ubuntu-latest
outputs:
ecr-repository-name: ${{ steps.setup-env.outputs.ecr-repository-name }}
image-tag: ${{ steps.setup-env.outputs.image-tag }}
spring-profile: ${{ steps.setup-env.outputs.spring-profile }}
ecs-service: ${{ env.ECS_SERVICE }}
ecs-cluster: ${{ env.ECS_CLUSTER }}
ecr-task-definition: ${{ env.ECR_TASK_DEFINITION }}
steps:
- name: GitHub 에서 레포 받아오기
uses: actions/checkout@v3
- name: 환경변수 출력하기
id: setup-env
run: |
echo "ecr-repository-name=$ECR_REPOSITORY_NAME" >> $GITHUB_OUTPUT
echo "image-tag=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
echo "spring-profile=$SPRING_PROFILE" >> $GITHUB_OUTPUT
echo "ecs-service=$ECS_SERVICE" >> $GITHUB_OUTPUT
echo "ecs-cluster=$ECS_CLUSTER" >> $GITHUB_OUTPUT
echo "ecr-task-definition=$ECR_TASK_DEFINITION" >> $GITHUB_OUTPUT
call-build-workflow:
if: github.event_name == 'push'
needs: [ prepare-variables ]
name: 이미지 빌드
uses: ./.github/workflows/build-ecr.yaml
permissions:
id-token: write
contents: read
with:
ecr-repository-name: ${{ needs.prepare-variables.outputs.ecr-repository-name }}
image-tag: ${{ needs.prepare-variables.outputs.image-tag }}
spring-profile: ${{ needs.prepare-variables.outputs.spring-profile }}
secrets:
AWS_ASSUME_ROLE_ARN: ${{ secrets.AWS_ASSUME_ROLE_ARN }}
AWS_ECR_REGISTRY_URL: ${{ secrets.AWS_ECR_REGISTRY_URL }}
AWS_REGION: ${{ secrets.AWS_REGION }}
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_PROD_AUTH_TOKEN }}
call-deploy-workflow:
if: github.event_name == 'push'
needs: [ prepare-variables, call-build-workflow ]
name: AWS ECS 배포
uses: ./.github/workflows/deploy-ecs.yaml
permissions:
id-token: write
contents: read
with:
environment: production
ecs-service: ${{ needs.prepare-variables.outputs.ecs-service }}
ecs-cluster: ${{ needs.prepare-variables.outputs.ecs-cluster }}
ecr-task-definition: ${{ needs.prepare-variables.outputs.ecr-task-definition }}
image-url: ${{ needs.call-build-workflow.outputs.image-url }}
secrets:
AWS_ASSUME_ROLE_ARN: ${{ secrets.AWS_ASSUME_ROLE_ARN }}
AWS_ECR_REGISTRY_URL: ${{ secrets.AWS_ECR_REGISTRY_URL }}
AWS_REGION: ${{ secrets.AWS_REGION }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}