Merge pull request #237 from prgrms-web-devcourse-final-project/featu… #35
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD-Develop | |
| on: | |
| push: | |
| branches: | |
| - develop | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| # 1. 코드 체크아웃 | |
| - uses: actions/checkout@v3 | |
| # 2. Java 설정 | |
| - uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'zulu' | |
| java-version: '17' | |
| # 3. application.properties 파일 생성 및 설정 | |
| - run: touch ./src/main/resources/application.properties | |
| - run: echo "${{secrets.APPLICATION}}" > ./src/main/resources/application.properties | |
| - run: echo "spring.cloud.aws.credentials.access-key=${{secrets.AWS_ACTION_ACCESS_KEY}}" >> ./src/main/resources/application.properties | |
| - run: echo "spring.cloud.aws.credentials.secret-key=${{secrets.AWS_ACTION_SECRET_ACCESS_KEY}}" >> ./src/main/resources/application.properties | |
| # 4. 생성된 파일들을 아티팩트로 업로드 | |
| - uses: actions/upload-artifact@v3 | |
| with: | |
| name: application.properties | |
| path: ./src/main/resources/application.properties | |
| # 5. Gradlew 실행 권한 부여 | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x gradlew | |
| # 6. Gradle 빌드 실행 | |
| - name: Build with Gradle | |
| run: ./gradlew clean build -x test | |
| # 7. 현재 시간 가져오기 | |
| - name: Get current time | |
| uses: josStorer/get-current-time@v2 | |
| id: current-time | |
| with: | |
| format: YYYY-MM-DDTHH-mm-ss | |
| utcOffset: "+09:00" | |
| # 8. 배포용 패키지 경로 설정 | |
| - name: Set artifact path | |
| run: | | |
| artifact=$(ls ./build/libs/*.jar | head -n 1) | |
| echo "artifact=$artifact" >> $GITHUB_ENV | |
| # 9. SSH 키 설정 | |
| - name: Set up SSH | |
| uses: webfactory/[email protected] | |
| with: | |
| ssh-private-key: ${{ secrets.EC2_SSH_KEY_TWO }} | |
| # GitHub Secrets에 저장된 EC2 SSH 개인 키를 SSH 에이전트에 로드 | |
| # 10. GCP Credentials 디코딩 및 EC2로 전송 | |
| - name: Decode GCP Credentials | |
| run: echo "${{ secrets.GCP_CREDENTIALS }}" | base64 --decode > gcp-key.json | |
| # GitHub Secrets에 저장된 Base64 인코딩된 GCP JSON Key를 디코딩하여 로컬에 저장 | |
| - name: Copy GCP Credentials to EC2 | |
| run: scp -o StrictHostKeyChecking=no gcp-key.json ${{ secrets.EC2_USER }}@${{ secrets.EC2_IP_TWO }}:/home/${{ secrets.EC2_USER }}/gcp-key.json | |
| # 디코딩된 GCP JSON Key 파일을 EC2 서버로 전송 | |
| # YOUR_EC2_IP -> GitHub Secrets에 저장된 EC2 IP 주소 (${ secrets.EC2_IP }) | |
| # ec2-user -> GitHub Secrets에 저장된 EC2 SSH 사용자 이름 (${ secrets.EC2_USER }) | |
| # 11. EC2에서 GCP Credentials 설정 | |
| - name: Set up GCP Credentials on EC2 | |
| run: | | |
| ssh -o StrictHostKeyChecking=no ${{ secrets.EC2_USER }}@${{ secrets.EC2_IP_TWO }} << 'EOF' | |
| mkdir -p ~/.gcp | |
| mv /home/${{ secrets.EC2_USER }}/gcp-key.json ~/.gcp/key.json | |
| chmod 600 ~/.gcp/key.json | |
| export GOOGLE_APPLICATION_CREDENTIALS=~/.gcp/key.json | |
| # 환경 변수 설정을 영구적으로 추가 | |
| echo 'export GOOGLE_APPLICATION_CREDENTIALS=~/.gcp/key.json' >> ~/.bash_profile | |
| EOF | |
| # EC2 서버에서 GCP Credentials 설정 | |
| # YOUR_EC2_IP -> GitHub Secrets에 저장된 EC2 IP 주소 (${ secrets.EC2_IP }) | |
| # ec2-user -> GitHub Secrets에 저장된 EC2 SSH 사용자 이름 (${ secrets.EC2_USER }) | |
| # 12. Elastic Beanstalk에 배포 | |
| - name: Deploy to Elastic Beanstalk | |
| uses: einaregilsson/beanstalk-deploy@v20 | |
| with: | |
| aws_access_key: ${{ secrets.AWS_ACTION_ACCESS_KEY }} | |
| aws_secret_key: ${{ secrets.AWS_ACTION_SECRET_ACCESS_KEY }} | |
| application_name: Mallangs2-two | |
| environment_name: Mallangs2-two-env | |
| version_label: github-action-${{ steps.current-time.outputs.time }} | |
| region: ap-northeast-2 | |
| deployment_package: ${{ env.artifact }} |