Skip to content

Backend Prod CD

Backend Prod CD #29

name: Backend Prod CD
on:
workflow_dispatch:
push:
branches: [ 'main' ]
jobs:
detect-changes:
runs-on: ubuntu-latest
permissions:
pull-requests: read
outputs:
backend: ${{ steps.filter.outputs.backend }}
frontend: ${{ steps.filter.outputs.frontend }}
manual: ${{ steps.manual-check.outputs.manual }}
steps:
- id: manual-check
if: ${{ github.event_name == 'workflow_dispatch' }}
run: echo "manual=true" >> "$GITHUB_OUTPUT"
- uses: actions/checkout@v4 # Push 이벤트이기 때문에 checkout 해야 함
with:
ref: main
submodules: recursive
token: ${{ secrets.PAT_TOKEN }}
- uses: dorny/paths-filter@v3
if: ${{ github.event_name != 'workflow_dispatch' }}
id: filter
with:
base: 'main' # 해당 브랜치의 last commit과 변경점 비교
filters: |
backend:
- 'backend/**'
frontend:
- 'frontend/**'
be-build:
needs: detect-changes
if: ${{ needs.detect-changes.outputs.backend == 'true' || needs.detect-changes.outputs.manual == 'true' }}
runs-on: ubuntu-latest
defaults:
run:
shell: bash
working-directory: ./backend
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v4
with:
ref: main
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'temurin'
cache: gradle
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v3
- name: Grant gradlew execute permission
run: chmod +x ./gradlew
- name: Build with Gradle (clean)
run: ./gradlew clean bootJar
# DockerHub 로그인
- name: Docker login
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
# Docker 이미지 빌드 & 푸시
- name: Build and push
uses: docker/build-push-action@v5
with:
context: .
push: true
tags: ${{ secrets.DOCKERHUB_USERNAME }}/momo-api-prod
platforms: |
linux/amd64
linux/arm64
- name: Docker image build
run: docker build -t ${{ secrets.DOCKERHUB_USERNAME }}/momo-api-prod .
# Docker Hub 이미지 푸시
- name: Docker Hub push
run: docker push ${{ secrets.DOCKERHUB_USERNAME }}/momo-api-prod
be-depoly:
needs: be-build
runs-on: [ self-hosted, linux, prod ]
defaults:
run:
shell: bash
working-directory: ./
steps:
- name: checkout security submodule
uses: actions/checkout@v4
with:
repository: woowacourse-teams/2024-momo-config
token: ${{ secrets.PAT_TOKEN }}
- name: copy security config
run: mkdir -p $HOME/security; \cp -f *.yml ~/security
# 1. 최신 도커 이미지 pull
- name: docker pull
run: docker pull ${{ secrets.DOCKERHUB_USERNAME }}/momo-api-prod
# 2. 블루그린 배포 스크립트 실행
- name: Launch Blue-Green Deployment
run: chmod +x $HOME/security/deploy.sh; $HOME/security/deploy.sh
# 3. 미사용 이미지 정리
- name: delete old docker image
run: docker system prune -f