Merge pull request #614 from tukcomCD2024/fix/group_capsules-B-#613 #40
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: core-test-ci/cd | |
on: | |
push: | |
branches: | |
- develop_back_core | |
- 'hotfix/[0-9a-zA-z]+-B-core-#[0-9a-zA-z]+' | |
pull_request: | |
branches: | |
- develop_back_core | |
jobs: | |
build_and_test: | |
name: build and test | |
if: ${{github.event_name == 'pull_request' }} | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
working-directory: ./backend/core | |
steps: | |
- name: set up JDK 17 | |
uses: actions/setup-java@v3 | |
with: | |
java-version: '17' | |
distribution: 'liberica' | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
submodules: true | |
token: ${{ secrets.CI_PAT }} | |
- name: formatting | |
uses: axel-op/googlejavaformat-action@v3 | |
with: | |
args: "--replace" | |
skip-commit: true | |
- name: grant execute permission for gradlew | |
run: chmod +x ./gradlew | |
- name: test | |
run: ./gradlew clean test | |
deploy-core: | |
name: core application deploy | |
if: ${{ github.event_name == 'push' }} | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
working-directory: ./backend/core | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
submodules: true | |
token: ${{ secrets.CI_PAT }} | |
- name: set up JDK 17 | |
uses: actions/setup-java@v3 | |
with: | |
java-version: '17' | |
distribution: 'liberica' | |
cache: gradle | |
- name: grant execute permission for gradlew | |
run: chmod +x ./gradlew | |
- name: build gradle | |
run: ./gradlew clean build | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
role-to-assume: ${{ secrets.AWS_ROLE_ARN }} | |
aws-region: ${{ secrets.AWS_REGION }} | |
- name: Login to Amazon ECR | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v2 | |
- name: Extract metadata (tags, labels) for Docker | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: | | |
${{ steps.login-ecr.outputs.registry }}/${{ secrets.AWS_TEST_ENV_ECR_CORE_REPOSITORY_NAME }} | |
tags: | | |
type=raw,value={{date 'YYYYMMDD-HHmmss'}} | |
- name: Build and push | |
uses: docker/build-push-action@v5 | |
with: | |
context: ./backend/core | |
push: true | |
tags: ${{ steps.meta.outputs.tags }} | |
provenance: false | |
- name: Get Github action IP | |
id: ip | |
uses: haythem/[email protected] | |
- name: Add Github Actions IP to Security group | |
run: | | |
aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_TEST_ENV_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32 | |
- name: Connect ec2 and Run Docker Container | |
uses: appleboy/[email protected] | |
env: | |
AWS_ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
with: | |
host: ${{ secrets.SSH_TEST_ENV_HOST }} | |
username: ${{ secrets.SSH_TEST_ENV_USERNAME }} | |
key: ${{ secrets.SSH_TEST_ENV_PRIVATE_KEY }} | |
port: ${{ secrets.SSH_TEST_ENV_PORT }} | |
script: | | |
docker ps -q --filter "name=core" | xargs -r docker stop | |
docker ps -aq --filter "name=core" | xargs -r docker rm | |
aws ecr get-login-password --region ${{ secrets.AWS_REGION }} | docker login --username ${{ secrets.AWS_TEST_ENV_DOCKER_USER }} --password-stdin ${{ secrets.AWS_TEST_ENV_USER_ID }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com | |
docker image prune -f -a | |
docker pull ${{ steps.meta.outputs.tags }} | |
docker run -d -p 8080:8080 -e ENVIRONMENT=container -v /home/ec2-user/logs:/logs --name core --network test_backend ${{ steps.meta.outputs.tags }} | |
- name: Remove Github Actions IP from security group | |
if: always() | |
run: | | |
aws ec2 revoke-security-group-ingress --group-id ${{ secrets.AWS_TEST_ENV_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32 | |
- uses: sarisia/actions-status-discord@v1 | |
if: success() | |
with: | |
webhook: ${{ secrets.DISCORD_WEBHOOK }} | |
status: ${{ job.status }} | |
content: "여러분 <@384742716933668867> <@1084774841460215839> <@545902166842408960> <@1081452554149449748>\n 배포 완료했습니다!!" | |
title: "코어 테스트 서버 배포 완료 알림" | |
description: "백엔드 개발 브랜치에서 테스트 환경으로 깃허브 액션으로 배포 완료" | |
image: ${{ secrets.EMBED_IMAGE }} | |
color: 0x0000ff | |
url: "https://github.com/tukcomCD2024/DroidBlossom/actions" | |
username: GitHub Actions Bot | |
avatar_url: ${{ secrets.AVATAR_URL }} |