-
Notifications
You must be signed in to change notification settings - Fork 0
139 lines (119 loc) · 5.2 KB
/
dev-deployment.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
name: Dev Deployment
on:
push:
branches: [ feature/deploy ]
paths:
- "src/**"
permissions:
contents: read
jobs:
build-and-docker-operations:
runs-on: ubuntu-latest
outputs:
image_tag: ${{ steps.generate_tag.outputs.tag }}
steps:
- name: checkout
uses: actions/checkout@v4
- name: Set up JDK 21
uses: actions/setup-java@v4
with:
java-version: '21'
distribution: 'temurin'
- name: Set up Docker
uses: docker/setup-buildx-action@v2
- name: Gradle Caching
uses: actions/cache@v4
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
restore-keys: |
${{ runner.os }}-gradle-
- name: Grant execute permission for gradlew
run: chmod +x ./gradlew
shell: bash
- name: Build with Gradle and Run Tests
run: ./gradlew clean build
- name: Generate Unique Tag
id: generate_tag
run: echo "::set-output name=tag::$(echo $GITHUB_SHA | cut -c1-7)"
- name: Build image
run: docker build --build-arg ACTIVE_PROFILE=${{ secrets.DEV_ACTIVE_PROFILE }} -f docker/Dockerfile -t ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DEV_DOCKERHUB_REPOSITORY_NAME }}:${{ steps.generate_tag.outputs.tag }} .
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Push image
run: docker push ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DEV_DOCKERHUB_REPOSITORY_NAME }}:${{ steps.generate_tag.outputs.tag }}
deploy-to-aws:
needs: build-and-docker-operations
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Get Github action IP
id: ip
uses: haythem/[email protected]
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Add Github Actions IP to Security group
run: |
aws ec2 authorize-security-group-ingress --group-id ${{ secrets.DEV_AWS_SG_ID }} --protocol tcp --port ${{ secrets.DEV_SSH_PORT }} --cidr ${{ steps.ip.outputs.ipv4 }}/32
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: ${{ secrets.AWS_REGION }}
- name: Copy Docker files
uses: appleboy/scp-action@master
with:
host: ${{ secrets.DEV_SERVER_IP }}
username: ${{ secrets.DEV_SERVER_USERNAME }}
key: ${{ secrets.DEV_SSH_KEY }}
port: ${{ secrets.DEV_SSH_PORT }}
source: "docker/docker-compose.yml,docker/scripts/docker-install.sh"
target: 'compose'
rm: true
- name: SSH remote and Run Docker Compose
uses: appleboy/ssh-action@master
env:
SPRING_DATABASE_SCHEMA: ${{ secrets.DEV_SPRING_DATABASE_SCHEMA }}
SPRING_DATABASE_USERNAME: ${{ secrets.DEV_SPRING_DATABASE_USERNAME }}
SPRING_DATABASE_PASSWORD: ${{ secrets.DEV_SPRING_DATABASE_PASSWORD }}
SPRING_DATABASE_HOST: ${{ secrets.DEV_SPRING_DATABASE_HOST }}
IMAGE_TAG: ${{ needs.build-and-docker-operations.outputs.image_tag }}
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKERHUB_REPOSITORY_NAME: ${{ secrets.DEV_DOCKERHUB_REPOSITORY_NAME }}
with:
host: ${{ secrets.DEV_SERVER_IP }}
username: ${{ secrets.DEV_SERVER_USERNAME }}
key: ${{ secrets.DEV_SSH_KEY }}
port: ${{ secrets.DEV_SSH_PORT }}
envs: SPRING_DATABASE_SCHEMA,SPRING_DATABASE_USERNAME,SPRING_DATABASE_PASSWORD,SPRING_DATABASE_HOST,IMAGE_TAG,DOCKERHUB_USERNAME,DOCKERHUB_REPOSITORY_NAME
script: |
cd compose/docker/
sudo touch .env
sudo echo "
SPRING_DATABASE_SCHEMA=$SPRING_DATABASE_SCHEMA
SPRING_DATABASE_USERNAME=$SPRING_DATABASE_USERNAME
SPRING_DATABASE_PASSWORD=$SPRING_DATABASE_PASSWORD
SPRING_DATABASE_HOST=$SPRING_DATABASE_HOST
IMAGE_TAG=$IMAGE_TAG
DOCKERHUB_USERNAME=$DOCKERHUB_USERNAME
DOCKERHUB_REPOSITORY_NAME=$DOCKERHUB_REPOSITORY_NAME"| sudo tee .env
sh ./scripts/docker-install.sh
sudo docker pull $DOCKERHUB_USERNAME/$DOCKERHUB_REPOSITORY_NAME:$IMAGE_TAG
sudo docker-compose down
sudo docker-compose up -d
- name: Remove Github Actions IP from security group
run: |
aws ec2 revoke-security-group-ingress --group-id ${{ secrets.DEV_AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}