Skip to content

CD 테스트

CD 테스트 #13

Workflow file for this run

name: Deploy to AWS ECR
on:
push:
branches:
- main
env:
AWS_REGION: ap-northeast-2
IMAGE_TAG: latest
ECR_REPOSITORY: wasin
defaults:
run:
working-directory: ./wasin
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- name: get Github Action Public IP
id: ip
uses: haythem/public-ip@v1.3
- name: Checkout code
uses: actions/checkout@v4
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'adopt'
- name: Grant execute permission for gradlew
run: chmod +x ./gradlew
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ap-northeast-2
- name: Login to Amazon ECR
uses: aws-actions/amazon-ecr-login@v2
id: login-ecr
- name: docker build
env:
REGISTRY: ${{ steps.login-ecr.outputs.registry }}
run: docker build -t $REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f DockerFileProd .
- name: docker build2
env:
REGISTRY: ${{ steps.login-ecr.outputs.registry }}
run: |
docker push $REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
- name: add Github Actions IP to Security group
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: ap-northeast-2
run: |
aws ec2 authorize-security-group-ingress --group-name ${{ secrets.AWS_SECURITY_GROUP }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32
- name: deploy ec2 server
uses: appleboy/ssh-action@v1.0.3
with:
host: ${{ secrets.AWS_HOST }}
username: ${{ secrets.AWS_USER_NAME }}
key: ${{ secrets.AWS_SSH_KEY }}
script: |
cd ~/wasin-backend/wasin
sudo git pull
aws ecr get-login-password --region ap-northeast-2 | sudo docker login --username AWS --password-stdin ${{ steps.login-ecr.outputs.registry }}
sudo docker compose -f docker-compose.prod.yml pull
sudo docker compose -f docker-compose.prod.yml down nginx wasin
sudo docker compose -f docker-compose.prod.yml up -d
sudo docker image prune -f
- name: remove github Actions IP from security group
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: ap-northeast-2
run: |
aws ec2 revoke-security-group-ingress --group-name ${{ secrets.AWS_SECURITY_GROUP }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32