This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Spring Boot & Gradle CI/CD | |
| on: | |
| push: | |
| branches: [ "main" ] | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Get Public IP | |
| id: ip | |
| uses: haythem/[email protected] | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '17' | |
| distribution: 'corretto' | |
| - name: Gradle Caching | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.gradle/caches | |
| ~/.gradle/wrapper | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: | | |
| ${{ runner.os }}-gradle- | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x gradlew | |
| working-directory: ./server | |
| - name: Build with Gradle | |
| run: ./gradlew clean build --exclude-task test | |
| working-directory: ./server | |
| - name: DockerHub Login | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
| - name: Extract Docker Image Tag from Commit Message | |
| id: extract_version | |
| run: | | |
| commit_message="${{ github.event.head_commit.message }}" | |
| version=$(echo "$commit_message" | grep -oP 'version:\s*\K[\d.]+') | |
| echo "IMAGE_TAG=$version" >> $GITHUB_ENV | |
| working-directory: ./server | |
| - name: Docker Sever Image Build | |
| run: docker build -t ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.SERVER_PROJECT_NAME }}:${{ env.IMAGE_TAG }} . | |
| working-directory: ./server | |
| - name: DockerHub Server Push | |
| run: docker push ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.SERVER_PROJECT_NAME }}:${{ env.IMAGE_TAG }} | |
| working-directory: ./server | |
| - name: Docker Client Image Build | |
| run: docker build -t ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.CLIENT_PROJECT_NAME }} . | |
| working-directory: ./client | |
| - name: DockerHub Client Push | |
| run: docker push ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.CLIENT_PROJECT_NAME }} | |
| working-directory: ./client | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: 'ap-northeast-2' | |
| - name: Add GitHub Actions IP | |
| run: | | |
| aws ec2 authorize-security-group-ingress \ | |
| --group-id ${{ secrets.SECURITY_GROUP_ID }} \ | |
| --protocol tcp \ | |
| --port ${{ secrets.EC2_SSH_PORT }} \ | |
| --cidr ${{ steps.ip.outputs.ipv4 }}/32 | |
| - name: copy file via ssh key | |
| uses: appleboy/[email protected] | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USERNAME }} | |
| key: ${{ secrets.EC2_KEY }} | |
| port: ${{ secrets.EC2_SSH_PORT }} | |
| source: "./docker-compose.yaml" | |
| target: ${{ secrets.SCP_TARGET_PATH }} | |
| - name: Application Run | |
| uses: appleboy/[email protected] | |
| with: | |
| host: ${{ secrets.EC2_HOST }} | |
| username: ${{ secrets.EC2_USERNAME }} | |
| key: ${{ secrets.EC2_KEY }} | |
| port: ${{ secrets.EC2_SSH_PORT }} | |
| debug: true | |
| script: | | |
| cd ./talkka/git/E2E2-TALKKA | |
| docker kill ${{ secrets.SERVER_PROJECT_NAME }} ${{ secrets.CLIENT_PROJECT_NAME }} | |
| docker rm -f ${{ secrets.SERVER_PROJECT_NAME }} ${{ secrets.CLIENT_PROJECT_NAME }} | |
| docker images -q ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.SERVER_PROJECT_NAME }} | xargs -r docker rmi | |
| docker pull ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.SERVER_PROJECT_NAME }}:${{ env.IMAGE_TAG }} | |
| docker images -q ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.CLIENT_PROJECT_NAME }} | xargs -r docker rmi | |
| docker pull ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.CLIENT_PROJECT_NAME }} | |
| docker compose up -d --no-deps ${{ secrets.SERVER_PROJECT_NAME }} ${{ secrets.CLIENT_PROJECT_NAME }} | |
| - name: Remove GitHub Actions IP | |
| run: | | |
| aws ec2 revoke-security-group-ingress \ | |
| --group-id ${{ secrets.SECURITY_GROUP_ID }} \ | |
| --protocol tcp \ | |
| --port ${{ secrets.EC2_SSH_PORT }} \ | |
| --cidr ${{ steps.ip.outputs.ipv4 }}/32 |