Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(infra): build rc-server (terraform re-factoring) #2266

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

feat(infra): build rc-server (terraform re-factoring) #2266

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
be3e279
feat(infra): rc-server(re-factoring terraform)
bocklag Dec 15, 2024
49b1513
feat(infra): refactor rc-server Terraform files
bocklag Dec 15, 2024
beb62e1
feat(infra): rafactor re-server Terraform and Github Actions Files
bocklag Dec 28, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
90 changes: 90 additions & 0 deletions .github/workflows/rc-build-image.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,90 @@
name: RC - CD - Build Images

on:
workflow_dispatch:

env:
AWS_REGION: ap-northeast-2
ECS_CLUSTER: Codedang-Api

permissions: # permissions to the job (for the OpenID Connection)
id-token: write
contents: read

jobs:
build-client-api:
name: Build client-api image
runs-on: ubuntu-latest
steps:
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3

- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_FOR_ECR_PUSH_RC }}
aws-region: ${{ env.AWS_REGION }}

- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2

- name: Build and push image
uses: docker/build-push-action@v6
with:
file: ./apps/backend/Dockerfile
push: true
build-args: |
target=client
app_env=production
tags: ${{ steps.login-ecr.outputs.registry }}/codedang-client-api:latest

build-admin-api:
name: Build admin-api image
runs-on: ubuntu-latest
steps:
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3

- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_FOR_ECR_PUSH_RC }}
aws-region: ${{ env.AWS_REGION }}

- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2

- name: Build and push image
uses: docker/build-push-action@v6
with:
file: ./apps/backend/Dockerfile
push: true
build-args: |
target=admin
app_env=production
tags: ${{ steps.login-ecr.outputs.registry }}/codedang-admin-api:latest

build-iris:
name: Build iris Docker image
runs-on: ubuntu-latest
steps:
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3

- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_FOR_ECR_PUSH_RC }}
aws-region: ${{ env.AWS_REGION }}

- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2

- name: Build and push image (iris)
uses: docker/build-push-action@v6
with:
push: true
context: '{{defaultContext}}:apps/iris'
build-args: |
app_env=production
tags: ${{ steps.login-ecr.outputs.registry }}/codedang-iris:latest
66 changes: 66 additions & 0 deletions .github/workflows/rc-deploy-target.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
name: RC - Deploy - Target

on:
workflow_dispatch:
inputs:
terraform_project:
description: 'Select Terraform Project to Deploy'
required: true
type: choice
options:
- 'network'
- 'storage'
- 'codedang'

env:
AWS_REGION: ap-northeast-2
ECS_CLUSTER: Codedang-Api

permissions: # permissions to the job (for the OpenID Connection)
id-token: write
contents: read

jobs:
rc-deploy-target-project:
name: RC - Deploy Terraform targeted Project
runs-on: ubuntu-latest
environment: production
defaults:
run:
shell: bash

steps:
- uses: actions/checkout@v4

- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_FOR_DEPLOY_RC }}
aws-region: ${{ env.AWS_REGION }}

- uses: hashicorp/setup-terraform@v3
with:
terraform_version: 1.5.2

- name: Create Terraform variable file
working-directory: ./apps/infra/rc/${{ github.event.inputs.terraform_project }}
run: |
echo "$TFVARS_RC" >> terraform.tfvars
echo "$OAUTH_GITHUB" >> terraform.tfvars
echo "$OAUTH_KAKAO" >> terraform.tfvars
echo 'env = "rc"' >> terraform.tfvars
env:
TFVARS_RC: ${{ secrets.TFVARS_RC }}
OAUTH_GITHUB: ${{ secrets.OAUTH_GITHUB }}
OAUTH_KAKAO: ${{ secrets.OAUTH_KAKAO }}

- name: Terraform Init
working-directory: ./apps/infra/rc/${{ github.event.inputs.terraform_project }}
run: terraform init -backend-config="bucket=codedang-tf-state-rc"

- name: Terraform Plan
working-directory: ./apps/infra/rc/${{ github.event.inputs.terraform_project }}
run: terraform plan -input=false -out=plan.out

- name: Terraform Apply
working-directory: ./apps/infra/rc/${{ github.event.inputs.terraform_project }}
run: terraform apply -input=false plan.out
133 changes: 133 additions & 0 deletions .github/workflows/rc-deploy.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,133 @@
name: RC - Deploy

on:
workflow_dispatch:

env:
AWS_REGION: ap-northeast-2
ECS_CLUSTER: Codedang-Api

permissions: # permissions to the job (for the OpenID Connection)
id-token: write
contents: read

jobs:
rc-deploy-network:
name: RC - Deploy Network
runs-on: ubuntu-latest
environment: production
defaults:
run:
shell: bash

steps:
- uses: actions/checkout@v4

- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_FOR_DEPLOY_RC }}
aws-region: ${{ env.AWS_REGION }}

- uses: hashicorp/setup-terraform@v3
with:
terraform_version: 1.5.2

- name: Create Terraform variable file
working-directory: ./apps/infra/rc/network
run: |
echo 'env = "rc"' >> terraform.tfvars

- name: Terraform Init
working-directory: ./apps/infra/rc/network
run: terraform init -backend-config="bucket=codedang-tf-state-rc"

- name: Terraform Plan
working-directory: ./apps/infra/rc/network
run: terraform plan -input=false -out=plan.out

- name: Terraform Apply
working-directory: ./apps/infra/rc/network
run: terraform apply -input=false plan.out

rc-deploy-storage:
name: RC - Deploy Storage
runs-on: ubuntu-latest
needs: [rc-deploy-network]
environment: production
defaults:
run:
shell: bash

steps:
- uses: actions/checkout@v4

- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_FOR_DEPLOY_RC }}
aws-region: ${{ env.AWS_REGION }}

- uses: hashicorp/setup-terraform@v3
with:
terraform_version: 1.5.2

- name: Create Terraform variable file
working-directory: ./apps/infra/rc/storage
run: |
echo 'env = "rc"' >> terraform.tfvars

- name: Terraform Init
working-directory: ./apps/infra/rc/storage
run: terraform init -backend-config="bucket=codedang-tf-state-rc"

- name: Terraform Plan
working-directory: ./apps/infra/rc/storage
run: terraform plan -input=false -out=plan.out

- name: Terraform Apply
working-directory: ./apps/infra/rc/storage
run: terraform apply -input=false plan.out

rc-deploy-codedang:
name: RC - Deploy Codedang
runs-on: ubuntu-latest
needs: [rc-deploy-network, rc-deploy-storage]
environment: production
defaults:
run:
shell: bash

steps:
- uses: actions/checkout@v4

- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_FOR_DEPLOY_RC }}
aws-region: ${{ env.AWS_REGION }}

- uses: hashicorp/setup-terraform@v3
with:
terraform_version: 1.5.2

- name: Create Terraform variable file
working-directory: ./apps/infra/rc/codedang
run: |
echo "$TFVARS_RC" >> terraform.tfvars
echo "$OAUTH_GITHUB" >> terraform.tfvars
echo "$OAUTH_KAKAO" >> terraform.tfvars
echo 'env = "rc"' >> terraform.tfvars
env:
TFVARS_RC: ${{ secrets.TFVARS_RC }}
OAUTH_GITHUB: ${{ secrets.OAUTH_GITHUB }}
OAUTH_KAKAO: ${{ secrets.OAUTH_KAKAO }}

- name: Terraform Init
working-directory: ./apps/infra/rc/codedang
run: terraform init -backend-config="bucket=codedang-tf-state-rc"

- name: Terraform Plan
working-directory: ./apps/infra/rc/codedang
run: terraform plan -input=false -out=plan.out

- name: Terraform Apply
working-directory: ./apps/infra/rc/codedang
run: terraform apply -input=false plan.out
60 changes: 60 additions & 0 deletions .github/workflows/rc-destroy-target.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
name: RC - Destroy - Target

on:
workflow_dispatch:
inputs:
terraform_project:
description: 'Select Terraform Project to Destroy'
required: true
type: choice
options:
- 'network'
- 'storage'
- 'codedang'

env:
AWS_REGION: ap-northeast-2
ECS_CLUSTER: Codedang-Api

permissions: # permissions to the job (for the OpenID Connection)
id-token: write
contents: read

jobs:
rc-destroy-terraform-target-project:
name: RC - Destroy Terraform targeted Project
runs-on: ubuntu-latest
environment: production
defaults:
run:
shell: bash

steps:
- uses: actions/checkout@v4

- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_FOR_DEPLOY_RC }}
aws-region: ${{ env.AWS_REGION }}

- uses: hashicorp/setup-terraform@v3
with:
terraform_version: 1.5.2

- name: Create Terraform variable file
working-directory: ./apps/infra/rc/${{ github.event.inputs.terraform_project }}
run: |
echo "$TFVARS_RC" >> terraform.tfvars
echo "$OAUTH_GITHUB" >> terraform.tfvars
echo "$OAUTH_KAKAO" >> terraform.tfvars
echo 'env = "rc"' >> terraform.tfvars
env:
TFVARS_RC: ${{ secrets.TFVARS_RC }}
OAUTH_GITHUB: ${{ secrets.OAUTH_GITHUB }}
OAUTH_KAKAO: ${{ secrets.OAUTH_KAKAO }}

- name: Destroy
working-directory: ./apps/infra/rc/${{ github.event.inputs.terraform_project }}
run: |
terraform init -backend-config="bucket=codedang-tf-state-rc"
terraform destroy -auto-approve
Loading
Loading