Merge pull request #31 from IT-Cotato/feature/kakao-login #23
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy To EC2 | |
on: | |
push: | |
branches: [ "develop" ] | |
pull_request: | |
branches: [ "develop" ] | |
env: | |
BASE_RESOURCE_PATH: ./src/main/resources/application.yml | |
permissions: write-all | |
jobs: | |
deploy: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Github Repository 파일 불러오기 | |
uses: actions/checkout@v4 | |
- name: JDK 17버전 설치 | |
uses: actions/setup-java@v4 | |
with: | |
distribution: temurin | |
java-version: 17 | |
- name: application.yml 파일 만들기 | |
uses: microsoft/variable-substitution@v1 | |
with: | |
files: ${{ env.BASE_RESOURCE_PATH }} | |
env: | |
spring.datasource.url: ${{ secrets.DB_URI }} | |
spring.datasource.username: ${{ secrets.DB_USERNAME }} | |
spring.datasource.password: ${{ secrets.DB_PASSWORD }} | |
spring.jwt.secret: ${{ secrets.JWT_SECRET_KEY}} | |
spring.security.oauth2.client.registration.google.client-id: ${{ secrets.GOOGLE_CLIENT_ID }} | |
spring.security.oauth2.client.registration.google.client-secret: ${{ secrets.GOOGLE_CLIENT_SECRET }} | |
spring.security.oauth2.client.registration.naver.client-id: ${{ secrets.NAVER_CLIENT_ID }} | |
spring.security.oauth2.client.registration.naver.client-secret: ${{ secrets.NAVER_CLIENT_ID }} | |
spring.security.oauth2.client.registration.kakao.client-id: ${{ secrets.KAKAO_CLIENT_ID }} | |
spring.security.oauth2.client.registration.kakao.client-secret: ${{ secrets.KAKAO_CLIENT_ID }} | |
spring.mail.username: ${{ secrets.MAIL_ADDRESS }} | |
spring.mail.password: ${{ secrets.APP_PASSWORD }} | |
# run: echo "${{ secrets.APPLICATION_PROPERTIES }}" > ./src/main/resources/application.yml | |
- name: gradlew에 실행 권한 부여하기 | |
run: chmod +x ./gradlew | |
- name: 테스트 및 빌드하기 | |
run: ./gradlew clean build --scan | |
- name: AWS Resource에 접근할 수 있게 AWS credentials 설정 | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-region: ap-northeast-2 | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
- name: ECR에 로그인하기 | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v2 | |
- name: Docker 이미지 생성 | |
run: docker build -t squadus-server . | |
- name: Docker 이미지에 Tag 붙이기 | |
run: docker tag squadus-server ${{ steps.login-ecr.outputs.registry }}/squadus-server:latest | |
- name: ECR에 Docker 이미지 Push하기 | |
run: docker push ${{ steps.login-ecr.outputs.registry }}/squadus-server:latest | |
- name: 압축하기 | |
run: tar -czvf $GITHUB_SHA.tar.gz appspec.yml scripts | |
- name: S3에 프로젝트 폴더 업로드하기 | |
run: aws s3 cp --region ap-northeast-2 ./$GITHUB_SHA.tar.gz s3://squadus-server/$GITHUB_SHA.tar.gz | |
- name: Code Deploy를 활용해 EC2에 프로젝트 코드 배포 | |
run: aws deploy create-deployment | |
--application-name squadus-server | |
--deployment-config-name CodeDeployDefault.AllAtOnce | |
--deployment-group-name Production | |
--s3-location bucket=squadus-server,bundleType=tgz,key=$GITHUB_SHA.tar.gz |