chore: gradle 권한 추가 #16
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: 프로덕션 워크플로우 | |
on: | |
push: | |
#branches: [ 'main' ] | |
paths: | |
- 'src/**' # 어드민 API 코드가 변경된 경우 | |
- '.github/workflows/**' # 워크플로우와 관련된 파일이 변경된 경우 | |
- 'build.gradle.kts' # Parent Gradle 모듈 설정이 변경된 경우 | |
- 'settings.gradle' # Parent Gradle 설정이 변경된 경우 | |
env: | |
ECR_REPOSITORY_NAME: nagaza-backend-prod | |
SPRING_PROFILE: prod | |
concurrency: | |
group: api | |
jobs: | |
prepare-variables: | |
name: 환경변수 준비하기 | |
runs-on: ubuntu-latest | |
outputs: | |
ecr-repository-name: ${{ steps.setup-env.outputs.ecr-repository-name }} | |
image-tag: ${{ steps.setup-env.outputs.image-tag }} | |
spring-profile: ${{ steps.setup-env.outputs.spring-profile }} | |
steps: | |
- name: GitHub 에서 레포 받아오기 | |
uses: actions/checkout@v3 | |
- name: 환경변수 출력하기 | |
id: setup-env | |
run: | | |
echo "ecr-repository-name=$ECR_REPOSITORY_NAME" >> $GITHUB_OUTPUT | |
echo "image-tag=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT | |
echo "spring-profile=$SPRING_PROFILE" >> $GITHUB_OUTPUT | |
call-build-workflow: | |
if: github.event_name == 'push' | |
needs: [ prepare-variables ] | |
name: 이미지 빌드 | |
uses: ./.github/workflows/build.yaml | |
permissions: | |
id-token: write | |
contents: read | |
with: | |
ecr-repository-name: ${{ needs.prepare-variables.outputs.ecr-repository-name }} | |
image-tag: ${{ needs.prepare-variables.outputs.image-tag }} | |
spring-profile: ${{ needs.prepare-variables.outputs.spring-profile }} | |
secrets: | |
AWS_ASSUME_ROLE_ARN: ${{ secrets.AWS_ASSUME_ROLE_ARN }} | |
AWS_ECR_REGISTRY_URL: ${{ secrets.AWS_ECR_REGISTRY_URL }} | |
AWS_REGION: ${{ secrets.AWS_REGION }} |