Skip to content
Build And Test

[BSVR-256] 환경변수 관리를 위한 AWS Secret Manger 도입 - V2 #401

Sign in to view logs

[BSVR-256] 환경변수 관리를 위한 AWS Secret Manger 도입 - V2

[BSVR-256] 환경변수 관리를 위한 AWS Secret Manger 도입 - V2 #401

Workflow file for this run

.github/workflows/dev-build-and-deploy.yaml at ec90026
name: Build And Test
on:
push:
branches:
- main
- dev
pull_request:
branches:
- main
- dev
jobs:
build-and-test:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
java-version: "17"
distribution: "corretto"
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_S3_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.AWS_S3_SECRET_KEY }}
aws-region: ap-northeast-2
- name: Cache Gradle
uses: actions/cache@v3
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
restore-keys: |
${{ runner.os }}-gradle-
- name: Grant execute permission for gradlew
run: chmod +x gradlew
- name: Build with Gradle
run: ./gradlew build -x test --stacktrace --parallel
- name: Run tests
run: ./gradlew test
- name: Publish Unit Test Results
uses: EnricoMi/publish-unit-test-result-action@v2
if: always()
with:
files: '**/build/test-results/test/TEST-*.xml'
- name: JUnit Report Action
uses: mikepenz/action-junit-report@v3
if: always()
with:
report_paths: '**/build/test-results/test/TEST-*.xml'
- name: Store test results
uses: actions/upload-artifact@v3
if: always()
with:
name: test-results
path: '**/build/test-results/test/TEST-*.xml'
- name: Test Report Summary
if: always()
run: |
echo '## Test Report Summary' >> $GITHUB_STEP_SUMMARY
echo '```' >> $GITHUB_STEP_SUMMARY
./gradlew test --console=plain || true
echo '```' >> $GITHUB_STEP_SUMMARY
deploy:
needs: build-and-test
if: (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/dev') && github.event_name == 'push'
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to DockerHub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build and push Docker image
uses: docker/build-push-action@v4
with:
context: .
push: true
tags: ${{ secrets.DOCKERHUB_USERNAME }}/spot-server:dev-${{ github.sha }}
- name: Deploy to Dev NCP Server
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.DEV_SERVER_HOST }}
username: ${{ secrets.DEV_SERVER_USERNAME }}
password: ${{ secrets.DEV_SERVER_PASSWORD }}
port: ${{ secrets.DEV_SERVER_PORT }}
script: |
docker pull ${{ secrets.DOCKERHUB_USERNAME }}/spot-server:dev-${{ github.sha }}
docker stop spot-server-dev || true
docker rm spot-server-dev || true
docker run -d --name spot-server-dev \
-p 8080:8080 \
-p 9292:9292 \
-p 3100:3100 \
-e SPRING_PROFILES_ACTIVE=dev \
-e SPRING_SERVLET_MULTIPART_MAX-FILE-SIZE=30MB \
-e SPRING_SERVLET_MULTIPART_MAX-REQUEST-SIZE=30MB \
-e SPRING_JPA_HIBERNATE_DDL_AUTO=validate \
-e TZ=Asia/Seoul \
-e SENTRY_ENABLE_TRACING=true \
-e SENTRY_ENVIRONMENT=prod \
${{ secrets.DOCKERHUB_USERNAME }}/spot-server:dev-${{ github.sha }}
docker system prune -af
# create-release:
# needs: [ build-and-test, deploy ] # deploy job이 성공적으로 완료된 후에만 실행
## if: github.event.pull_request.merged == true # PR이 merge된 경우에만 실행
# runs-on: ubuntu-latest
# permissions:
# contents: write
# steps:
# - name: Checkout code
# uses: actions/checkout@v4
#
# - name: Bump version and push tag
# id: tag_version
# uses: mathieudutour/[email protected]
# with:
# github_token: ${{ secrets.GITHUB_TOKEN }}
#
# - name: Create a GitHub release
# uses: ncipollo/release-action@v1
# with:
# tag: ${{ steps.tag_version.outputs.new_tag }}
# name: Release ${{ steps.tag_version.outputs.new_tag }}
# body: ${{ steps.tag_version.outputs.changelog }}