-
Notifications
You must be signed in to change notification settings - Fork 1
175 lines (147 loc) · 5.62 KB
/
ci-cd.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
name: CI/CD Pipeline
on:
push:
branches:
- main
workflow_dispatch:
jobs:
build_and_push:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'temurin'
- name: make application.yml
run: |
cd ./src/main/resources
touch ./application.yml
echo "${{ secrets.YML }}" > ./application.yml
shell: bash
- name: make application-prod.yml
run: |
cd ./src/main/resources
touch ./application-prod.yml
echo "${{ secrets.PROD_YML }}" > ./application-prod.yml
shell: bash
- name: Gradle Caching
uses: actions/cache@v3
with:
path: |
~/.gradle/caches
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
restore-keys: |
${{ runner.os }}-gradle-
- name: Setup Gradle
uses: gradle/actions/setup-gradle@af1da67850ed9a4cedd57bfd976089dd991e2582 # v4.0.0
- name: Build with Gradle Wrapper
run: ./gradlew clean build
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.DEV_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.DEV_AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: Login to Amazon ECR Public
id: login-ecr-public
uses: aws-actions/amazon-ecr-login@v2
with:
registry-type: public
- name: Delete previous image in Amazon ECR Public
env:
REGISTRY_ALIAS: ${{ secrets.DEV_ECR_REGISTRY_ALIAS }}
REPOSITORY: distribute/dev
run: |
aws ecr-public batch-delete-image \
--repository-name distribute/dev \
--image-ids imageTag=latest \
--region us-east-1 || echo "No existing image with tag latest found."
- name: Build, tag, and push docker image to Amazon ECR Public
env:
REGISTRY: ${{ steps.login-ecr-public.outputs.registry }}
REGISTRY_ALIAS: ${{ secrets.DEV_ECR_REGISTRY_ALIAS }}
REPOSITORY: distribute/dev
IMAGE_TAG: latest
run: |
echo "REPOSITORY: $REPOSITORY"
docker build -t $REGISTRY/$REGISTRY_ALIAS/$REPOSITORY:$IMAGE_TAG .
docker push $REGISTRY/$REGISTRY_ALIAS/$REPOSITORY:$IMAGE_TAG
echo "::set-output name=image::$REGISTRY/$REGISTRY_ALIAS/$REPOSITORY:$IMAGE_TAG"
- name: Logout of Amazon ECR
run: docker logout ${{ env.ECR_REGISTRY }}
deploy:
needs: build_and_push
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.DEV_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.DEV_AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: Login to Amazon ECR Public
run: |
aws ecr-public get-login-password --region us-east-1 | sudo docker login --username AWS --password-stdin public.ecr.aws
- name: SSH into EC2 and Deploy with Docker Compose
env:
SSH_KEY: ${{ secrets.DEV_EC2_SSH_KEY }}
HOST: 3.39.206.214
USER: ubuntu
run: |
echo "${SSH_KEY}" > ec2_key.pem
chmod 600 ec2_key.pem
# Connect to EC2 and run deployment commands
ssh -o StrictHostKeyChecking=no -i ec2_key.pem $USER@$HOST << 'EOF'
sudo usermod -aG docker $USER || true
newgrp docker || true
# Stop existing containers
if [ -f docker-compose.yml ]; then
echo "Stopping existing containers..."
sudo docker-compose down
else
echo "No existing Docker Compose setup. Proceeding with deployment..."
fi
# Clean up previous files
sudo rm -f docker-compose.yml
EOF
- name: Install Docker if not present
uses: appleboy/[email protected]
with:
host: 3.39.206.214
username: ubuntu
key: ${{ secrets.DEV_EC2_SSH_KEY }}
script: |
if ! command -v docker-compose >/dev/null 2>&1; then
echo "Installing Docker Compose..."
sudo curl -L "https://github.com/docker/compose/releases/download/v2.20.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
else
echo "Docker Compose already installed."
fi
- name: Copy docker-compose.yml to EC2
env:
SSH_KEY: ${{ secrets.DEV_EC2_SSH_KEY }}
HOST: 3.39.206.214
USER: ubuntu
run: |
echo "$SSH_KEY" > ec2_key.pem
chmod 600 ec2_key.pem
scp -o StrictHostKeyChecking=no -i ec2_key.pem ./docker-compose.yml $USER@$HOST:~/docker-compose.yml
- name: Start services using Docker Compose
env:
SSH_KEY: ${{ secrets.DEV_EC2_SSH_KEY }}
HOST: 3.39.206.214
USER: ubuntu
run: |
echo "$SSH_KEY" > ec2_key.pem
chmod 600 ec2_key.pem
ssh -o StrictHostKeyChecking=no -i ec2_key.pem $USER@$HOST << 'EOF'
cd /home/ubuntu
docker-compose -f docker-compose.yml pull
docker-compose -f docker-compose.yml up -d
EOF
- name: Cleanup SSH Key
run: rm -f ec2_key.pem