[Feat] Nginx 무중단배포설정 #33
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Java CI with Gradle | |
# master 브랜치의 push와 pull로 CI가 작동 | |
on: | |
push: | |
branches: [ "master" ] | |
pull_request: | |
branches: [ "master" ] | |
permissions: | |
contents: read | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Set up JDK 11 | |
uses: actions/setup-java@v3 | |
with: | |
# 자신이 사용하는 자바 버전에 맞춰주자 | |
java-version: '11' | |
distribution: 'temurin' | |
- uses : actions/checkout@v3 | |
#1 | |
# 디렉터리 생성 | |
- run : mkdir ./src/main/resources/keys | |
- run : mkdir ./src/main/resources/firebase | |
# 이용하여서 설정 파일을 생성해줌 (github에 commit 되는게 아님!) | |
- run : touch ./src/main/resources/application.properties | |
- run : echo "${{ secrets.APPLICATION }}" > ./src/main/resources/application.properties | |
- name: create-json | |
id: create-json | |
uses: jsdaniell/create-json@1.1.2 | |
with: | |
name: "google_client_key.json" | |
json: ${{ secrets.GOOGLE }} | |
dir: './src/main/resources/' | |
# oauth | |
- run : touch ./src/main/resources/oauth.yml | |
- run : echo "${{ secrets.OAUTH }}" > ./src/main/resources/oauth.yml | |
# firebase | |
- name: create-json | |
id: create-json1 | |
uses: jsdaniell/create-json@1.1.2 | |
with: | |
name: "soonsool-firebase.json" | |
json: ${{ secrets.FCM }} | |
dir: './src/main/resources/firebase/' | |
# keys | |
- run : touch ./src/main/resources/keys/AuthKey_2RYD94LVWD.p8 | |
- run : echo "${{ secrets.AUTHKEY }}" > ./src/main/resources/keys/AuthKey_2RYD94LVWD.p8 | |
# gradlew에 권한 부여 | |
- name: Grant execute permission for gradlew | |
run: chmod +x gradlew | |
# gradlew 빌드 | |
- name: Build with Gradle | |
run: ./gradlew clean build | |
# 빌드를 성공하면 해당 프로젝트를 zip로 만듬 | |
# 이름은 run 에서 설정 가능 | |
- name: Make zip file | |
run: zip -r ./soonsol.zip . | |
shell: bash | |
#2 | |
# AWS 계정 설정 | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
# 깃허브 Secret에 넣어둔 Access key | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
# 깃허브 Secret에 넣어둔 Secret key | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
# 깃허브 Secret에 넣어둔 Region | |
aws-region: ${{ secrets.AWS_REGION }} | |
#3 | |
# 만들어 놓은 S3에 해당 zip 파일 저장 | |
- name: Upload to S3 | |
run: aws s3 cp --region ${{ secrets.AWS_REGION }} ./soonsol.zip s3://soonsool-back/soonsol.zip | |
#4 | |
# AWS CodeDeploy에 배포 | |
- name: Deploy | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
run: | | |
aws deploy create-deployment \ | |
--application-name soonsool-project \ | |
--deployment-group-name cicd-soonsool-prod \ | |
--file-exists-behavior OVERWRITE \ | |
--s3-location bucket=soonsool-back,bundleType=zip,key=soonsol.zip \ | |
--region ${{ secrets.AWS_REGION }} |