v1.1.3 #32

Workflow file for this run

.github/workflows/production-build-deploy.yml at d5cfb87

	name: Production Build & Deploy

	on:
	push:
	tags:
	- v..*

	permissions:
	id-token: write
	contents: read

	env:
	DOCKERHUB_IMAGE_NAME: walwal-server

	jobs:
	build-deploy:
	runs-on: ubuntu-latest
	environment: PROD
	strategy:
	matrix:
	java-version: [ 17 ]
	distribution: [ 'temurin' ]
	steps:
	# 체크아웃
	- name: Checkout
	uses: actions/checkout@v4

	# Docker 이미지 태그 세팅
	- name: Set up image-tag by GITHUB_SHA
	id: image-tag
	run: echo "value=$(cut -d'v' -f2 <<< ${GITHUB_REF#refs/*/})" >> $GITHUB_OUTPUT

	# JDK 17 버전으로 세팅
	- name: Set up JDK 17
	uses: actions/setup-java@v4
	with:
	java-version: ${{ matrix.java-version }}
	distribution: ${{ matrix.distribution }}

	# Gradlew 실행 허용
	- name: Run chmod to make gradlew executable
	run: chmod +x ./gradlew

	# Redis 컨테이너 실행
	- name: Start containers
	run: docker compose -f ./docker-compose-test.yaml up -d

	# Gradle 빌드
	- name: Setup Gradle
	uses: gradle/actions/setup-gradle@v3
	with:
	cache-read-only: ${{ github.ref != 'refs/heads/main' && github.ref != 'refs/heads/develop' }} # feature 브랜치는 캐시를 읽기 전용으로 설정
	cache-encryption-key: ${{ secrets.GRADLE_CACHE_ENCRYPTION_KEY }}
	add-job-summary-as-pr-comment: always
	build-scan-publish: true
	build-scan-terms-of-use-url: "https://gradle.com/help/legal-terms-of-use"
	build-scan-terms-of-use-agree: "yes"

	- name: Build with Gradle
	id: gradle
	run: ./gradlew build --configuration-cache

	# Dockerhub 로그인
	- name: Login to Dockerhub
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_TOKEN }}

	# Docker 메타데이터 추출
	- name: Extract Docker metadata
	id: metadata
	uses: docker/[email protected]
	env:
	DOCKERHUB_IMAGE_FULL_NAME: ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.DOCKERHUB_IMAGE_NAME }}
	with:
	images: ${{ env.DOCKERHUB_IMAGE_FULL_NAME }}
	tags: \|
	type=semver,pattern={{version}}
	flavor: \|
	latest=false

	# 멀티 아키텍처 지원을 위한 QEMU 설정
	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3

	# 도커 확장 빌드를 위한 Buildx 설정
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	# 이미지 빌드 및 Dockerhub에 푸시
	- name: Docker Build and Push
	uses: docker/build-push-action@v5
	with:
	context: .
	platforms: linux/arm64
	push: true
	tags: ${{ secrets.DOCKERHUB_USERNAME }}/walwal-server:${{ steps.image-tag.outputs.value }}

	# AWS 로그인
	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
	aws-region: ap-northeast-2
	output-config: true

	# 복사 경로 환경변수 설정
	- name: Set up S3 copy path
	env:
	S3_DEPLOY_BUCKET_NAME: ${{ secrets.S3_DEPLOY_BUCKET_NAME }}
	run: echo "S3_COPY_PATH=$(echo s3://${S3_DEPLOY_BUCKET_NAME}/walwal-prod/docker-compose.yaml)" >> $GITHUB_ENV

	# S3로 docker-compose 파일 전송
	- name: Copy docker-compose file to S3
	run: aws s3 cp docker-compose.yaml ${{ env.S3_COPY_PATH }}

	- name: Deploy to EC2 Server
	uses: appleboy/ssh-action@master
	env:
	DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
	IMAGE_FULL_URL: ${{ steps.metadata.outputs.tags }}
	with:
	host: ${{ secrets.EC2_HOST }}
	username: ${{ secrets.EC2_USERNAME }}
	key: ${{ secrets.EC2_PRIVATE_KEY }}
	envs: IMAGE_FULL_URL # docker-compose.yaml 에서 사용할 환경 변수
	script: \|
	aws s3 cp ${{ env.S3_COPY_PATH }} docker-compose.yaml
	echo "${{ secrets.DOCKERHUB_TOKEN }}" \| docker login -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin
	docker pull ${{ env.IMAGE_FULL_URL }}
	docker compose up -d
	docker image prune -a -f

	## Slack
	- name: Slack Alarm
	uses: 8398a7/action-slack@v3
	with:
	status: ${{ job.status }}
	author_name: GitHub-Actions CI/CD
	fields: repo,message,commit,author,ref,job,took
	env:
	SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} # required
	if: always() # Pick up events even if the job fails or is canceled.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

v1.1.3 #32

Workflow file

v1.1.3 #32

Jobs

Run details

Workflow file for this run