Skip to content

Commit

Permalink
[CHORE] 배포 변경 사항 Prod script sync
Browse files Browse the repository at this point in the history
  • Loading branch information
@yummygyudon
yummygyudon committed Nov 26, 2024
1 parent 74e6744 commit d194e1b
Showing 1 changed file with 56 additions and 66 deletions.
122 changes: 56 additions & 66 deletions .github/workflows/cd-prod.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,12 +5,8 @@ on:
push:
branches: [ main ]

env:
AWS_REGION: ${{ secrets.AWS_REGION }}
AWS_ACCESS_KEY: ${{ secrets.AWS_ACCESS_KEY }}
AWS_SECRET_KEY: ${{ secrets.AWS_SECRET_KEY }}

jobs:

build-and-push-image:
runs-on: ubuntu-22.04
steps:
Expand All @@ -28,27 +24,44 @@ jobs:
run: chmod +x ./gradlew
shell: bash

- name: ⚙️ Create Gradle Property File
env:
GRADLE_PROPERTY: ${{ secrets.GRADLE_PROPERTY }}
- name: 🔒 Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }}
aws-region: ${{ secrets.AWS_REGION }}

- name: ⚙️ Create Property File
run: |
touch ./gradle.properties
echo "$GRADLE_PROPERTY" >> ./gradle.properties
touch ./src/main/resources/application.properties
echo "${{ secrets.PROPERTY_GRADLE }}" >> ./gradle.properties
echo "${{ secrets.PROPERTY_APPLICATION }}" >> ./src/main/resources/application.properties
- name: 🔒Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: $AWS_ACCESS_KEY
aws-secret-access-key: $AWS_SECRET_KEY
aws-region: $AWS_REGION
- name: 🔑 Copy Key File
env:
REGION: ${{ secrets.AWS_REGION }}
APPLE_KEY: ${{ secrets.APPLE_KEY }}
JWT_PUBLIC_KEY: ${{ secrets.JWT_PUBLIC_KEY }}
JWT_PRIVATE_KEY: ${{ secrets.JWT_PRIVATE_KEY }}
S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }}
PROPERTY_PATH: src/main/resources
run: |
aws s3 cp --region $REGION \
s3://$S3_BUCKET/prod/static/$JWT_PUBLIC_KEY $PROPERTY_PATH/$JWT_PUBLIC_KEY
aws s3 cp --region $REGION \
s3://$S3_BUCKET/prod/static/$JWT_PRIVATE_KEY $PROPERTY_PATH/$JWT_PRIVATE_KEY
aws s3 cp --region $REGION \
s3://$S3_BUCKET/prod/static/$APPLE_KEY $PROPERTY_PATH/$APPLE_KEY
- name: 🧱 Build Image and Push to ECR
env:
AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
AWS_ECR_REPO: ${{ secrets.AWS_ECR_DEV_REPOSITORY_NAME }}
AWS_ECR_REPO: ${{ secrets.AWS_ECR_REPO_PROD }}
run: |
aws ecr-public get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin public.ecr.aws/$AWS_ACCOUNT_ID
docker build -t $AWS_ECR_REPO:latest .
aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws
docker build -t $AWS_ECR_REPO .
docker tag $AWS_ECR_REPO:latest public.ecr.aws/$AWS_ACCOUNT_ID/$AWS_ECR_REPO:latest
docker push public.ecr.aws/$AWS_ACCOUNT_ID/$AWS_ECR_REPO:latest
Expand All @@ -57,63 +70,40 @@ jobs:
needs: build-and-push-image
runs-on: ubuntu-22.04
steps:
- name: ⚙️ Create Application Property Files
env:
APPLICATION_PROPERTY: ${{ secrets.APPLICATION_PROPERTY }}
JWT_PUBLIC_KEY_PEM: ${{ secrets.JWT_PROD_RSA_PUBLIC_KEY }}
JWT_PRIVATE_KEY_PEM: ${{ secrets.JWT_PROD_RSA_PRIVATE_KEY }}
APPLE_CREDENTIAL_KEY: ${{ secrets.APPLE_PROD_AUTH_P8_NAME }}
APPLE_CREDENTIAL_CONTENT: ${{ secrets.APPLE_PROD_AUTH_P8_CONTENT }}
run: |
mkdir -p property
touch ./property/application.properties
echo "$APPLICATION_PROPERTY" >> ./property/application.properties
touch ./property/jwt_public_key.pem
echo "$JWT_PUBLIC_KEY_PEM" >> ./property/jwt_public_key.pem
touch ./property/$APPLE_CREDENTIAL_KEY
echo "$APPLE_CREDENTIAL_CONTENT" >> ./property/$APPLE_CREDENTIAL_KEY
- name: 🔒 Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }}
aws-region: ${{ secrets.AWS_REGION }}

- name: 📄 Create Script Files
- name: 📝 Copy Script File
env:
DEPLOY_SCRIPT: ${{ secrets.DEPLOY_SCRIPT }}
SWITCH_SCRIPT: ${{ secrets.SWITCH_SCRIPT }}
VALIDATE_SCRIPT: ${{ secrets.VALIDATE_SCRIPT }}
REGION: ${{ secrets.AWS_REGION }}
S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }}
run: |
mkdir -p script
touch ./script/deploy.sh
echo "$DEPLOY_SCRIPT" >> ./script/deploy.sh
touch ./script/switch.sh
echo "$SWITCH_SCRIPT" >> ./script/switch.sh
touch ./script/valid.sh
echo "$VALIDATE_SCRIPT" >> ./script/valid.sh
shell: bash
mkdir script
aws s3 cp --region $REGION \
s3://$S3_BUCKET/prod/script/deploy.sh script/deploy.sh
aws s3 cp --region $REGION \
s3://$S3_BUCKET/prod/script/switch.sh script/switch.sh
aws s3 cp --region $REGION \
s3://$S3_BUCKET/prod/script/valid.sh script/valid.sh
- name: 📁 Make files to zip
run: zip -r ./$GITHUB_SHA.zip ./script ./property
run: zip -r ./$GITHUB_SHA.zip ./script
shell: bash

- name: 🔑 Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: $AWS_ACCESS_KEY
aws-secret-access-key: $AWS_SECRET_KEY
aws-region: $AWS_REGION

- name: 🚀 Upload Property Zip to S3 and Create Code Deploy
env:
AWS_DEPLOY_APPLICATION_NAME: ${{ secrets.AWS_DEPLOY_APPLICATION_NAME }}
AWS_DEPLOY_GROUP_NAME: ${{ secrets.AWS_PROD_DEPLOY_GROUP_NAME }}
AWS_BUCKET_NAME: ${{ secrets.AWS_BUCKET_NAME }}
AWS_BUCKET_DEPLOY_PATH: ${{ secrets.AWS_BUCKET_PROD_DEPLOY_PATH }}
REGION: ${{ secrets.AWS_REGION }}
DEPLOY_APPLICATION: ${{ secrets.AWS_DEPLOY_APPLICATION }}
DEPLOY_GROUP: ${{ secrets.AWS_DEPLOY_GROUP_PROD }}
S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }}
run: |
aws s3 cp --region $AWS_REGION ./$GITHUB_SHA.zip s3://$AWS_BUCKET_NAME$AWS_BUCKET_DEPLOY_PATH/$GITHUB_SHA.zip
aws s3 cp --region $REGION ./$GITHUB_SHA.zip s3://$S3_PATH/prod/deploy/$GITHUB_SHA.zip
aws deploy create-deployment --application-name $AWS_DEPLOY_APPLICATION_NAME
--deployment-config-name CodeDeployDefault.AllAtOnce
--deployment-group-name $AWS_DEPLOY_GROUP_NAME
--s3-location bucket=$AWS_BUCKET_NAME,bundleType=zip,key=$AWS_BUCKET_DEPLOY_PATH/$GITHUB_SHA.zip
--deployment-group-name $DEPLOY_GROUP
--s3-location bucket=$AWS_BUCKET_NAME,bundleType=zip,key=prod/deploy/$GITHUB_SHA.zip

0 comments on commit d194e1b

Please sign in to comment.