Change the network refrence in the pipeline #14
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Java Backend CI/CD | |
| on: | |
| push: | |
| branches: | |
| - feature/api-consistency-fix # Change this to your desired branch | |
| workflow_dispatch: # Allows manual trigger from any branch | |
| env: | |
| AWS_REGION: us-east-1 # Change to your region | |
| DOCKER_IMAGE: hexfeed-backend | |
| jobs: | |
| # PART 1: Integration (Build & Test) | |
| integration: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up JDK 24 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '24' | |
| distribution: 'temurin' | |
| cache: 'maven' | |
| - name: Build with Maven | |
| run: | | |
| cd hexfeed-backend | |
| mvn clean package -DskipTests | |
| - name: Build Docker image | |
| working-directory: hexfeed-backend | |
| run: | | |
| docker build -t ${{ env.DOCKER_IMAGE }}:${{ github.sha }} . | |
| docker tag ${{ env.DOCKER_IMAGE }}:${{ github.sha }} ${{ env.DOCKER_IMAGE }}:latest | |
| - name: Save Docker image | |
| run: docker save ${{ env.DOCKER_IMAGE }}:latest | gzip > app-image.tar.gz | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: docker-image | |
| path: app-image.tar.gz | |
| retention-days: 1 | |
| # PART 2: Deployment | |
| deployment: | |
| runs-on: ubuntu-latest | |
| needs: integration | |
| steps: | |
| - name: Download artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: docker-image | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Verify S3 access | |
| run: aws s3 ls s3://${{ secrets.S3_BUCKET }}/deployments/ | |
| - name: Upload image to S3 | |
| run: | | |
| aws s3 cp app-image.tar.gz s3://${{ secrets.S3_BUCKET }}/deployments/app-image-${{ github.sha }}.tar.gz | |
| - name: Deploy to EC2 | |
| run: | | |
| aws ssm send-command \ | |
| --instance-ids ${{ secrets.SSM_INSTANCE_ID }} \ | |
| --document-name "AWS-RunShellScript" \ | |
| --parameters 'commands=[ | |
| "cd /home/${{ secrets.EC2_USER }}", | |
| "aws s3 cp s3://${{ secrets.S3_BUCKET }}/deployments/app-image-${{ github.sha }}.tar.gz app-image.tar.gz", | |
| "docker load < app-image.tar.gz", | |
| "docker stop hexfeed-app || true", | |
| "docker rm hexfeed-app || true", | |
| "docker network inspect hexfeed_hexfeed-network >/dev/null 2>&1 || docker network create --attachable hexfeed_hexfeed-network", | |
| "docker run -d --name hexfeed-app --network hexfeed_hexfeed-network -p 8080:8080 --restart unless-stopped -e SPRING_PROFILES_ACTIVE=aws-minimal -e DB_URL=jdbc:postgresql://hexfeed-postgres:5432/hexfeed_db -e DB_USERNAME=hexfeed_user -e DB_PASSWORD=${{secrets.DB_PASSWORD}} -e JWT_SECRET=${{ secrets.JWT_SECRET }} -e SPRING_FLYWAY_VALIDATE_ON_MIGRATE=false -e CORS_ORIGINS=http://localhost:3000,https://api.mihirjain.in,https://admin.mihirjain.in ${{ env.DOCKER_IMAGE }}:latest", | |
| "docker image prune -f", | |
| "rm app-image.tar.gz" | |
| ]' \ | |
| --output text | |
| - name: Verify deployment | |
| run: | | |
| sleep 30 | |
| curl -f http://${{ secrets.EC2_HOST }}:8080/actuator/health || echo "Health check failed" |