Skip to content
cd-prod

Merge pull request #384 from sopt-makers/develop #62

Sign in to view logs

Merge pull request #384 from sopt-makers/develop

Merge pull request #384 from sopt-makers/develop #62

Workflow file for this run

.github/workflows/cd-prod.yml at eb960db
name: cd-prod
on:
workflow_dispatch:
push:
branches: [ main ]
jobs:
build-and-push:
runs-on: ubuntu-22.04
steps:
- name: ✅ Checkout
uses: actions/checkout@v3
- name: ⚙️ Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: 17
distribution: 'temurin'
cache: gradle
- name: 🔒 Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
# Production에서는 최근 3개 이미지만 유지하고 나머지 삭제 (수정된 버전)
- name: 🧹 Clean old ECR images (keep latest 3)
env:
ECR_REPOSITORY: ${{ secrets.AWS_ECR_REPO_PROD }}
AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
run: |
echo "Cleaning old images from ECR repository: $ECR_REPOSITORY (keeping latest 3)"
# 먼저 전체 이미지 개수 확인
TOTAL_IMAGES=$(aws ecr-public describe-images \
--region us-east-1 \
--repository-name $ECR_REPOSITORY \
--query 'length(imageDetails)' \
--output text 2>/dev/null || echo "0")
echo "Total images found: $TOTAL_IMAGES"
# 3개 이하면 삭제하지 않음
if [ "$TOTAL_IMAGES" -le 3 ]; then
echo "Total images ($TOTAL_IMAGES) is 3 or less. No cleanup needed."
else
# 오래된 이미지들의 다이제스트 추출 (최신 3개 제외) - 수정된 쿼리
OLD_IMAGES=$(aws ecr-public describe-images \
--region us-east-1 \
--repository-name $ECR_REPOSITORY \
--query 'sort_by(imageDetails, &imagePushedAt)[:-3][].{imageDigest:imageDigest}' \
--output json 2>/dev/null || echo "[]")
echo "Old images to delete: $OLD_IMAGES"
if [ "$OLD_IMAGES" != "[]" ] && [ "$OLD_IMAGES" != "" ] && [ "$OLD_IMAGES" != "null" ]; then
echo "Found old images to delete..."
aws ecr-public batch-delete-image \
--region us-east-1 \
--repository-name $ECR_REPOSITORY \
--image-ids "$OLD_IMAGES" \
&& echo "Successfully cleaned old images" \
|| echo "Failed to delete some old images"
else
echo "No old images to clean"
fi
fi
- name: 🧱 Build Image and Push to ECR
env:
AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
AWS_ECR_REPO: ${{ secrets.AWS_ECR_REPO_PROD }}
run: |
aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws
docker build -t $AWS_ECR_REPO --build-arg PROFILE=prod .
docker tag $AWS_ECR_REPO:latest public.ecr.aws/$AWS_ACCOUNT_ID/$AWS_ECR_REPO:latest
docker push public.ecr.aws/$AWS_ACCOUNT_ID/$AWS_ECR_REPO:latest
deploy:
needs: build-and-push
runs-on: ubuntu-latest
steps:
- name: ✅ Checkout
uses: actions/checkout@v3
- name: 🔒 Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- name: 📝 Copy Files from S3
env:
REGION: ${{ secrets.AWS_REGION }}
S3_BUCKET: ${{ secrets.AWS_BUCKET_NAME }}
run: |
aws s3 cp --region $REGION \
s3://$S3_BUCKET/prod/prod.env ./application.env
- name: 🔄 Transfer Files to Server
uses: appleboy/scp-action@master
with:
host: ${{ secrets.HOST_PROD }}
username: ubuntu
key: ${{ secrets.PEM_KEY_PROD }}
port: 22
source: "application.env"
target: /home/ubuntu/operation/env
overwrite: true
- name: 🚀SSH command deploy
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.HOST_PROD }}
username: ubuntu
key: ${{ secrets.PEM_KEY_PROD }}
port: 22
script: |
/home/ubuntu/operation/scripts/deploy.sh