-
Notifications
You must be signed in to change notification settings - Fork 0
224 lines (189 loc) · 10.4 KB
/
TEST_SERVER_CICD.yml
File metadata and controls
224 lines (189 loc) · 10.4 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
name: CI/CD FOR TEST_SERVER
on:
push:
branches:
- develop
env:
DOCKERHUB_REPOSITORY: fontory-test-server
jobs:
skip_check:
name: checking skip ci
runs-on: ubuntu-latest
outputs:
should_run: ${{ steps.check.outputs.should_run }}
steps:
- name: Check for [skip ci] in commit message
id: check
run: |
if echo "${{ github.event.head_commit.message }}" | grep -iq "\[skip ci\]"; then
echo "should_run=false" >> $GITHUB_OUTPUT
else
echo "should_run=true" >> $GITHUB_OUTPUT
fi
CI:
name: Continuous Integration
needs: skip_check
if: needs.skip_check.outputs.should_run == 'true'
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Get short SHA
id: slug
run: echo "sha7=$(echo ${GITHUB_SHA} | cut -c1-7)" >> $GITHUB_OUTPUT
- name: Discord Webhook Action
uses: tsickert/discord-webhook@v5.3.0
with:
webhook-url: ${{ secrets.TEST_SERVER_DISCORD_WEBHOOK_URL }}
content: |
New Commit[${{ steps.slug.outputs.sha7 }}] detected on branch ${{ github.ref_name }}
Commit Link: https://github.com/${{ github.repository }}/commit/${{ github.sha }}
GitHub Action Link: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
- name: Checkout
uses: actions/checkout@v4
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'temurin'
- name: Setup MySQL
uses: mirromutth/mysql-action@v1.1
with:
host port: 3308
mysql database: 'TESTDB'
mysql user: 'fontory'
mysql password: 'fontoryPW'
- name: Setup Redis
uses: supercharge/redis-github-action@1.7.0
with:
redis-version: 6
- name: Setup Gradle
uses: gradle/actions/setup-gradle@417ae3ccd767c252f5661f1ace9f835f9654f2b5 # v3.1.0
- name: Generate application.properties
run: |
echo "api.server.url=${{ secrets.TEST_SERVER_API_URL }}" >> ./src/main/resources/application-prod.properties
echo "commit.hash=${{ steps.slug.outputs.sha7 }}" >> ./src/main/resources/application-prod.properties
echo "spring.datasource.url=jdbc:mariadb://${{ secrets.DATASOURCE_DB_URL }}:3306/FONTORY?characterEncoding=UTF-8&serverTimezone=Asia/Seoul" >> ./src/main/resources/application-prod.properties
echo "spring.datasource.username=${{ secrets.DATASOURCE_DB_USERNAME }}" >> ./src/main/resources/application-prod.properties
echo "spring.datasource.password=${{ secrets.DATASOURCE_DB_PASSWORD }}" >> ./src/main/resources/application-prod.properties
echo "spring.data.redis.host=${{ secrets.REDIS_URL }}" >> ./src/main/resources/application-prod.properties
echo "spring.security.user.name=${{ secrets.SPRING_SECURITY_USER_NAME }}" >> ./src/main/resources/application-prod.properties
echo "spring.security.user.password=${{ secrets.SPRING_SECURITY_USER_PASSWORD }}" >> ./src/main/resources/application-prod.properties
echo "jwt.access-secret-key=${{ secrets.JWT_SECRETKEY }}" >> ./src/main/resources/application.properties
echo "jwt.refresh-secret-key=${{ secrets.JWT_REFESH_SECRETKEY }}" >> ./src/main/resources/application.properties
echo "jwt.provide-secret-key=${{ secrets.JWT_PROVIDE_SECRETKEY }}" >> ./src/main/resources/application.properties
echo "jwt.font-create-server-secret-key=${{ secrets.JWT_FONT_CREATE_SERVER_SECRETKEY }}" >> ./src/main/resources/application.properties
echo "spring.security.oauth2.client.registration.google.client-id=${{ secrets.OAUTH2_GOOGLE_CLIENT_ID }}" >> ./src/main/resources/application-infrastructure.properties
echo "spring.security.oauth2.client.registration.google.client-secret=${{ secrets.OAUTH2_GOOGLE_CLIENT_SECRET }}" >> ./src/main/resources/application-infrastructure.properties
echo "spring.security.oauth2.client.registration.google.scope=${{ secrets.OAUTH2_GOOGLE_SCOPE }}" >> ./src/main/resources/application-infrastructure.properties
echo "spring.security.oauth2.client.registration.google.redirect-uri=${{ secrets.TEST_OAUTH2_GOOGLE_REDIRECT_URI }}" >> ./src/main/resources/application-infrastructure.properties
printf "%s\n" "${{ secrets.TEST_OAUTH2_NAVER_PROPERTIES }}" >> ./src/main/resources/application-infrastructure.properties
echo "spring.cloud.aws.region.static=${{ secrets.AWS_REGION }}" >> ./src/main/resources/application-infrastructure.properties
echo "spring.cloud.aws.credentials.access-key=${{ secrets.AWS_ACCESS_KEY }}" >> ./src/main/resources/application-infrastructure.properties
echo "spring.cloud.aws.credentials.SECRET-key=${{ secrets.AWS_SECRET_KEY }}" >> ./src/main/resources/application-infrastructure.properties
echo "spring.cloud.aws.s3.bucket.profile-image=${{ secrets.AWS_BUCKET_NAME_PROFILE_IMAGE }}" >> ./src/main/resources/application-infrastructure.properties
echo "spring.cloud.aws.s3.bucket.profile-image.prefix=${{ secrets.AWS_BUCKET_NAME_PROFILE_IMAGE_PREFIX }}" >> ./src/main/resources/application-infrastructure.properties
echo "spring.cloud.aws.s3.bucket.font-paper=${{ secrets.AWS_BUCKET_NAME_FONT_PAPER }}" >> ./src/main/resources/application-infrastructure.properties
echo "spring.cloud.aws.s3.bucket.font-paper.prefix=${{ secrets.AWS_BUCKET_NAME_FONT_PAPER_PREFIX }}" >> ./src/main/resources/application-infrastructure.properties
echo "spring.cloud.aws.s3.bucket.font=${{ secrets.AWS_BUCKET_NAME_FONT }}" >> ./src/main/resources/application-infrastructure.properties
echo "spring.cloud.aws.s3.bucket.font.prefix=${{ secrets.AWS_BUCKET_NAME_FONT_PREFIX }}" >> ./src/main/resources/application-infrastructure.properties
echo "spring.cloud.aws.sqs.queue-name=${{ secrets.AWS_FONT_CREATE_QUEUE_NAME }}" >> ./src/main/resources/application-infrastructure.properties
echo "discord.webhook.error-url=${{ secrets.TEST_SERVER_DISCORD_WEBHOOK_ERROR_URL }}" >> ./src/main/resources/application-infrastructure.properties
echo "url.base=https://fontory.co.kr" >> ./src/main/resources/application-infrastructure.properties
echo "coolsms.api-key=${{ secrets.COOLSMS_API_KEY }}" >> ./src/main/resources/application-infrastructure.properties
echo "coolsms.api-secret=${{ secrets.COOLSMS_API_SECRET }}" >> ./src/main/resources/application-infrastructure.properties
echo "coolsms.phone-number=${{ secrets.COOLSMS_PHONE_NUMBER }}" >> ./src/main/resources/application-infrastructure.properties
echo "coolsms.base-url=${{ secrets.COOLSMS_BASE_URL }}" >> ./src/main/resources/application-infrastructure.properties
- name: Build with Gradle Wrapper
# run: ./gradlew test -i
run: ./gradlew build
- name: Upload jar file to Artifact
uses: actions/upload-artifact@v4
with:
name: jar_files
path: build/libs/*.jar
- name: Upload Dockerfile to Artifact
uses: actions/upload-artifact@v4
with:
name: Dockerfile
path: ./Dockerfile
CD_Delivery:
name: Delivery
needs: CI
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Download jar file from Artifact
uses: actions/download-artifact@v4
with:
name: jar_files
path: build/libs
- name: Download Dockerfile file from Artifact
uses: actions/download-artifact@v4
with:
name: Dockerfile
path: ./
- name: Log in to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Get short SHA
id: slug
run: echo "sha7=$(echo ${GITHUB_SHA} | cut -c1-7)" >> $GITHUB_OUTPUT
- name: Build, tag, and push image to DockerHub
id: build-image
env:
USERNAME: ${{ secrets.DOCKER_USERNAME }}
IMAGE_TAG: ${{ steps.slug.outputs.sha7 }}
run: |
docker build -t $USERNAME/$DOCKERHUB_REPOSITORY:$IMAGE_TAG -t $USERNAME/$DOCKERHUB_REPOSITORY:latest .
docker push $USERNAME/$DOCKERHUB_REPOSITORY --all-tags
echo "image=$USERNAME/$DOCKERHUB_REPOSITORY:$IMAGE_TAG&latest" >> $GITHUB_OUTPUT
CD_Deploy:
name: Deploy
needs: CD_Delivery
runs-on: ubuntu-latest
steps:
- name: Get short SHA
id: slug
run: echo "sha7=$(echo ${GITHUB_SHA} | cut -c1-7)" >> $GITHUB_OUTPUT
- name: Executing remote ssh commands
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.TEST_SERVER_REMOTE_IP }}
username: ${{ secrets.TEST_SERVER_REMOTE_USER }}
key: ${{ secrets.TEST_SERVER_REMOTE_PRIVATE_KEY }} # ec2 instance pem key
passphrase: ${{ secrets.TEST_SERVER_SSH_PASSPHRASE }}
port: ${{ secrets.TEST_SERVER_REMOTE_SSH_PORT }} # 접속포트
script: | # 실행할 스크립트
cd /Users/jeonghoon-lee/workspace/fontory-spring/rolling_update
./rolling-update.sh
- name: Discord Webhook Action
uses: tsickert/discord-webhook@v5.3.0
with:
webhook-url: ${{ secrets.TEST_SERVER_DISCORD_WEBHOOK_URL }}
content: |
:o: Server successfully updated!
Commit: [${{ github.sha }}]
Branch: ${{ github.ref_name }}
Commit Link: https://github.com/${{ github.repository }}/commit/${{ github.sha }}
GitHub Action Link: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
failure_notification:
name: Failure Notification
runs-on: ubuntu-latest
needs: [CI, CD_Delivery, CD_Deploy]
if: failure()
steps:
- name: Discord Webhook Action on Failure
uses: tsickert/discord-webhook@v5.3.0
with:
webhook-url: ${{ secrets.TEST_SERVER_DISCORD_WEBHOOK_URL }}
content: |
:x: A job failed in the CI/CD pipeline!
Commit: [${{ github.sha }}]
Branch: ${{ github.ref_name }}
Commit Link: https://github.com/${{ github.repository }}/commit/${{ github.sha }}
GitHub Action Link: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
Please check the logs for more details.