RecipeServer/.github/workflows/develop.yml at main · Recipe-Project/RecipeServer · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle

name: Java CI with Gradle

on:
  push:
    branches: [ "develop" ]

permissions:
  contents: read

jobs:
  build:

    runs-on: ubuntu-latest

    steps:

    - uses: actions/checkout@v3

    - name: Set up JDK 11
      uses: actions/setup-java@v3
      with:
        java-version: '11'
        distribution: 'temurin'

    # application.yml 파일 복사
    - name: Copy application.yml
      env:
        APPLICATION_YML_FILE: ${{ secrets.APPLICATION_YML }}
      run: echo $APPLICATION_YML_FILE | base64 --decode > src/main/resources/application.yml

    # recipeapp-key.json 파일 복사
    - name: Copy recipeapp-key.json
      env:
        RECIPEAPP_KEY_FILE: ${{ secrets.RECIPEAPP_KEY }}
      run: echo $RECIPEAPP_KEY_FILE | base64 --decode > src/main/resources/recipeapp-key.json

    # secret 파일 디렉토리 생성
    - name: Create secret directory
      run: mkdir src/main/java/com/recipe/app/config/secret

    # Secret.java 파일 복사
    - name: Copy Secret.java
      env:
        SECRET_JAVA_FILE: ${{ secrets.SECRET_JAVA }}
      run: echo $SECRET_JAVA_FILE | base64 --decode > src/main/java/com/recipe/app/config/secret/Secret.java

    # keystore.p12 파일 복사
    - name: Copy keystore.p12
      env:
        KEYSTORE_FILE: ${{ secrets.KEYSTORE }}
      run: echo $KEYSTORE_FILE | base64 --decode -i > keystore.p12

    # 빌드 파일 권한 수정
    - name: Grant execute permission for gradlew
      run: chmod +x gradlew

    # gradle 빌드
    - name: Build with Gradle
      run: ./gradlew clean build

    # 전송할 파일을 담을 디렉토리 생성
    - name: Make Directory for deliver
      run: mkdir deploy

    # Jar 파일 Copy
    - name: Copy Jar
      run: cp ./build/libs/*.jar ./deploy/

    # appspec.yml Copy
    - name: Copy appspec
      run: cp appspec.yml ./deploy/

    # 쉘스크립트 deploy 폴더로 복사
    - name: Copy shell
      run: |
        cp ./scripts/start.sh ./deploy/start.sh
        cp ./scripts/stop.sh ./deploy/stop.sh

    # keystore.p12 deploy 폴더로 복사
    - name: Copy keystore
      run: |
        cp ./keystore.p12 ./deploy/keystore.p12

    # 압축파일 형태로 전달
    - name: Make zip file
      run: zip -r -qq -j ./recipe-storage-build.zip ./deploy

    # 압축한 파일 S3 Bucket으로 업로드
    - name: Deliver to AWS S3
      env:
        AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
        AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
      run: |
        aws s3 cp \
          --region ap-northeast-2 \
          --acl private \
          ./recipe-storage-build.zip s3://recipe-storage-github-actions-s3-bucket/

    # EC2 서버에 deploy
    - name: Deploy
      env:
        AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
        AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
      run: |
        aws deploy create-deployment \
          --application-name recipe-storage-codedeploy-app \
          --deployment-group-name recipe-storage-codedeploy-deployment-app \
          --file-exists-behavior OVERWRITE \
          --s3-location bucket=recipe-storage-github-actions-s3-bucket,bundleType=zip,key=recipe-storage-build.zip \
          --region ap-northeast-2