ci: ECS 배포 스크립트 추가

9oormthon-univ · Mar 16, 2024 · 566f6b1 · 566f6b1
1 parent 0b2326e
commit 566f6b1
Showing 1 changed file with 42 additions and 39 deletions.
diff --git a/.github/workflows/CD.yml b/.github/workflows/CD.yml
@@ -4,6 +4,12 @@ on:
   push:
     branches:
       - master
+      - ci/#4 #for testing !!
+
+permissions:
+  contents: read
+  actions: read
+  id-token: write
 
 jobs:
   deploy:
@@ -15,59 +21,56 @@ jobs:
         with:
           token: ${{ secrets.GIT_TOKEN }}
           submodules: true
-
       - name: Setup Java 17
         uses: actions/setup-java@v3
         with:
           java-version: '17'
           distribution: 'adopt'
-
       - name: Update Git submodules
         run: git submodule update --remote --recursive
-
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: arn:aws:iam::125183404358:role/VacgomGithubActionAssumeRole
+          aws-region: ap-northeast-2
+      - name: Login to Amazon ECR
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v1
+      - name: Invoke Gradle
+        uses: gradle/gradle-build-action@v2
       - name: Grant execute permission for gradlew
         run: chmod +x gradlew
-
-      - name: Build with Gradle
-        run: ./gradlew clean build --debug
-
+      - name: Build, tag, and push image to Amazon ECR
+        env:
+          PROFILE: dev
+          IMAGE_REPO_URL: ${{ steps.login-ecr.outputs.registry }}/vacgom
+          IMAGE_TAG: ${{ github.sha }}
+        run: ./gradlew jib --parallel
+      - name: Download Task Definition
+        run: |
+          aws ecs describe-task-definition \
+          --task-definition vacgom-taskdef \
+          --query taskDefinition \
+          > task-definition.json
+      - name: Update Task Definition
+        id: task-def
+        uses: aws-actions/amazon-ecs-render-task-definition@v1
+        with:
+          task-definition: task-definition.json
+          container-name: backend
+          image: ${{ steps.login-ecr.outputs.registry }}/vacgom:${{ github.sha }}
+      - name: Deploy Amazon ECS task definition
+        uses: aws-actions/amazon-ecs-deploy-task-definition@v1
+        with:
+          task-definition: ${{ steps.task-def.outputs.task-definition }}
+          service: vacgom-best-service
+          cluster: vacgom-cluster
+          wait-for-service-stability: true
       - name: Get current time
         uses: 1466587594/get-current-time@v2
         id: current-time
         with:
           format: YYYY-MM-DDTHH-mm-ss
           utcOffset: "+09:00"
-
       - name: Show Current Time
         run: echo "CurrentTime=${{steps.current-time.outputs.formattedTime}}"
-
-      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v1
-        with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          aws-region: ap-northeast-2
-
-      - name: Login to Amazon ECR
-        id: login-ecr
-        uses: aws-actions/amazon-ecr-login@v1
-
-      - name: Build, tag, and push image to Amazon ECR
-        run: |
-          docker build -t vacgom:${{steps.current-time.outputs.formattedTime}} .
-          docker tag vacgom:${{steps.current-time.outputs.formattedTime}} ${{ secrets.ECR_URI }}:${{steps.current-time.outputs.formattedTime}}
-          docker push ${{ secrets.ECR_URI }}:${{steps.current-time.outputs.formattedTime}}
-
-      - name: SSH into EC2 instance
-        uses: appleboy/ssh-action@master
-        with:
-          host: ${{ secrets.EC2_HOST }}
-          username: ${{ secrets.EC2_USERNAME }}
-          key: ${{ secrets.EC2_PRIVATE_KEY }}
-          port: ${{ secrets.EC2_SSH_PORT }}
-          script: |
-            aws ecr get-login-password | docker login --username AWS --password-stdin ${{ secrets.ECR_URI }}
-            docker pull ${{ secrets.ECR_URI }}:${{ steps.current-time.outputs.formattedTime }}
-            docker ps -f name=vacgom-api -q | xargs --no-run-if-empty docker container stop
-            docker ps -a -f name=vacgom-api -q | xargs --no-run-if-empty docker container rm
-            docker run -d --name vacgom-api -p 80:8080 ${{ secrets.ECR_URI }}:${{ steps.current-time.outputs.formattedTime }}