-
Notifications
You must be signed in to change notification settings - Fork 1
150 lines (128 loc) · 4.64 KB
/
deploy_prod.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
name: Deploy Keeper Production Server
on: workflow_dispatch
jobs:
deploy_production:
runs-on: ubuntu-22.04
timeout-minutes: 10
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Login to ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Setup JDK
uses: actions/setup-java@v3
with:
java-version: 17
distribution: temurin
- name: Create Cache Docker Image Directory
run: mkdir -p ~/db-docker-image
- name: Check Gradle Cache
id: cache
run: |
RESULT=$(curl \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer ${{ secrets.API_GITHUB_TOKEN }}" \
"${{ secrets.GRADLE_CACHE_PATH }}-1")
if [[ $RESULT == *"created_at"* ]]
then
echo "new=2" >> $GITHUB_OUTPUT
echo "old=1" >> $GITHUB_OUTPUT
else
echo "new=1" >> $GITHUB_OUTPUT
echo "old=2" >> $GITHUB_OUTPUT
fi
- name: Cache DB Docker Image
id: db-docker-image
uses: actions/cache@v3
with:
path: ~/db-docker-image
key: db-docker-image-${{ runner.os }}
- name: Cache Gradle
uses: actions/cache@v3
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: ${{ runner.os }}-gradle-${{ steps.cache.outputs.new }}
restore-keys: |
${{ runner.os }}-gradle-
- name: Pull DB Image From ECR
if: steps.db-docker-image.outputs.cache-hit != 'true'
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
run: |
docker pull $ECR_REGISTRY/keeper-homepage-db:${{ secrets.KEEPER_DB_TAG }}
docker save -o \
~/db-docker-image/keeper-homepage-db.tar \
$ECR_REGISTRY/keeper-homepage-db:${{ secrets.KEEPER_DB_TAG }}
- name: Create Docker Env File
working-directory: ./docker
run: |
echo '${{ secrets.DOCKER_ENV }}' >> .env
echo "ECR_REGISTRY=${{ steps.login-ecr.outputs.registry }}" >> .env
- name: Create application.yml
working-directory: ./src/main/resources
env:
APPLICATION_YML: ${{ secrets.APPLICATION_YML }}
run: |
echo '${{ secrets.APPLICATION_YML }}' >> application.yml
echo '${{ secrets.APPLICATION_DEPLOY_YML }}' >> application-deploy.yml
- name: Start Containers
working-directory: ./docker
run: docker-compose -p keeper up -d
- name: Build & Test
run: |
./gradlew build --daemon --build-cache --parallel
java -Djarmode=layertools -jar build/libs/homepage-0.0.1-SNAPSHOT.jar extract
- name: Compress
run: |
tar -zcf ${GITHUB_SHA::8}.tar.gz \
dependencies \
snapshot-dependencies \
spring-boot-loader \
application
- name: Upload to S3
run: |
aws s3 mv --region ${{ secrets.AWS_REGION }} \
${GITHUB_SHA::8}.tar.gz \
${{ secrets.S3_PROD_BACK_LOCATION }}/${GITHUB_SHA::8}.tar.gz
- name: Deploy
uses: appleboy/[email protected]
with:
host: ${{ secrets.SSH_HOST }}
username: ${{ secrets.SSH_USERNAME }}
port: ${{ secrets.SSH_PORT }}
key: ${{ secrets.SSH_KEY }}
envs: GITHUB_SHA
script: |
cd ~/keeper/renewal/deploy
./deploy_server.sh ${GITHUB_SHA::8} prod
- name: Delete Previous Gradle Cache
run: |
curl \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer ${{ secrets.API_GITHUB_TOKEN }}" \
"${{ secrets.GRADLE_CACHE_PATH }}-${{ steps.cache.outputs.old }}"
- name: Update Test Result
if: failure()
run: |
aws s3 cp --region ${{ secrets.AWS_REGION }} --recursive \
build/reports/tests/test \
${{ secrets.S3_TEST_REPORT }} --recursive
- name: Notify Slack
if: always()
uses: 8398a7/action-slack@v3
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
with:
status: ${{ job.status }}
author_name: Keeper Production Backend CICD
fields: repo, commit, message, author, action, took