BE/.github/workflows/deploy.yml at develop · WritelyForWriters/BE · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
name: Deploy

on:
  push:
    branches: [ "develop", "main" ]

env:
  IMAGE_TAG: ${{ github.ref == 'refs/heads/main' && 'prod' || 'dev' }}
  INSTANCE_ID: ${{ github.ref == 'refs/heads/main' && secrets.EC2_INSTANCE_ID_PROD || secrets.EC2_INSTANCE_ID }}
  SERVICE_DOMAIN: ${{ github.ref == 'refs/heads/main' && 'api.writeon.ai.kr' || 'dev-api.writeon.ai.kr' }}

permissions:
  contents: read

jobs:
  build-and-deploy:
    runs-on: ubuntu-latest
    steps:
      - name: checkout
        uses: actions/checkout@v3
        with:
          submodules: true
          token: ${{ secrets.GH_PAT }}

      - name: Set up JDK 21
        uses: actions/setup-java@v3
        with:
          java-version: '21'
          distribution: 'temurin'

      - name: Gradle Caching
        uses: actions/cache@v3
        with:
          path: |
            ~/.gradle/caches
            ~/.gradle/wrapper
          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
          restore-keys: |
            ${{ runner.os }}-gradle-

      - name: Build with Gradle
        run: chmod +x gradlew && ./gradlew build -x test

      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v1
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: ${{ secrets.AWS_REGION }}

      - name: Login to Amazon ECR
        run: aws ecr get-login-password --region ${{ secrets.AWS_REGION }} | docker login --username AWS --password-stdin ${{ secrets.ECR_REGISTRY_URI }}

      - name: Docker build & push to ECR
        run: docker build -t ${{ secrets.ECR_REGISTRY_URI }}:${{ env.IMAGE_TAG }} -f Dockerfile-${{ env.IMAGE_TAG }} --push .

      - name: Server Deploy
        run: |
          aws ssm send-command \
            --document-name "AWS-RunShellScript" \
            --instance-ids "${{ env.INSTANCE_ID }}" \
            --parameters commands='[
              "aws ecr get-login-password --region ${{ secrets.AWS_REGION }} | docker login --username AWS --password-stdin ${{ secrets.ECR_REGISTRY_URI }}",
              "cd /root",
              "[ $(docker ps --filter 'publish=443' -q | wc -l) -gt 0 ] && docker stop $(docker ps --filter 'publish=443' -q)",
              "[ $(docker images -q ${{ secrets.ECR_REGISTRY_URI }}:${{ env.IMAGE_TAG }} | wc -l) -gt 0 ] && docker rmi ${{ secrets.ECR_REGISTRY_URI }}:${{ env.IMAGE_TAG }}",
              "docker pull ${{ secrets.ECR_REGISTRY_URI }}:${{ env.IMAGE_TAG }}",
              "docker run --rm -d -p 443:443 --name writely-api -v /writely/logs:/writely/logs -v /etc/letsencrypt/live/${{ env.SERVICE_DOMAIN }}:/writely/cert ${{ secrets.ECR_REGISTRY_URI }}:${{ env.IMAGE_TAG }}"
            ]' \
            --comment "Deploying Docker container"