Merge pull request #142 from team-pixels-dev/dev #56

Workflow file for this run

	name: CD Pipeline
	on:
	push:
	branches:
	- main

	env:
	AWS_REGION: ${{ vars.AWS_REGION }}
	ECR_REPOSITORY_SPRING: ${{ vars.ECR_REPOSITORY_SPRING }}
	CONTAINER_NAME_SPRING: ${{ vars.CONTAINER_NAME_SPRING }}
	ECR_REPOSITORY_FLUENT_BIT: ${{ vars.ECR_REPOSITORY_FLUENT_BIT }}
	CONTAINER_NAME_FLUENT_BIT: ${{ vars.CONTAINER_NAME_FLUENT_BIT }}
	ECS_SERVICE: ${{ vars.ECS_SERVICE }}
	ECS_CLUSTER: ${{ vars.ECS_CLUSTER }}
	DB_URL: ${{ secrets.DB_URL }}
	DB_USERNAME: ${{ secrets.DB_USERNAME }}
	DB_PASSWORD: ${{ secrets.DB_PASSWORD }}
	SPRING_ACTIVE_PROFILE: ${{ vars.SPRING_ACTIVE_PROFILE }}
	JWT_SECRET: ${{ secrets.JWT_SECRET }}
	FCM_PROJECT_ID: ${{ secrets.FCM_PROJECT_ID }}
	AWS_ACCESS_KEY: ${{ secrets.AWS_ACCESS_KEY }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	MAIL_PASSWORD: ${{ secrets.MAIL_PASSWORD }}

	permissions:
	contents: read

	jobs:
	deploy:
	name: Deploy
	runs-on: ubuntu-latest
	environment: production

	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Create firebase_admin_sdk_private_key.json from Secrets
	run: \|
	mkdir -p $GITHUB_WORKSPACE/src/main/resources/key
	echo "${{ secrets.FIREBASE_ADMIN_SDK_PRIVATE_KEY }}" \| base64 --decode > $GITHUB_WORKSPACE/src/main/resources/key/firebase_admin_sdk_private_key.json

	- name: Grant execute permission for gradlew
	run: chmod +x gradlew

	- name: Build with Gradle
	run: ./gradlew build

	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-access-key-id: ${{ env.AWS_ACCESS_KEY }}
	aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }}
	aws-region: ${{ env.AWS_REGION }}

	- name: Download fluent-bit.conf from S3
	run: \|
	aws s3 cp s3://earlybird-fluent-bit-conf/fluent-bit.conf fluent-bit/fluent-bit.conf

	- name: Login to Amazon ECR
	id: login-ecr
	uses: aws-actions/amazon-ecr-login@v2

	- name: Build, tag, and push image to Amazon ECR [Spring]
	id: build-image-spring
	env:
	ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
	IMAGE_TAG: ${{ github.sha }}
	run: \|
	# Build a docker container and
	# push it to ECR so that it can
	# be deployed to ECS.
	docker build -t $ECR_REGISTRY/$ECR_REPOSITORY_SPRING:$IMAGE_TAG .
	docker push $ECR_REGISTRY/$ECR_REPOSITORY_SPRING:$IMAGE_TAG
	echo "image=$ECR_REGISTRY/$ECR_REPOSITORY_SPRING:$IMAGE_TAG" >> $GITHUB_OUTPUT

	- name: Build, tag, and push image to Amazon ECR [Fluent Bit]
	id: build-image-fluent-bit
	env:
	ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
	IMAGE_TAG: ${{ github.sha }}
	run: \|
	# Build a docker container and
	# push it to ECR so that it can
	# be deployed to ECS.
	docker build -t $ECR_REGISTRY/$ECR_REPOSITORY_FLUENT_BIT:$IMAGE_TAG -f ./fluent-bit/Dockerfile-fluent-bit \
	--build-arg LOKI_HTTP_USER=${{ secrets.LOKI_HTTP_USER }} \
	--build-arg LOKI_HTTP_PASSWD=${{ secrets.LOKI_HTTP_PASSWD }} \
	--build-arg LOKI_HOST=${{ secrets.LOKI_HOST }} \
	--build-arg LOKI_PORT=${{ secrets.LOKI_PORT }} \
	--build-arg LOKI_S3_BUCKET=${{ secrets.LOG_S3_BUCKET }} .
	docker push $ECR_REGISTRY/$ECR_REPOSITORY_FLUENT_BIT:$IMAGE_TAG
	echo "image=$ECR_REGISTRY/$ECR_REPOSITORY_FLUENT_BIT:$IMAGE_TAG" >> $GITHUB_OUTPUT

	- name: Get Latest ECS Task Definition ARN
	id: get-latest-task-df
	run: \|
	LATEST_TASK_DEF=$(aws ecs describe-task-definition \
	--task-definition earlybird-server \
	--query 'taskDefinition.taskDefinitionArn' \
	--output text)
	echo "ECS_TASK_DEFINITION_ARN=$LATEST_TASK_DEF" >> $GITHUB_ENV

	- name: Fill in the new image ID in the Amazon ECS task definition [Spring]
	id: task-def-spring
	uses: aws-actions/amazon-ecs-render-task-definition@v1
	with:
	task-definition-arn: ${{ env.ECS_TASK_DEFINITION_ARN }}
	container-name: ${{ env.CONTAINER_NAME_SPRING }}
	image: ${{ steps.build-image-spring.outputs.image }}

	- name: Fill in the new image ID in the Amazon ECS task definition [Fluent Bit]
	id: task-def-fluent-bit
	uses: aws-actions/amazon-ecs-render-task-definition@v1
	with:
	task-definition: ${{ steps.task-def-spring.outputs.task-definition }}
	container-name: ${{ env.CONTAINER_NAME_FLUENT_BIT }}
	image: ${{ steps.build-image-fluent-bit.outputs.image }}


	- name: Deploy Amazon ECS task definition
	uses: aws-actions/amazon-ecs-deploy-task-definition@v2
	with:
	task-definition: ${{ steps.task-def-fluent-bit.outputs.task-definition }}
	service: ${{ env.ECS_SERVICE }}
	cluster: ${{ env.ECS_CLUSTER }}
	wait-for-service-stability: true

	slack-reporting:
	runs-on: ubuntu-latest
	needs: [ deploy ]
	env:
	deploy-result: ${{ needs.deploy.result }}
	if: always()
	steps:
	- name: Determine workflow status
	run: \|
	if [[ "${{ env.deploy-result }}" == "success" ]]; then
	echo "status=success ✅" >> $GITHUB_ENV
	else
	echo "status=failure ❌" >> $GITHUB_ENV
	fi

	- name: Send Slack Notification
	uses: slackapi/[email protected]
	with:
	webhook: ${{ secrets.SLACK_WEBHOOK_URL }}
	webhook-type: incoming-webhook
	payload: \|
	blocks:
	- type: "section"
	text:
	type: "mrkdwn"
	text: "
	🚀 GitHub Actions CD Workflow 실행 결과\n
	Result\n
	- ${{ env.status }}\n
	Repository\n
	- ${{ github.repository }}\n
	"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Merge pull request #142 from team-pixels-dev/dev #56

Workflow file

Merge pull request #142 from team-pixels-dev/dev #56

Uh oh!

Workflow file for this run