first commit #3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI/CD with GitHub Actions & ECR | |
# Workflow trigger: Runs when a push event occurs to the main branch | |
on: | |
push: | |
branches: | |
- main | |
env: | |
AWS_REGION: ${{ secrets.AWS_REGION }} | |
ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} | |
ECS_CLUSTER: ${{ secrets.ECS_CLUSTER }} | |
ECS_SERVICE: ${{ secrets.ECS_SERVICE }} | |
ECS_TASK_DEFINITION: ${{ secrets.ECS_TASK_DEFINITION }} | |
CONTAINER_NAME: ${{ secrets.CONTAINER_NAME }} | |
CODEDEPLOY_APPLICATION: ${{ secrets.CODEDEPLOY_APPLICATION }} | |
CODEDEPLOY_DEPLOYMENT_GROUP: ${{ secrets.CODEDEPLOY_DEPLOYMENT_GROUP }} | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
# Checkout the repository including submodules | |
- name: Checkout submodules | |
uses: actions/checkout@v3 | |
with: | |
submodules: recursive | |
token: ${{ secrets.GIT_TOKEN_FOR_SUBMODULE }} | |
# Set up JDK 21 for the Spring Boot project | |
- name: Set up JDK 21 | |
uses: actions/setup-java@v3 | |
with: | |
java-version: '21' | |
distribution: 'temurin' | |
# Grant execute permission to gradlew | |
- name: Grant execute permission to gradlew | |
run: chmod +x ./gradlew | |
# Build the Spring Boot project and generate a JAR file | |
- name: Build Spring Boot Project to JAR File | |
run: ./gradlew clean :execute:bootJar | |
# Configure AWS credentials for ECR and ECS | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: ${{ env.AWS_REGION }} | |
# Login to Amazon ECR | |
- name: Login to Amazon ECR | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v1 | |
# Build, tag, and push the Docker image to Amazon ECR | |
- name: Build, tag, and push image to Amazon ECR | |
id: build-image | |
env: | |
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
IMAGE_TAG: ${{ github.sha }} | |
run: | | |
docker build --build-arg JAR_FILE=build/libs/*.jar -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . | |
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG | |
echo "IMAGE=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_ENV | |
# $GITHUB_ENV : 작업(Job) 내 모든 스텝에서 사용 가능 - $VARIABLE 환경 변수로 직접 참조 | |
# $GITHUB_OUTPUT : 특정 스텝에서만 설정한 출력값 전달 가능 - steps.<step_id>.outputs.<name>로 참조 | |
# Download the current Amazon ECS task definition | |
- name: Download Amazon ECS task definition | |
run: | | |
aws ecs describe-task-definition --task-definition ${{ env.ECS_TASK_DEFINITION }} --query taskDefinition > task-definition.json | |
# Fill in the new image ID in the Amazon ECS task definition | |
- name: Fill in the new image ID in the ECS task definition | |
id: task-def | |
uses: aws-actions/amazon-ecs-render-task-definition@v1 | |
with: | |
task-definition: task-definition.json | |
container-name: ${{ env.CONTAINER_NAME }} | |
image: ${{ env.IMAGE }} | |
# Deploy the updated ECS task definition | |
- name: Deploy ECS task definition | |
uses: aws-actions/amazon-ecs-deploy-task-definition@v1 | |
with: | |
task-definition: ${{ steps.task-def.outputs.task-definition }} | |
service: ${{ env.ECS_SERVICE }} | |
cluster: ${{ env.ECS_CLUSTER }} | |
codedeploy-appspec: appspec.yml | |
codedeploy-application: ${{ env.CODEDEPLOY_APPLICATION }} | |
codedeploy-deployment-group: ${{ env.CODEDEPLOY_DEPLOYMENT_GROUP }} |