cicd: 백엔드 수정사항 반영을 위한 재배포 #29
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CD Pipeline | |
| on: | |
| push: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| inputs: | |
| module: | |
| description: 'Select module to deploy' | |
| required: true | |
| default: 'app' | |
| type: choice | |
| options: | |
| - app | |
| - admin | |
| - batch | |
| jobs: | |
| detect_changes: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| app_changed: ${{ steps.filter.outputs.app }} | |
| admin_changed: ${{ steps.filter.outputs.admin }} | |
| batch_changed: ${{ steps.filter.outputs.batch }} | |
| storage_changed: ${{ steps.filter.outputs.storage }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - id: filter | |
| uses: dorny/paths-filter@v2 | |
| with: | |
| filters: | | |
| app: | |
| - 'app/**' | |
| admin: | |
| - 'admin/**' | |
| batch: | |
| - 'batch/**' | |
| storage: | |
| - 'storage/**' | |
| deploy-app: | |
| needs: detect_changes | |
| if: | | |
| github.event_name == 'workflow_dispatch' && github.event.inputs.module == 'app' || | |
| needs.detect_changes.outputs.app_changed == 'true' || | |
| needs.detect_changes.outputs.storage_changed == 'true' | |
| runs-on: ubuntu-latest | |
| env: | |
| FULL_SHA: ${{ github.sha }} | |
| steps: | |
| - name: Set short SHA | |
| run: echo "IMAGE_TAG=${FULL_SHA::7}" >> $GITHUB_ENV | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '17' | |
| distribution: 'corretto' | |
| - name: Cache Gradle packages | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.gradle/caches | |
| ~/.gradle/wrapper | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: | | |
| ${{ runner.os }}-gradle- | |
| - name: Build app module | |
| run: ./gradlew :app:clean :app:build | |
| env: | |
| DB_URL: ${{ secrets.MYSQL_URL }} | |
| DB_USERNAME: ${{ secrets.MYSQL_USERNAME }} | |
| DB_PASSWORD: ${{ secrets.MYSQL_PASSWORD }} | |
| JWT_SECRET: ${{ secrets.JWT_SECRET }} | |
| JWT_ACCESS_EXPIRATION: ${{ secrets.JWT_ACCESS_EXPIRATION }} | |
| JWT_REFRESH_EXPIRATION: ${{ secrets.JWT_REFRESH_EXPIRATION }} | |
| JWT_ISSUER: ${{ secrets.JWT_ISSUER }} | |
| KAKAO_CLIENT_ID: ${{ secrets.KAKAO_CLIENT_ID }} | |
| KAKAO_REDIRECT_URI: ${{ secrets.KAKAO_REDIRECT_URI }} | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
| - name: Build and push multi-arch app Docker image | |
| run: | | |
| docker buildx build --platform linux/amd64,linux/arm64 \ | |
| -t ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.PROJECT_NAME }}-app:${IMAGE_TAG} \ | |
| --push ./app | |
| - name: Checkout manifest repo | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: Mango-Butter/dev-manifests | |
| token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} # 권한 있는 토큰 필요 | |
| path: dev-manifests | |
| - name: Update image tag in manifest | |
| run: | | |
| cd dev-manifests/manifests/app | |
| sed -i "s|image:.*|image: docker.io/${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.PROJECT_NAME }}-app:${IMAGE_TAG}|g" app-deployment.yaml | |
| - name: Commit and push manifest update | |
| run: | | |
| cd dev-manifests | |
| git config user.name "github-actions" | |
| git config user.email "actions@github.com" | |
| git add . | |
| git commit -m "Update app image tag to ${IMAGE_TAG}" | |
| git push origin main | |
| deploy-batch: | |
| needs: detect_changes | |
| if: | | |
| github.event_name == 'workflow_dispatch' && github.event.inputs.module == 'batch' || | |
| needs.detect_changes.outputs.batch_changed == 'true' || | |
| needs.detect_changes.outputs.storage_changed == 'true' | |
| runs-on: ubuntu-latest | |
| env: | |
| FULL_SHA: ${{ github.sha }} | |
| steps: | |
| - name: Set short SHA | |
| run: echo "IMAGE_TAG=${FULL_SHA::7}" >> $GITHUB_ENV | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '17' | |
| distribution: 'corretto' | |
| - name: Decode firebase credential | |
| run: | | |
| mkdir -p batch/src/main/resources/firebase | |
| echo "${{ secrets.FIREBASE_CREDENTIAL_JSON }}" | base64 -d > batch/src/main/resources/firebase/firebase-admin-sdk.json | |
| - name: Cache Gradle packages | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.gradle/caches | |
| ~/.gradle/wrapper | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: | | |
| ${{ runner.os }}-gradle- | |
| - name: Build batch module | |
| run: ./gradlew :batch:clean :batch:build | |
| env: | |
| DB_URL: ${{ secrets.MYSQL_URL }} | |
| DB_USERNAME: ${{ secrets.MYSQL_BATCH_USERNAME }} | |
| DB_PASSWORD: ${{ secrets.MYSQL_BATCH_PASSWORD }} | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
| - name: Build and push multi-arch batch Docker image | |
| run: | | |
| docker buildx build --platform linux/amd64,linux/arm64 \ | |
| -t ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.PROJECT_NAME }}-batch:${IMAGE_TAG} \ | |
| --push ./batch | |
| - name: Checkout manifest repo | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: Mango-Butter/dev-manifests | |
| token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} # 권한 있는 토큰 필요 | |
| path: dev-manifests | |
| - name: Update image tag in manifest | |
| run: | | |
| cd dev-manifests/manifests/batch | |
| sed -i "s|image:.*|image: docker.io/${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.PROJECT_NAME }}-batch:${IMAGE_TAG}|g" batch-deployment.yaml | |
| - name: Commit and push manifest update | |
| run: | | |
| cd dev-manifests | |
| git config user.name "github-actions" | |
| git config user.email "actions@github.com" | |
| git add . | |
| git commit -m "Update batch image tag to ${IMAGE_TAG}" | |
| git push origin main | |
| deploy-admin: | |
| needs: detect_changes | |
| if: | | |
| github.event_name == 'workflow_dispatch' && github.event.inputs.module == 'admin' || | |
| needs.detect_changes.outputs.admin_changed == 'true' || | |
| needs.detect_changes.outputs.storage_changed == 'true' | |
| runs-on: ubuntu-latest | |
| env: | |
| FULL_SHA: ${{ github.sha }} | |
| steps: | |
| - name: Set short SHA | |
| run: echo "IMAGE_TAG=${FULL_SHA::7}" >> $GITHUB_ENV | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '17' | |
| distribution: 'corretto' | |
| - name: Cache Gradle packages | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.gradle/caches | |
| ~/.gradle/wrapper | |
| key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} | |
| restore-keys: | | |
| ${{ runner.os }}-gradle- | |
| - name: Build admin module | |
| run: ./gradlew :admin:clean :admin:build | |
| env: | |
| DB_URL: ${{ secrets.MYSQL_URL }} | |
| DB_USERNAME: ${{ secrets.MYSQL_USERNAME }} | |
| DB_PASSWORD: ${{ secrets.MYSQL_PASSWORD }} | |
| JWT_SECRET: ${{ secrets.JWT_SECRET }} | |
| JWT_ACCESS_EXPIRATION: ${{ secrets.JWT_ACCESS_EXPIRATION }} | |
| JWT_REFRESH_EXPIRATION: ${{ secrets.JWT_REFRESH_EXPIRATION }} | |
| JWT_ISSUER: ${{ secrets.JWT_ISSUER }} | |
| KAKAO_CLIENT_ID: ${{ secrets.KAKAO_CLIENT_ID }} | |
| KAKAO_REDIRECT_URI: ${{ secrets.KAKAO_REDIRECT_URI }} | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
| - name: Build and push multi-arch admin Docker image | |
| run: | | |
| docker buildx build --platform linux/amd64,linux/arm64 \ | |
| -t ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.PROJECT_NAME }}-admin:${IMAGE_TAG} \ | |
| --push ./admin | |
| - name: Checkout manifest repo | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: Mango-Butter/dev-manifests | |
| token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} | |
| path: dev-manifests | |
| - name: Update image tag in manifest | |
| run: | | |
| cd dev-manifests/manifests/admin | |
| sed -i "s|image:.*|image: docker.io/${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.PROJECT_NAME }}-admin:${IMAGE_TAG}|g" admin-deployment.yaml | |
| - name: Commit and push manifest update | |
| run: | | |
| cd dev-manifests | |
| git config user.name "github-actions" | |
| git config user.email "actions@github.com" | |
| git add . | |
| git commit -m "Update admin image tag to ${IMAGE_TAG}" | |
| git push origin main |