π :: env #48
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI / CD | |
on: | |
push: | |
branches: [ "main" ] | |
jobs: | |
CI-CD: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v3 | |
with: | |
java-version: '17' | |
distribution: 'temurin' | |
- name: Build with Gradle | |
run: ./gradlew bootJar | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: ap-northeast-2 | |
- name: Login to Amazon ECR | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v2 | |
- name: Build, tag, and push image to Amazon ECR | |
id: build-image | |
env: | |
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }} | |
IMAGE_TAG: latest | |
ACCESS_EXP: ${{ secrets.ACCESS_EXP }} | |
API_KEY: ${{ secrets.API_KEY }} | |
API_SECRET: ${{ secrets.API_SECRET }} | |
BUCKET: ${{ secrets.BUCKET }} | |
DB_PASSWORD: ${{ secrets.DB_PASSWORD }} | |
DB_URL: ${{ secrets.DB_URL}} | |
DB_USER: ${{ secrets.DB_USER }} | |
DIRECTORY: ${{ secrets.DIRECTORY }} | |
IAM_ACCESS: ${{ secrets.IAM_ACCESS }} | |
IAM_SECRET: ${{ secrets.IAM_SECRET }} | |
JWT_SECRET: ${{ secrets.JWT_SECRET }} | |
REFRESH_EXP: ${{ secrets.REFRESH_EXP }} | |
SENDER: ${{ secrets.SENDER }} | |
REDIS_HOST: ${{ secrets.REDIS_HOST }} | |
run: | | |
docker buildx build --platform=linux/amd64 --build-arg ACCESS_EXP=ACCESS_EXP --build-arg API_KEY=API_KEY --build-arg API_SECRET=$API_SECRET --build-arg BUCKET=$BUCKET --build-arg DB_PASSWORD=$DB_PASSWORD --build-arg DB_URL=$DB_URL --build-arg DB_USER=$DB_USER --build-arg DIRECTORY=$DIRECTORY --build-arg IAM_ACCESS=$IAM_ACCESS --build-arg IAM_SECRET=$IAM_SECRET --build-arg JWT_SECRET=$JWT_SECRET --build-arg REFRESH_EXP=$REFRESH_EXP --build-arg SENDER=$SENDER --build-arg REDIS_HOST=$REDIS_HOST -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . | |
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG | |
echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" | |
# - name: Build, tag, and push image to Amazon ECR | |
# id: build-image | |
# uses: docker/build-push-action@v3 | |
# with: | |
# context: . | |
# push: true | |
# tags: ${{ steps.login-ecr.outputs.registry }}/${{ secrets.ECR_REPOSITORY }}:latest |