github actions, ecs, ecr을 이용한 CI/CD

infra

github actions, ecs, ecr을 이용한 CI/CD - 1

jinheung90 2023. 2. 25. 19:34

github actions는 따로 어려운 점이 없어서 스크립트만 올리고 넘어갑니다

전 다른 CI 툴보다 github actions를 더 좋아하는데 이유는 github에서 관리할 수 있는 점, 다른 설치가 필요 없다는 점 때문에 좋아합니다.

- github actions script

name: eureka
on:
  workflow_dispatch:
    inputs:
      tags:
        description: 
        required: false
env:
  ECR_REPOSITORY: spring_boot_ecr
  ECS_SERVICE: test-dev-service
  ECS_CLUSTER: test-dev-ecs-cluster

  MODULE_ROOT_PATH: ./jinheung_eureka # 해당 모듈의 루트
  MODULE_JAR: ./jinheung_eureka/build/libs/jinheung_eureka-1.0.jar # 해당 모듈의 jar
  MODULE_DEPLOY_PATH: ./jinheung_eureka/deploy # 해당 모듈의 deploy 디렉토리
  ECS_TASK_DEFINITION: task_definition.json
  CONTAINER_NAME: test-dev-container
  AWS_REGION: ap-northeast-2 # aws 리전
  ECR_IMAGE_TAG: latest
#  ECR_ACCOUNT_ID:
jobs:
  build:
    runs-on: ubuntu-20.04
    steps:
      - name: step start
        run: "echo tags: $ECR_IMAGE_TAG"
      - uses: actions/checkout@v2
      - name: Set up JDK 11
        uses: actions/setup-java@v1
        with:
          java-version: 11

      - name: Grant execute permission for root gradlew
        run: chmod +x ./gradlew

      - name: Build with Gradle
        run: ./gradlew clean build

      - name: create main boot jar
        run: ./gradlew bootJar -p $MODULE_ROOT_PATH

      - name: Copy Jar
        run: cp $MODULE_JAR deploy.jar

      - name: Copy agent json
        run: cp $MODULE_DEPLOY_PATH/cloud_watch_log_config.json agent_config.json

      - name: Copy docker file
        run: cp $MODULE_DEPLOY_PATH/Dockerfile Dockerfile

      - name: AWS configure credentials
        uses: aws-actions/configure-aws-credentials@v1
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: ${{env.AWS_REGION}}

      - name: Login to Amazon ECR
        id: login-ecr
        uses: aws-actions/amazon-ecr-login@aaf69d68aa3fb14c1d5a6be9ac61fe15b48453a2

      - name: Build, tag, and push image to Amazon ECR
        id: build-image
        env:
          ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
          IMAGE_TAG: $ECR_IMAGE_TAG
        run: |
          # Build a docker container and
          # push it to ECR so that it can
          # be deployed to ECS.
          docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$ECR_IMAGE_TAG .
          docker push $ECR_REGISTRY/$ECR_REPOSITORY:$ECR_IMAGE_TAG
          echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$ECR_IMAGE_TAG" >> $GITHUB_OUTPUT

      - name: Fill in the new image ID in the Amazon ECS task definition
        id: task-def
        uses: aws-actions/amazon-ecs-render-task-definition@97587c9d45a4930bf0e3da8dd2feb2a463cf4a3a
        with:
          task-definition: ./jinheung_eureka/deploy/task_definition.json
          container-name: ${{ env.CONTAINER_NAME }}
          image: ${{ steps.build-image.outputs.image }}

      - name: Deploy Amazon ECS task definition
        uses: aws-actions/amazon-ecs-deploy-task-definition@v1.4.10 # issue https://github.com/aws-actions/amazon-ecs-deploy-task-definition/issues/384
        with:
          task-definition: ${{ steps.task-def.outputs.task-definition }}
          service: ${{ env.ECS_SERVICE }}
          cluster: ${{ env.ECS_CLUSTER }}
          wait-for-service-stability: true