fix: actions 오류 해결 #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to Amazon ECS | |
| on: | |
| push: | |
| branches: [ "develop" ] | |
| env: | |
| AWS_REGION: ap-northeast-2 | |
| ECR_REPOSITORY: oatnote | |
| ECS_SERVICE: oatnote-service | |
| ECS_CLUSTER: oatnote-cluster | |
| ECS_TASK_DEFINITION: oatnote-family-revision.json | |
| CONTAINER_NAME: oatnote-container | |
| SECRET_NAME: stage/oatnote # Secrets Manager에서의 secret 이름 | |
| permissions: | |
| contents: read | |
| jobs: | |
| deploy: | |
| name: Deploy | |
| runs-on: ubuntu-latest | |
| environment: production | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'temurin' | |
| java-version: '17' | |
| - name: Grant execute permission for gradlew | |
| run: chmod +x ./gradlew | |
| - name: Build with Gradle | |
| run: ./gradlew build | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Install AWS CLI | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y awscli | |
| - name: Retrieve secrets from AWS Secrets Manager | |
| run: | | |
| aws secretsmanager get-secret-value \ | |
| --secret-id ${{ env.SECRET_NAME }} \ | |
| --region ${{ env.AWS_REGION }} \ | |
| --query SecretString \ | |
| --output text > ./src/main/resources/application.yml | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Build, tag, and push image to Amazon ECR | |
| id: build-image | |
| env: | |
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| IMAGE_TAG: ${{ github.sha }} | |
| run: | | |
| docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . | |
| docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG | |
| echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_ENV | |
| - name: Fill in the new image ID in the Amazon ECS task definition | |
| id: task-def | |
| uses: aws-actions/amazon-ecs-render-task-definition@v1 | |
| with: | |
| task-definition: ${{ env.ECS_TASK_DEFINITION }} | |
| container-name: ${{ env.CONTAINER_NAME }} | |
| image: ${{ env.image }} | |
| - name: Deploy Amazon ECS task definition | |
| uses: aws-actions/amazon-ecs-deploy-task-definition@v1 | |
| with: | |
| task-definition: ${{ steps.task-def.outputs.task-definition }} | |
| service: ${{ env.ECS_SERVICE }} | |
| cluster: ${{ env.ECS_CLUSTER }} | |
| wait-for-service-stability: true |