Skip to content

fix: poc resolve OAuth #33

fix: poc resolve OAuth

fix: poc resolve OAuth #33

Workflow file for this run

# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle
name: hero-alignlab-api CI/CD
# release 브랜치에 push 또는 pull request가 되면 스크립트 실행
on:
push:
branches: [ "main" ]
pull_request:
branches: [ main ]
# 해당 스크립트에서 사용될 환경 변수
env:
AWS_REGION: ap-northeast-2
PROJECT_NAME: hero-alignlab-api
S3_BUCKET_NAME: alignlab
CODE_DEPLOY_APP_NAME: hero-alignlab-api
CODE_DEPLOY_DEPLOYMENT_GROUP_NAME: hero-align-lab-deploy
permissions:
contents: read
jobs:
build:
# Github의 워크플로에서 실행될 OS 선택
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
# JDK 17, Corretto 17
- name: Set up Corretto JDK 17
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'temurin'
# Secret Setup - application.yml
- name: Inject env-values to application.yml
uses: microsoft/variable-substitution@v1
with:
files: ./src/main/resources/config/application.yml
env:
# Aws Credentials 환경 변수 주입
cloud.aws.credentials.accessKey: ${{ secrets.AWS_ACCESS_KEY_ID }}
cloud.aws.credentials.secretKey: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
# Jwt Secret Key 환경 변수 주입
auth.jwt.secret: ${{ secrets.AUTH_JWT_SECRET }}
# Encrypt 환경 변수 주입
encrypt.key: ${{ secrets.ENCRYPT_KEY }}
encrypt.algorithm: ${{ secrets.ENCRYPT_ALGORITHM }}
# dev resource 환경 변수 주입
hero-alignlab.dev.resource.key: ${{ secrets.HERO_ALIGNLAB_DEV_RESOURCE_KEY }}
# OAuth-Kakao 환경 변수 주입
oauth.kakao.rest-api-key: ${{ secrets.OAUTH_KAKAO_REST_API_KEY }}
oauth.kakao.client-secret-code: ${{ secrets.OAUTH_KAKAO_CLIENT_SECRET_CODE }}
# Secret Setup - application-prod.yml
- name: Inject env-values to application-prod.yml
uses: microsoft/variable-substitution@v1
with:
files: ./src/main/resources/config/application-prod.yml
env:
# Database 환경 변수 주입
hero.master.datasource.url: ${{ secrets.HERO_MASTER_DATASOURCE_URL }}
hero.master.datasource.username: ${{ secrets.HERO_MASTER_DATASOURCE_USERNAME }}
hero.master.datasource.password: ${{ secrets.HERO_MASTER_DATASOURCE_PASSWORD }}
# gradlew 파일 실행권한 설정
- name: Grant execute permission for gradlew
run: chmod +x ./gradlew
shell: bash
# Gradle build (Test 제외)
- name: Build with Gradle
run: ./gradlew clean --stacktrace --info build
shell: bash
# AWS 인증 (IAM 사용자 Access Key, Secret Key 활용)
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION }}
# 빌드 결과물을 S3 버킷에 업로드
- name: Upload to AWS S3
run: |
aws deploy push \
--application-name ${{ env.CODE_DEPLOY_APP_NAME }} \
--ignore-hidden-files \
--s3-location s3://$S3_BUCKET_NAME/$GITHUB_SHA.zip \
--source .
# S3 버킷에 있는 파일을 대상으로 CodeDeploy 실행
- name: Deploy to AWS EC2 from S3
run: |
aws deploy create-deployment \
--application-name ${{ env.CODE_DEPLOY_APP_NAME }} \
--deployment-config-name CodeDeployDefault.AllAtOnce \
--deployment-group-name ${{ env.CODE_DEPLOY_DEPLOYMENT_GROUP_NAME }} \
--s3-location bucket=$S3_BUCKET_NAME,key=$GITHUB_SHA.zip,bundleType=zip