Skip to content
Deploy to Amazon ECR

codebuild확인 buildspec 수정 1 #53

Sign in to view logs

codebuild확인 buildspec 수정 1

codebuild확인 buildspec 수정 1 #53

Workflow file for this run

.github/workflows/cicd.yml at 928402a
name: Deploy to Amazon ECR
on:
push:
branches:
- main
env:
AWS_REGION: ap-northeast-2
ECR_REGISTRY: 528993883127.dkr.ecr.ap-northeast-2.amazonaws.com/
ECR_REPOSITORY: repository-nestjs
DB_HOST: ${{ secrets.DB_HOST }}
DB_PORT: ${{ secrets.DB_PORT }}
DB_USER: ${{ secrets.DB_USER }}
DB_PW: ${{ secrets.DB_PW }}
DB_SCHEMA: ${{ secrets.DB_SCHEMA }}
JWT_SECRET_KEY: ${{ secrets.JWT_SECRET_KEY }}
CLOUDWATCH_REGION: ${{ secrets.CLOUDWATCH_REGION }}
CLOUDWATCH_GROUP_NAME: ${{ secrets.CLOUDWATCH_GROUP_NAME }}
CLOUDWATCH_STREAM_NAME: ${{ secrets.CLOUDWATCH_STREAM_NAME }}
jobs:
deploy:
name: Deploy
runs-on: ubuntu-latest
environment: production
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION }}
- name: Create .env.develop.production file
run: |
echo "DB_HOST=${{ secrets.DB_HOST }}" >> .env.production
echo "DB_PORT=${{ secrets.DB_PORT }}" >> .env.production
echo "DB_USER=${{ secrets.DB_USER }}" >> .env.production
echo "DB_PW=${{ secrets.DB_PW }}" >> .env.production
echo "DB_SCHEMA=${{ secrets.DB_SCHEMA }}" >> .env.production
echo "JWT_SECRET_KEY=${{ secrets.JWT_SECRET_KEY }}" >> .env.production
echo "AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }}" >> .env.production
echo "AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }}" >> .env.production
echo "CLOUDWATCH_REGION=${{ secrets.CLOUDWATCH_REGION }}" >> .env.production
echo "CLOUDWATCH_GROUP_NAME=${{ secrets.CLOUDWATCH_GROUP_NAME }}" >> .env.production
echo "CLOUDWATCH_STREAM_NAME=${{ secrets.CLOUDWATCH_STREAM_NAME }}" >> .env.production
# 추가: 코드 빌드를 실행하는 단계
- name: Build using AWS CodeBuild
run: aws codebuild start-build --project-name animal-codebuild-prod
# 추가: 코드 빌드가 완료될 때까지 대기하는 단계
- name: Wait for CodeBuild to complete
run: aws codebuild wait build-complete --project-name animal-codebuild-prod
# 추가: CodeBuild 빌드 아티팩트에서 생성된 이미지 정보를 가져오는 단계
- name: Get image URI from CodeBuild build output
run: |
ECR_REGISTRY=$ECR_REGISTRY
ECR_REPOSITORY=$ECR_REPOSITORY
IMAGE_TAG=$(aws codebuild batch-get-builds --ids ${{ env.CODEBUILD_BUILD_ID }} --query "builds[].artifacts[].files[?name=='imagedefinitions.json'].identifier" --output text)
IMAGE_URI=$(aws codebuild batch-get-builds --ids ${{ env.CODEBUILD_BUILD_ID }} --query "builds[].artifacts[].location" --output text | jq -r ".[] | .identifier" | grep $IMAGE_TAG)
echo "ECR Image URI: $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"
echo "::set-env name=IMAGE_URI::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"
echo "Image Tag: $IMAGE_TAG"
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Build, tag, and push image to Amazon ECR
id: build-image
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
IMAGE_TAG: ${{ github.sha }}
run: |
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"
- name: Fill in the new image ID in the Amazon ECS task definition
id: setting-task-definition
uses: aws-actions/amazon-ecs-render-task-definition@v1
with:
task-definition: task-definition.json
container-name: container-nestjs
image: ${{ steps.build-image.outputs.image }}
- name: Deploy Amazon ECS task definition
uses: aws-actions/amazon-ecs-deploy-task-definition@v1
with:
task-definition: ${{ steps.setting-task-definition.outputs.task-definition }}
cluster: cluster-nestjs-02 # 여러분의 ECS 클러스터 아이디
service: service-nestjs4 # 여러분의 ECS Fargate 서비스 아이디
wait-for-service-stability: false