fix : 보안 문제 #27

Workflow file for this run

	name: Chalkac deploy

	on:
	push:
	branches:
	- main

	jobs:
	build:
	runs-on: ubuntu-latest
	steps:
	- name: Github Repository checkout
	uses: actions/checkout@v4

	- name: Set up JDK 17
	uses: actions/setup-java@v3.1.0
	with:
	java-version: '17'
	distribution: 'temurin'

	- name: Create resource
	run: mkdir -p ./src/main/resources

	- name: Create application.properties
	run: echo "${{ secrets.APPLICATION_PROPERTIES }}" > ./src/main/resources/application.properties

	- name: add permission to gradlew
	run: chmod +x ./gradlew

	- name: AWS Credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-region: ap-northeast-2
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

	- name: Login to AWS ECR
	id: login-ecr
	uses: aws-actions/amazon-ecr-login@v2

	- name: build docker file and setting deploy files
	env:
	ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
	ECR_REPOSITORY: chalkac
	IMAGE_TAG: latest
	run: \|
	docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
	docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG

	# Create deploy.sh
	mkdir scripts
	touch scripts/deploy.sh
	echo "#!/bin/bash" > scripts/deploy.sh

	# Login to ECR
	echo "aws ecr get-login-password --region ap-northeast-2 \| docker login --username AWS --password-stdin $ECR_REGISTRY" >> scripts/deploy.sh

	# Check and remove existing container
	echo "EXISTING_CONTAINER=\$(docker ps -q -f name=chalkac)" >> scripts/deploy.sh
	echo "if [ -n \"\$EXISTING_CONTAINER\" ]; then" >> scripts/deploy.sh
	echo " echo \"Stopping and removing existing container...\"" >> scripts/deploy.sh
	echo " docker stop chalkac" >> scripts/deploy.sh
	echo " docker rm chalkac" >> scripts/deploy.sh
	echo "fi" >> scripts/deploy.sh

	# Pull latest image
	echo "docker pull $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> scripts/deploy.sh

	# Run new container
	echo "docker run -p 80:80 -e PROFILE=dev -d --restart always --name chalkac $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> scripts/deploy.sh

	- name: upload to s3
	env:
	IMAGE_TAG: latest
	run: \|
	zip -r deploy-$IMAGE_TAG.zip ./scripts appspec.yml
	aws s3 cp --region ap-northeast-2 --acl private ./deploy-$IMAGE_TAG.zip s3://chalkac-bucket

	- name: start deploy
	env:
	IMAGE_TAG: latest
	run: \|
	aws deploy create-deployment --application-name Chalkac-codedeploy \
	--deployment-config-name CodeDeployDefault.OneAtATime \
	--deployment-group-name deploy-group \
	--s3-location bucket=chalkac-bucket,bundleType=zip,key=deploy-$IMAGE_TAG.zip

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix : 보안 문제 #27

Workflow file

fix : 보안 문제 #27

Uh oh!

Workflow file for this run