TIL 2024-01-11 CICD 과정에서 생긴 문제02

장규빈·2024년 1월 11일
SpringTIL

TIL

목록 보기
58/59
post-thumbnail

✅ .bashrc 값을 가져 오지 못함

문제

  • codedeploy로 script실행중 배포시 .bashrc 안에 있는 환경 변수를 가져오지 못함

해결방안

  • custom.env 파일을 따로 만들어서 읽어오게 만든후 jar파일 실행

CICD 순서

  1. IAM 계정 생성(codedeploy 권한 및 s3 권한 추가)→ 엑세스키와 시크릿키 깃허브 저장
  2. IAM 역활 2개생성
    • ec2용 역활 (s3+codedeploy)
    • codedeploy용 역활 (codedeployRole)
  3. ec2 생성
    • 생성시 IAM 역활 부여
    • ec2 접속후 codedeploy agent 설치
  4. S3 생성
  5. codedeploy 생성
    • 배포그룹 생성시 IAM 역활 부여
  6. workflows파일 안에 yml 파일생성
  7. appspec.yml 생성
  8. deploy.sh생성

참고 : https://velog.io/@leeeeeyeon/Github-Actions-CodeDeploy-S3로-CICD-구축

코드
ci.yml

# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle

name: CI

on:
  pull_request:
    branches: [ "main" ]

env:
  PROJECT_NAME: gream
  BUCKET_NAME: bc1-gream-s3-01
  CODE_DEPLOY_APP_NAME: gream
  DEPLOYMENT_GROUP_NAME: gream-developer

jobs:
  test:
    runs-on: ubuntu-latest
    permissions: write-all
    steps:
      - uses: actions/checkout@v3
      - name: Set up JDK 17
        uses: actions/setup-java@v3
        with:
          java-version: '17'
          distribution: 'temurin'

      - name: Cache Gradle packages
        uses: actions/cache@v3
        with:
          path: |
            ~/.gradle/caches
            ~/.gradle/wrapper
          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
          restore-keys: |
            ${{ runner.os }}-gradle-

      - name: Grant execute permission for gradlew
        run: chmod +x gradlew

      - name: Test with Gradle
        run: ./gradlew --info test

      - name: Publish unit test results
        uses: EnricoMi/publish-unit-test-result-action@v2
        if: ${{ always() }}
        with:
          files: build/test-results/**/*.xml

      - name: Cleanup Gradle Cache
        if: ${{ always() }}
        run: |
          rm -f ~/.gradle/caches/modules-2/modules-2.lock
          rm -f ~/.gradle/caches/modules-2/gc.properties

cd.yml

# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle

name: CD

on:
  push:
    branches: [ "main" ]

env:
  PROJECT_NAME: gream
  BUCKET_NAME: bc1-gream-s3-01
  CODE_DEPLOY_APP_NAME: gream
  DEPLOYMENT_GROUP_NAME: gream-developer

jobs:
  build:
    runs-on: ubuntu-latest
    permissions:
      id-token: write
      contents: read
    steps:
      - name: Checkout
        uses: actions/checkout@v3

      - name: Set up JDK 17
        uses: actions/setup-java@v3
        with:
          distribution: 'temurin'
          java-version: '17'

      - name: Grant execute permission for gradlew
        run: chmod +x ./gradlew
        shell: bash

      - name: Build with Gradle
        run: ./gradlew build
        shell: bash

      - name: Make Zip File
        run: zip -qq -r ./$GITHUB_SHA.zip .
        shell: bash

      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v1
        with:
          aws-access-key-id: ${{ secrets.AWS_KEY }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }}
          aws-region: ap-northeast-2

      - name: Upload to S3
        run: aws s3 cp --region ap-northeast-2 ./$GITHUB_SHA.zip s3://$BUCKET_NAME/$PROJECT_NAME/$GITHUB_SHA.zip

      - name: Code Deploy
        run: aws deploy create-deployment --application-name $CODE_DEPLOY_APP_NAME --deployment-config-name CodeDeployDefault.OneAtATime --deployment-group-name $DEPLOYMENT_GROUP_NAME --s3-location bucket=$BUCKET_NAME,bundleType=zip,key=$PROJECT_NAME/$GITHUB_SHA.zip

appspec.yml

version: 0.0
os: linux

files:
  - source: /
    destination: /home/ubuntu/gream
    overwrite: yes
file_exists_behavior: OVERWRITE

permissions:
  - object: /
    pattern: "**"
    owner: ubuntu
    group: ubuntu
    mode: 755

hooks:
  AfterInstall:
    - location: deploy.sh
      timeout: 200
      runas: root

deploy.sh

REPOSITORY=/home/ubuntu/gream

# shellcheck disable=SC2164
cd $REPOSITORY

# shellcheck disable=SC2046
kill -9 `ps -ef|grep java|awk '{print $2}'`

JAR_NAME=$(ls -tr build/libs/*.jar | tail -n 1)

echo "> JAR NAME: $JAR_NAME"

echo "> $JAR_NAME 에 실행권한 추가"

chmod +x $JAR_NAME

echo "> $JAR_NAME 실행"

chmod u+x /home/ubuntu/gream/custum.env

source /home/ubuntu/gream/custum.env

nohup java -jar $JAR_NAME > $REPOSITORY/nohup.out 2>&1 &
profile
장규빈
나다운사람
이전 포스트

TIL 2024-01-09 CICD 과정에서 생긴 문제01

다음 포스트

TIL 2024-01-15

0개의 댓글