Fix: git actions ip #6

Workflow file for this run

	name: spurt alpha CICD

	on:
	push:
	branches:
	- develop

	jobs:
	push_to_registry:
	name: Push to aws container registry
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v3

	- name: Set up JDK 17
	uses: actions/setup-java@v3
	with:
	java-version: '17'
	distribution: 'corretto'

	- name: make application.yml
	if: contains(github.ref, 'develop')
	run: \|
	cd ./src/main/resources
	touch ./application.yml
	echo "${{ secrets.YML_PROD }}" > ./application.yml
	shell: bash

	- name: Grant execute permission for gradlew
	run: chmod +x gradlew

	- name: Setup Gradle
	uses: gradle/gradle-build-action@v2
	with:
	arguments: build -x spotlessJavaCheck
	cache-read-only: ${{ github.ref != 'refs/heads/master' }}

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v2

	- name: Docker build & push to prod
	if: contains(github.ref, 'develop')
	run: \|
	docker login -u ${{ secrets.DOCKER_USER }} -p ${{ secrets.DOCKER_PASSWORD }}
	docker build -t spurt-alpha-be -f Dockerfile .
	docker tag spurt-alpha-be:latest ${{ secrets.DOCKER_USER }}/spurt-alpha-be:latest
	docker push ${{ secrets.DOCKER_USER }}/spurt-alpha-be:latest

	pull_from_registry:
	name: Connect server ssh and pull from container registry
	needs: push_to_registry
	runs-on: ubuntu-latest
	steps:
	- name: Get Github action IP
	run: \|
	echo "Public IP: $(curl -s ifconfig.me)"

	- name: Setting environment variables
	run: \|
	echo "AWS_DEFAULT_REGION=ap-northeast-2" >> $GITHUB_ENV
	echo "AWS_SG_NAME=launch-wizard-2" >> $GITHUB_ENV

	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v1
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }}
	aws-region: ap-northeast-2

	- name: Add Github Actions IP to Security group
	run: \|
	aws ec2 authorize-security-group-ingress --group-name ${{ env.AWS_SG_NAME }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32
	env:
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_KEY }}
	AWS_DEFAULT_REGION: ap-northeast-2

	- name: Deploy to prod
	if: contains(github.ref, 'develop')
	uses: appleboy/ssh-action@master
	with:
	host: ${{ secrets.HOST_ALPHA_NAME }}
	username: ${{ secrets.AWS_USER_NAME }}
	key: ${{ secrets.AWS_PRIVATE_KEY }}
	port: ${{ secrets.AWS_PORT }}
	script: \|
	docker pull ${{ secrets.DOCKER_USER }}/spurt-alpha-be:latest
	docker stop spurt-be
	docker rm spurt-be
	docker run -d --network spurt --name spurt-be -p 8080:8080 ${{ secrets.DOCKER_USER }}/spurt-alpha-be
	if docker images -f "dangling=true" -q \| grep . > /dev/null; then
	docker rmi $(docker images -f "dangling=true" -q)
	fi

	- name: Remove Github Actions IP from security group
	run: \|
	aws ec2 revoke-security-group-ingress --group-name ${{ env.AWS_SG_NAME }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32
	env:
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_KEY }}
	AWS_DEFAULT_REGION: ap-northeast-2

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix: git actions ip #6

Workflow file

Fix: git actions ip #6

Jobs

Run details

Workflow file for this run