ahnjs TIL

0911 ~ 0918

# 0911 ~ 0918

# 0911 - CI/CD

https://www.redhat.com/ko/topics/devops/what-cicd-pipeline ci-cd-flow-desktop_0.png

# CI/CD?

  • 지속적 톡합(Continuous Integration, CI)
    • "CI"λŠ” 개발자λ₯Ό μœ„ν•œ μžλ™ν™” ν”„λ‘œμ„ΈμŠ€μΈ 지속적인 톡합(Continuous Integration)을 의미
    • 지속적인 톡합이 μ œλŒ€λ‘œ κ΅¬ν˜„λ˜λ©΄ μ• ν”Œλ¦¬μΌ€μ΄μ…˜ μ½”λ“œμ˜ μƒˆλ‘œμš΄ λ³€κ²½ 사항이 μ •κΈ°μ μœΌλ‘œ λΉŒλ“œ 및 ν…ŒμŠ€νŠΈλ₯Ό 거쳐 곡유 리포지토리에 λ³‘ν•©λœλ‹€.
  • 지속적 제곡(Continuous Delivery, CD)
    • 지속적인 μ œκ³΅μ΄λž€ κ°œλ°œμžλ“€μ΄ μ• ν”Œλ¦¬μΌ€μ΄μ…˜μ— μ μš©ν•œ λ³€κ²½ 사항이 버그 ν…ŒμŠ€νŠΈλ₯Ό 거쳐 리포지토리(예: GitHub λ˜λŠ” μ»¨ν…Œμ΄λ„ˆ λ ˆμ§€μŠ€νŠΈλ¦¬)에 μžλ™μœΌλ‘œ μ—…λ‘œλ“œλ˜λŠ” 것을 λœ»ν•œλ‹€.
  • 지속적 배포(Continuous Deployment, CD)
    • 지속적인 배포(또 λ‹€λ₯Έ 의미의 "CD": Continuous Deployment)λž€ 개발자의 λ³€κ²½ 사항을 λ¦¬ν¬μ§€ν† λ¦¬μ—μ„œ 고객이 μ‚¬μš© κ°€λŠ₯ν•œ ν”„λ‘œλ•μ…˜ ν™˜κ²½κΉŒμ§€ μžλ™μœΌλ‘œ λ¦΄λ¦¬μŠ€ν•˜λŠ” 것을 의미

# 0912 - GitHub Actions

https://docs.github.com/en/actions/learn-github-actions/understanding-github-actions

  • GitHub ActionsλŠ” λΉŒλ“œ, ν…ŒμŠ€νŠΈ 및 배포 νŒŒμ΄ν”„λΌμΈμ„ μžλ™ν™”ν•  수 μžˆλŠ” CI/CD(지속적 톡합 및 지속적 전달) ν”Œλž«νΌ

# The components of GitHub Actions

overview-actions-simple.webp

  • Events
    • μ΄λ²€νŠΈλŠ” μ›Œν¬ν”Œλ‘œμš° 싀행을 νŠΈλ¦¬κ±°ν•˜λŠ” μ €μž₯μ†Œμ˜ νŠΉμ • ν™œλ™
    • pushes a commit to a repository, pull reques, opens an issue...
  • Workflows
    • μ›Œν¬ν”Œλ‘œμš°λŠ” ν•˜λ‚˜ μ΄μƒμ˜ Job을 μ‹€ν–‰ν•˜λŠ” ꡬ성 κ°€λŠ₯ν•œ μžλ™ν™”λœ ν”„λ‘œμ„ΈμŠ€
  • Jobs
    • Job은 λ™μΌν•œ Runnerμ—μ„œ μ‹€ν–‰λ˜λŠ” μ›Œν¬ν”Œλ‘œμš°μ˜ step의 집합
  • step
    • 각 step은 싀행될 μ…Έ 슀크립트 λ˜λŠ” action
  • action
    • μ•‘μ…˜μ€ λ³΅μž‘ν•˜μ§€λ§Œ 자주 λ°˜λ³΅λ˜λŠ” μž‘μ—…μ„ μˆ˜ν–‰ν•˜λŠ” GitHub μ•‘μ…˜ ν”Œλž«νΌμš© μ‚¬μš©μž 지정 μ• ν”Œλ¦¬μΌ€μ΄μ…˜
    • μ•‘μ…˜μ€ GitHubμ—μ„œ Git 리포지토리λ₯Ό κ°€μ Έμ˜€κ±°λ‚˜, λΉŒλ“œ ν™˜κ²½μ— λ§žλŠ” μ˜¬λ°”λ₯Έ 도ꡬ 체인을 μ„€μ •ν•˜κ±°λ‚˜, ν΄λΌμš°λ“œ μ œκ³΅μ—…μ²΄μ— λŒ€ν•œ 인증을 μ„€μ •ν•  수 μžˆλ‹€.
  • Runners
    • λŸ¬λ„ˆλŠ” μ›Œν¬ν”Œλ‘œμš°κ°€ 트리거될 λ•Œ μ›Œν¬ν”Œλ‘œμš°λ₯Ό μ‹€ν–‰ν•˜λŠ” μ„œλ²„
    • 각각의 Job은 κ°œλ³„μ˜ Runnerμ—μ„œ μ‹€ν–‰

# 0915 - Workflow μ˜ˆμ‹œ

# build-and-deploy.yml

name: build-and-deploy  
  
on:  
  push:  
    branches: [ "main" ]  
  pull_request:  
    branches: [ "main" ]  

env:  
  AWS_REGION: ap-northeast-2  
  ECR_REPOSITORY: ecr-continuous
  ECS_SERVICE: test-service  
  ECS_CLUSTER: test-cluster
  CONTAINER_NAME: app  
  TASK_FAMILY: test-task
  
jobs:  
  build:  
    runs-on: ubuntu-latest  
  
    steps:  
      - uses: actions/checkout@v3  
  
      - name: Set up JDK 17  
        uses: actions/setup-java@v3  
        with:  
          java-version: '17'  
          distribution: 'temurin'  
  
      - name: Cache SonarCloud packages  
        uses: actions/cache@v3.3.2  
        with:  
          path: ~/.sonar/cache  
          key: ${{ runner.os }}-sonar  
          restore-keys: ${{ runner.os }}-sonar  
  
      - name: Cache Gradle packages  
        uses: actions/cache@v3.3.2  
        with:  
          path: ~/.gradle/caches  
          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}  
          restore-keys: ${{ runner.os }}-gradle  
  
      - name: Build and analyze  
        env:  
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}  
        run: ./gradlew build jacocoTestReport sonar --info  
      - uses: actions/upload-artifact@v3.1.3  
        with:  
          path: build/libs/*.jar  
  
      - name: Configure AWS credentials  
        uses: aws-actions/configure-aws-credentials@v2  
        with:  
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}  
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}  
          aws-region: ${{ env.AWS_REGION }}  
  
      - name: Login to Amazon ECR  
        id: login-ecr  
        uses: aws-actions/amazon-ecr-login@v1  
        with:  
          mask-password: 'true'  
  
      - name: Build, tag, and push docker image to Amazon ECR  
        id: build-image  
        env:  
          ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}  
          IMAGE_TAG: latest  
        run: |  
          docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .  
          docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG  
          echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT  
  
	  - name: Download task definition
		id: retrieve-task-def
	    run: |
	      aws ecs describe-task-definition --task-definition $TASK_FAMILY --query taskDefinition > task-task-definition.json
	      echo "::set-output name=task-def-file::task-definition.json"

      - name: Deploy Amazon ECS task definition  
        uses: aws-actions/amazon-ecs-deploy-task-definition@v1  
        with:  
          task-definition: ${{ steps.retrieve-task-def.outputs.task-def-file }}  
          service: ${{ env.ECS_SERVICE }}  
          cluster: ${{ env.ECS_CLUSTER }}  
          wait-for-service-stability: true  
  
      - name: action-slack  
        uses: 8398a7/action-slack@v3  
        with:  
          status: ${{ job.status }}  
          fields: repo,message,commit,author,action,eventName,ref,workflow,job,took  
        env:  
          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}  
        if: always()
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97

  • https://github.com/ScaCap/action-ktlint

  • https://github.com/mikepenz/action-junit-report

  • https://github.com/Madrapps/jacoco-report

  • https://docs.github.com/en/actions/deployment/deploying-to-your-cloud-provider/deploying-to-amazon-elastic-container-service

  • https://github.com/8398a7/action-slack

  • https://github.com/marketplace/actions/slack-send

    • https://velog.io/@insutance/github-action-slack-send

  • https://github.com/slackapi/slack-github-action

Last update: September 18, 2023 21:56
Contributors: jaesungahn91

1113 ~ 1109