name: Backend CI/CD Pipeline on: push: branches: [ cicd ] paths: - '**' - '!.github/**' - '!**.md' jobs: build: name: Build runs-on: ubuntu-latest outputs: image_tag: ${{ steps.set_outputs.outputs.image_tag }} steps: - name: Checkout repository uses: actions/checkout@v4 with: fetch-depth: 0 # SonarQube 분석을 위해 전체 히스토리 가져오기 - name: Set up JDK 21 uses: actions/setup-java@v3 with: java-version: '21' distribution: 'temurin' - name: Setup Gradle uses: gradle/gradle-build-action@v2 with: gradle-version: '8.5' - name: Grant execute permission for gradlew run: chmod +x ./gradlew - name: Load environment variables run: | while IFS= read -r line || [ -n "$line" ]; do # Skip comments and empty lines if [[ "$line" =~ ^#.*$ ]] || [[ -z "$line" ]]; then continue fi # Export the environment variable echo "$line" >> $GITHUB_ENV done < deployment/deploy_env_vars - name: Build and test run: ./gradlew clean build -x test - name: Run tests with JaCoCo run: ./gradlew test jacocoTestReport - name: Build and analyze with SonarQube env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # 필요한 경우 PR 데코레이션을 위해 SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} run: | ./gradlew sonarqube \ -Dsonar.projectKey=backend-service \ -Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \ -Dsonar.login=${{ secrets.SONAR_TOKEN }} \ -Dsonar.java.binaries=build/classes/java/main \ -Dsonar.coverage.jacoco.xmlReportPaths=build/reports/jacoco/test/jacocoTestReport.xml \ -Dsonar.sources=src/main/java \ -Dsonar.tests=src/test/java \ -Dsonar.exclusions=**/config/**,**/entity/**,**/dto/**,**/*Application.java - name: Upload build artifact uses: actions/upload-artifact@v4 with: name: build-artifacts path: | member/build/libs/*.jar mysub-infra/build/libs/*.jar recommend/build/libs/*.jar - name: Generate image tag id: set_outputs run: | IMAGE_TAG=$(date '+%Y%m%d%H%M%S') echo "image_tag=${IMAGE_TAG}" >> $GITHUB_OUTPUT echo "Image tag: ${IMAGE_TAG}" release: name: Release needs: build runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@v4 - name: Download build artifacts uses: actions/download-artifact@v4 with: name: build-artifacts path: artifacts/ - name: Load environment variables run: | while IFS= read -r line || [ -n "$line" ]; do # Skip comments and empty lines if [[ "$line" =~ ^#.*$ ]] || [[ -z "$line" ]]; then continue fi # Export the environment variable echo "$line" >> $GITHUB_ENV done < deployment/deploy_env_vars - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Login to ACR uses: docker/login-action@v3 with: registry: ${{ env.registry }} username: ${{ secrets.ACR_USERNAME }} password: ${{ secrets.ACR_PASSWORD }} - name: Build and push Member service image uses: docker/build-push-action@v5 with: context: . push: true tags: ${{ env.registry }}/${{ env.image_org }}/member:${{ needs.build.outputs.image_tag }} build-args: | BUILD_LIB_DIR=artifacts/member/build/libs ARTIFACTORY_FILE=member.jar file: deployment/Dockerfile - name: Build and push MySubscription service image uses: docker/build-push-action@v5 with: context: . push: true tags: ${{ env.registry }}/${{ env.image_org }}/mysub:${{ needs.build.outputs.image_tag }} build-args: | BUILD_LIB_DIR=artifacts/mysub-infra/build/libs ARTIFACTORY_FILE=mysub.jar file: deployment/Dockerfile - name: Build and push Recommend service image uses: docker/build-push-action@v5 with: context: . push: true tags: ${{ env.registry }}/${{ env.image_org }}/recommend:${{ needs.build.outputs.image_tag }} build-args: | BUILD_LIB_DIR=artifacts/recommend/build/libs ARTIFACTORY_FILE=recommend.jar file: deployment/Dockerfile deploy: name: Deploy needs: [build, release] runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@v4 - name: Load environment variables run: | while IFS= read -r line || [ -n "$line" ]; do # Skip comments and empty lines if [[ "$line" =~ ^#.*$ ]] || [[ -z "$line" ]]; then continue fi # Export the environment variable echo "$line" >> $GITHUB_ENV done < deployment/deploy_env_vars - name: Set up kubectl uses: azure/setup-kubectl@v3 - name: Set AKS context uses: azure/aks-set-context@v3 with: resource-group: ictcoe-edu cluster-name: ${{ env.teamid }}-aks admin: 'false' use-kubelogin: 'true' env: AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} - name: Create namespace if not exists run: | kubectl create namespace ${{ env.namespace }} --dry-run=client -o yaml | kubectl apply -f - - name: Install envsubst run: | sudo apt-get update sudo apt-get install -y gettext-base - name: Generate manifest env: IMAGE_TAG: ${{ needs.build.outputs.image_tag }} run: | # Export variables for envsubst export namespace=${{ env.namespace }} export allowed_origins=${{ env.allowed_origins }} export jwt_secret_key=${{ env.jwt_secret_key }} export postgres_user=${{ env.postgres_user }} export postgres_password=${{ env.postgres_password }} export replicas=${{ env.replicas }} export resources_requests_cpu=${{ env.resources_requests_cpu }} export resources_requests_memory=${{ env.resources_requests_memory }} export resources_limits_cpu=${{ env.resources_limits_cpu }} export resources_limits_memory=${{ env.resources_limits_memory }} # 이미지 경로 환경변수 설정 export member_image_path=${{ env.registry }}/${{ env.image_org }}/member:${IMAGE_TAG} export mysub_image_path=${{ env.registry }}/${{ env.image_org }}/mysub:${IMAGE_TAG} export recommend_image_path=${{ env.registry }}/${{ env.image_org }}/recommend:${IMAGE_TAG} # manifest 생성 envsubst < deployment/deploy.yaml.template > deployment/deploy.yaml # For debugging echo "Generated manifest:" cat deployment/deploy.yaml - name: Deploy to AKS run: | kubectl apply -f deployment/deploy.yaml echo "Waiting for deployments to be ready..." kubectl -n ${{ env.namespace }} wait --for=condition=available deployment/member --timeout=300s kubectl -n ${{ env.namespace }} wait --for=condition=available deployment/mysub --timeout=300s kubectl -n ${{ env.namespace }} wait --for=condition=available deployment/recommend --timeout=300s - name: Get service details run: | echo "Ingress details:" kubectl -n ${{ env.namespace }} get ingress -o wide