EC2 + S3 + Code Deploy를 활용한 CI/CD 구축

개요

<aside> 💡 슬슬 배포를 할 때가 된만큼, CI/CD에 대해 알아보자.

</aside>

AWS EC2, AWS S3, Amazon Code Deploy를 활용한 CI/CD

본문

Flow

전체적인 흐름

                                                                        전체적인 흐름

개발자가 Github Repository에 Push, 또는 Merge를 한다(이건 스크립트에 따라 다름!)
Github Actions를 통해 CI가 진행된다. → 빌드.. 테스트..
통과가 된다면 코드가 압축되어 S3에 업로드된다.
- 실제 이미지
Code Deploy에 배포 요청이 내려지고, S3로부터 프로젝트 압축 파일을 받는다.
- 실제 이미지
EC2에 프로젝트 압축 파일을 전달하고, EC2에서 스크립트를 실행해서 배포가 완료된다.

<aside> 💡 S3 버킷 생성.. Code Deploy 설정.. 등은 생략!

</aside>

CI/CD Scripts

Github Secret 예시

name: ### 이름

on:
  push:
    branches: [ "main" ] ### main 브랜치에 push시
  pull_request:
    branches: [ "main" ] ### main 브랜치에 pr 날릴시

env:
  PROJECT_NAME: santa-clothes-backend ### 프로젝트 이름
  BUCKET_NAME: santa-clothes-ci-cd ### S3 버킷 이름
  CODE_DEPLOY_APP_NAME: santa-clothes-code-deploy ### Code Deploy 애플리케이션 이름
  DEPLOYMENT_GROUP_NAME: santa-clothes-instance ### Code Deploy 배포 그룹 이름

jobs:
  build:

    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v3
    - name: Set up JDK 17
      uses: actions/setup-java@v3
      with:
        java-version: '17'
        distribution: 'temurin'
        
    - name: run docker-compose ### 도커 컴포즈 실행
      run: |
        mkdir ./src/main/resources
        cd ./src/main/resources
        touch ./docker-compose.yml
        echo ${{ secrets.DOCKER_COMPOSE }} | base64 --decode >> ./docker-compose.yml
      
### 이 아래부터는 Github Secret에 있는 yml들을 디코딩해서 생성해주는 단계
### yml들은 Github에 올라와있지 않으니, Github Secret에 Base64로 인코딩해서 올려놓고 스크립트를 이용해 EC2에서 생성해준다.
    - name: make application.yml
      run: | 
        cd ./src/main/resources
        touch ./application.yml
        echo ${{ secrets.APPLICATION }} | base64 --decode >> ./application.yml
        
    - name: make application-chatgpt.yml
      run: |
        cd ./src/main/resources
        touch ./application-chatgpt.yml
        echo ${{ secrets.APPLICATION_CHATGPT }} | base64 --decode >> ./application-chatgpt.yml
        
    - name: make application-iamport.yml
      run: |
        cd ./src/main/resources
        touch ./application-iamport.yml
        echo ${{ secrets.APPLICATION_IAMPORT }} | base64 --decode >> ./application-iamport.yml
        
    - name: make application-jwt.yml
      run: |
        cd ./src/main/resources
        touch ./application-jwt.yml
        echo ${{ secrets.APPLICATION_JWT }} | base64 --decode >> ./application-jwt.yml
    
    - name: make application-oauth.yml
      run: |
        cd ./src/main/resources
        touch ./application-oauth.yml
        echo ${{ secrets.APPLICATION_OAUTH }} | base64 --decode >> ./application-oauth.yml
    
    - name: make application-slack.yml
      run: |
        cd ./src/main/resources
        touch ./application-slack.yml
        echo ${{ secrets.APPLICATION_SLACK }} | base64 --decode >> ./application-slack.yml
        
    - name: make application.yml
      run: |
        mkdir ./src/test/resources
        cd ./src/test/resources
        touch ./application.yml
        echo ${{ secrets.TEST_APPLICATION }} | base64 --decode >> ./application.yml
        
    - name: make application-chatgpt.yml
      run: |
        cd ./src/test/resources
        touch ./application-chatgpt.yml
        echo ${{ secrets.APPLICATION_CHATGPT }} | base64 --decode >> ./application-chatgpt.yml
        
    - name: make application-iamport.yml
      run: |
        cd ./src/test/resources
        touch ./application-iamport.yml
        echo ${{ secrets.APPLICATION_IAMPORT }} | base64 --decode >> ./application-iamport.yml
        
    - name: make application-jwt.yml
      run: |
        cd ./src/test/resources
        touch ./application-jwt.yml
        echo ${{ secrets.APPLICATION_JWT }} | base64 --decode >> ./application-jwt.yml
    
    - name: make application-oauth.yml
      run: |
        cd ./src/test/resources
        touch ./application-oauth.yml
        echo ${{ secrets.APPLICATION_OAUTH }} | base64 --decode >> ./application-oauth.yml
    
    - name: make application-slack.yml
      run: |
        cd ./src/test/resources
        touch ./application-slack.yml
        echo ${{ secrets.APPLICATION_SLACK }} | base64 --decode >> ./application-slack.yml
    
    - name: make room.html
      run: |
        mkdir ./src/main/resources/templates
        mkdir ./src/main/resources/templates/chat
        cd ./src/main/resources/templates/chat
        touch ./room.html
        echo ${{ secrets.ROOM }} | base64 --decode >> ./room.html
        
    - name: make roomDetail.html
      run: |
        cd ./src/main/resources/templates/chat
        touch ./roomDetail.html
        echo ${{ secrets.ROOM_DETAIL }} | base64 --decode >> ./roomDetail.html
        
    - name: make index.html
      run: |
        cd ./src/main/resources/templates
        touch ./index.html
        echo ${{ secrets.INDEX }} | base64 --decode >> ./index.html
        
    - name: Grand execute permisson for gradlew
      run: chmod +x gradlew
      
    - name: Build with Gradle
#       run: ./gradlew build ### 테스트를 포함한 빌드
      run: ./gradlew build -x test ### 테스트를 제외하고 빌드
      
      
      ############## CD
      
      
    - name: Make Zip File
      run: zip -qq -r ./$GITHUB_SHA.zip .
      shell: bash
    
    - name: Configure AWS Credentials
      uses: aws-actions/configure-aws-credentials@v1
      with:
        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
        aws-secret-access-key: ${{ secrets.AWS_PRIVATE_ACCESS_KEY }}
        aws-region: ap-northeast-2
    
    - name: Upload to S3
      run: aws s3 cp --region ap-northeast-2 ./$GITHUB_SHA.zip s3://$BUCKET_NAME/$PROJECT_NAME/$GITHUB_SHA.zip
    
    - name: Code Deploy
      run: aws deploy create-deployment --application-name $CODE_DEPLOY_APP_NAME --deployment-config-name CodeDeployDefault.OneAtATime --deployment-group-name $DEPLOYMENT_GROUP_NAME --s3-location bucket=$BUCKET_NAME,bundleType=zip,key=$PROJECT_NAME/$GITHUB_SHA.zip