suvera-dev ๐Ÿฅฆ

AWS ๋ฐฐํฌ์ž๋™ํ™” ๊ตฌ์ถ• _ 3. Github Actions์œผ๋กœ docker image ์—…๋กœ๋“œ ์ž๋™ํ™” ๋ณธ๋ฌธ

Infra/CI CD

AWS ๋ฐฐํฌ์ž๋™ํ™” ๊ตฌ์ถ• _ 3. Github Actions์œผ๋กœ docker image ์—…๋กœ๋“œ ์ž๋™ํ™”

suvera 2023. 7. 13. 21:28

 

 

AWS ๋ฐฐํฌ์ž๋™ํ™” ๊ตฌ์ถ• _ 2. Docker ํ™˜๊ฒฝ ๊ตฌ์ถ• / ECR์— ์ด๋ฏธ์ง€ ์—…๋กœ๋“œ

์ด๋ฒˆ์—๋Š” ECRํ…Œ์ŠคํŠธ ์šฉ EC2๋ฅผ ๋งŒ๋“ค๊ธฐ, ๋„์ปค ํ™˜๊ฒฝ ๊ตฌ์ถ•, ๋นŒ๋“œํ•œ ๋„์ปค ์ด๋ฏธ์ง€๋ฅผ ์ €์žฅํ•  ์ˆ˜ ์žˆ๋Š” ECR์— ์—…๋กœ๋“œ ํ•˜๋Š” ๊ณผ์ •์ด๋‹ค. - ์ตœ์ข… flow๋Š” ์œ„์™€ ๊ฐ™๋‹ค. ๊ฐœ๋ฐœ์ž๊ฐ€ github ๋ ˆํฌ์ง€ํ† ๋ฆฌ์— Push ํ–ˆ์„ ๋•Œ github act

suvera.tistory.com

์•ž์„  ํฌ์ŠคํŒ…์—์„œ ์ˆ˜๋™์œผ๋กœ ํ–ˆ๋˜ ์ž‘์—…( ๋„์ปค ์ด๋ฏธ์ง€๋ฅผ ๋นŒ๋“œํ•˜๊ณ  ECR์— ์—…๋กœ๋“œํ•˜๋Š” ๊ณผ์ • )์„

Github Actions์„ ์‚ฌ์šฉํ•˜์—ฌ ๊ฐœ๋ฐœ์ž๊ฐ€ ๊นƒํ—™์— push๋ฅผ ํ–ˆ์„ ๋•Œ ์ž๋™์œผ๋กœ ์ˆ˜ํ–‰๋˜๋„๋ก ํ•˜๋Š” ๊ณผ์ •์„ ๋‹ค๋ฃฐ ๊ฒƒ์ด๋‹ค !

 

์›น ์„œ๋ฒ„ : nginx

ํ”„๋กœ์„ธ์Šค : ๊นƒํ—™ main ๋ธŒ๋žœ์น˜์— push ๋ช…๋ น์ด ์ผ์–ด๋‚  ๊ฒฝ์šฐ, test, formatting & code analysis๋ฅผ ์ง„ํ–‰, ์ˆœ์ฐจ์ ์œผ๋กœ build, push ๋ช…๋ น์— ๋”ฐ๋ผ ECR์— ๋„์ปค ์ด๋ฏธ์ง€๋ฅผ ์—…๋กœ๋“œ ํ•œ๋‹ค. 

 

 

 


1. Github ๋ ˆํฌ์ง€ํ† ๋ฆฌ ์ƒ์„ฑ & docker file, gitub workflow ํŒŒ์ผ ๋งŒ๋“ค๊ธฐ

๋ ˆํฌ์ง€ํ† ๋ฆฌ Clone ๋ฐ›์•„์„œ ์•„๋ž˜์™€ ๊ฐ™์ด ํด๋”๋ฅผ ๊ตฌ์„ฑํ•ด์ค€๋‹ค.

- .github/workflows ์•ˆ์— deployment.yml ์ƒ์„ฑ

- website ์•ˆ์— index.html ์ƒ์„ฑ

- Dockerfile ์ƒ์„ฑ

index.html

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
    <p>๋ฐฐํฌ๊ฐ€ ์ž˜ ๋˜๋Š”์ง€ ํ™•์ธํ•ด๋ณด๋Š” ํŽ˜์ด์ง€ ์ž…๋‹ˆ๋‹ค.</p>
</body>
</html>

Dockerfile

FROM nginx:latest                           
LABEL name="demo"                           

COPY ./website/index.html /usr/share/nginx/html/index.html   

EXPOSE 80                                            

CMD ["nginx", "-g", "daemon off;"]

 

deployment.yml

-> github actions์˜ workflow๋ฅผ ๋‹ด๋‹น

on:
  push:
    branches:
      - main
  pull_request:
    branches:
      - main

name: Demo CI on ECR

jobs:
  deploy:
    name: Deploy
    runs-on: ubuntu-latest

    steps:
      - name: Checkout
        uses: actions/checkout@v2

      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v1
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: ${{ secrets.AWS_REGION }}

      - name: Login to Amazon ECR
        id: login-ecr
        uses: aws-actions/amazon-ecr-login@v1

      - name: Build, tag, and push the image to Amazon ECR
        id: build-image
        env:
          ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
          ECR_REPOSITORY: ecr-test
          IMAGE_TAG: ${{ github. sha }}
        run: |
          # Build a docker container and push it to ECR
          docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
          echo "Pushing image to ECR..."
          docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
          echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT

ํ•˜๋‚˜์”ฉ ์–ด๋–ค ๋‚ด์šฉ์ธ์ง€ ์‚ดํŽด๋ณด์ž . 

 

on:
  push:
    branches:
      - main
  pull_request:
    branches:
      - main

- main branch์—์„œ push๋‚˜ Pull Request ์ด๋ฒคํŠธ๊ฐ€ ๋ฐœ์ƒํ–ˆ์„ ๋•Œ ์‹คํ–‰ํ•  ๊ฒƒ์ด๋‹ค. [] ๋ฐฐ์—ด๋กœ ๋„ฃ๋Š”๋‹ค๋ฉด ์—ฌ๋Ÿฌ๊ฐœ ์ž‘์„ฑํ•  ์ˆ˜ ์žˆ๋”ฐ. 


jobs:
  deploy:
    name: Deploy
    runs-on: ubuntu-latest

- ์—ฌ๋Ÿฌ๊ฐœ์˜ step์œผ๋กœ ๊ตฌ์„ฑ๋œ job๋“ค์„ ๊ฐ€์ƒ ์ธ์Šคํ„ด์Šค์—์„œ ์‹คํ–‰.

- ๊ธฐ๋ณธ์ ์œผ๋กœ ๋ณ‘๋ ฌ ์‹คํ–‰, ๋‹ค๋ฅธ job์— ์˜์กด ๊ด€๊ณ„๋„ ๊ฐ€์งˆ ์ˆ˜ ์žˆ์Œ. 

- ubuntu-latest OS์—์„œ ์‹คํ–‰


- name: Configure AWS credentials
    uses: aws-actions/configure-aws-credentials@v1
    with:
      aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
      aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
      aws-region: ${{ secrets.AWS_REGION }}

- uses๋Š” ์ด๋ฏธ ๋งŒ๋“ค์–ด์ ธ์„œ ์ œ๊ณต๋˜๋Š” ์•ก์…˜ ์‚ฌ์šฉ์‹œ 

- github์˜ ํ™˜๊ฒฝ๋ณ€์ˆ˜๋ฅผ ์‚ฌ์šฉํ•˜์—ฌ aws ์ž๊ฒฉ์ฆ๋ช…์„ ๊ฐ€์ ธ์˜จ๋‹ค. 

- AWS ์—‘์„ธ์Šค ํ‚ค, ์‹œํฌ๋ฆฟํ‚ค, ๋ฆฌ์ „ !


 

env:
	ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
	ECR_REPOSITORY: ecr-test
	IMAGE_TAG: ${{ github. sha }}

- env: ๋ณ€์ˆ˜์ง€์ •

- ์œ„์—์„œ ๋กœ๊ทธ์ธํ•œ ECR์˜ ์ฃผ์†Œ๋ฅผ ๊ฐ€์ ธ์™€์„œ ๋ณ€์ˆ˜๋กœ ๋„ฃ๋Š”๋‹ค. 

- ์ด๋ฏธ์ง€ ํƒœ๊ทธ๋Š” ์›Œํฌํ”Œ๋กœ์šฐ๊ฐ€ ๋™์ž‘ํ•  ๋•Œ ํŠธ๋ฆฌ๊ฑฐ๋˜๋Š” ๋ฒ„์ „์„ ์ž๋™ ์ƒ์„ฑํ•œ๋‹ค.


 

        run: |
          # Build a docker container and push it to ECR
          docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
          echo "Pushing image to ECR..."
          docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
          echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT

- ์•ž์„œ env์—์„œ ์ •์˜ํ•œ ๊ฐ’๋“ค๋กœ path๋ฅผ ๋งŒ๋“ค์–ด์„œ bulid, push


 

์ฐธ๊ณ  ) ::set-output name=~~::path ๋ช…๋ น์–ด๊ฐ€ deprecated ๋˜์–ด์„œ ์•„๋ž˜์™€ ๊ฐ™์ด ๋ฐ”๊ฟ”์ฃผ์—ˆ์Šต๋‹ˆ๋‹ค.

 

GitHub Actions: Deprecating save-state and set-output commands | GitHub Changelog

GitHub Actions: Deprecating save-state and set-output commands

github.blog

 

 

 

2. Github์— AWS ์ž๊ฒฉ์ฆ๋ช… ํ™˜๊ฒฝ๋ณ€์ˆ˜ ์„ค์ • 

- name: Configure AWS credentials
    uses: aws-actions/configure-aws-credentials@v1
    with:
      aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
      aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
      aws-region: ${{ secrets.AWS_REGION }}

์—ฌ๊ธฐ์„œ AWS ์ ‘๊ทผ์„ ์œ„ํ•œ ์—‘์„ธ์Šคํ‚ค, ์‹œํฌ๋ฆฟ ํ‚ค, ๋ฆฌ์ „์— ๋Œ€ํ•œ ์ •๋ณด๋ฅผ secrets์—์„œ ๊ฐ€์ ธ์˜จ๋‹ค.

๊ณต๊ฐœ์ ์œผ๋กœ ์‚ฌ์šฉํ•˜๋ฉด ์•ˆ๋˜๋Š” ๋ฐ์ดํ„ฐ์ด๊ธฐ ๋•Œ๋ฌธ์— ์•ˆ์ „ํ•˜๊ฒŒ ํ™˜๊ฒฝ๋ณ€์ˆ˜๋กœ ์‚ฌ์šฉ.

 

Github - Setting - Security - Secrets and variables - New repository secrets

 

AWS_ACCESS_KEY_ID

AWS_REGION

AWS_SECRET_ACCESS_KEY

 

์ด๋ ‡๊ฒŒ 3๊ฐœ๋ฅผ ๋„ฃ์–ด์ฃผ๋ฉด ๋ฉ๋‹ˆ๋‹ค.

 

 

3. ์‹ค์ œ ์ฝ”๋“œ Push ํ…Œ์ŠคํŠธ / workflows ๋ชจ๋‹ˆํ„ฐ๋ง 

- ํ”„๋กœ์ ํŠธ๋กœ ๋Œ์•„๊ฐ€์„œ ์ง€๊ธˆ๊นŒ์ง€ ๋งŒ๋“  ๊ฒƒ๋“ค์„ ์ปค๋ฐ‹ํ•˜๊ณ  ํ‘ธ์‹œ ํ•˜์ž !

- ๊ทธ๋Ÿฌ๋ฉด ๊นƒํ—™ ์•ก์…˜ ํƒญ์— ์ƒˆ๋กœ์šด workflows๊ฐ€ ์ƒ์„ฑ๋œ๋‹ค.

์ƒˆ๋กœ์šด ์ด๋ฏธ์ง€๊ฐ€ ECR์— ์—…๋กœ๋“œ ๋˜์—ˆ๋Š”์ง€ ํ™•์ธํ•˜๊ธฐ !

 

์ƒˆ๋กœ์šด ์ด๋ฏธ์ง€ ์ƒ์„ฑ ํ™•์ธ ์™„๋ฃŒ ~! 

 

 

Comments