BE/.github/workflows/CICD.yml at develop · capgoing/BE · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
name: CI/CD FOR DEVELOP

on:
  push:
    branches:
      - main
      - develop

env:
  DOCKERHUB_REPOSITORY: ${{ secrets.DOCKER_REPOSITORY }}

jobs:
  CI:
    name: Continuous Integration
    runs-on: ubuntu-latest
    permissions:
      contents: read

    steps:
      - name: Get short SHA
        id: slug
        run: echo "sha7=$(echo ${GITHUB_SHA} | cut -c1-7)" >> $GITHUB_OUTPUT

      - name: Checkout with submodules
        uses: actions/checkout@v4
        with:
          token: ${{ secrets.ACCESS_TOKEN }}
          submodules: recursive
          fetch-depth: 0

      - name: Update git submodules
        run: git submodule update --init --recursive

      - name: Set up JDK 17
        uses: actions/setup-java@v4
        with:
          java-version: '17'
          distribution: 'temurin'
          cache: 'gradle'

      - name: Verify Backend_Config files
        run: ls -al Backend_Config

      - name: Build with Gradle Wrapper without Test
        run: |
          echo "▶ Running Gradle build and test..."
          ./gradlew --no-daemon clean build -x test


      - name: Build summary
        if: success()
        run: |
          echo " Gradle build completed successfully without tests."

      - name: Mark failure if tests failed
        if: failure()
        run: |
          echo "Tests failed. Please check the test report/logs for details."
          exit 1

      - name: Upload jar file to Artifact
        uses: actions/upload-artifact@v4
        with:
          name: jar_files
          path: build/libs/*.jar

      - name: Upload Dockerfile to Artifact
        uses: actions/upload-artifact@v4
        with:
          name: Dockerfile
          path: ./Dockerfile

  CD_Delivery_to_DockerHub:
    name: CD_Delivery_to_DockerHub
    needs: CI
    runs-on: ubuntu-latest

    permissions:
      contents: read

    steps:
      - name: Checkout with submodules
        uses: actions/checkout@v4
        with:
          token: ${{ secrets.ACCESS_TOKEN }}
          submodules: recursive
          fetch-depth: 0

      - name: Download jar file from Artifact
        uses: actions/download-artifact@v4
        with:
          name: jar_files
          path: build/libs

      - name: Download Dockerfile file from Artifact
        uses: actions/download-artifact@v4
        with:
          name: Dockerfile
          path: ./

      - name: Update git submodules
        run: git submodule update --init --recursive


      - name: Log in to Docker Hub
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}


      - name: Get short SHA
        id: slug
        run: echo "sha7=$(echo ${GITHUB_SHA} | cut -c1-7)" >> $GITHUB_OUTPUT

      - name: Build, tag, and push image to DockerHub
        id: build-image
        env:
          USERNAME: ${{ secrets.DOCKER_USERNAME }}
          IMAGE_TAG: ${{ steps.slug.outputs.sha7 }}

        run: |
          docker build -t $USERNAME/$DOCKERHUB_REPOSITORY:$IMAGE_TAG -t $USERNAME/$DOCKERHUB_REPOSITORY:latest .
          docker push $USERNAME/$DOCKERHUB_REPOSITORY --all-tags
          echo "image=$USERNAME/$DOCKERHUB_REPOSITORY:$IMAGE_TAG&latest" >> $GITHUB_OUTPUT


  CD_Deploy:
    name: CD_Deploy
    needs: CD_Delivery_to_DockerHub
    runs-on: ubuntu-latest

    steps:

      - name: Checkout with submodules
        uses: actions/checkout@v4
        with:
          token: ${{ secrets.ACCESS_TOKEN }}
          submodules: recursive
          fetch-depth: 0

      - name: Update git submodules
        run: git submodule update --init --recursive

      - name: Get short SHA
        id: slug
        run: echo "sha7=$(echo ${GITHUB_SHA} | cut -c1-7)" >> $GITHUB_OUTPUT

      - name: Executing remote ssh commands
        uses: appleboy/ssh-action@v0.1.6
        with:
          host: ${{ secrets.REMOTE_IP }}
          username: ${{ secrets.REMOTE_USER }}
          key: ${{ secrets.REMOTE_PRIVATE_KEY }}
          port: ${{ secrets.REMOTE_SSH_PORT }}
          script: |
            export DOCKER_IMAGE="${{ secrets.DOCKER_USERNAME }}/${{ secrets.DOCKER_REPOSITORY }}:latest"
            export DOCKER_COMPOSE_PATH="${{ secrets.DOCKER_COMPOSE_PATH }}"

            cd /home/ubuntu/scripts
            ./rolling-update.sh

             echo "Stopping current containers..."
            docker compose -f $DOCKER_COMPOSE_PATH down

            echo "Pulling the latest image..."
            docker compose -f $DOCKER_COMPOSE_PATH pull

            echo "Starting new deployment..."
            docker compose -f $DOCKER_COMPOSE_PATH up -d