Skip to content
Build Image to ECR with Certs

feat | sprint1 | FRB-128 | MQTT Reader 수정 | 조수빈 #14

Sign in to view logs

feat | sprint1 | FRB-128 | MQTT Reader 수정 | 조수빈

feat | sprint1 | FRB-128 | MQTT Reader 수정 | 조수빈 #14

Workflow file for this run

.github/workflows/develop_pull_request.yml at 28e5c4c
name: Build Image to ECR with Certs
on:
push:
branches:
- chore/build-and-deploy
jobs:
build-and-push-image:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'corretto'
- name: Cache Gradle packages
uses: actions/cache@v3
with:
path: ~/.gradle/caches
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
restore-keys: |
${{ runner.os }}-gradle
- name: Grant execute permission for gradlew
run: chmod +x ./gradlew
- name: Test
run: ./gradlew test
- name: Create application.properties
run: |
mkdir -p src/main/resources
echo "${{ secrets.APPLICATION_PROPERTIES }}" > src/main/resources/application.properties
shell: bash
- name: Create certificate files
run: |
mkdir -p resources/cert # 프로젝트 루트에 resources/cert 디렉토리 생성
echo "${{ secrets.AWS_IOT_ROOT }}" > resources/cert/root.pem
echo "${{ secrets.AWS_IOT_PRIVATE_KEY }}" > resources/cert/private.pem.key
echo "${{ secrets.AWS_IOT_CERT }}" > resources/cert/certificate.pem.crt
shell: bash
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ap-northeast-2
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Build, tag, and push image to ECR
env:
ECR_REGISTRY: ${{ secrets.AWS_ECR_REGISTRY }}
ECR_REPOSITORY: ${{ secrets.AWS_ECR_REPOSITORY }}
IMAGE_TAG: flink-latest
run: |
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
- name: Clean up sensitive files from runner
if: always()
run: |
echo "Cleaning up sensitive files from GitHub Runner..."
rm -f src/main/resources/application.properties
rm -rf resources/cert
echo "Cleanup complete."
shell: bash