๋ณธ๋ฌธ ๋ฐ”๋กœ๊ฐ€๊ธฐ
๐Ÿ‘ฉ‍๐Ÿ’ป TECH

[TECH] GitHub Actions๋กœ CI/CD ๊ตฌ์ถ•ํ•˜๊ธฐ(1)

by may_yy 2023. 8. 15.

[ํ‹ฐ๋Œ] ํ‹ฐ๋Œ GitHub Actions๋กœ CICD ๊ตฌ์ถ•ํ•˜๊ธฐ(1)

์•ˆ๋…•ํ•˜์„ธ์š” ํ‹ฐํ”Œ์˜ ๋ฐฑ์—”๋“œ ๊ฐœ๋ฐœ์ž ๊น€์œ ์ •์ž…๋‹ˆ๋‹ค :)

์ €๋Š” ์˜ค๋Š˜ ํ‹ฐ๋Œ์ด ์–ด๋–ป๊ฒŒ ๋ฐ˜๋ณต๋˜๋Š” ์ˆ˜์ •๊ณผ ๋ฐฐํฌ์— ์ˆ˜๋ฐ˜๋˜๋Š” ์ž‘์—…๋“ค์„ ์ž๋™ํ™”ํ•ด๋ณด์•˜๋Š”์ง€ ์„ค๋ช…ํ•ด ๋ณด๋ ค ํ•ฉ๋‹ˆ๋‹ค. 



๐Ÿ‘ฉ‍๐Ÿ’ป CI/CD๋ž€?

์• ํ”Œ๋ฆฌ์ผ€์ด์…˜ ๊ฐœ๋ฐœ ๋‹จ๊ณ„๋ถ€ํ„ฐ ๋ฐฐํฌ ๋•Œ๊ฐ€์ง€์˜ ๋ชจ๋“  ๋‹จ๊ณ„๋ฅผ ์ž๋™ํ™”ํ•˜์—ฌ ๋” ํšจ์œจ์ ์ด๋กœ ๋น ๋ฅด๊ฒŒ ์‚ฌ์šฉ์ž์—๊ฒŒ ๋ฐฐํฌํ•  ์ˆ˜ ์žˆ๋Š” ๊ฒƒ์„ ๋งํ•ฉ๋‹ˆ๋‹ค.


CI(Continuous Integration)๋Š” ์ง€์†์  ํ†ตํ•ฉ, ์š”์•ฝ ํ•˜์ž๋ฉด ๋นŒ๋“œ/ํ…Œ์ŠคํŠธ ์ž๋™ํ™” ๊ณผ์ •์ž…๋‹ˆ๋‹ค. ์• ํ”Œ๋ฆฌ์ผ€์ด์…˜์˜ ์ƒˆ๋กœ์šด ์ฝ”๋“œ๋‚˜ ๋ฒ„๊ทธ ์ˆ˜์ •์œผ๋กœ ์ฝ”๋“œ ๋ณ€๊ฒฝ์ด ์ฃผ๊ธฐ์ ์œผ๋กœ ๋นŒ๋“œ ๋ฐ ํ…Œ์ŠคํŠธ๋˜๋ฉด์„œ ๊ณต์œ ๋˜๋Š” ๋ ˆํฌ์ง€ํ† ๋ฆฌ์— ํ†ตํ•ฉ(merge)๋˜์–ด ์„œ๋กœ ์ถฉ๋Œํ•  ์ˆ˜ ์žˆ๋Š” ๋ฌธ์ œ๋ฅผ ํ•ด๊ฒฐํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

CD(Continuous Delivery/Deployment)๋Š” ๋ฐฐํฌ ์ž๋™ํ™” ๊ณผ์ •์„ ๋งํ•ฉ๋‹ˆ๋‹ค. CI์—์„œ Build ๋ฐ Test ๋œ ํ›„์—, ๋ฐฐํฌ๋ฅผ ์ˆ˜๋™์ ์œผ๋กœ ์ง„ํ–‰ํ•˜๋Š” ๊ฒƒ์ž…๋‹ˆ๋‹ค. ์ง€์†์  ๋ฐฐํฌ๋ฅผ ์‚ฌ์šฉํ•˜๋ฉด ํ’ˆ์งˆ ์ €ํ•˜ ์—†์ด ์ตœ๋Œ€ํ•œ ๋นจ๋ฆฌ ์‚ฌ์šฉ์ž์—๊ฒŒ ์ƒˆ๋กœ์šด ๊ธฐ๋Šฅ์„ ์ œ๊ณตํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.


๐Ÿ‘ฉ‍๐Ÿ’ป GitHub Actions๋ž€?

Github Action์ด๋ž€ Github ์ €์žฅ์†Œ๋ฅผ ๊ธฐ๋ฐ˜์œผ๋กœ ์†Œํ”„ํŠธ์›จ์–ด ๊ฐœ๋ฐœ Workflow๋ฅผ ์ž๋™ํ™” ํ•  ์ˆ˜ ์žˆ๋Š” ๋„๊ตฌ์ž…๋‹ˆ๋‹ค.

Github ๋‚ด๋ถ€์—์„œ ํ”„๋กœ์ ํŠธ๋ฅผ ๋นŒ๋“œ, ํ…Œ์ŠคํŠธ, ๋ฆด๋ฆฌ์ฆˆ ๋˜๋Š” ๋ฐฐํฌ๋ฅผ ์ง€์›ํ•˜๋Š” ๊ธฐ๋Šฅ์œผ๋กœ์„œ, Github์—์„œ ์ œ๊ณตํ•˜๋Š” CI/CD ๋„๊ตฌ๋ผ๊ณ  ์ƒ๊ฐํ•˜๋ฉด ๋ฉ๋‹ˆ๋‹ค.


๐Ÿ‘ฉ‍๐Ÿ’ป GitHub Actions ๊ตฌ์„ฑ์š”์†Œ

Workflow

  • Workflow๋Š” ํ”„๋กœ์ ํŠธ๋ฅผ ๋นŒ๋“œ, ํ…Œ์ŠคํŠธ, ํŒจํ‚ค์ง€, ๋ฆด๋ฆฌ์Šค ๋˜๋Š” ๋ฐฐํฌํ•˜๊ธฐ ์œ„ํ•œ ์ „์ฒด์ ์ธ ํ”„๋กœ์„ธ์Šค
  • Workflow๋Š” ์—ฌ๋Ÿฌ๊ฐœ์˜ Job์œผ๋กœ ๊ตฌ์„ฑ๋˜์–ด event๊ธฐ๋ฐ˜์œผ๋กœ ๋™์ž‘
  • ์—ฌ๋Ÿฌ Job์œผ๋กœ ๊ตฌ์„ฑ๋˜๋ฉฐ ์ตœ์ƒ์œ„ ๊ฐœ๋…
  • Workflow ํŒŒ์ผ์€ YAML์œผ๋กœ ์ž‘์„ฑ๋˜๊ณ , Github Repository์˜ .github/workflows ํด๋” ์•„๋ž˜์— ์ €์žฅ

Event

  • Workflow๋ฅผ ์‹คํ–‰ํ•˜๋Š” ํŠน์ • ํ™œ๋™์ด๋‚˜ ๊ทœ์น™์ด๋‹ค
  • ์˜ˆ) ํŠน์ • ๋ธŒ๋žœ์น˜๋กœ Push / ํŠน์ • ๋ธŒ๋žœ์น˜๋กœ Pull Request

Jobs

  • Job์€ ์—ฌ๋Ÿฌ Step์œผ๋กœ ๊ตฌ์„ฑ๋˜๊ณ , ๊ฐ€์ƒ ํ™˜๊ฒฝ์˜ ์ธ์Šคํ„ด์Šค์—์„œ ์‹คํ–‰๋œ๋‹ค.
  • ํ•œ๊ฐ€์ง€ ๋Ÿฌ๋„ˆ์•ˆ์—์„œ ์‹คํ–‰๋˜๋Š” ์—ฌ๋Ÿฌ๊ฐ€์ง€ step๋“ค์˜ ๋ชจ์Œ

Actions

  • ๋ณต์žกํ•˜๊ณ  ์ž์ฃผ ๋ฐ˜๋ณต๋˜๋Š” ์ž‘์—…์„ ์ •์˜ํ•œ ์ปค์Šคํ…€ ์–ดํ”Œ๋ฆฌ์ผ€์ด์…˜
  • workflow ํŒŒ์ผ ์•ˆ์—์„œ ์ž์ฃผ ๋ฐ˜๋ณต๋˜๋Š” ์ฝ”๋“œ๋ฅผ ๋ฏธ๋ฆฌ ์ •์˜ํ•ด ์ฝ”๋“œ์˜ ์–‘์„ ์ค„์ผ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

๐Ÿ‘ฉ‍๐Ÿ’ป GitHub Actions + CodeDeploy๋ฅผ ์ด์šฉํ•œ CI/CD ํ๋ฆ„

  1. Github์— push ์‹œ, Github Actions์—์„œ push๋ฅผ ๊ฐ์ง€ํ•˜๊ณ  ์ •ํ•ด์ง„ Action์„ ์ˆ˜ํ–‰
  2. ์—…๋ฐ์ดํŠธ๋œ ์ฝ”๋“œ๋ฅผ ๋ฐ”ํƒ•์œผ๋กœ Build์™€ Test๋ฅผ ์ˆ˜ํ–‰
  3. ์ฝ”๋“œ๋ฅผ ์••์ถ•ํ•˜์—ฌ zipํŒŒ์ผ์„ ์ƒ์„ฑ
  4. S3์— zipํŒŒ์ผ์„ ์—…๋กœ๋“œ
  5. Code Deploy์— ๋ฐฐํฌ ์š”์ฒญ์„ ๋‚ด๋ฆผ
  6. S3๋กœ๋ถ€ํ„ฐ zipํŒŒ์ผ์„ ๋ฐ›์Œ
  7. ์ง€์ •ํ•œ EC2 ์ธ์Šคํ„ด์Šค์— ์• ํ”Œ๋ฆฌ์ผ€์ด์…˜ ํŒŒ์ผ์„ ์ „๋‹ฌ
  8. EC2 ์ธ์Šคํ„ด์Šค์—์„œ ์‰˜ ์Šคํฌ๋ฆฝํŠธ๋ฅผ ์‹คํ–‰ํ•˜์—ฌ ๋ฐฐํฌ ์™„๋ฃŒ

๐Ÿ‘ฉ‍๐Ÿ’ป ์„ค์น˜๊ณผ์ •

๐Ÿ“CI

1. github ํ”„๋กœ์ ํŠธ Repository์˜ Actions → set up a workflow your self ํด๋ฆญํ•˜์—ฌ yml ํŒŒ์ผ์„ ์ƒ์„ฑํ•ฉ๋‹ˆ๋‹ค.

2. ์ž๋™ ๋นŒ๋“œ ๋ฐ ํ…Œ์ŠคํŠธ๋ฅผ ์œ„ํ•ด ๋‹ค์Œ๊ณผ ๊ฐ™์ด yml ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค.

deploy.yml

name: Build and Deploy Spring Boot to AWS EC2

on:
  push:
    branches: [ main ]

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2

      - name: Setup Java JDK 11
        uses: actions/setup-java@v1
        with:
          java-version: 11

      - name: Setup MySQL
        uses: samin/mysql-action@v1
        with:
          character set server: 'utf8'
          mysql database: 'rds'
          mysql user: ${{user}}
          mysql password: ${{password}}

      - name: Grant execute permission for gradlew
        run: chmod +x ./gradlew
        shell: bash

      - name: Make application-prod.properties
        if: contains(github.ref, 'main') # branch๊ฐ€ main ์ผ ๋•Œ
        run: |
          cd ./src/main/resources
          touch ./application-prod.properties
          echo "${{ secrets.APPLICATION }}" > ./application-prod.properties
        shell: bash

      - name: Build with Gradle
        run: ./gradlew build -x test
        shell: bash

Github Actions๋Š” .github/workflows ํ•˜์œ„ ๊ฒฝ๋กœ์— ymlํŒŒ์ผ์„ ์ž‘์„ฑํ•˜๋ฉด, ํŠน์ • ํŠธ๋ฆฌ๊ฑฐ๊ฐ€ ๋ฐœ์ƒ ์‹œ Actions Runner๊ฐ€ yml ํŒŒ์ผ์— ์ง€์ •๋œ ํ–‰๋™์„ ์ˆ˜ํ–‰ํ•ฉ๋‹ˆ๋‹ค.

GithubActions
ํŒŒ์ผ ๊ตฌ์กฐ

3. ๋ฏผ๊ฐ ์ •๋ณด ํŒŒ์ผ์€ github Repository→Settings→Secrets and variable→Actions์—์„œ New repository secret ๋ฒ„ํŠผ์„ ๋ˆŒ๋Ÿฌ์„œ ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค.

CICD
cicd

4. APPLICATION์„ Name์œผ๋กœ rds ์ •๋ณด์™€ ๊ฐ™์ด ๊ณต๊ฐœํ•ด์„  ์•ˆ๋˜๋Š” ๋ฏผ๊ฐ์ •๋ณด๋ฅผ ์ž‘์„ฑํ•ฉ๋‹ˆ๋‹ค. ์ž‘์„ฑ ํ›„ Add secret์„ ๋ˆ„๋ฅด๋ฉด ๊นƒํ—ˆ๋ธŒ ์•ก์…˜์ด ๋นŒ๋“œํ•˜๋ฉด์„œ ์ž๋™์œผ๋กœ APPLICATION ๋‚ด์šฉ์„ ๊ฐ€์ง€๊ณ  application-prod.propertiesํŒŒ์ผ์„ ๋งŒ๋“ญ๋‹ˆ๋‹ค.

๊ฐœ๋ฐœ

 

๐Ÿ“CD

1. [S3 ๋ฒ„ํ‚ท ์ƒ์„ฑ]์ž‘์„ฑํ•œ ์ฝ”๋“œ๋ฅผ s3 ๋ฒ„ํ‚ท์— ์˜ฎ๊ธฐ๊ธฐ ์œ„ํ•ด s3 ๋ฒ„ํ‚ท์„ ์ƒ์„ฑํ•ฉ๋‹ˆ๋‹ค. ๋ฒ„ํ‚ท์„ ๊ตฌ๋ถ„ํ•˜๊ธฐ ์œ„ํ•œ ์ด๋ฆ„๊ณผ ์„œ์šธ ๋ฆฌ์ „์„ ์„ ํƒํ•ฉ๋‹ˆ๋‹ค.

๋ฐฑ์—”๋“œ

2. IAM ์‚ฌ์šฉ์ž๋ฅผ ์ด์šฉํ•˜์—ฌ s3์— ์ ‘๊ทผํ•  ๊ฒƒ์ด๊ธฐ ๋•Œ๋ฌธ์— ๋ชจ๋“  ํผ๋ธ”๋ฆญ ์—‘์„ธ์Šค๋ฅผ ์ฐจ๋‹จํ•ฉ๋‹ˆ๋‹ค.

์„œ๋ฒ„

3. ์ดํ›„ ๋‹ค๋ฅธ ์„ค์ •๋“ค์€ ๊ธฐ๋ณธ๊ฐ’์œผ๋กœ ํ•˜์—ฌ s3 ๋ฒ„ํ‚ท ์ƒ์„ฑ์„ ์™„๋ฃŒํ•ฉ๋‹ˆ๋‹ค.

aws

4. [IAM ์‚ฌ์šฉ์ž ์ƒ์„ฑ]CI/CD๋ฅผ ์œ„ํ•œ IAM ์‚ฌ์šฉ์ž๋ฅผ ์ƒ์„ฑํ•ฉ๋‹ˆ๋‹ค. ACCESS TOKEN ๊ฐ’์„ ์‚ฌ์šฉํ•˜๋ฉด ๋˜๋ฏ€๋กœ AWS Management Console์— ๋Œ€ํ•œ ์‚ฌ์šฉ์ž ์—‘์„ธ์Šค ๊ถŒํ•œ์€ ์ฒดํฌํ•˜์ง€ ์•Š์Šต๋‹ˆ๋‹ค.

codedeploy

5. AmazonS3FullAccess, AWSCodeDeployFullAccess ๊ถŒํ•œ์„ ์„ ํƒํ•œ ํ›„ IAM ์‚ฌ์šฉ์ž๋ฅผ ์ƒ์„ฑํ•ฉ๋‹ˆ๋‹ค.

springboot

6. AWS์—์„œ๋Š” ๊ธฐ๋ณธ์ ์œผ๋กœ ACCESS KEY๋ฅผ ์‚ฌ์šฉํ•œ ์ธ์ฆ ๋ฐฉ์‹์„ ๊ถŒ์žฅํ•˜๊ณ  ์žˆ์ง€ ์•Š๊ธฐ ๋•Œ๋ฌธ์— ๋”ฐ๋กœ ACCESS KEY๋ฅผ ์ƒ์„ฑํ•ด์•ผ ํ•ฉ๋‹ˆ๋‹ค. ์ƒ์„ฑ๋œ IAM ์‚ฌ์šฉ์ž๋ฅผ ํด๋ฆญํ•˜๊ณ  ๋ณด์•ˆ ์ž๊ฒฉ์ฆ๋ช…์— ๋“ค์–ด๊ฐ‘๋‹ˆ๋‹ค. ์•ก์„ธ์Šค ํ‚ค ๋งŒ๋“ค๊ธฐ๋ฅผ ํด๋ฆญํ•ฉ๋‹ˆ๋‹ค.

ํ‹ฐ๋Œ

7. AWS ์™ธ๋ถ€์—์„œ ์‹คํ–‰๋˜๋Š” ์• ํ”Œ๋ฆฌ์ผ€์ด์…˜์„ ์„ ํƒํ•œ ํ›„ ๋‹ค์Œ์œผ๋กœ ๋„˜์–ด๊ฐ‘๋‹ˆ๋‹ค.

springboot

8. ์•ก์„ธ์Šค ํ‚ค๊ฐ€ ์ƒ์„ฑ๋˜๋ฉด ์•ก์„ธ์Šค ํ‚ค์™€ ๋น„๋ฐ€ ์•ก์„ธ์Šค ํ‚ค๋ฅผ ๊ผญ ์ €์žฅํ•ฉ๋‹ˆ๋‹ค. ์™„๋ฃŒ ๋ฒ„ํŠผ์„ ๋ˆ„๋ฅด๋ฉด ๋‹ค์‹œ ํ‚ค ๊ฐ’์„ ๋ฐ›์„ ์ˆ˜ ์—†์œผ๋‹ˆ .csv ํŒŒ์ผ ๋‹ค์šด๋กœ๋“œ ๋ฒ„ํŠผ์„ ๋ˆŒ๋Ÿฌ ํ‚ค๊ฐ’์„ ์ €์žฅํ•ฉ๋‹ˆ๋‹ค. 

9. Github Actions์—์„œ AWS ์„œ๋น„์Šค์— ์ ‘๊ทผํ•  ์ˆ˜ ์žˆ๋„๋ก Repository์˜ Settings→Secret and variables→ Actions → New repository secret์— IAM ์‚ฌ์šฉ์ž์˜ ์•ก์„ธ์Šค ํ‚ค(AWS_ACCESS_KEY_ID์™€ ๋น„๋ฐ€ ์•ก์„ธ์Šค ํ‚ค(AWS_SECRET_ACCESS_KEY)๋ฅผ ์ €์žฅํ•ฉ๋‹ˆ๋‹ค.

github

10. [EC2 ๊ด€๋ จ ์„ค์ •]EC2 ์ธ์Šคํ„ด์Šค์— ๋Œ€ํ•œ IAM ์—ญํ• ์„ ์ˆ˜์ •ํ•ฉ๋‹ˆ๋‹ค.

jenkins

11. ์ƒˆ ์—ญํ•  ์ƒ์„ฑ ๋ฒ„ํŠผ์„ ํด๋ฆญํ•ฉ๋‹ˆ๋‹ค.

ci/cd

12. AWS ์„œ๋น„์Šค → ์‚ฌ์šฉ์‚ฌ๋ก€๋Š” EC2๋ฅผ ํด๋ฆญํ•˜๊ณ  ๋‹ค์Œ ๋ฒ„ํŠผ์œผ๋กœ ๋„˜์–ด๊ฐ‘๋‹ˆ๋‹ค.

์„œ๋ฒ„

13. IAM ์—ญํ• ์„ ๊ตฌ๋ถ„ํ•  ์ˆ˜ ์žˆ๋Š” ์ด๋ฆ„์„ ์ž‘์„ฑํ•˜๊ณ  AmazonS3FullAccess์™€ AWSCodeDeployFullAccess์— ๋Œ€ํ•œ ๊ถŒํ•œ์„ ๋ถ€์—ฌํ•ฉ๋‹ˆ๋‹ค.

ํ”„๋กœ์ ํŠธ๊ด€๋ฆฌ

14. ์ƒ์„ฑํ•œ IAM ์—ญํ• ์„ EC2 ์ธ์Šคํ„ด์Šค์— ์—ฐ๊ฒฐํ•ฉ๋‹ˆ๋‹ค.


๋‹ค์Œ ๊ธ€์—์„œ ๊ณ„์†๋ฉ๋‹ˆ๋‹ค.


๐Ÿ‘ฉ‍๐Ÿ’ป ๋งˆ์น˜๋ฉฐ

CI/CD ๊ตฌ์ถ•์— ๋Œ€ํ•œ ๊ธด ๊ธ€์„ ์ฝ์–ด์ฃผ์…”์„œ ๊ฐ์‚ฌํ•ฉ๋‹ˆ๋‹ค!

CI/CD๋ฅผ ๊ตฌ์ถ•ํ•˜๋Š”๋ฐ ์งง์ง€ ์•Š์€ ์‹œ๊ฐ„์ด ๊ฑธ๋ ธ์ง€๋งŒ, ๋นŒ๋“œ์™€ ๋ฐฐํฌ๋ฅผ ์ž๋™ํ™”ํ•˜๋ฉด์„œ ์ œํ’ˆ ํ’ˆ์งˆ์„ ๋†’์ผ ์ˆ˜ ์žˆ์—ˆ๊ณ , ์‚ฌ์šฉ์ž์—๊ฒŒ ๋” ๋น ๋ฅธ ์„œ๋น„์Šค๋ฅผ ์ œ๊ณตํ•  ์ˆ˜ ์žˆ์–ด ๋œป๊นŠ์€ ์‹œ๊ฐ„์ด์—ˆ์Šต๋‹ˆ๋‹ค.

์ด ๊ธ€์ด ์—ฌ๋Ÿฌ๋ถ„์—๊ฒŒ ๋„์›€์ด ๋˜๊ธฐ๋ฅผ ๋ฐ”๋ผ๋ฉฐ ์ €๋Š” ๋‹ค์Œ ๊ธ€ [GitHub Actions๋กœ CI/CD ๊ตฌ์ถ•ํ•˜๊ธฐ(2)] CodeDeploy ์„ค์น˜, ๋ฐฐํฌ ์Šคํฌ๋ฆฝํŠธ ์ž‘์„ฑ์—์„œ ๋” ๋‚˜์€ ๋‚ด์šฉ์œผ๋กœ ์ฐพ์•„์˜ค๊ฒ ์Šต๋‹ˆ๋‹ค. 

๊ฐ์‚ฌํ•ฉ๋‹ˆ๋‹ค๐Ÿ˜„

 

๐Ÿ‘ฉ‍๐Ÿ’ป ์ฐธ๊ณ 

https://velog.io/@sgwon1996/GitHub-Action%EC%9C%BC%EB%A1%9C-CICD-%EA%B5%AC%EC%B6%95%ED%95%98%EA%B8%B0

 

GitHub Action์œผ๋กœ CI/CD ๊ตฌ์ถ•ํ•˜๊ธฐ

GitHub Action์„ ํ†ตํ•ด ์ด๋ฏธ์ง€ ๋นŒ๋“œ ๋ฐ ์—…๋กœ๋“œ, ์ปจํ…Œ์ด๋„ˆ ๋ฐฐํฌ๋ฅผ ์ˆ˜ํ–‰ํ•˜๋Š” ํŒŒ์ดํ”„๋ผ์ธ์„ ๊ตฌ์ถ•ํ•ด๋ณด๊ฒ ์Šต๋‹ˆ๋‹ค.

velog.io

 

๐Ÿ“ฉ Contact : uuuuujeong00000@naver.com

๐Ÿ“ฒ SNS : https://www.instagram.com/may_u_j__