-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathJenkinsfile
More file actions
158 lines (137 loc) · 5.66 KB
/
Jenkinsfile
File metadata and controls
158 lines (137 loc) · 5.66 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
pipeline {
agent any
options { timestamps() }
environment {
AWS_REGION = 'ap-northeast-2'
ECR_REPO = 'refit-spring'
SSM_PARAM = '/refit/backend/image_uri'
ASG_NAME = 'asg-spring-dev'
APP_DIR = '.'
}
stages {
stage('Checkout'){
steps{
checkout scm
sh '''
set -e
git config --local core.hooksPath .git/hooks || true
git lfs install --local || true
git lfs fetch --all || true
git lfs checkout || true
test -f gradlew || { echo "[ERROR] gradlew missing"; exit 1; }
test -f gradle/wrapper/gradle-wrapper.properties || { echo "[ERROR] wrapper properties missing"; exit 1; }
test -f gradle/wrapper/gradle-wrapper.jar || { echo "[ERROR] wrapper jar missing"; exit 1; }
chmod +x gradlew || true
'''
}
}
stage('Prepare Vars') {
steps {
script {
env.TS = sh(script: "date +%Y%m%d%H%M%S", returnStdout: true).trim()
env.GIT_SHA = sh(script: "git rev-parse --short HEAD", returnStdout: true).trim()
env.ACCOUNT_ID = sh(script: "aws sts get-caller-identity --query Account --output text --region ${env.AWS_REGION}", returnStdout: true).trim()
env.ECR_URI = "${env.ACCOUNT_ID}.dkr.ecr.${env.AWS_REGION}.amazonaws.com/${env.ECR_REPO}"
env.IMAGE_TAG = "${env.TS}-${env.GIT_SHA}"
env.IMAGE_URI = "${env.ECR_URI}:${env.IMAGE_TAG}"
}
}
}
stage('Build JAR (JDK 21)'){
steps {
dir("${APP_DIR}") {
sh '''
set -e
rm -rf .gradle .gradle-ci .tmp || true
mkdir -p .gradle-ci .tmp
export HOME="$PWD"
export GRADLE_USER_HOME="$PWD/.gradle-ci"
export JAVA_TOOL_OPTIONS="-Djava.io.tmpdir=$PWD/.tmp"
chmod +x gradlew || true
./gradlew --no-daemon \
--project-cache-dir .gradle-ci \
-Dorg.gradle.jvmargs="-Xmx512m" \
clean bootJar -x test
'''
}
}
}
stage('Docker Login & Build & Push'){
steps {
sh """
set -e
aws ecr describe-repositories --repository-names ${ECR_REPO} --region ${AWS_REGION} >/dev/null 2>&1 \
|| aws ecr create-repository --repository-name ${ECR_REPO} --region ${AWS_REGION}
aws ecr get-login-password --region ${AWS_REGION} \
| docker login --username AWS --password-stdin ${ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com
export DOCKER_BUILDKIT=1
docker build --memory=1.5g -t ${IMAGE_URI} -f ${APP_DIR}/Dockerfile ${APP_DIR}
docker push ${IMAGE_URI}
"""
}
}
stage('Update SSM (image_uri)'){
steps {
sh """
set -e
aws ssm put-parameter --region ${AWS_REGION} \
--name "${SSM_PARAM}" --type "String" \
--value "${IMAGE_URI}" --overwrite >/dev/null
"""
}
}
stage('Deploy') {
steps {
sh '''
set -euo pipefail
AWS_REGION="${AWS_REGION}"
ASG_NAME="${ASG_NAME}"
SSM_PARAM="${SSM_PARAM}"
INSTANCE_IDS="i-0f55d4b2bb7621a43"
if [ -z "$INSTANCE_IDS" ]; then
echo "[ERROR] No InService instances found in ASG: $ASG_NAME" >&2
exit 1
fi
IMAGE_URI=$(aws ssm get-parameter \
--region "$AWS_REGION" \
--name "$SSM_PARAM" \
--query "Parameter.Value" --output text)
REGISTRY=$(echo "$IMAGE_URI" | cut -d'/' -f1)
echo "[INFO] Deploying container on: $INSTANCE_IDS"
aws ssm send-command \
--region "$AWS_REGION" \
--document-name "AWS-RunShellScript" \
--comment "refit backend deploy" \
--instance-ids ${INSTANCE_IDS} \
--parameters commands="[ \\
\\"set -e\\", \\
\\"aws ecr get-login-password --region ${AWS_REGION} | docker login --username AWS --password-stdin ${REGISTRY}\\", \\
\\"docker pull ${IMAGE_URI}\\", \\
\\"mkdir -p /opt/config\\", \\
\\"aws secretsmanager get-secret-value --region ${AWS_REGION} --secret-id /refit/spring/application_yml --query SecretString --output text > /opt/config/application.yml\\", \\
\\"aws secretsmanager get-secret-value --region ${AWS_REGION} --secret-id /refit/firebase/adminsdk --query SecretString --output text > /opt/config/firebase-adminsdk.json\\", \\
\\"docker network create refit-net || true\\", \\
\\"docker rm -f redis || true\\", \\
\\"docker run -d --name redis --network refit-net --restart=always -p 6379:6379 redis:7\\", \\
\\"echo '[INFO] Waiting for Redis to be ready...'\\", \\
\\"for i in {1..10}; do docker run --rm --network refit-net redis:7 redis-cli -h redis ping && break || sleep 2; done\\", \\
\\"docker rm -f refit || true\\", \\
\\"docker run -d --name refit --network refit-net --restart=always -p 8080:8080 \\
-v /opt/config:/opt/config \\
-v /opt/config/firebase-adminsdk.json:/app/config/firebase-adminsdk.json \\
-v /home/ec2-user/oci-wallet:/app/oci-wallet \\
-e TNS_ADMIN=/app/oci-wallet \\
-e SPRING_CONFIG_LOCATION=file:/opt/config/application.yml \\
${IMAGE_URI}\\" \\
]" \
--output text >/dev/null
'''
}
}
}
post {
always { cleanWs() }
success { echo "Deployed : ${IMAGE_URI}" }
failure { echo "Failed — check Jenkins logs" }
}
}