From ca0a4b96b7d52fd23888f62ac21c4e1674c976ca Mon Sep 17 00:00:00 2001 From: J Date: Mon, 5 Jan 2026 23:37:52 +0900 Subject: [PATCH 01/16] Update App.js --- my-app/src/App.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/my-app/src/App.js b/my-app/src/App.js index 09c0956..6a97be0 100644 --- a/my-app/src/App.js +++ b/my-app/src/App.js @@ -15,7 +15,7 @@ function App() { target="_blank" rel="noopener noreferrer" > - Learn GithubAction 2 + Learn GithubAction cicd1 test @@ -23,3 +23,4 @@ function App() { } export default App; + From 50e440914ed1eebdd3f80b08b1b3931b9ee43ecd Mon Sep 17 00:00:00 2001 From: J Date: Mon, 5 Jan 2026 23:47:10 +0900 Subject: [PATCH 02/16] Update App.js --- my-app/src/App.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/my-app/src/App.js b/my-app/src/App.js index 6a97be0..55d69d8 100644 --- a/my-app/src/App.js +++ b/my-app/src/App.js @@ -15,7 +15,7 @@ function App() { target="_blank" rel="noopener noreferrer" > - Learn GithubAction cicd1 test + Learn GithubAction cicd1 test1 @@ -24,3 +24,4 @@ function App() { export default App; + From 5b39dc1d167584660f5d0ff0608d2331f9d29502 Mon Sep 17 00:00:00 2001 From: J Date: Mon, 5 Jan 2026 23:52:04 +0900 Subject: [PATCH 03/16] Update App.js --- my-app/src/App.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/my-app/src/App.js b/my-app/src/App.js index 55d69d8..969ed79 100644 --- a/my-app/src/App.js +++ b/my-app/src/App.js @@ -15,7 +15,7 @@ function App() { target="_blank" rel="noopener noreferrer" > - Learn GithubAction cicd1 test1 + Learn GithubAction cicd1 test2 @@ -25,3 +25,4 @@ function App() { export default App; + From 2e4a0a2e469923c08b83d708482e28c444b30b15 Mon Sep 17 00:00:00 2001 From: J Date: Tue, 6 Jan 2026 20:33:14 +0900 Subject: [PATCH 04/16] Add cicd-1.yaml --- .github/workflows/cicd-1.yaml | 93 +++++++++++++++++++++++++++++++++-- 1 file changed, 88 insertions(+), 5 deletions(-) diff --git a/.github/workflows/cicd-1.yaml b/.github/workflows/cicd-1.yaml index 79cf89a..a9be434 100644 --- a/.github/workflows/cicd-1.yaml +++ b/.github/workflows/cicd-1.yaml @@ -11,19 +11,102 @@ jobs: if: github.event.action == 'opened' || github.event.action == 'synchronize' runs-on: ubuntu-latest steps: - - name: checkout + - name: checkout the code uses: actions/checkout@v4 + - name: setup-node + uses: actions/setup-node@v3 + with: + node-version: 18 + - name: Cache Node.js modules + uses: actions/cache@v3 + with: + path: ~/.npm + key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} + restore-keys: | + ${{ runner.os }}-node- + - name: Install dependencies + run: | + cd my-app + npm ci + - name: npm build + run: | + cd my-app + npm run build image-build: if: github.event.pull_request.merged == true runs-on: ubuntu-latest + permissions: + id-token: write + contents: read steps: - - name: checkout + - name: checkout the code uses: actions/checkout@v4 - + - name: Configure AWS Credentials + id: credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-region: ${{ vars.AWS_REGION }} + role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v2 + with: + mask-password: 'true' + - name: docker build & push + run: | + docker build -f Dockerfile --tag ${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }}:${{ github.sha }} . + docker push ${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }}:${{ github.sha }} + deploy: runs-on: ubuntu-latest - needs: [image-build] + needs: [ image-build ] + permissions: + id-token: write + contents: read steps: - - name: checkout + - name: checkout the code uses: actions/checkout@v4 + - name: Configure AWS Credentials + id: credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-region: ${{ vars.AWS_REGION }} + role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} + - name: setup kubectl + uses: azure/setup-kubectl@v3 + with: + version: latest + - name: setup helm + uses: azure/setup-helm@v3 + with: + version: v3.11.1 + - name: access kubernetes + run: | + aws eks update-kubeconfig --name ${{ vars.CLUSTER_NAME }} + - name: deploy + id: status + run: | + helm upgrade --install my-app kubernetes/my-app --create-namespace --namespace my-app-${{ vars.SUFFIX }} \ + --set image.tag=${{ github.sha }} \ + --set image.repository=${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }} + - name: notify + if: always() + uses: slackapi/slack-github-action@v1.24.0 + with: + payload: | + { + "text": "message", + "blocks": [ + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": "Environment : dev, Deploy Result : ${{ steps.status.outcome }}, Repository : ${{ github.repository }}." + } + } + ] + } + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK \ No newline at end of file From b048102230527bcb2ed084330d60f5421ceaff76 Mon Sep 17 00:00:00 2001 From: J Date: Wed, 14 Jan 2026 20:28:25 +0900 Subject: [PATCH 05/16] Add cicd-2.yaml --- .github/workflows/cicd-2.yaml | 156 +++++++++++++++ .github/workflows/{ => part4}/cicd-1.yaml | 222 +++++++++++----------- 2 files changed, 267 insertions(+), 111 deletions(-) create mode 100644 .github/workflows/cicd-2.yaml rename .github/workflows/{ => part4}/cicd-1.yaml (96%) diff --git a/.github/workflows/cicd-2.yaml b/.github/workflows/cicd-2.yaml new file mode 100644 index 0000000..8cf0824 --- /dev/null +++ b/.github/workflows/cicd-2.yaml @@ -0,0 +1,156 @@ +name: cicd-2 +on: + pull_request: + types: [opened, synchronize, closed] + branches: [dev, master] + paths: + - 'my-app/**' + +jobs: + test: + if: github.event.action == 'opened' || github.event.action == 'synchronize' + runs-on: ubuntu-latest + steps: + - name: checkout the code + uses: actions/checkout@v4 + - name: setup-node + uses: actions/setup-node@v3 + with: + node-version: 18 + - name: Cache Node.js modules + uses: actions/cache@v3 + with: + path: ~/.npm + key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} + restore-keys: | + ${{ runner.os }}-node- + - name: Install dependencies + run: | + cd my-app + npm ci + - name: npm build + run: | + cd my-app + npm run build + + set-environment: + if: github.event.pull_request.merged == true + runs-on: ubuntu-latest + outputs: + environment: ${{ steps.set-env.outputs.environment }} + steps: + - name: set env + id: set-env + run: | + echo ${{ github.base_ref }} + echo "environment=dev" >> $GITHUB_OUTPUT + + if [[ ${{ github.base_ref }} == "master" ]]; then + echo "environment=prod" >> $GITHUB_OUTPUT + fi + - name: check env + run: echo ${{ steps.set-env.outputs.environment }} + + image-build: + runs-on: ubuntu-latest + needs: [set-environment] + permissions: + id-token: write + contents: read + strategy: + matrix: + environment: ["${{ needs.set-environment.outputs.environment }}"] + environment: ${{ matrix.environment }} + steps: + - name: checkout the code + uses: actions/checkout@v4 + - name: Configure AWS Credentials + id: credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-region: ${{ vars.AWS_REGION }} + role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v2 + with: + mask-password: 'true' + - name: docker build & push + run: | + docker build -f Dockerfile --tag ${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }}:${{ github.sha }} . + docker push ${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }}:${{ github.sha }} + + deploy: + runs-on: ubuntu-latest + needs: [ set-environment, image-build ] + permissions: + id-token: write + contents: read + strategy: + matrix: + environment: ["${{ needs.set-environment.outputs.environment }}"] + environment: ${{ matrix.environment }} + steps: + - name: checkout the code + uses: actions/checkout@v4 + - name: Configure AWS Credentials + id: credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-region: ${{ vars.AWS_REGION }} + role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} + - name: setup kubectl + uses: azure/setup-kubectl@v3 + with: + version: latest + - name: setup helm + uses: azure/setup-helm@v3 + with: + version: v3.11.1 + - name: access kubernetes + run: | + aws eks update-kubeconfig --name ${{ vars.CLUSTER_NAME }} + - name: deploy + id: status + run: | + helm upgrade --install my-app kubernetes/my-app --create-namespace --namespace my-app-${{ vars.SUFFIX }} \ + --set image.tag=${{ github.sha }} \ + --set image.repository=${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }} + - name: notify + if: always() + uses: slackapi/slack-github-action@v1.24.0 + with: + payload: | + { + "text": "message", + "blocks": [ + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": "Environment : ${{ matrix.environment }}, Deploy Result : ${{ steps.status.outcome }}, Repository : ${{ github.repository }}." + } + } + ] + } + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK + + create-pr: + if: needs.set-environment.outputs.environment == 'dev' + runs-on: ubuntu-latest + needs: [set-environment, deploy] + steps: + - name: checkout + uses: actions/checkout@v4 + - name: gh auth login + run: | + echo ${{ secrets.PERSONAL_ACCESS_TOKEN }} | gh auth login --with-token + - name: create branch + run: | + git checkout -b release/${{ github.run_id }} + git push origin release/${{ github.run_id }} + - name: create pr + run: | + gh pr create --base master --head release/${{ github.run_id }} --title "release/${{ github.run_id }} -> master" --body "release pr" \ No newline at end of file diff --git a/.github/workflows/cicd-1.yaml b/.github/workflows/part4/cicd-1.yaml similarity index 96% rename from .github/workflows/cicd-1.yaml rename to .github/workflows/part4/cicd-1.yaml index a9be434..c1ade69 100644 --- a/.github/workflows/cicd-1.yaml +++ b/.github/workflows/part4/cicd-1.yaml @@ -1,112 +1,112 @@ -name: cicd-1 -on: - pull_request: - types: [opened, synchronize, closed] - branches: [dev] - paths: - - 'my-app/**' - -jobs: - test: - if: github.event.action == 'opened' || github.event.action == 'synchronize' - runs-on: ubuntu-latest - steps: - - name: checkout the code - uses: actions/checkout@v4 - - name: setup-node - uses: actions/setup-node@v3 - with: - node-version: 18 - - name: Cache Node.js modules - uses: actions/cache@v3 - with: - path: ~/.npm - key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} - restore-keys: | - ${{ runner.os }}-node- - - name: Install dependencies - run: | - cd my-app - npm ci - - name: npm build - run: | - cd my-app - npm run build - - image-build: - if: github.event.pull_request.merged == true - runs-on: ubuntu-latest - permissions: - id-token: write - contents: read - steps: - - name: checkout the code - uses: actions/checkout@v4 - - name: Configure AWS Credentials - id: credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - aws-region: ${{ vars.AWS_REGION }} - role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} - - name: Login to Amazon ECR - id: login-ecr - uses: aws-actions/amazon-ecr-login@v2 - with: - mask-password: 'true' - - name: docker build & push - run: | - docker build -f Dockerfile --tag ${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }}:${{ github.sha }} . - docker push ${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }}:${{ github.sha }} - - deploy: - runs-on: ubuntu-latest - needs: [ image-build ] - permissions: - id-token: write - contents: read - steps: - - name: checkout the code - uses: actions/checkout@v4 - - name: Configure AWS Credentials - id: credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - aws-region: ${{ vars.AWS_REGION }} - role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} - - name: setup kubectl - uses: azure/setup-kubectl@v3 - with: - version: latest - - name: setup helm - uses: azure/setup-helm@v3 - with: - version: v3.11.1 - - name: access kubernetes - run: | - aws eks update-kubeconfig --name ${{ vars.CLUSTER_NAME }} - - name: deploy - id: status - run: | - helm upgrade --install my-app kubernetes/my-app --create-namespace --namespace my-app-${{ vars.SUFFIX }} \ - --set image.tag=${{ github.sha }} \ - --set image.repository=${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }} - - name: notify - if: always() - uses: slackapi/slack-github-action@v1.24.0 - with: - payload: | - { - "text": "message", - "blocks": [ - { - "type": "section", - "text": { - "type": "mrkdwn", - "text": "Environment : dev, Deploy Result : ${{ steps.status.outcome }}, Repository : ${{ github.repository }}." - } - } - ] - } - env: - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} +name: cicd-1 +on: + pull_request: + types: [opened, synchronize, closed] + branches: [dev] + paths: + - 'my-app/**' + +jobs: + test: + if: github.event.action == 'opened' || github.event.action == 'synchronize' + runs-on: ubuntu-latest + steps: + - name: checkout the code + uses: actions/checkout@v4 + - name: setup-node + uses: actions/setup-node@v3 + with: + node-version: 18 + - name: Cache Node.js modules + uses: actions/cache@v3 + with: + path: ~/.npm + key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} + restore-keys: | + ${{ runner.os }}-node- + - name: Install dependencies + run: | + cd my-app + npm ci + - name: npm build + run: | + cd my-app + npm run build + + image-build: + if: github.event.pull_request.merged == true + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + steps: + - name: checkout the code + uses: actions/checkout@v4 + - name: Configure AWS Credentials + id: credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-region: ${{ vars.AWS_REGION }} + role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v2 + with: + mask-password: 'true' + - name: docker build & push + run: | + docker build -f Dockerfile --tag ${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }}:${{ github.sha }} . + docker push ${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }}:${{ github.sha }} + + deploy: + runs-on: ubuntu-latest + needs: [ image-build ] + permissions: + id-token: write + contents: read + steps: + - name: checkout the code + uses: actions/checkout@v4 + - name: Configure AWS Credentials + id: credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-region: ${{ vars.AWS_REGION }} + role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} + - name: setup kubectl + uses: azure/setup-kubectl@v3 + with: + version: latest + - name: setup helm + uses: azure/setup-helm@v3 + with: + version: v3.11.1 + - name: access kubernetes + run: | + aws eks update-kubeconfig --name ${{ vars.CLUSTER_NAME }} + - name: deploy + id: status + run: | + helm upgrade --install my-app kubernetes/my-app --create-namespace --namespace my-app-${{ vars.SUFFIX }} \ + --set image.tag=${{ github.sha }} \ + --set image.repository=${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }} + - name: notify + if: always() + uses: slackapi/slack-github-action@v1.24.0 + with: + payload: | + { + "text": "message", + "blocks": [ + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": "Environment : dev, Deploy Result : ${{ steps.status.outcome }}, Repository : ${{ github.repository }}." + } + } + ] + } + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK \ No newline at end of file From 02e2d7c8fd1d1d576bb04102775fbf396940ac2c Mon Sep 17 00:00:00 2001 From: J Date: Wed, 14 Jan 2026 20:41:35 +0900 Subject: [PATCH 06/16] Update App.js --- my-app/src/App.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/my-app/src/App.js b/my-app/src/App.js index 969ed79..4c0b019 100644 --- a/my-app/src/App.js +++ b/my-app/src/App.js @@ -15,7 +15,7 @@ function App() { target="_blank" rel="noopener noreferrer" > - Learn GithubAction cicd1 test2 + Learn GithubAction cicd2 test2 @@ -26,3 +26,4 @@ export default App; + From 711d842c3569bba442ebec147a783265b9de016e Mon Sep 17 00:00:00 2001 From: J Date: Wed, 14 Jan 2026 20:51:20 +0900 Subject: [PATCH 07/16] Add cicd-2.yaml --- .github/workflows/cicd-2.yaml | 154 +++++++++++++++++----------------- 1 file changed, 77 insertions(+), 77 deletions(-) diff --git a/.github/workflows/cicd-2.yaml b/.github/workflows/cicd-2.yaml index 8cf0824..18049fb 100644 --- a/.github/workflows/cicd-2.yaml +++ b/.github/workflows/cicd-2.yaml @@ -13,25 +13,25 @@ jobs: steps: - name: checkout the code uses: actions/checkout@v4 - - name: setup-node - uses: actions/setup-node@v3 - with: - node-version: 18 - - name: Cache Node.js modules - uses: actions/cache@v3 - with: - path: ~/.npm - key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} - restore-keys: | - ${{ runner.os }}-node- - - name: Install dependencies - run: | - cd my-app - npm ci - - name: npm build - run: | - cd my-app - npm run build +# - name: setup-node +# uses: actions/setup-node@v3 +# with: +# node-version: 18 +# - name: Cache Node.js modules +# uses: actions/cache@v3 +# with: +# path: ~/.npm +# key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} +# restore-keys: | +# ${{ runner.os }}-node- +# - name: Install dependencies +# run: | +# cd my-app +# npm ci +# - name: npm build +# run: | +# cd my-app +# npm run build set-environment: if: github.event.pull_request.merged == true @@ -64,21 +64,21 @@ jobs: steps: - name: checkout the code uses: actions/checkout@v4 - - name: Configure AWS Credentials - id: credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - aws-region: ${{ vars.AWS_REGION }} - role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} - - name: Login to Amazon ECR - id: login-ecr - uses: aws-actions/amazon-ecr-login@v2 - with: - mask-password: 'true' - - name: docker build & push - run: | - docker build -f Dockerfile --tag ${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }}:${{ github.sha }} . - docker push ${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }}:${{ github.sha }} +# - name: Configure AWS Credentials +# id: credentials +# uses: aws-actions/configure-aws-credentials@v4 +# with: +# aws-region: ${{ vars.AWS_REGION }} +# role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} +# - name: Login to Amazon ECR +# id: login-ecr +# uses: aws-actions/amazon-ecr-login@v2 +# with: +# mask-password: 'true' +# - name: docker build & push +# run: | +# docker build -f Dockerfile --tag ${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }}:${{ github.sha }} . +# docker push ${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }}:${{ github.sha }} deploy: runs-on: ubuntu-latest @@ -93,49 +93,49 @@ jobs: steps: - name: checkout the code uses: actions/checkout@v4 - - name: Configure AWS Credentials - id: credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - aws-region: ${{ vars.AWS_REGION }} - role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} - - name: setup kubectl - uses: azure/setup-kubectl@v3 - with: - version: latest - - name: setup helm - uses: azure/setup-helm@v3 - with: - version: v3.11.1 - - name: access kubernetes - run: | - aws eks update-kubeconfig --name ${{ vars.CLUSTER_NAME }} - - name: deploy - id: status - run: | - helm upgrade --install my-app kubernetes/my-app --create-namespace --namespace my-app-${{ vars.SUFFIX }} \ - --set image.tag=${{ github.sha }} \ - --set image.repository=${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }} - - name: notify - if: always() - uses: slackapi/slack-github-action@v1.24.0 - with: - payload: | - { - "text": "message", - "blocks": [ - { - "type": "section", - "text": { - "type": "mrkdwn", - "text": "Environment : ${{ matrix.environment }}, Deploy Result : ${{ steps.status.outcome }}, Repository : ${{ github.repository }}." - } - } - ] - } - env: - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} - SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK +# - name: Configure AWS Credentials +# id: credentials +# uses: aws-actions/configure-aws-credentials@v4 +# with: +# aws-region: ${{ vars.AWS_REGION }} +# role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} +# - name: setup kubectl +# uses: azure/setup-kubectl@v3 +# with: +# version: latest +# - name: setup helm +# uses: azure/setup-helm@v3 +# with: +# version: v3.11.1 +# - name: access kubernetes +# run: | +# aws eks update-kubeconfig --name ${{ vars.CLUSTER_NAME }} +# - name: deploy +# id: status +# run: | +# helm upgrade --install my-app kubernetes/my-app --create-namespace --namespace my-app-${{ vars.SUFFIX }} \ +# --set image.tag=${{ github.sha }} \ +# --set image.repository=${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }} +# - name: notify +# if: always() +# uses: slackapi/slack-github-action@v1.24.0 +# with: +# payload: | +# { +# "text": "message", +# "blocks": [ +# { +# "type": "section", +# "text": { +# "type": "mrkdwn", +# "text": "Environment : ${{ matrix.environment }}, Deploy Result : ${{ steps.status.outcome }}, Repository : ${{ github.repository }}." +# } +# } +# ] +# } +# env: +# SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} +# SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK create-pr: if: needs.set-environment.outputs.environment == 'dev' From de1c8870fe4a8c34a01cd40c2cbf23d6efaa8857 Mon Sep 17 00:00:00 2001 From: J Date: Wed, 14 Jan 2026 20:55:46 +0900 Subject: [PATCH 08/16] Update App.js --- my-app/src/App.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/my-app/src/App.js b/my-app/src/App.js index 4c0b019..6619ef4 100644 --- a/my-app/src/App.js +++ b/my-app/src/App.js @@ -15,7 +15,7 @@ function App() { target="_blank" rel="noopener noreferrer" > - Learn GithubAction cicd2 test2 + Learn GithubAction cicd2 test22 @@ -27,3 +27,4 @@ export default App; + From 52001fd62bf303336acefaec094e0e0165d7162c Mon Sep 17 00:00:00 2001 From: J Date: Wed, 14 Jan 2026 21:04:25 +0900 Subject: [PATCH 09/16] Update App.js --- my-app/src/App.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/my-app/src/App.js b/my-app/src/App.js index 6619ef4..fec9478 100644 --- a/my-app/src/App.js +++ b/my-app/src/App.js @@ -15,7 +15,7 @@ function App() { target="_blank" rel="noopener noreferrer" > - Learn GithubAction cicd2 test22 + Learn GithubAction cicd2 test222 @@ -28,3 +28,4 @@ export default App; + From 9ffbf163e590eb8bd486aa1ba147a001d5824574 Mon Sep 17 00:00:00 2001 From: J Date: Wed, 14 Jan 2026 21:31:24 +0900 Subject: [PATCH 10/16] Add cicd-3.yaml --- .github/workflows/cicd-3.yaml | 168 ++++++++++++++++++++++ .github/workflows/{ => part4}/cicd-2.yaml | 0 2 files changed, 168 insertions(+) create mode 100644 .github/workflows/cicd-3.yaml rename .github/workflows/{ => part4}/cicd-2.yaml (100%) diff --git a/.github/workflows/cicd-3.yaml b/.github/workflows/cicd-3.yaml new file mode 100644 index 0000000..b4e757b --- /dev/null +++ b/.github/workflows/cicd-3.yaml @@ -0,0 +1,168 @@ +name: cicd-3 +on: + push: + paths: + - 'my-app/**' + tags: + - 'v[0-9]+.[0-9]+.[0-9]+' + pull_request: + types: [opened, synchronize, closed] + branches: [dev, master] + paths: + - 'my-app/**' + +jobs: + test: + if: github.event.action == 'opened' || github.event.action == 'synchronize' + runs-on: ubuntu-latest + steps: + - name: checkout the code + uses: actions/checkout@v4 +# - name: setup-node +# uses: actions/setup-node@v3 +# with: +# node-version: 18 +# - name: Cache Node.js modules +# uses: actions/cache@v3 +# with: +# path: ~/.npm +# key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} +# restore-keys: | +# ${{ runner.os }}-node- +# - name: Install dependencies +# run: | +# cd my-app +# npm ci +# - name: npm build +# run: | +# cd my-app +# npm run build + + set-environment: + if: github.event.pull_request.merged == true || github.ref_type == 'tag' + runs-on: ubuntu-latest + outputs: + environment: ${{ steps.set-env.outputs.environment }} + steps: + - name: set env + id: set-env + run: | + if [[ ${{ github.ref_type }} == "tag" ]]; then + echo "environment=qa" >> $GITHUB_OUTPUT + exit 0 + fi + + if [[ ${{ github.ref_type }} == "branch" ]]; then + echo "environment=dev" >> $GITHUB_OUTPUT + if [[ ${{ github.base_ref }} == "master" ]]; then + echo "environment=prod" >> $GITHUB_OUTPUT + fi + fi + - name: check env + run: echo ${{ steps.set-env.outputs.environment }} + + + image-build: + runs-on: ubuntu-latest + needs: [set-environment] + permissions: + id-token: write + contents: read + strategy: + matrix: + environment: ["${{ needs.set-environment.outputs.environment }}"] + environment: ${{ matrix.environment }} + steps: + - name: checkout the code + uses: actions/checkout@v4 +# - name: Configure AWS Credentials +# id: credentials +# uses: aws-actions/configure-aws-credentials@v4 +# with: +# aws-region: ${{ vars.AWS_REGION }} +# role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} +# - name: Login to Amazon ECR +# id: login-ecr +# uses: aws-actions/amazon-ecr-login@v2 +# with: +# mask-password: 'true' +# - name: docker build & push +# run: | +# docker build -f Dockerfile --tag ${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }}:${{ github.sha }} . +# docker push ${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }}:${{ github.sha }} + + deploy: + runs-on: ubuntu-latest + needs: [ set-environment, image-build ] + permissions: + id-token: write + contents: read + strategy: + matrix: + environment: ["${{ needs.set-environment.outputs.environment }}"] + environment: ${{ matrix.environment }} + steps: + - name: checkout the code + uses: actions/checkout@v4 +# - name: Configure AWS Credentials +# id: credentials +# uses: aws-actions/configure-aws-credentials@v4 +# with: +# aws-region: ${{ vars.AWS_REGION }} +# role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} +# - name: setup kubectl +# uses: azure/setup-kubectl@v3 +# with: +# version: latest +# - name: setup helm +# uses: azure/setup-helm@v3 +# with: +# version: v3.11.1 +# - name: access kubernetes +# run: | +# aws eks update-kubeconfig --name ${{ vars.CLUSTER_NAME }} +# - name: deploy +# id: status +# run: | +# helm upgrade --install my-app kubernetes/my-app --create-namespace --namespace my-app-${{ vars.SUFFIX }} \ +# --set image.tag=${{ github.sha }} \ +# --set image.repository=${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }} +# - name: notify +# if: always() +# uses: slackapi/slack-github-action@v1.24.0 +# with: +# payload: | +# { +# "text": "message", +# "blocks": [ +# { +# "type": "section", +# "text": { +# "type": "mrkdwn", +# "text": "Environment : ${{ matrix.environment }}, Deploy Result : ${{ steps.status.outcome }}, Repository : ${{ github.repository }}." +# } +# } +# ] +# } +# env: +# SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} +# SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK + + create-pr: + if: needs.set-environment.outputs.environment == 'qa' + runs-on: ubuntu-latest + needs: [set-environment, deploy] + steps: + - name: checkout + uses: actions/checkout@v4 + - name: gh auth login + run: | + echo ${{ secrets.PERSONAL_ACCESS_TOKEN }} | gh auth login --with-token + - name: create branch + run: | + git checkout -b release/${{ github.ref_name }} + git push origin release/${{ github.ref_name }} + - name: create pr + run: | + gh pr create --base master --head release/${{ github.ref_name }} --title "release/${{ github.ref_name }} -> master" --body "release pr" + diff --git a/.github/workflows/cicd-2.yaml b/.github/workflows/part4/cicd-2.yaml similarity index 100% rename from .github/workflows/cicd-2.yaml rename to .github/workflows/part4/cicd-2.yaml From fd3692004cd6cc4924c0aecbe60acd4389470517 Mon Sep 17 00:00:00 2001 From: J Date: Wed, 14 Jan 2026 21:35:26 +0900 Subject: [PATCH 11/16] Update App.js --- my-app/src/App.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/my-app/src/App.js b/my-app/src/App.js index fec9478..7b9085f 100644 --- a/my-app/src/App.js +++ b/my-app/src/App.js @@ -15,7 +15,7 @@ function App() { target="_blank" rel="noopener noreferrer" > - Learn GithubAction cicd2 test222 + Learn GithubAction cicd3 @@ -29,3 +29,4 @@ export default App; + From 447b8a98842cb04b0abbdb1b340ee580d229c384 Mon Sep 17 00:00:00 2001 From: J Date: Wed, 14 Jan 2026 21:36:14 +0900 Subject: [PATCH 12/16] Update App.js --- my-app/src/App.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/my-app/src/App.js b/my-app/src/App.js index 7b9085f..1911e75 100644 --- a/my-app/src/App.js +++ b/my-app/src/App.js @@ -15,7 +15,7 @@ function App() { target="_blank" rel="noopener noreferrer" > - Learn GithubAction cicd3 + Learn GithubAction cicd33 @@ -30,3 +30,4 @@ export default App; + From 8b080d652ba35dc1f3ad800126c841e59c270537 Mon Sep 17 00:00:00 2001 From: J Date: Wed, 14 Jan 2026 22:03:33 +0900 Subject: [PATCH 13/16] Add cicd-4.yaml --- .github/workflows/cicd-4.yaml | 234 ++++++++++++++++++++++ .github/workflows/{ => part4}/cicd-3.yaml | 0 2 files changed, 234 insertions(+) create mode 100644 .github/workflows/cicd-4.yaml rename .github/workflows/{ => part4}/cicd-3.yaml (100%) diff --git a/.github/workflows/cicd-4.yaml b/.github/workflows/cicd-4.yaml new file mode 100644 index 0000000..fb54d6b --- /dev/null +++ b/.github/workflows/cicd-4.yaml @@ -0,0 +1,234 @@ +name: cicd-4 +on: + push: + paths: + - 'my-app/**' + tags: + - 'v[0-9]+.[0-9]+.[0-9]+' + pull_request: + types: [opened, synchronize, closed] + branches: [dev, master] + paths: + - 'my-app/**' + +jobs: + test: + if: github.event.action == 'opened' || github.event.action == 'synchronize' + runs-on: ubuntu-latest + steps: + - name: checkout the code + uses: actions/checkout@v4 +# - name: setup-node +# uses: actions/setup-node@v3 +# with: +# node-version: 18 +# - name: Cache Node.js modules +# uses: actions/cache@v3 +# with: +# path: ~/.npm +# key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} +# restore-keys: | +# ${{ runner.os }}-node- +# - name: Install dependencies +# run: | +# cd my-app +# npm ci +# - name: npm build +# run: | +# cd my-app +# npm run build + + set-environment: + if: github.event.pull_request.merged == true || github.ref_type == 'tag' + runs-on: ubuntu-latest + outputs: + environment: ${{ steps.set-env.outputs.environment }} + steps: + - name: set env + id: set-env + run: | + if [[ ${{ github.ref_type }} == "tag" ]]; then + echo "environment=qa" >> $GITHUB_OUTPUT + exit 0 + fi + + if [[ ${{ github.ref_type }} == "branch" ]]; then + echo "environment=dev" >> $GITHUB_OUTPUT + if [[ ${{ github.base_ref }} == "master" ]]; then + echo "environment=staging" >> $GITHUB_OUTPUT + fi + fi + - name: check env + run: echo ${{ steps.set-env.outputs.environment }} + + + image-build: + runs-on: ubuntu-latest + needs: [set-environment] + permissions: + id-token: write + contents: read + strategy: + matrix: + environment: ["${{ needs.set-environment.outputs.environment }}"] + environment: ${{ matrix.environment }} + steps: + - name: checkout the code + uses: actions/checkout@v4 +# - name: Configure AWS Credentials +# id: credentials +# uses: aws-actions/configure-aws-credentials@v4 +# with: +# aws-region: ${{ vars.AWS_REGION }} +# role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} +# - name: Login to Amazon ECR +# id: login-ecr +# uses: aws-actions/amazon-ecr-login@v2 +# with: +# mask-password: 'true' +# - name: docker build & push +# run: | +# docker build -f Dockerfile --tag ${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }}:${{ github.sha }} . +# docker push ${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }}:${{ github.sha }} + + deploy: + runs-on: ubuntu-latest + needs: [ set-environment, image-build ] + permissions: + id-token: write + contents: read + strategy: + matrix: + environment: ["${{ needs.set-environment.outputs.environment }}"] + environment: ${{ matrix.environment }} + steps: + - name: checkout the code + uses: actions/checkout@v4 +# - name: Configure AWS Credentials +# id: credentials +# uses: aws-actions/configure-aws-credentials@v4 +# with: +# aws-region: ${{ vars.AWS_REGION }} +# role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} +# - name: setup kubectl +# uses: azure/setup-kubectl@v3 +# with: +# version: latest +# - name: setup helm +# uses: azure/setup-helm@v3 +# with: +# version: v3.11.1 +# - name: access kubernetes +# run: | +# aws eks update-kubeconfig --name ${{ vars.CLUSTER_NAME }} +# - name: deploy +# id: status +# run: | +# helm upgrade --install my-app kubernetes/my-app --create-namespace --namespace my-app-${{ vars.SUFFIX }} \ +# --set image.tag=${{ github.sha }} \ +# --set image.repository=${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }} +# - name: notify +# if: always() +# uses: slackapi/slack-github-action@v1.24.0 +# with: +# payload: | +# { +# "text": "message", +# "blocks": [ +# { +# "type": "section", +# "text": { +# "type": "mrkdwn", +# "text": "Environment : ${{ matrix.environment }}, Deploy Result : ${{ steps.status.outcome }}, Repository : ${{ github.repository }}." +# } +# } +# ] +# } +# env: +# SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} +# SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK + + create-pr: + if: needs.set-environment.outputs.environment == 'qa' + runs-on: ubuntu-latest + needs: [set-environment, deploy] + steps: + - name: checkout + uses: actions/checkout@v4 + - name: gh auth login + run: | + echo ${{ secrets.PERSONAL_ACCESS_TOKEN }} | gh auth login --with-token + - name: create branch + run: | + git checkout -b release/${{ github.ref_name }} + git push origin release/${{ github.ref_name }} + - name: create pr + run: | + gh pr create --base master --head release/${{ github.ref_name }} --title "release/${{ github.ref_name }} -> master" --body "release pr" + + approve: + if: needs.set-environment.outputs.environment == 'staging' + runs-on: ubuntu-latest + environment: approve-process + needs: [set-environment, deploy] + steps: + - name: approve + run: | + echo "Approve Done" + + prod-deploy: + runs-on: ubuntu-latest + needs: [ approve ] + permissions: + id-token: write + contents: read + strategy: + matrix: + environment: ["prod"] + environment: ${{ matrix.environment }} + steps: + - name: checkout the code + uses: actions/checkout@v4 +# - name: Configure AWS Credentials +# id: credentials +# uses: aws-actions/configure-aws-credentials@v4 +# with: +# aws-region: ${{ vars.AWS_REGION }} +# role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} +# - name: setup kubectl +# uses: azure/setup-kubectl@v3 +# with: +# version: latest +# - name: setup helm +# uses: azure/setup-helm@v3 +# with: +# version: v3.11.1 +# - name: access kubernetes +# run: | +# aws eks update-kubeconfig --name ${{ vars.CLUSTER_NAME }} +# - name: deploy +# id: status +# run: | +# helm upgrade --install my-app kubernetes/my-app --create-namespace --namespace my-app-${{ vars.SUFFIX }} \ +# --set image.tag=${{ github.sha }} \ +# --set image.repository=${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }} +# - name: notify +# if: always() +# uses: slackapi/slack-github-action@v1.24.0 +# with: +# payload: | +# { +# "text": "message", +# "blocks": [ +# { +# "type": "section", +# "text": { +# "type": "mrkdwn", +# "text": "Environment : ${{ matrix.environment }}, Deploy Result : ${{ steps.status.outcome }}, Repository : ${{ github.repository }}." +# } +# } +# ] +# } +# env: +# SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} +# SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK diff --git a/.github/workflows/cicd-3.yaml b/.github/workflows/part4/cicd-3.yaml similarity index 100% rename from .github/workflows/cicd-3.yaml rename to .github/workflows/part4/cicd-3.yaml From 0b4f3ce23ab8bcfa84bcb21946e7eb6d5edcbdcb Mon Sep 17 00:00:00 2001 From: J Date: Wed, 14 Jan 2026 22:09:52 +0900 Subject: [PATCH 14/16] Change link text in App component Updated the link text in the App component. --- my-app/src/App.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/my-app/src/App.js b/my-app/src/App.js index 1911e75..e765570 100644 --- a/my-app/src/App.js +++ b/my-app/src/App.js @@ -15,7 +15,7 @@ function App() { target="_blank" rel="noopener noreferrer" > - Learn GithubAction cicd33 + Learn GithubAction cicd4 @@ -31,3 +31,4 @@ export default App; + From 08f61e80edfe6089061a437447775e022342f3c1 Mon Sep 17 00:00:00 2001 From: J Date: Sun, 18 Jan 2026 15:19:02 +0900 Subject: [PATCH 15/16] Add cicd-6.yaml --- .github/workflows/cicd-6.yaml | 199 ++++++++++++++++++++++ .github/workflows/{ => part4}/cicd-4.yaml | 0 .github/workflows/part5/cicd-5.yaml | 193 +++++++++++++++++++++ github-actions-module | 1 + 4 files changed, 393 insertions(+) create mode 100644 .github/workflows/cicd-6.yaml rename .github/workflows/{ => part4}/cicd-4.yaml (100%) create mode 100644 .github/workflows/part5/cicd-5.yaml create mode 160000 github-actions-module diff --git a/.github/workflows/cicd-6.yaml b/.github/workflows/cicd-6.yaml new file mode 100644 index 0000000..d8988cd --- /dev/null +++ b/.github/workflows/cicd-6.yaml @@ -0,0 +1,199 @@ +name: cicd-6 +on: + push: + paths: + - 'my-app/**' + tags: + - 'v[0-9]+.[0-9]+.[0-9]+' + pull_request: + types: [opened, synchronize, closed] + branches: [dev, master] + paths: + - 'my-app/**' + +jobs: + test: + if: github.event.action == 'opened' || github.event.action == 'synchronize' + runs-on: ubuntu-latest + steps: + - name: checkout the code + uses: actions/checkout@v4 + - name: checkout the module code + uses: actions/checkout@v4 + with: + repository: "yj-devsec/github-actions-module" + path: ./actions-module + ref: ${{ vars.VERSION }} + - name: use test module + uses: ./actions-module/common/test + with: + NODE_VERSION: '18' + WORKING_DIRECTORY: 'my-app' + + set-environment: + if: github.event.pull_request.merged == true || github.ref_type == 'tag' + runs-on: ubuntu-latest + outputs: + environment: ${{ steps.set-env.outputs.environment }} + steps: + - name: checkout the module code + uses: actions/checkout@v4 + with: + repository: "yj-devsec/github-actions-module" + path: ./actions-module + ref: ${{ vars.VERSION }} + - name: use set-environment module + uses: ./actions-module/common/set-environment + id: set-env + with: + REF_TYPE: ${{ github.ref_type }} + BASE_REF: ${{ github.base_ref }} + + + image-build: + runs-on: ubuntu-latest + needs: [set-environment] + permissions: + id-token: write + contents: read + strategy: + matrix: + environment: ["${{ needs.set-environment.outputs.environment }}"] + environment: ${{ matrix.environment }} + steps: + - name: checkout the code + uses: actions/checkout@v4 + - name: checkout the module code + uses: actions/checkout@v4 + with: + repository: "yj-devsec/github-actions-module" + path: ./actions-module + ref: ${{ vars.VERSION }} + - name: use aws module + uses: ./actions-module/common/aws + with: + AWS_REGION: ${{ vars.AWS_REGION }} + AWS_ROLE_TO_ASSUME: ${{ secrets.AWS_ROLE_TO_ASSUME }} + - name: use image-build module + uses: ./actions-module/common/image-build + with: + REPOSITORY: ${{ vars.REPOSITORY }} + REGISTRY: ${{ secrets.REGISTRY }} + + + + deploy: + runs-on: ubuntu-latest + needs: [ set-environment, image-build ] + permissions: + id-token: write + contents: read + strategy: + matrix: + environment: ["${{ needs.set-environment.outputs.environment }}"] + environment: ${{ matrix.environment }} + steps: + - name: checkout the code + uses: actions/checkout@v4 + - name: checkout the module code + uses: actions/checkout@v4 + with: + repository: "yj-devsec/github-actions-module" + path: ./actions-module + ref: ${{ vars.VERSION }} + - name: use aws module + uses: ./actions-module/common/aws + with: + AWS_REGION: ${{ vars.AWS_REGION }} + AWS_ROLE_TO_ASSUME: ${{ secrets.AWS_ROLE_TO_ASSUME }} + - name: use deploy module + id: status + uses: ./actions-module/common/deploy + with: + CLUSTER_NAME: ${{ vars.CLUSTER_NAME }} + RELEASE_NAME: my-app + HELM_CHART_PATH: kubernetes/my-app + NAMESPACE: my-app-${{ vars.SUFFIX }} + REPOSITORY: ${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }} + - name: use slack module + if: always() + uses: ./actions-module/common/slack + with: + DEPLOY_STEP_STATUS: ${{ steps.status.outcome }} + ENVIRONMENT: ${{ matrix.environment }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + + + + create-pr: + if: needs.set-environment.outputs.environment == 'qa' + runs-on: ubuntu-latest + needs: [set-environment, deploy] + steps: + - name: checkout + uses: actions/checkout@v4 + - name: checkout the module code + uses: actions/checkout@v4 + with: + repository: "yj-devsec/github-actions-module" + path: ./actions-module + ref: ${{ vars.VERSION }} + - name: use create-pr module + uses: ./actions-module/common/create-pr + with: + PERSONAL_ACCESS_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }} + HEAD: release/${{ github.ref_name }} + BASE: master + + + + approve: + if: needs.set-environment.outputs.environment == 'staging' + runs-on: ubuntu-latest + environment: approve-process + needs: [set-environment, deploy] + steps: + - name: approve + run: | + echo "Approve Done" + + prod-deploy: + runs-on: ubuntu-latest + needs: [ approve ] + permissions: + id-token: write + contents: read + strategy: + matrix: + environment: ["prod"] + environment: ${{ matrix.environment }} + steps: + - name: checkout the code + uses: actions/checkout@v4 + - name: checkout the module code + uses: actions/checkout@v4 + with: + repository: "yj-devsec/github-actions-module" + path: ./actions-module + ref: ${{ vars.VERSION }} + - name: use aws module + uses: ./actions-module/common/aws + with: + AWS_REGION: ${{ vars.AWS_REGION }} + AWS_ROLE_TO_ASSUME: ${{ secrets.AWS_ROLE_TO_ASSUME }} + - name: use deploy module + id: status + uses: ./actions-module/common/deploy + with: + CLUSTER_NAME: ${{ vars.CLUSTER_NAME }} + RELEASE_NAME: my-app + HELM_CHART_PATH: kubernetes/my-app + NAMESPACE: my-app-${{ vars.SUFFIX }} + REPOSITORY: ${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }} + - name: use slack module + if: always() + uses: ./actions-module/common/slack + with: + DEPLOY_STEP_STATUS: ${{ steps.status.outcome }} + ENVIRONMENT: ${{ matrix.environment }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} \ No newline at end of file diff --git a/.github/workflows/cicd-4.yaml b/.github/workflows/part4/cicd-4.yaml similarity index 100% rename from .github/workflows/cicd-4.yaml rename to .github/workflows/part4/cicd-4.yaml diff --git a/.github/workflows/part5/cicd-5.yaml b/.github/workflows/part5/cicd-5.yaml new file mode 100644 index 0000000..a149ed5 --- /dev/null +++ b/.github/workflows/part5/cicd-5.yaml @@ -0,0 +1,193 @@ +name: cicd-5 +on: + push: + paths: + - 'my-app/**' + tags: + - 'v[0-9]+.[0-9]+.[0-9]+' + pull_request: + types: [opened, synchronize, closed] + branches: [dev, master] + paths: + - 'my-app/**' + +jobs: + test: + if: github.event.action == 'opened' || github.event.action == 'synchronize' + runs-on: ubuntu-latest + steps: + - name: checkout the code + uses: actions/checkout@v4 + - name: checkout the module code + uses: actions/checkout@v4 + with: + repository: "yj-devsec/github-actions-module" + path: ./actions-module + - name: use test module + uses: ./actions-module/common/test + with: + NODE_VERSION: '18' + WORKING_DIRECTORY: 'my-app' + + set-environment: + if: github.event.pull_request.merged == true || github.ref_type == 'tag' + runs-on: ubuntu-latest + outputs: + environment: ${{ steps.set-env.outputs.environment }} + steps: + - name: checkout the module code + uses: actions/checkout@v4 + with: + repository: "yj-devsec/github-actions-module" + path: ./actions-module + - name: use set-environment module + uses: ./actions-module/common/set-environment + id: set-env + with: + REF_TYPE: ${{ github.ref_type }} + BASE_REF: ${{ github.base_ref }} + + + image-build: + runs-on: ubuntu-latest + needs: [set-environment] + permissions: + id-token: write + contents: read + strategy: + matrix: + environment: ["${{ needs.set-environment.outputs.environment }}"] + environment: ${{ matrix.environment }} + steps: + - name: checkout the code + uses: actions/checkout@v4 + - name: checkout the module code + uses: actions/checkout@v4 + with: + repository: "yj-devsec/github-actions-module" + path: ./actions-module + - name: use aws module + uses: ./actions-module/common/aws + with: + AWS_REGION: ${{ vars.AWS_REGION }} + AWS_ROLE_TO_ASSUME: ${{ secrets.AWS_ROLE_TO_ASSUME }} + - name: use image-build module + uses: ./actions-module/common/image-build + with: + REPOSITORY: ${{ vars.REPOSITORY }} + REGISTRY: ${{ secrets.REGISTRY }} + + + + deploy: + runs-on: ubuntu-latest + needs: [ set-environment, image-build ] + permissions: + id-token: write + contents: read + strategy: + matrix: + environment: ["${{ needs.set-environment.outputs.environment }}"] + environment: ${{ matrix.environment }} + steps: + - name: checkout the code + uses: actions/checkout@v4 + - name: checkout the module code + uses: actions/checkout@v4 + with: + repository: "yj-devsec/github-actions-module" + path: ./actions-module + - name: use aws module + uses: ./actions-module/common/aws + with: + AWS_REGION: ${{ vars.AWS_REGION }} + AWS_ROLE_TO_ASSUME: ${{ secrets.AWS_ROLE_TO_ASSUME }} + - name: use deploy module + id: status + uses: ./actions-module/common/deploy + with: + CLUSTER_NAME: ${{ vars.CLUSTER_NAME }} + RELEASE_NAME: my-app + HELM_CHART_PATH: kubernetes/my-app + NAMESPACE: my-app-${{ vars.SUFFIX }} + REPOSITORY: ${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }} + - name: use slack module + if: always() + uses: ./actions-module/common/slack + with: + DEPLOY_STEP_STATUS: ${{ steps.status.outcome }} + ENVIRONMENT: ${{ matrix.environment }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + + + + create-pr: + if: needs.set-environment.outputs.environment == 'qa' + runs-on: ubuntu-latest + needs: [set-environment, deploy] + steps: + - name: checkout + uses: actions/checkout@v4 + - name: checkout the module code + uses: actions/checkout@v4 + with: + repository: "yj-devsec/github-actions-module" + path: ./actions-module + - name: use create-pr module + uses: ./actions-module/common/create-pr + with: + PERSONAL_ACCESS_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }} + HEAD: release/${{ github.ref_name }} + BASE: master + + + + approve: + if: needs.set-environment.outputs.environment == 'staging' + runs-on: ubuntu-latest + environment: approve-process + needs: [set-environment, deploy] + steps: + - name: approve + run: | + echo "Approve Done" + + prod-deploy: + runs-on: ubuntu-latest + needs: [ approve ] + permissions: + id-token: write + contents: read + strategy: + matrix: + environment: ["prod"] + environment: ${{ matrix.environment }} + steps: + - name: checkout the code + uses: actions/checkout@v4 + - name: checkout the module code + uses: actions/checkout@v4 + with: + repository: "yj-devsec/github-actions-module" + path: ./actions-module + - name: use aws module + uses: ./actions-module/common/aws + with: + AWS_REGION: ${{ vars.AWS_REGION }} + AWS_ROLE_TO_ASSUME: ${{ secrets.AWS_ROLE_TO_ASSUME }} + - name: use deploy module + id: status + uses: ./actions-module/common/deploy + with: + CLUSTER_NAME: ${{ vars.CLUSTER_NAME }} + RELEASE_NAME: my-app + HELM_CHART_PATH: kubernetes/my-app + NAMESPACE: my-app-${{ vars.SUFFIX }} + REPOSITORY: ${{ secrets.REGISTRY }}/${{ vars.REPOSITORY }} + - name: use slack module + if: always() + uses: ./actions-module/common/slack + with: + DEPLOY_STEP_STATUS: ${{ steps.status.outcome }} + ENVIRONMENT: ${{ matrix.environment }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} \ No newline at end of file diff --git a/github-actions-module b/github-actions-module new file mode 160000 index 0000000..6eaf075 --- /dev/null +++ b/github-actions-module @@ -0,0 +1 @@ +Subproject commit 6eaf075c82a7d967730991a82b57afbafcd5293e From e8fa902c9b04d04203741a549d3604d25a07de16 Mon Sep 17 00:00:00 2001 From: J Date: Sun, 18 Jan 2026 15:42:41 +0900 Subject: [PATCH 16/16] Add debug.yaml --- .github/workflows/debug.yaml | 16 ++++++++++++++++ .github/workflows/{ => part5}/cicd-6.yaml | 0 2 files changed, 16 insertions(+) create mode 100644 .github/workflows/debug.yaml rename .github/workflows/{ => part5}/cicd-6.yaml (100%) diff --git a/.github/workflows/debug.yaml b/.github/workflows/debug.yaml new file mode 100644 index 0000000..e7a58e3 --- /dev/null +++ b/.github/workflows/debug.yaml @@ -0,0 +1,16 @@ +name: debug +on: push + +jobs: + debug: + runs-on: ubuntu-latest + steps: + - name: checkout + uses: actions/checkout@v4 + - name: force fail + run: | + cat test.txt + - name: uses tmate + if: always() + uses: mxschmitt/action-tmate@v3 + timeout-minutes: 10 \ No newline at end of file diff --git a/.github/workflows/cicd-6.yaml b/.github/workflows/part5/cicd-6.yaml similarity index 100% rename from .github/workflows/cicd-6.yaml rename to .github/workflows/part5/cicd-6.yaml