🚀 Implement deployment workflow for Prometheus

Author: choridev

.github/workflows/build-and-deploy-prometheus.yml

@@ -0,0 +1,63 @@
+name: Build and Deploy Prometheus
+
+on:
+  push:
+    branches: main
+
+env:
+  AWS_REGION: ap-northeast-2
+  ECR_REPOSITORY: beforegoing-prometheus
+  S3_BUCKET_NAME: codedeploy-artifact-prometheus-beforegoingdapne2
+  APPLICATION_NAME: codedeploy-app-prometheus-beforegoingdapne2
+  DEPLOYMENT_GROUP_NAME: codedeploy-group-prometheus-beforegoingdapne2
+
+permissions:
+  contents: read
+
+jobs:
+  build-and-deploy:
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: prometheus
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Configure AWS credentials
+      uses: aws-actions/configure-aws-credentials@v4
+      with:
+        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+        aws-region: ${{ env.AWS_REGION }}
+
+    - name: Login to Amazon ECR
+      id: login-ecr
+      uses: aws-actions/amazon-ecr-login@v2
+
+    - name: Build, tag, and push image to Amazon ECR
+      env:
+        ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
+        IMAGE_TAG: ${{ github.sha }}
+      run: |
+        docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
+        docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
+        docker tag $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG $ECR_REGISTRY/$ECR_REPOSITORY:latest
+        docker push $ECR_REGISTRY/$ECR_REPOSITORY:latest
+
+    - name: Create deployment package
+      run: |
+        zip -r ../deployment-${{ github.sha }}.zip .
+
+    - name: Upload deployment package to S3
+      run: |
+        aws s3 cp ../deployment-${{ github.sha }}.zip s3://$S3_BUCKET_NAME/deployment-${{ github.sha }}.zip
+
+    - name: Create CodeDeploy deployment
+      run: |
+        aws deploy create-deployment \
+          --application-name $APPLICATION_NAME \
+          --deployment-group-name $DEPLOYMENT_GROUP_NAME \
+          --description "Deployment from GitHub Actions - commit ${{ github.sha }}" \
+          --s3-location bucket=$S3_BUCKET_NAME,key=deployment-${{ github.sha }}.zip,bundleType=zip

prometheus/Dockerfile

@@ -1,7 +1,5 @@
 FROM prom/prometheus:latest
 
-COPY ./prometheus.yml /etc/prometheus/prometheus.yml
-
 EXPOSE 9090
 
-CMD [ "--config.file=/etc/prometheus/prometheus.yml" ]
+CMD [ "--config.file=/etc/prometheus/prometheus.yml" ]

prometheus/appspec.yml

@@ -0,0 +1,27 @@
+version: 0.0
+os: linux
+files:
+  - source: /
+    destination: /opt/prometheus
+    overwrite: yes
+
+hooks:
+  BeforeInstall:
+    - location: scripts/before_install.sh
+      timeout: 300
+      runas: root
+
+  ApplicationStop:
+    - location: scripts/stop_application.sh
+      timeout: 300
+      runas: root
+
+  ApplicationStart:
+    - location: scripts/start_application.sh
+      timeout: 300
+      runas: root
+
+  ValidateService:
+    - location: scripts/validate_service.sh
+      timeout: 300
+      runas: root

prometheus/prometheus.yml

@@ -13,8 +13,6 @@ scrape_configs:
     ec2_sd_configs:
       - region: ap-northeast-2
         port: 80
-        access_key:
-        secret_key:
         filters:
           - name: tag:Monitoring
             values: 

prometheus/scripts/before_install.sh

@@ -0,0 +1,39 @@
+#!/bin/bash
+set -euo pipefail
+
+export AWS_DEFAULT_REGION=ap-northeast-2
+export ECR_REGISTRY="116541189059.dkr.ecr.ap-northeast-2.amazonaws.com"
+export APP_NAME="prometheus"
+
+echo "Preparing deployment environment..."
+
+echo "Starting Docker service..."
+if ! systemctl is-active --quiet docker; then
+    systemctl start docker
+fi
+systemctl enable docker
+
+echo "Waiting for Docker to be ready..."
+timeout 30 bash -c 'until docker info >/dev/null 2>&1; do sleep 1; done'
+
+echo "Logging into ECR..."
+aws ecr get-login-password --region $AWS_DEFAULT_REGION | docker login --username AWS --password-stdin $ECR_REGISTRY
+
+echo "Cleaning up existing containers..."
+if [ "$(docker ps -aq)" ]; then
+    docker stop $(docker ps -aq) 2>/dev/null || true
+    docker rm $(docker ps -aq) 2>/dev/null || true
+fi
+
+echo "Cleaning up old Docker images..."
+docker image prune -f
+docker system prune -f --volumes
+
+echo "Creating application directories..."
+mkdir -p /opt/$APP_NAME/data
+
+echo "Setting permissions for Prometheus data directory..."
+# The official Prometheus image runs as the 'nobody' user (UID 65534) which needs write access.
+chown 65534:65534 /opt/$APP_NAME/data
+
+echo "Environment prepared successfully"

prometheus/scripts/start_application.sh

@@ -0,0 +1,41 @@
+#!/bin/bash
+set -euo pipefail
+
+export AWS_REGION="ap-northeast-2"
+export ECR_REGISTRY="116541189059.dkr.ecr.ap-northeast-2.amazonaws.com"
+export REPOSITORY_NAME="beforegoing-prometheus"
+export IMAGE_TAG="latest"
+export CONTAINER_NAME="prometheus"
+export APP_PORT=9090
+
+echo "Starting Prometheus application container..."
+
+echo "Pulling latest image: $ECR_REGISTRY/$REPOSITORY_NAME:$IMAGE_TAG"
+docker pull $ECR_REGISTRY/$REPOSITORY_NAME:$IMAGE_TAG
+
+echo "Starting new container: $CONTAINER_NAME"
+docker run -d \
+  --name $CONTAINER_NAME \
+  --restart unless-stopped \
+  -p $APP_PORT:$APP_PORT \
+  -v /opt/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml \
+  -v /opt/prometheus/data:/prometheus \
+  -e TZ=Asia/Seoul \
+  $ECR_REGISTRY/$REPOSITORY_NAME:$IMAGE_TAG
+
+echo "Checking container status..."
+for i in {1..30}; do
+    if docker ps --filter name=$CONTAINER_NAME --filter status=running -q | grep -q .; then
+        echo "Container started successfully after $i attempts"
+        break
+    elif [ $i -eq 30 ]; then
+        echo "Container failed to start after 30 attempts"
+        docker logs $CONTAINER_NAME
+        exit 1
+    else
+        echo "Attempt $i/30: Container not ready yet, waiting..."
+        sleep 3
+    fi
+done
+
+echo "Container startup completed successfully!"

prometheus/scripts/stop_application.sh

@@ -0,0 +1,49 @@
+#!/bin/bash
+set -euo pipefail
+
+export CONTAINER_NAME="prometheus"
+export GRACEFUL_TIMEOUT=30
+export FORCE_TIMEOUT=10
+
+echo "Stopping Prometheus application container..."
+
+check_container_status() {
+    if docker ps -q --filter name="^$CONTAINER_NAME$" | grep -q .; then
+        return 0
+    else
+        return 1
+    fi
+}
+
+if ! docker ps -a -q --filter name="^$CONTAINER_NAME$" | grep -q .; then
+    echo "Container $CONTAINER_NAME not found"
+    exit 0
+fi
+
+if check_container_status; then
+    echo "Stopping container gracefully (timeout: ${GRACEFUL_TIMEOUT}s)..."
+
+    echo "Last few log lines before shutdown:"
+    docker logs --tail 5 $CONTAINER_NAME || true
+
+    docker stop $CONTAINER_NAME --time=$GRACEFUL_TIMEOUT
+
+    if check_container_status; then
+        echo "Container still running, forcing stop..."
+        timeout $FORCE_TIMEOUT docker kill $CONTAINER_NAME || true
+    fi
+
+    echo "Container $CONTAINER_NAME stopped successfully"
+else
+    echo "Container $CONTAINER_NAME is already stopped"
+fi
+
+echo "Removing container: $CONTAINER_NAME"
+docker rm $CONTAINER_NAME || true
+
+echo "Container cleanup completed"
+
+echo "Cleaning up unused Docker resources..."
+docker system prune -f --volumes 2>/dev/null || true
+
+echo "Application stop process completed successfully"

prometheus/scripts/validate_service.sh

@@ -0,0 +1,29 @@
+#!/bin/bash
+set -euo pipefail
+
+HEALTH_CHECK_PORT=9090
+HEALTH_CHECK_URL="http://localhost:$HEALTH_CHECK_PORT/-/healthy"
+MAX_RETRIES=30
+SLEEP_SECONDS=5
+
+echo "Performing health check on $HEALTH_CHECK_URL..."
+
+for i in $(seq 1 $MAX_RETRIES); do
+  echo "Attempt $i/$MAX_RETRIES..."
+
+  # Use curl to check connectivity and HTTP status in one go.
+  # It will return "000" if it can't connect.
+  HEALTH_STATUS=$(curl --silent --output /dev/null --write-out "%{http_code}" --max-time $SLEEP_SECONDS $HEALTH_CHECK_URL)
+
+  if [ "$HEALTH_STATUS" -eq 200 ]; then
+    echo "Health check successful. Prometheus is healthy."
+    exit 0
+  fi
+
+  echo "Health check failed with HTTP status: $HEALTH_STATUS. Retrying in $SLEEP_SECONDS seconds..."
+  sleep $SLEEP_SECONDS
+done
+
+echo "Health check failed after $MAX_RETRIES attempts."
+echo "Please check the container logs for errors: docker logs prometheus"
+exit 1