{"id":28988804,"url":"https://github.com/moshclouds/springboot-app-runner","last_synced_at":"2025-08-17T21:41:15.962Z","repository":{"id":300315945,"uuid":"1005346193","full_name":"moshclouds/springboot-app-runner","owner":"moshclouds","description":null,"archived":false,"fork":false,"pushed_at":"2025-06-21T01:03:45.000Z","size":17,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"master","last_synced_at":"2025-06-21T02:20:12.910Z","etag":null,"topics":["apprunner","aws","ecr","serverless"],"latest_commit_sha":null,"homepage":"https://pnxwcd9w25.ap-southeast-1.awsapprunner.com/","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/moshclouds.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-06-20T04:58:33.000Z","updated_at":"2025-06-21T01:03:47.000Z","dependencies_parsed_at":"2025-06-21T02:20:21.655Z","dependency_job_id":"eabd1ff2-5fb1-48a9-ba97-97a24b32bf87","html_url":"https://github.com/moshclouds/springboot-app-runner","commit_stats":null,"previous_names":["moshclouds/springboot-app-runner"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/moshclouds/springboot-app-runner","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/moshclouds%2Fspringboot-app-runner","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/moshclouds%2Fspringboot-app-runner/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/moshclouds%2Fspringboot-app-runner/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/moshclouds%2Fspringboot-app-runner/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/moshclouds","download_url":"https://codeload.github.com/moshclouds/springboot-app-runner/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/moshclouds%2Fspringboot-app-runner/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":270912554,"owners_count":24666748,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-17T02:00:09.016Z","response_time":129,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["apprunner","aws","ecr","serverless"],"created_at":"2025-06-24T22:44:14.419Z","updated_at":"2025-08-17T21:41:15.904Z","avatar_url":"https://github.com/moshclouds.png","language":"Java","readme":"# 🚀 AWS App Runner Demo with Spring Boot and GitHub Actions CI/CD\n\n![Image](https://github.com/user-attachments/assets/530423bb-7188-49b2-bcac-734275c8247d)\n\nWelcome to a complete deployment pipeline for your **Spring Boot app** using:\n- 🐳 Docker\n- ☁️ Amazon ECR\n- ⚙️ AWS App Runner\n- 🤖 GitHub Actions\n\nThis project shows how to go from code ➡️ container ➡️ deployed app automatically using CI/CD. This `README.md` will guide you through every step including screenshots, IAM setup, Dockerization, and deployment.\n\n---\n\n## 🧰 Tech Stack\n\n- ☕ Spring Boot (Java 21)\n- 🐳 Docker (multi-stage)\n- 🛢️ Amazon ECR\n- 🚀 AWS App Runner\n- 🔐 IAM for secure access\n- 🤖 GitHub Actions (CI/CD)\n\n---\n\nYou're welcome! Here's a **simple yet clear flow diagram** that shows the end-to-end process — **from code to cloud** — using your Spring Boot, Docker, GitHub Actions, ECR, and AWS App Runner stack.\n\n---\n\n## 🔁 Code to Cloud Flow Diagram\n\n```mermaid\ngraph TD\n  A[💻 Developer Writes Code] --\u003e B[🐙 Push to GitHub Repo]\n  B --\u003e C[🤖 GitHub Actions Triggered]\n  C --\u003e D[🐳 Build Docker Image]\n  D --\u003e E[☁️ Push to Amazon ECR]\n  E --\u003e F[🚀 AWS App Runner Pulls Image]\n  F --\u003e G[🌐 App Deployed to Public URL]\n```\n\n\n\n---\n\n### 📦 Components Explained:\n\n| Symbol | Description                                   |\n| ------ | --------------------------------------------- |\n| 💻     | Developer writes Spring Boot code             |\n| 🐙     | Code pushed to GitHub triggers workflow       |\n| 🤖     | GitHub Actions builds app, pushes to ECR      |\n| 🐳     | Docker image created and uploaded to AWS ECR  |\n| 🚀     | App Runner pulls from ECR and deploys the app |\n| 🌐     | App is now live on a public URL               |\n\n---\n\n\n\n## 📦 Dockerfile Explained\n\n### 🔍 What is a Multi-Stage Build?\n\nIn Docker, a **multi-stage build** allows you to:\n- Compile and build your application in one stage\n- Copy only the final `.jar` to a clean runtime image in another stage\n\n👉 This reduces image size and keeps the production image clean and secure.\n\n### 🐳 Dockerfile Breakdown\n\n```Dockerfile\n# 🏗️ Stage 1: Builder\nFROM eclipse-temurin:21-jdk AS builder\nWORKDIR /app\nCOPY . .\nRUN ./mvnw clean package -DskipTests\n````\n\n* Uses JDK to **build the Spring Boot JAR**\n* Skips tests for faster CI builds\n* Packages everything into `target/app.jar`\n\n```Dockerfile\n# 🚀 Stage 2: Runtime\nFROM eclipse-temurin:21-jre\nWORKDIR /app\nCOPY --from=builder /app/target/*.jar app.jar\nEXPOSE 8080\nENTRYPOINT [\"java\", \"-jar\", \"app.jar\"]\n```\n\n* Uses a smaller JRE image (Java Runtime only)\n* **Only the JAR** is copied from the builder stage\n* Exposes port `8080` and starts your Spring Boot app\n\n### ✅ Benefits:\n\n* Smaller image size\n* Faster startup\n* No Maven or source code in the final container\n\n---\n\n## 📁 .dockerignore\n\nKeeps your Docker image clean by ignoring unnecessary files:\n\n```dockerignore\ntarget/\n.git\n.gitignore\nREADME.md\nDockerfile\n```\n\n---\n\n## 🔐 IAM Setup (Security First)\n\n### 🧑‍💻 IAM User for GitHub Actions\n\nCreate an IAM user (e.g., `springboot-app-runner`) with:\n\n* `AmazonEC2ContainerRegistryFullAccess` ✅\n* `AWSAppRunnerFullAccess` ✅\n* Custom inline policy:\n\n```json\n{\n  \"Effect\": \"Allow\",\n  \"Action\": \"iam:PassRole\",\n  \"Resource\": \"arn:aws:iam::YOUR_ACCOUNT_ID:role/AppRunnerECRAccessRole\"\n}\n```\n\nThis allows GitHub Actions to **pass a role to App Runner**.\n\n![Image](https://github.com/user-attachments/assets/576b344a-d65f-42a6-8bb4-5e842f740a69) \u003cbr\u003e\n![Image](https://github.com/user-attachments/assets/e521d813-09a4-4279-9c91-33c3a7eaaad2) \u003cbr\u003e\n![Image](https://github.com/user-attachments/assets/5692957e-7cfd-4f87-bd1d-1fbae37ceed8) \u003cbr\u003e\n![Image](https://github.com/user-attachments/assets/b7c3a04c-ba5a-4470-809a-b2134c3bf59d) \u003cbr\u003e\n![Image](https://github.com/user-attachments/assets/ad722fb6-ccb8-4610-bd8b-9121667b0a1f) \u003cbr\u003e\n\n---\n\n### 🎟️ IAM Role for App Runner (access-role-arn)\n\nCreate a new **IAM Role** with:\n\n**Trust Policy (custom):**\n\n```json\n{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": [\n\t\t{\n          \"Effect\": \"Allow\",\n          \"Principal\": {\n            \"Service\": \"build.apprunner.amazonaws.com\"\n          },\n          \"Action\": \"sts:AssumeRole\"\n        }\n\t]\n}\n```\n\n**Permissions:**\n\n* Attach: `AmazonEC2ContainerRegistryReadOnly`\n\n![Image](https://github.com/user-attachments/assets/4e942a1c-dedc-4ae1-8975-e515634d6074) \u003cbr\u003e\n![Image](https://github.com/user-attachments/assets/5b65b6fa-ab11-42db-98f5-1eceb57b5c02) \u003cbr\u003e\n![Image](https://github.com/user-attachments/assets/2b30efce-d2ad-43c3-9e12-4a7a38db69e7) \u003cbr\u003e\n![Image](https://github.com/user-attachments/assets/f072653c-136a-42f7-a284-033974c43351) \u003cbr\u003e\n![Image](https://github.com/user-attachments/assets/b8c88eb6-224c-4e01-907c-386d9f00571d) \u003cbr\u003e\n\n---\n\n## 🏗️ GitHub Actions Workflow: Step-by-Step\n\n### ✅ 1. Checkout Code\n\n```yaml\n- uses: actions/checkout@v3\n```\n\n➡️ Pulls your latest source code from GitHub.\n\n---\n\n### 🔐 2. Authenticate to AWS\n\n```yaml\n- uses: aws-actions/configure-aws-credentials@v4\n```\n\n➡️ Uses `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` to allow access to AWS services.\n\nBelow Shows a Step by Step Guide for the Key creation\n\n![Image](https://github.com/user-attachments/assets/86988d36-c371-4b8b-85ff-552abafec1f5) \u003cbr\u003e\n![Image](https://github.com/user-attachments/assets/e4365766-6b0e-4ce9-8649-8f2808c98d9b) \u003cbr\u003e\n![Image](https://github.com/user-attachments/assets/5ff3599d-948d-47c5-887f-1087b400956d) \u003cbr\u003e\n![Image](https://github.com/user-attachments/assets/4d681427-7005-49fd-a8b2-c019c0bd8153) \u003cbr\u003e\n\n---\n\n### 📦 3. Log in to Amazon ECR\n\n```yaml\n- uses: aws-actions/amazon-ecr-login@v2\n```\n\n➡️ Logs Docker into your ECR registry so it can push the image.\n\n---\n\n### 🐳 4. Build and Push Docker Image\n\n```bash\ndocker build -t $IMAGE_URI .\ndocker push $IMAGE_URI\n```\n\n➡️ Builds your app into a Docker image and pushes it to ECR.\n\n---\n\n### 🚀 5. Deploy to App Runner\n\n```yaml\n- uses: awslabs/amazon-app-runner-deploy@main\n  with:\n    service: springboot-apprunner\n    image: 66656744752.dkr.ecr.us-east-1.amazonaws.com/my-springboot-app:latest\n    region: us-east-1\n    access-role-arn: ${{ secrets.APP_RUNNER_ACCESS_ROLE_ARN }}\n```\n\n➡️ Deploys the latest image from ECR to **AWS App Runner**\n➡️ Uses the **IAM role** to pull the image securely\n\n---\n\n## 📬 GitHub Secrets Required\n\nIn your GitHub repo → `Settings \u003e Secrets and variables \u003e Actions`:\n\n| Key                          | Description                 |\n| ---------------------------- | --------------------------- |\n| `AWS_ACCESS_KEY_ID`          | From IAM user               |\n| `AWS_SECRET_ACCESS_KEY`      | From IAM user               |\n| `APP_RUNNER_ACCESS_ROLE_ARN` | IAM role used by App Runner |\n\n---\n\n## 📸 Screenshots\n\n* ✅ Spring Initializr setup \u003cbr\u003e\n![Image](https://github.com/user-attachments/assets/e6461efa-9f87-497e-ab1f-efc6cf573751) \u003cbr\u003e\n\n* 📦 ECR repository screen \u003cbr\u003e\n![Image](https://github.com/user-attachments/assets/541f0b7d-55dd-4f02-a312-7126cd850c72) \u003cbr\u003e\n\n* 🚀 App Runner deployment success \u003cbr\u003e\n![Image](https://github.com/user-attachments/assets/6cda2bd7-87be-4997-8188-d0bf1e80ae87) \u003cbr\u003e\n![Image](https://github.com/user-attachments/assets/6e82a2d1-d406-460b-b139-6d083838c9d6) \u003cbr\u003e\n\n* 📬 Github Action Execution \u003cbr\u003e\n![Image](https://github.com/user-attachments/assets/72b0108b-5277-43f6-baa5-27ba3b4edabc) \u003cbr\u003e\n\n---\n\n## 🌐 Final Result\n\nOnce deployed, App Runner will give you a public URL like:\n\n```\nhttps://pnxwcd9w25.ap-southeast-1.awsapprunner.com\n```\n\nYou can test it by visiting:\n\n```\nGET /\nResponse:\n{\n  \"status\": \"success\",\n  \"data\": {\n    \"message\": \"Server is online\",\n    \"code\": 200\n  }\n}\n```\n\n---\n\n## 🚧 Future Improvements\n\n* 🔜 Add custom domain to App Runner\n* 🔜 Add health checks and alerting\n* 🔜 Switch to Terraform IaC\n* 🔜 Add staging environment\n\n---\n\n## 🙌 Acknowledgements\n\n* AWS App Runner Docs\n* GitHub Actions Marketplace\n* You — for deploying Java apps the cloud-native way ☁️\n\n---\n\n## ✨ Done!\n\nYou now have:\n\n✅ Dockerized Spring Boot app \u003cbr\u003e\n✅ Pushed to Amazon ECR \u003cbr\u003e\n✅ Deployed to AWS App Runner \u003cbr\u003e\n✅ Automated with GitHub Actions \u003cbr\u003e\n\nEnjoy shipping with confidence! 🛳️💻🌐\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmoshclouds%2Fspringboot-app-runner","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmoshclouds%2Fspringboot-app-runner","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmoshclouds%2Fspringboot-app-runner/lists"}