Skip to content

Commit f16dbe5

Browse files
siiiirrusiiiirru
authored
feat: 프로젝트 v1.0 스테이징 merge
feat: 프로젝트 v1.0 스테이징
2 parents ad40a42 + 84b1426 commit f16dbe5

379 files changed

Lines changed: 44164 additions & 0 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

.github/CODEOWNERS

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,20 @@
1+
# 팀원 이름
2+
# 박시윤 @siiiirru
3+
# 한동연 @1dyn
4+
# 양정모 @kaiju782
5+
# 서예은 @michelle259
6+
# 조성민 @csm123455
7+
# 조성욱 @KingZuto
8+
9+
# 특정 디렉토리 오너
10+
/backend/auth/ @1dyn
11+
/backend/config/ @KingZuto
12+
/backend/gateway/ @siiiirru
13+
/backend/recommend/ @michelle259
14+
/backend/review/ @csm123455
15+
/backend/schedule/ @kaiju782
16+
17+
18+
19+
# 특정 파일 오너
20+
# /.github/workflows/deploy.yml @devops-lead

.github/workflows/backend-ci-cd.yaml

Lines changed: 167 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,167 @@
1+
name: Backend CI/CD
2+
3+
on:
4+
push:
5+
branches:
6+
- dev
7+
paths:
8+
- 'backend/**'
9+
10+
permissions:
11+
contents: write
12+
id-token: write
13+
14+
jobs:
15+
detect-changes:
16+
runs-on: ubuntu-latest
17+
outputs:
18+
services: ${{ steps.detect.outputs.services }}
19+
commit_hash: ${{ steps.hash.outputs.commit_hash }}
20+
steps:
21+
- name: Checkout
22+
uses: actions/checkout@v4
23+
with:
24+
fetch-depth: 0
25+
26+
- name: Detect changed services
27+
id: detect
28+
run: |
29+
git fetch origin dev
30+
CHANGED=$(git diff --name-only ${{ github.event.before }} ${{ github.sha }} | grep '^backend/' | cut -d '/' -f2 | sort | uniq | jq -R -s -c 'split("\n") | map(select(. != ""))')
31+
echo "services=$CHANGED" >> $GITHUB_OUTPUT
32+
33+
- name: Get short git commit hash
34+
id: hash
35+
run: echo "commit_hash=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
36+
37+
build-and-push:
38+
needs: detect-changes
39+
runs-on: ubuntu-latest
40+
if: ${{ fromJson(needs.detect-changes.outputs.services) != '[]' }}
41+
strategy:
42+
matrix:
43+
service: ${{ fromJson(needs.detect-changes.outputs.services) }}
44+
fail-fast: false
45+
env:
46+
IMAGE_TAG: ${{ needs.detect-changes.outputs.commit_hash }}
47+
steps:
48+
- name: Checkout
49+
uses: actions/checkout@v4
50+
51+
- name: Set up JDK 17
52+
uses: actions/setup-java@v4
53+
with:
54+
java-version: '17'
55+
distribution: 'temurin'
56+
cache: maven
57+
58+
- name: Configure AWS credentials
59+
uses: aws-actions/configure-aws-credentials@v4
60+
with:
61+
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/mapzip-dev-GitHubActionsOIDCRole
62+
role-session-name: GitHub_to_AWS_via_FederatedOIDC
63+
aws-region: ap-northeast-2
64+
65+
- name: Login to Amazon ECR Private
66+
id: login-ecr-private
67+
uses: aws-actions/amazon-ecr-login@v2
68+
69+
- name: Build and push Docker image
70+
id: build
71+
env:
72+
REGISTRY: ${{ steps.login-ecr-private.outputs.registry }}
73+
run: |
74+
SERVICE="${{ matrix.service }}"
75+
echo "Building and pushing $SERVICE"
76+
77+
cd "./backend/$SERVICE" || exit 1
78+
mvn -B package -DskipTests --file pom.xml
79+
mv ./target/*.jar ./target/app.jar
80+
cd - || exit 1
81+
82+
docker build -t "$REGISTRY/mapzip-dev-ecr-$SERVICE:$IMAGE_TAG" "./backend/$SERVICE"
83+
docker push "$REGISTRY/mapzip-dev-ecr-$SERVICE:$IMAGE_TAG"
84+
85+
- name: Save successful service name
86+
if: success()
87+
run: |
88+
mkdir -p success
89+
echo "${{ matrix.service }}" > "success/${{ matrix.service }}.txt"
90+
91+
- name: Upload success list
92+
if: success()
93+
uses: actions/upload-artifact@v4
94+
with:
95+
name: successful-service-${{ matrix.service }}
96+
path: success/${{ matrix.service }}.txt
97+
98+
update-argocd-yaml:
99+
needs:
100+
- detect-changes
101+
- build-and-push
102+
runs-on: ubuntu-latest
103+
if: ${{ fromJson(needs.detect-changes.outputs.services) != '[]' }}
104+
steps:
105+
- name: Download all success artifacts
106+
uses: actions/download-artifact@v4
107+
with:
108+
pattern: successful-service-*
109+
path: ./services
110+
merge-multiple: true
111+
112+
- name: Read success list
113+
id: get-success
114+
run: |
115+
SUCCESS_SERVICES=""
116+
if [ -d "./services" ]; then
117+
for file in ./services/*.txt; do
118+
if [ -f "$file" ]; then
119+
SERVICE=$(basename "$file" .txt)
120+
SUCCESS_SERVICES="$SUCCESS_SERVICES $SERVICE"
121+
fi
122+
done
123+
fi
124+
echo "success_services=$(echo $SUCCESS_SERVICES | xargs)" >> $GITHUB_OUTPUT
125+
126+
- name: Checkout Infra repo
127+
uses: actions/checkout@v4
128+
with:
129+
repository: CLD3rd-Team4/Infra
130+
ref: dev
131+
token: ${{ secrets.INFRA_PAT }}
132+
path: infra
133+
134+
- name: Update YAMLs with new image tags
135+
env:
136+
IMAGE_TAG: ${{ needs.detect-changes.outputs.commit_hash }}
137+
run: |
138+
INFRA_PATH="argocd"
139+
git config --global user.name "github-actions"
140+
git config --global user.email "github-actions@github.com"
141+
cd infra
142+
143+
for SERVICE_NAME in ${{ steps.get-success.outputs.success_services }}; do
144+
echo "Updating image tag for service: $SERVICE_NAME"
145+
146+
if [[ "$SERVICE_NAME" == "auth" || "$SERVICE_NAME" == "gateway" || "$SERVICE_NAME" == "config" ]]; then
147+
SERVICE_DIR="$INFRA_PATH/platform"
148+
else
149+
SERVICE_DIR="$INFRA_PATH/service-$SERVICE_NAME"
150+
fi
151+
152+
FILE_NAME="${SERVICE_NAME#service-}.yaml"
153+
YAML_FILE="$SERVICE_DIR/$FILE_NAME"
154+
155+
if [ ! -f "$YAML_FILE" ]; then
156+
echo "Warning: YAML file not found: $YAML_FILE"
157+
continue
158+
fi
159+
160+
sed -i -E "/containers:/,/(^[[:space:]]*[^-[:space:]]|^$)/ s|(image:[[:space:]]*[^[:space:]]+:)[^[:space:]]+|\1$IMAGE_TAG|" "$YAML_FILE"
161+
162+
git add "$YAML_FILE"
163+
git commit -m "Update $SERVICE_NAME image tag to $IMAGE_TAG [ci skip]" || echo "No changes to commit for $SERVICE_NAME"
164+
done
165+
166+
git push origin dev
167+

.github/workflows/config-ci-cd.yaml

Lines changed: 124 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,124 @@
1+
name: Config CI/CD
2+
3+
on:
4+
push:
5+
branches:
6+
- dev
7+
paths:
8+
- 'config-repo/**'
9+
10+
permissions:
11+
id-token: write
12+
contents: read
13+
14+
jobs:
15+
detect-config-changes:
16+
runs-on: ubuntu-latest
17+
outputs:
18+
services: ${{ steps.detect.outputs.services }}
19+
steps:
20+
- name: Checkout
21+
uses: actions/checkout@v4
22+
with:
23+
fetch-depth: 0
24+
25+
- name: Detect changed config services
26+
id: detect
27+
run: |
28+
git fetch origin dev
29+
30+
# Backend 변경사항도 확인 (중복 재시작 방지)
31+
BACKEND_CHANGED=$(git diff --name-only ${{ github.event.before }} ${{ github.sha }} | grep '^backend/' | cut -d '/' -f2 | sort | uniq)
32+
33+
# config-repo/application.yml 변경 확인
34+
APPLICATION_CHANGED=$(git diff --name-only ${{ github.event.before }} ${{ github.sha }} | grep '^config-repo/application\.yml$' | wc -l)
35+
36+
# config-repo/ 폴더에서 변경된 개별 설정 파일들 찾기
37+
CONFIG_SERVICES=$(git diff --name-only ${{ github.event.before }} ${{ github.sha }} | grep '^config-repo/.*\.yml$' | grep -v '^config-repo/application\.yml$' | sed 's|config-repo/||g' | sed 's|\.yml||g' | sort | uniq)
38+
39+
# application.yml이 바뀌면 모든 서비스 재시작
40+
if [ "$APPLICATION_CHANGED" -gt 0 ]; then
41+
ALL_SERVICES="auth gateway schedule recommend review"
42+
else
43+
# 그렇지 않으면 변경된 서비스들만
44+
ALL_SERVICES="$CONFIG_SERVICES"
45+
fi
46+
47+
# Backend에서 변경된 서비스는 제외 (ArgoCD가 자동 재배포하므로)
48+
FILTERED_SERVICES=""
49+
for service in $ALL_SERVICES; do
50+
if ! echo "$BACKEND_CHANGED" | grep -q "^$service$"; then
51+
FILTERED_SERVICES="$FILTERED_SERVICES $service"
52+
else
53+
echo "⏭️ Skipping $service restart (backend changed - ArgoCD will handle deployment)"
54+
fi
55+
done
56+
57+
# JSON 배열로 변환
58+
CHANGED=$(echo "$FILTERED_SERVICES" | tr ' ' '\n' | sort | uniq | jq -R -s -c 'split("\n") | map(select(. != ""))')
59+
echo "services=$CHANGED" >> $GITHUB_OUTPUT
60+
echo "🔄 Services to restart: $FILTERED_SERVICES"
61+
62+
restart-services:
63+
needs: detect-config-changes
64+
runs-on: ubuntu-latest
65+
if: ${{ fromJson(needs.detect-config-changes.outputs.services) != '[]' }}
66+
strategy:
67+
matrix:
68+
service: ${{ fromJson(needs.detect-config-changes.outputs.services) }}
69+
fail-fast: false
70+
steps:
71+
- name: Configure AWS credentials
72+
uses: aws-actions/configure-aws-credentials@v4
73+
with:
74+
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/mapzip-dev-GitHubActionsOIDCRole
75+
role-session-name: GitHub_to_AWS_via_FederatedOIDC
76+
aws-region: ap-northeast-2
77+
78+
- name: Install kubectl
79+
run: |
80+
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
81+
chmod +x kubectl
82+
sudo mv kubectl /usr/local/bin/
83+
84+
- name: Configure kubectl
85+
run: |
86+
aws eks update-kubeconfig --region ap-northeast-2 --name mapzip-dev-eks
87+
88+
- name: Restart ${{ matrix.service }} service
89+
run: |
90+
SERVICE="${{ matrix.service }}"
91+
echo "🔄 Restarting $SERVICE service (config-only change)..."
92+
93+
# 서비스별 deployment 이름과 네임스페이스 매핑
94+
case $SERVICE in
95+
"auth")
96+
DEPLOYMENT="auth-deployment"
97+
NAMESPACE="service-platform"
98+
;;
99+
"gateway")
100+
DEPLOYMENT="spring-gateway-deployment"
101+
NAMESPACE="service-platform"
102+
;;
103+
"schedule")
104+
DEPLOYMENT="schedule-deployment"
105+
NAMESPACE="service-schedule"
106+
;;
107+
"recommend")
108+
DEPLOYMENT="recommend-deployment"
109+
NAMESPACE="service-recommend"
110+
;;
111+
"review")
112+
DEPLOYMENT="review-deployment"
113+
NAMESPACE="service-review"
114+
;;
115+
*)
116+
echo "❌ Unknown service: $SERVICE"
117+
exit 1
118+
;;
119+
esac
120+
121+
kubectl rollout restart deployment/$DEPLOYMENT -n $NAMESPACE
122+
kubectl rollout status deployment/$DEPLOYMENT -n $NAMESPACE --timeout=300s
123+
124+
echo "✅ $SERVICE service restarted successfully in $NAMESPACE namespace"

.github/workflows/frontend-ci-cd.yaml

Lines changed: 77 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,77 @@
1+
name: frontend CI/CD
2+
3+
on:
4+
push:
5+
branches:
6+
- dev
7+
paths:
8+
- 'frontend/**'
9+
10+
11+
12+
permissions:
13+
id-token: write
14+
contents: read
15+
16+
jobs:
17+
ci:
18+
runs-on: ubuntu-latest
19+
20+
steps:
21+
- name: Checkout source code
22+
uses: actions/checkout@v3
23+
24+
- name: Setup Node
25+
uses: actions/setup-node@v3
26+
with:
27+
node-version: '18'
28+
cache: 'npm'
29+
cache-dependency-path: 'frontend/package-lock.json'
30+
31+
- name: Install dependencies
32+
run: |
33+
cd frontend
34+
npm ci
35+
36+
- name: Build Next.js app
37+
run: |
38+
cd frontend
39+
npm run build
40+
env:
41+
NEXT_PUBLIC_API_BASE_URL: ${{ secrets.NEXT_PUBLIC_API_BASE_URL }}
42+
NEXT_PUBLIC_KAKAO_MAP_KEY: ${{ secrets.KAKAO_MAP_KEY }}
43+
44+
45+
- name: Upload build artifact
46+
uses: actions/upload-artifact@v4
47+
with:
48+
name: build-files
49+
path: frontend/out/
50+
include-hidden-files: true
51+
52+
cd:
53+
needs: ci
54+
runs-on: ubuntu-latest
55+
steps:
56+
- name: Download build artifact
57+
uses: actions/download-artifact@v4
58+
with:
59+
name: build-files
60+
path: out/
61+
62+
- name: Configure AWS credentials
63+
uses: aws-actions/configure-aws-credentials@v4
64+
with:
65+
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/mapzip-dev-GitHubActionsOIDCRole
66+
role-session-name: GitHub_to_AWS_via_FederatedOIDC
67+
aws-region: ap-northeast-2
68+
69+
- name: Upload to S3 using AWS CLI
70+
run: |
71+
aws s3 sync ./out s3://${{ secrets.S3_BUCKET_NAME }} --delete
72+
73+
- name: Invalidate CloudFront cache
74+
run: |
75+
aws cloudfront create-invalidation \
76+
--distribution-id ${{ secrets.AWS_CLOUDFRONT_DISTRIBUTION_ID }} \
77+
--paths "/*"

0 commit comments

Comments
 (0)