bug(#38): ci/cd action 수정

[fixgramwork]

cd 서버가 한번씩 작동하지 않고, 보안적으로 생긴 오류 수정

Summary by CodeRabbit

• Chores
  • 새로운 GitHub Actions 배포 워크플로우가 추가되었습니다.
  • 기존 Spring CD 워크플로우가 삭제되었습니다.
  • Spring CI 워크플로우에서 사용되는 액션 버전이 최신으로 업데이트되고, 코드 커버리지 업로드 단계가 제거되었습니다.

[coderabbitai]

Walkthrough

새로운 GitHub Actions 워크플로우가 추가되어 EC2에 Spring 애플리케이션을 배포하는 자동화가 도입되었습니다. 기존의 Docker Compose 기반 배포 워크플로우는 삭제되었으며, CI 워크플로우는 주요 액션 버전 업데이트 및 커버리지 업로드 단계 제거 등으로 수정되었습니다.

Changes

파일(그룹)	변경 요약
.github/workflows/Spring-develop-CD.yml	EC2에 직접 JAR 파일을 배포하고 애플리케이션을 실행하는 새 워크플로우 추가
.github/workflows/spring-cd.yml	Docker Compose 기반 기존 Spring CD 워크플로우 삭제
.github/workflows/spring-ci.yaml	액션 버전(v3→v4) 업데이트, 커버리지 업로드 단계 삭제, 순서 일부 조정

Sequence Diagram(s)

sequenceDiagram
    participant Developer
    participant GitHub Actions
    participant EC2 Server

    Developer->>GitHub Actions: PR 생성 또는 develop 브랜치로 PR
    GitHub Actions->>GitHub Actions: build job 실행 (JAR 빌드 및 EC2로 전송)
    GitHub Actions->>EC2 Server: SCP로 JAR 파일 복사
    GitHub Actions->>GitHub Actions: deploy job 실행 (build 완료 후)
    GitHub Actions->>EC2 Server: SSH 접속, 기존 프로세스 종료 및 새 JAR 실행
    EC2 Server-->>GitHub Actions: 배포 및 실행 완료

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~15–20 minutes

Possibly related PRs

• Revert "Bug/ #21" #31: Docker Compose 기반 배포 워크플로우와 직접 SCP/SSH 방식 배포 워크플로우 간의 구조적 전환에 관련된 PR입니다.
• Feat/#33 #35: 기존 배포 워크플로우 파일의 이름 변경 및 트리거 조정에 관한 PR로, 본 PR의 워크플로우 교체와 직접적으로 연관됩니다.

Poem

🐰
깡충깡충 토끼가 코드를 살펴보네,
새 워크플로우로 EC2에 점프해 가네!
오래된 Docker는 안녕을 고하고,
깔끔한 JAR로 봄바람을 타고.
Actions가 춤추며 배포를 해,
오늘도 서버엔 평화가 오네!
🌱✨

Note

⚡️ Unit Test Generation is now available in beta!

Learn more here, or try it out under "Finishing Touches" below.

✨ Finishing Touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch bug/#38

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai generate unit tests to generate unit tests for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (3)

.github/workflows/spring-ci.yaml (1)

34-38: 파일 끝에 개행 문자 추가 권장

YAML Lint 경고가 발생합니다. 마지막 줄 뒤에 개행을 하나 넣어 경고를 제거하세요.

.github/workflows/Spring-develop-CD.yml (2)

1-1: Workflow 이름 오타

Deplot → Deploy 로 수정하시길 권장합니다.

-name: Spring Deplot to EC2
+name: Spring Deploy to EC2

---

65-65: 파일 끝 개행 누락

YAMLLint 경고 해결을 위해 마지막 줄 뒤에 개행을 추가하세요.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between eb71c3e and 3a54aa1.

📒 Files selected for processing (3)

• .github/workflows/Spring-develop-CD.yml (1 hunks)
• .github/workflows/spring-cd.yml (0 hunks)
• .github/workflows/spring-ci.yaml (1 hunks)

💤 Files with no reviewable changes (1)

• .github/workflows/spring-cd.yml

🧰 Additional context used

🪛 actionlint (1.7.7)

.github/workflows/spring-ci.yaml

25-25: the runner of "actions/cache@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

🪛 YAMLlint (1.37.1)

.github/workflows/spring-ci.yaml

[error] 38-38: no new line character at the end of file

(new-line-at-end-of-file)

.github/workflows/Spring-develop-CD.yml

[error] 65-65: no new line character at the end of file

(new-line-at-end-of-file)

🔇 Additional comments (1)

.github/workflows/Spring-develop-CD.yml (1)

23-29: Secrets 값이 로그에 노출될 가능성 확인 필요

echo "${{ secrets.* }}" 는 기본적으로 GitHub 이 마스킹하지만, 출력이 길거나 패턴이 변형될 경우 일부 값이 드러날 수 있습니다.
::add-mask:: 명령으로 추가 마스킹을 적용하거나, cat <<EOF > file 형태로 리다이렉션하여 로그 출력을 억제하는 방안을 검토해 주세요.

[coderabbitai]

⚠️ Potential issue

💥 actions/cache 버전을 v4로 올려야 합니다

GitHub Actions 러너는 Node 20 런타임만 지원합니다. actions/cache@v3 는 Node 16 기반이므로 조만간 실행 오류가 발생할 수 있습니다.
아래와 같이 버전을 v4 로 업그레이드하세요.

-        uses: actions/cache@v3
+        uses: actions/cache@v4

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	- name: Cache Gradle packages
	uses: actions/cache@v3
	with:
	path: |
	~/.gradle/caches
	~/.gradle/wrapper
	key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
	restore-keys: |
	- name: Cache Gradle packages
	- uses: actions/cache@v3
	+ uses: actions/cache@v4
	with:
	path: |
	~/.gradle/caches
	~/.gradle/wrapper
	key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
	restore-keys: |

🧰 Tools

🪛 actionlint (1.7.7)

25-25: the runner of "actions/cache@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

🤖 Prompt for AI Agents

In .github/workflows/spring-ci.yaml around lines 24 to 31, the actions/cache
version is set to v3, which uses Node 16 and may cause runtime errors since
GitHub Actions runners now support only Node 20. Update the uses line to
actions/cache@v4 to ensure compatibility and prevent future execution errors.

[coderabbitai]

⚠️ Potential issue

appleboy/*-action@master 사용은 보안 위험 — 태그 또는 커밋으로 고정하세요

@master 는 언제든지 바뀔 수 있어 Supply-chain 공격에 취약합니다. 안정 버전 또는 SHA 로 명시적으로 고정하세요.

-        uses: appleboy/scp-action@master
+        uses: appleboy/scp-action@v0.1.7  # 최신 릴리스/커밋으로 교체

 ...

-        uses: appleboy/ssh-action@master
+        uses: appleboy/ssh-action@v0.1.7  # 최신 릴리스/커밋으로 교체

Also applies to: 56-61

🤖 Prompt for AI Agents

In .github/workflows/Spring-develop-CD.yml at lines 40 to 47 and also lines 56
to 61, the usage of appleboy/scp-action@master is insecure because the master
branch can change unexpectedly, risking supply-chain attacks. Replace @master
with a specific released version tag or a commit SHA to ensure the action
version is fixed and stable. Check the action's repository for the latest stable
version or commit and update the workflow file accordingly.