refactor: User Interceptor를 Middleware로 변경하여 인증 로직 개선 #117
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD Pipeline | |
| # main 브랜치에 대한 Pull request 및 Merge | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths-ignore: | |
| - ".github/**" | |
| workflow_dispatch: | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| pull-requests: write | |
| steps: | |
| # 1. 레포지토리 소스 코드 작업 환경으로 가져오기 | |
| - name: Checkout Repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| # 2. 환경변수(.env) 파일 생성 | |
| - name: Set Environment File | |
| run: | | |
| echo "${{ secrets.PROD_ENV }}" > .env | |
| chmod 644 .env | |
| cat .env | |
| # 3. 도커허브 로그인 | |
| - name: Login to DockerHub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| # 4. 도커 허브에 이미지 푸시 | |
| - name: Push Docker Image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| push: true | |
| context: . | |
| tags: ${{ secrets.DOCKER_USERNAME }}/${{ secrets.DOCKER_IMAGE_NAME }}:latest | |
| # 5. GCP 인증 | |
| - name: Authenticate to GCP | |
| id: 'auth' | |
| uses: 'google-github-actions/auth@v2' | |
| with: | |
| workload_identity_provider: ${{ secrets.WORKLOAD_IDENTITY_PROVIDER }} # 생성한 워크로드 아이덴티티 풀의 ID | |
| service_account: ${{ secrets.SERVICE_ACCOUNT_EMAIL }} # IAM 서비스 계정 | |
| # 6. GCP Compute Engine SSH로 배포 | |
| - name: Deploy to GCP Compute Engine | |
| id: 'compute-ssh' | |
| uses: 'google-github-actions/ssh-compute@v1' | |
| with: | |
| instance_name: ${{ secrets.GCP_INSTANCE_NAME }} | |
| zone: ${{ secrets.GCP_INSTANCE_ZONE }} | |
| ssh_private_key: ${{ secrets.GCP_SSH_PRIVATE_KEY }} | |
| command: | | |
| mkdir ./${{ github.repository }} | |
| cd ./${{ github.repository }} | |
| ls -al | |
| sudo curl -o docker-compose.yml https://raw.githubusercontent.com/${{ github.repository }}/main/docker-compose.yml | |
| sudo docker-compose down | |
| sudo docker-compose up -d ${{ secrets.DOCKER_IMAGE_NAME }} | |
| sudo docker image prune -a -f | |
| # Example of using the output | |
| - id: 'debug' | |
| run: |- | |
| echo '${{ steps.compute-ssh.outputs.stdout }}' | |
| echo '${{ steps.compute-ssh.outputs.stderr }}' | |
| # 7. Sentry 설정 | |
| - name: Create Sentry release | |
| uses: getsentry/action-release@v1 | |
| env: | |
| SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | |
| SENTRY_ORG: ${{ secrets.SENTRY_ORG }} | |
| SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }} | |
| with: | |
| environment: production | |
| inject: true | |
| sourcemaps: './dist' |