Feat/#1 CI/CD 구축 및 Netflix Eureka Client(Gateway) 설정 #2
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 tasks
1winhyun
had a problem deploying
to
production
GitHub Actions
Failure
huncozyboy
approved these changes
Sep 27, 2025
Member
huncozyboy
left a comment
huncozyboy
left a comment
There was a problem hiding this comment.
고생하셨습니다 !
아키텍처 구조까지 시각화 해주셨네요 👍🏻
Comment on lines
10
to
32
| @Configuration | ||
| @Profile({"local","dev","prod"}) | ||
| public class GatewayConfiguration { | ||
|
|
||
| @Bean | ||
| public RouteLocator customRouteLocator(RouteLocatorBuilder builder) { | ||
| return builder.routes() | ||
| // 인증 필요 없는 라우트 | ||
| .route("backend_route", r -> r.path("/**") | ||
| .filters(f -> f | ||
| .removeRequestHeader(HttpHeaders.COOKIE) | ||
| ) | ||
| .uri("lb://backend-service")) | ||
|
|
||
| //스웨거를 위한 라우트 설정(각 서비스마다 등록해줘야 합니다.) | ||
| .route("backend-service_api_docs", r -> r.path("/api-docs/backend/**") | ||
| .filters(f -> f | ||
| .rewritePath("/api-docs/backend/(?<rem>.*)", "/${rem}") | ||
| ) | ||
| .uri("lb://backend-service")) | ||
| .build(); | ||
| } | ||
| } |
Member
There was a problem hiding this comment.
해당 config 설정에서 /**로 와일드 카드를 사용해주신 이유는 모든 요청(/**)을 backend-service로 전달해주는 역할을 한다고 이해하면 될까요 ??
또 .removeRequestHeader(HttpHeaders.COOKIE)로 클라이언트가 보낸 쿠키를 백엔드 서비스로 전달하지 않는다고 이해했는데, 이건 인증이 끝난 요청에 대한 내용에 대해서 무상태를 유지해주는 설정인지도 궁금했습니다
Member
Author
There was a problem hiding this comment.
첫번째 질문에 대해서는 모든 요청(/**)을 backend-service로 전달해주는 역할이 맞습니다. 하지만 현재 저희는 user와 관련된 서비스, 메일과 관련된 서비스가 추가될 예정이기에 추후 해당 부분은 수정될 예정입니다. 예를 들면 다음 코드와 같이 구현될 예정입니다.
.route("user_public_route", r -> r.path("/users/public/**")
.filters(f -> f
.removeRequestHeader(HttpHeaders.COOKIE)
)
.uri("lb://USER-SERVICE"))두번째 질문의 경우 취지는 동일합니다. .removeRequestHeader(HttpHeaders.COOKIE)의 경우 게이트웨이 -> 백엔드로 쿠키를 넘기지 않아 해당 서비스들이 쿠키나 세션 기반 상태에 의존하지 못하도록 합니다. 따라서 인증의 관점에서는 토큰만 보고 요청을 처리하는 상태를 강제합니다.
Walkthroughgateway-service에 CI/CD(개발/운영) 워크플로와 Dockerfile을 추가하고, Spring WebFlux 및 Spring Cloud Gateway로 전환했습니다. CORS 필터와 라우팅 구성, Eureka 및 SpringDoc 설정을 환경별 yml로 추가하고 application.properties의 애플리케이션 이름을 제거했습니다. Changes
Sequence Diagram(s)sequenceDiagram
autonumber
actor Dev as 개발자
participant GH as GitHub
participant CI as CI 런너
participant Reg as Container Registry
participant CD as CD 워크플로
participant SSH as 원격 호스트
participant DK as Docker/Compose
Dev->>GH: push/PR to dev 또는 workflow_dispatch
GH-->>CI: "gateway-service CI pipeline" 트리거
CI->>CI: 체크아웃, JDK21 설정, gradle 빌드
CI->>Reg: Docker 이미지 빌드 및 푸시
CI-->>GH: CI 완료(success)
GH-->>CD: workflow_run (on: workflow_run success)
CD->>SSH: SSH 연결 (appleboy/ssh-action)
SSH->>DK: 기존 컨테이너 제거 (무시 가능한 에러)
SSH->>DK: docker compose pull
SSH->>DK: docker compose up --no-deps --force-recreate --pull always
SSH->>DK: docker image prune
sequenceDiagram
autonumber
actor Client as 클라이언트
participant G as Gateway (Spring Cloud Gateway)
participant E as Eureka
participant B as backend-service
Client->>G: 요청 (/... 또는 /api-docs/backend/...)
G->>E: 서비스 조회(backend-service)
E-->>G: 인스턴스 정보 반환
alt API Docs 경로
G->>G: 경로 재작성 (/api-docs/backend/** -> /**)
end
G->>B: 요청 전달 (일반 경로에서 COOKIE 헤더 제거)
B-->>G: 응답
G-->>Client: 응답 반환
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~25 minutes Poem
Pre-merge checks and finishing touches❌ Failed checks (2 warnings)
✅ Passed checks (3 passed)
✨ Finishing touches
🧪 Generate unit tests
📜 Recent review detailsConfiguration used: CodeRabbit UI Review profile: CHILL Plan: Pro 📒 Files selected for processing (2)
🚧 Files skipped from review as they are similar to previous changes (2)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 5
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (12)
.github/workflows/cd-dev.yaml(1 hunks).github/workflows/cd-prod.yaml(1 hunks).github/workflows/ci.yaml(1 hunks)Dockerfile(1 hunks)build.gradle(1 hunks)src/main/java/com/unionmate/gateway_service/GatewayServiceApplication.java(2 hunks)src/main/java/com/unionmate/gateway_service/global/SecurityConfig.java(1 hunks)src/main/java/com/unionmate/gateway_service/global/gateway/GatewayConfiguration.java(1 hunks)src/main/resources/application-dev.yml(1 hunks)src/main/resources/application-local.yml(1 hunks)src/main/resources/application-prod.yml(1 hunks)src/main/resources/application.properties(0 hunks)
💤 Files with no reviewable changes (1)
- src/main/resources/application.properties
src/main/java/com/unionmate/gateway_service/global/gateway/GatewayConfiguration.java
Outdated
Show resolved
Hide resolved
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Related issue 🛠
작업 내용 💻
스크린샷 📷
local 서버
dev 서버
prod 서버
다음 사진은 해당 부분을 확인할 수 있는 nginx의 default.conf 코드입니다.
server { listen 80; server_name 43.200.160.0.nip.io; location /.well-known/acme-challenge/ { root /var/www/certbot; allow all; } location /nginx/health { access_log off; return 200 'ok'; add_header Content-Type text/plain; } location / { return 301 https://$host$request_uri; } } server { listen 443 ssl; http2 on; server_name 43.200.160.0.nip.io; ssl_certificate /etc/letsencrypt/live/43.200.160.0.nip.io/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/43.200.160.0.nip.io/privkey.pem; # (옵션) mozilla 권장 설정을 쓰고 싶다면 아래 파일들이 있을 때 include # include /etc/letsencrypt/options-ssl-nginx.conf; # ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; client_max_body_size 10m; location / { proxy_pass http://gateway-service-prod:8000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } location /nginx/health { access_log off; return 200 'ok'; add_header Content-Type text/plain; } }아키텍처
최종적으로 구축한 prod 서버의 아키텍처는 다음과 같습니다.
같이 얘기해보고 싶은 내용이 있다면 작성 📢
Summary by CodeRabbit
New Features
Chores