Skip to content

fix: CI/CD와 Docker 설정에서 Config 레포지토리 연동 및 헬스체크 완성 #26

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
23MinL merged 8 commits into from
Jul 11, 2025
Merged

fix: CI/CD와 Docker 설정에서 Config 레포지토리 연동 및 헬스체크 완성 #26

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
8040ddd
fix: CI/CD와 Docker 설정에서 Config 레포지토리 연동 및 헬스체크 완성
23MinL Jul 11, 2025
e306512
fix: Config 레포지토리 접근을 위해 PRIVATE_REPO_TOKEN 사용으로 변경
23MinL Jul 11, 2025
68b9f87
fix: Redis 설정을 환경변수로만 관리하도록 보안 강화
23MinL Jul 11, 2025
dfb6438
feat: Docker Compose 환경 설정 최적화 및 워크플로우 영어 변환
23MinL Jul 11, 2025
1c80bd8
fix: Config 파일 존재 여부 검증 강화
23MinL Jul 11, 2025
ffee628
fix: 코드레빗 제안사항 반영 - CI/CD 품질 검증 강화
23MinL Jul 11, 2025
4cd6b26
GitHub Actions 워크플로우 개선사항 적용
23MinL Jul 11, 2025
3738a8d
GitHub Actions 보안 강화 및 환경변수 노출 방지
23MinL Jul 11, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
114 changes: 65 additions & 49 deletions .github/workflows/ci-cd.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,37 +22,37 @@ jobs:
GITHUB_ACTIONS: true

steps:
- name: 코드 체크아웃
- name: Checkout Code
uses: actions/checkout@v4

- name: Python 환경 설정
- name: Setup Python Environment
uses: actions/setup-python@v5
with:
python-version: '3.11'

- name: 의존성 캐시
- name: Cache Dependencies
uses: actions/cache@v4
with:
path: ~/.cache/pip
key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
restore-keys: |
${{ runner.os }}-pip-

- name: 의존성 설치
- name: Install Dependencies
run: |
python -m pip install --upgrade pip
# 먼저 테스트 도구들 설치 (pytest-env 추가)
# Install test tools first (including pytest-env)
pip install pytest==8.3.4 pytest-asyncio==0.25.0 pytest-env==1.1.5 flake8==7.1.1 black==25.1.0 isort==5.13.2
# 그 다음 프로젝트 의존성 설치
# Then install project dependencies
pip install -r requirements.txt

- name: 코드 품질 검사
- name: Code Quality Check
run: |
# 중요한 구문 오류만 체크
# Check only critical syntax errors
flake8 app/ --count --select=E9,F63,F7,F82 --show-source --statistics --exit-zero
echo "코드 품질 검사 완료"
echo "Code quality check completed"

- name: 테스트 실행
- name: Run Tests
run: |
export APP_NAME="Ururu AI Recommendation System"
export EMBEDDING_MODEL_NAME="sentence-transformers/all-MiniLM-L6-v2"
Expand All @@ -66,20 +66,20 @@ jobs:
if: github.event_name == 'push'

steps:
- name: 코드 체크아웃
- name: Checkout Code
uses: actions/checkout@v4

- name: Docker Buildx 설정
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3

- name: 컨테이너 레지스트리 로그인
- name: Login to Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ secrets.GHCR_USERNAME }}
password: ${{ secrets.GHCR_TOKEN }}

- name: 메타데이터 추출
- name: Extract Metadata
id: meta
uses: docker/metadata-action@v5
with:
Expand All @@ -90,7 +90,7 @@ jobs:
type=sha,prefix=sha-
type=raw,value=latest,enable={{is_default_branch}}

- name: Docker 이미지 빌드 및 푸시
- name: Build and Push Docker Image
uses: docker/build-push-action@v5
with:
context: .
Expand All @@ -108,28 +108,36 @@ jobs:
environment: development

steps:
- name: 코드 체크아웃
- name: Checkout Code
uses: actions/checkout@v4

- name: 개발 환경 배포 설정
- name: Checkout Config Repository
uses: actions/checkout@v4
with:
repository: UruruLab/Ururu-AI-Config
path: config
token: ${{ secrets.PRIVATE_REPO_TOKEN }}

- name: Copy Development Environment Config Files
run: |
printf 'SPRING_BOOT_BASE_URL=%s\n' "${{ secrets.DEV_SPRING_BACKEND_URL }}" >> .env.development
printf 'REDIS_URL=%s\n' "${{ secrets.DEV_REDIS_URL }}" >> .env.development
cp config/.env.development .env.development
echo "✅ Development environment config files copied successfully"

- name: Docker Compose 설정 검증
- name: Validate Docker Compose Configuration
run: |
echo "개발 환경 설정 파일 검증"
echo "docker-compose.development.yml 구문 검증"
docker compose -f docker-compose.development.yml config --quiet
echo "개발 환경 배포 준비 완료"
echo "Validating development environment configuration files"
echo "Validating docker-compose.development.yml syntax"
ENVIRONMENT=development docker compose -f docker-compose.development.yml config --quiet
echo "Verifying environment variable bindings"
ENVIRONMENT=development docker compose -f docker-compose.development.yml config | grep -A 10 "environment:" || true
echo "Development environment deployment preparation completed"

- name: 배포 시뮬레이션 (실제 EC2 배포 없음)
- name: Simulate Deployment (No actual EC2 deployment)
run: |
echo "개발 환경 배포 시뮬레이션"
echo "- Docker 이미지: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:develop"
echo "- Spring Boot URL: [MASKED]"
echo "- Redis URL: [MASKED]"
echo "개발 환경 배포 설정 완료"
echo "Development environment deployment simulation"
echo "- Docker Image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:develop"
echo "- Config File: .env.development (fetched from Config repository)"
echo "Development environment deployment configuration completed"

deploy-production:
needs: build-and-push
Expand All @@ -138,32 +146,40 @@ jobs:
environment: production

steps:
- name: 코드 체크아웃
- name: Checkout Code
uses: actions/checkout@v4

- name: 운영 환경 배포 설정
- name: Checkout Config Repository
uses: actions/checkout@v4
with:
repository: UruruLab/Ururu-AI-Config
path: config
token: ${{ secrets.PRIVATE_REPO_TOKEN }}

- name: Copy Production Environment Config Files
run: |
printf 'SPRING_BOOT_BASE_URL=%s\n' "${{ secrets.PROD_SPRING_BACKEND_URL }}" >> .env.production
printf 'REDIS_URL=%s\n' "${{ secrets.PROD_REDIS_URL }}" >> .env.production
cp config/.env.production .env.production
echo "✅ Production environment config files copied successfully"

- name: Docker Compose 설정 검증
- name: Validate Docker Compose Configuration
run: |
echo "운영 환경 설정 파일 검증"
echo "docker-compose.production.yml 구문 검증"
docker compose -f docker-compose.production.yml config --quiet
echo "운영 환경 배포 준비 완료"
echo "Validating production environment configuration files"
echo "Validating docker-compose.production.yml syntax"
ENVIRONMENT=production docker compose -f docker-compose.production.yml config --quiet
echo "Verifying environment variable bindings"
ENVIRONMENT=production docker compose -f docker-compose.production.yml config | grep -A 10 "environment:" || true
echo "Production environment deployment preparation completed"

- name: 배포 알림 준비
- name: Prepare Deployment Notification
run: |
echo "운영 환경 배포 준비 완료"
echo "- Docker 이미지: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest"
echo "- Spring Boot URL: [MASKED]"
echo "- Redis URL: [MASKED]"
echo "실제 EC2 배포는 별도 프로세스에서 진행"
echo "Production environment deployment preparation completed"
echo "- Docker Image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest"
echo "- Config File: .env.production (fetched from Config repository)"
echo "Actual EC2 deployment will be handled by separate process"

- name: 배포 완료 알림
- name: Deployment Completion Notification
if: success()
run: |
echo "GitHub Actions 배포 파이프라인이 성공적으로 완료되었습니다."
echo "Docker 이미지가 GitHub Container Registry에 푸시되었습니다."
echo "EC2 서버에서 수동으로 docker compose pull && docker compose up -d 실행이 필요합니다."
echo "GitHub Actions deployment pipeline completed successfully."
echo "Docker image has been pushed to GitHub Container Registry."
echo "Manual execution required on EC2 server: docker compose pull && docker compose up -d"
93 changes: 70 additions & 23 deletions .github/workflows/docker-health-check.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,44 +4,91 @@ on:
schedule:
- cron: '0 */6 * * *'
workflow_dispatch:
push:
branches:
- main
- 'fix/*'
pull_request:
branches:
- main
- 'fix/*'

jobs:
health-check:
runs-on: ubuntu-latest

steps:
- name: 코드 체크아웃
- name: Checkout Code
uses: actions/checkout@v4

- name: Docker Compose 설정 검증
- name: Checkout Config Repository
uses: actions/checkout@v4
with:
repository: UruruLab/Ururu-AI-Config
path: config
token: ${{ secrets.PRIVATE_REPO_TOKEN }}

- name: Copy Config Files (.env files)
run: |
mkdir -p ./
cp config/.env* ./
echo "✅ Config files copied successfully"

- name: Verify Environment Files
run: |
echo "✅ Docker Compose 파일 구문 검증"
echo "📁 Checking copied environment files"
ls -la .env*
if [ -f ".env.development" ]; then
echo "✅ .env.development file exists"
else
echo "❌ .env.development file missing"
fi
if [ -f ".env.production" ]; then
echo "✅ .env.production file exists"
else
echo "❌ .env.production file missing"
fi

- name: Validate Docker Compose Configuration
run: |
echo "✅ Validating Docker Compose file syntax"
docker compose config --quiet
echo "✅ 개발환경 설정 검증"
docker compose -f docker-compose.development.yml config --quiet
echo "✅ 운영환경 설정 검증"
docker compose -f docker-compose.production.yml config --quiet
echo "✅ Validating development environment (using copied config files)"
ENVIRONMENT=development docker compose -f docker-compose.development.yml config --quiet
echo "✅ Validating production environment (using copied config files)"
ENVIRONMENT=production docker compose -f docker-compose.production.yml config --quiet

- name: Verify Environment Variable Bindings
run: |
echo "🔍 Verifying environment variable bindings"
echo "Development environment key variables:"
ENVIRONMENT=development docker compose -f docker-compose.development.yml config | grep -A 20 "environment:" | head -15 || true
echo ""
echo "Production environment key variables:"
ENVIRONMENT=production docker compose -f docker-compose.production.yml config | grep -A 20 "environment:" | head -15 || true

- name: 헬스체크 시뮬레이션
- name: Simulate Health Check
run: |
echo "🔍 AI 서비스 헬스체크 시뮬레이션"
echo "- 체크 대상: http://localhost:8000/health"
echo "- 예상 응답: {\"status\": \"healthy\", \"service\": \"ururu-ai-recommendation\"}"
echo "🔍 AI Service Health Check Simulation"
echo "- Target: http://localhost:8000/health"
echo "- Expected Response: {\"status\": \"healthy\", \"service\": \"ururu-ai-recommendation\"}"

echo "🔍 Spring Backend 연결 테스트 시뮬레이션"
echo "- 체크 대상: http://localhost:8080/health"
echo "- 실제 연결은 EC2 환경에서만 가능"
echo "🔍 Spring Backend Connection Test Simulation"
echo "- Target: http://localhost:8080/health"
echo "- Actual connection only available in EC2 environment"

- name: GitHub Container Registry 이미지 확인
- name: Check GitHub Container Registry Images
run: |
echo "📦 최신 Docker 이미지 확인"
echo "📦 Checking latest Docker images"
echo "- Registry: ghcr.io/${{ github.repository }}"
echo "- 최신 태그: latest, main, develop"
echo "- Latest tags: latest, main, develop"

- name: 헬스체크 보고서
- name: Generate Health Check Report
run: |
echo "📊 헬스체크 완료 보고서"
echo "✅ Docker Compose 설정 파일 정상"
echo "✅ 워크플로우 설정 정상"
echo "⚠️ 실제 서비스 상태는 EC2에서 별도 확인 필요"
echo "💡 EC2에서 실행: docker compose ps && docker compose logs"
echo "📊 Health Check Completion Report"
echo "✅ Docker Compose configuration files validated"
echo "✅ Config repository integration working"
echo "✅ Environment-specific configuration files verified"
echo "✅ Workflow configuration validated"
echo "️ Actual service status needs separate verification on EC2"
echo "Run on EC2: docker compose ps && docker compose logs"
Loading