feat :Github actions 자동 배포 기능 구현

[pokerbearkr]

---

작업 내용

• github actions 자동 배포 구현
• jenkins 삭제 예정
• PR도 1명만 approve 하면 되게 변경예정

---

변경 사항

• 구현한 주요 로직, 클래스, 메서드 등을 bullet 형식으로 기술해주세요.
• 예)
  • UserService.createUser() 메서드 추가
  • @Email 유효성 검증 적용

---

트러블 슈팅

• 구현 중 마주한 문제와 해결 방법을 기술해주세요.
• 예)
  • 문제: @Transactional이 적용되지 않음
  • 해결: 메서드 호출 방식 변경 (this. → AopProxyUtils. 사용)

---

해결해야 할 문제

• 기능은 동작하지만 리팩토링이나 논의가 필요한 부분을 적어주세요.
• 예)D
  • UserController에서 비즈니스 로직 일부 처리 → 서비스로 이전 고려 필요

---

참고 사항

• 기타 공유하고 싶은 정보나 참고한 문서(링크 등)가 있다면 작성해주세요.

---

코드 리뷰 전 확인 체크리스트

• 불필요한 콘솔 로그, 주석 제거
• 커밋 메시지 컨벤션 준수 (type : )
• 기능 정상 동작 확인

Summary by CodeRabbit

• Chores
  • "main" 및 "dev" 브랜치에 푸시될 때 자동으로 배포가 실행되는 GitHub Actions 워크플로우가 추가되었습니다.

[coderabbitai]

Walkthrough

새로운 GitHub Actions 워크플로우 파일이 추가되었습니다. 이 워크플로우는 "main" 및 "dev" 브랜치에 푸시될 때 자동으로 실행되며, 원격 EC2 인스턴스에 SSH로 접속하여 지정된 배포 스크립트를 실행합니다.

Changes

파일/경로	변경 요약
.github/workflows/deploy.yml	자동 배포를 위한 GitHub Actions 워크플로우 신규 추가

Sequence Diagram(s)

sequenceDiagram
    participant Developer
    participant GitHub
    participant EC2

    Developer->>GitHub: main/dev 브랜치에 푸시
    GitHub->>GitHub Actions: CD 워크플로우 트리거
    GitHub Actions->>EC2: SSH로 접속 (Secrets 사용)
    EC2->>EC2: /home/ubuntu/backend로 이동 및 deploy-backend.sh 실행

Loading

Suggested labels

enhancement

Poem

🐇
코드가 푸시될 때마다
토끼는 춤을 추네
깃허브 액션이 깡총깡총
EC2로 날아가
배포 스크립트 실행하며
오늘도 평화로운 자동화의 들판!

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (2)

.github/workflows/deploy.yml (2)

18-20: 브랜치별로 다른 경로/스크립트를 실행하도록 분기 처리 고려

현재 main과 dev 모두 동일한 디렉터리 /home/ubuntu/backend 에서 ../deploy-backend.sh 를 실행합니다.
개발·운영 환경을 구분하지 않을 경우 스테이징 코드가 프로덕션에 그대로 반영될 수 있습니다.

      script: |
        if [ "${{ github.ref_name }}" = "main" ]; then
          cd /home/ubuntu/backend
          ../deploy-backend.sh prod
        else
          cd /home/ubuntu/backend-dev
          ../deploy-backend.sh dev
        fi

처럼 브랜치에 따라 디렉터리·파라미터를 분기하는 방안을 검토해 주세요.

---

7-9: 동시 배포 방지를 위한 concurrency 옵션 추가 추천

여러 커밋이 연달아 push 될 때 배포 job 이 중첩 실행되면 예상치 못한 상태가 발생할 수 있습니다.

  deploy:
    concurrency: deploy-${{ github.ref }}

를 추가하면 동일 브랜치 배포가 순차적으로 수행됩니다.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6061173 and 40bfb41.

📒 Files selected for processing (1)

• .github/workflows/deploy.yml (1 hunks)

🧰 Additional context used

🧠 Learnings (1)

📓 Common learnings

Learnt from: chat26666
PR: ezcode-my/backend#37
File: src/main/java/org/ezcode/codetest/infrastructure/elasticsearch/repository/ProblemElasticsearchRepositoryDsl.java:10-10
Timestamp: 2025-06-06T19:56:27.759Z
Learning: When user chat26666 mentions that code was implemented in a previous PR but explanation was missing, they may submit a follow-up PR just to add documentation/explanation without the actual implementation code.

🪛 actionlint (1.7.7)

.github/workflows/deploy.yml

11-11: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: build

[coderabbitai]

🛠️ Refactor suggestion

appleboy/ssh-action는 master 대신 버전 태그 또는 커밋 SHA로 고정하세요

master 브랜치에 의존하면 예기치 않은 breaking change 가 반영될 수 있습니다. 예:

-      - name: Deploy to EC2
-        uses: appleboy/ssh-action@master
+      - name: Deploy to EC2
+        uses: appleboy/[email protected]  # 예시: 실제 latest 안정 버전으로 교체

또한 known_hosts 또는 fingerprint 파라미터를 추가해 MITM 위험을 줄이시는 것을 권장드립니다.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	uses: appleboy/ssh-action@master
	with:
	host: ${{ secrets.EC2_HOST }}
	username: ubuntu
	key: ${{ secrets.EC2_SSH_KEY }}
	- name: Deploy to EC2
	uses: appleboy/[email protected] # 예시: 실제 latest 안정 버전으로 교체
	with:
	host: ${{ secrets.EC2_HOST }}
	username: ubuntu
	key: ${{ secrets.EC2_SSH_KEY }}

🤖 Prompt for AI Agents

In .github/workflows/deploy.yml around lines 13 to 17, replace the 'master'
reference for the appleboy/ssh-action with a specific version tag or commit SHA
to avoid unexpected breaking changes. Additionally, add the 'known_hosts' or
'fingerprint' parameter to the action configuration to reduce the risk of
man-in-the-middle attacks.

[coderabbitai]

💡 Verification agent

🧩 Analysis chain

actions/checkout 버전을 최신 v4로 고정하세요

v3 태그는 2023-10 이후 더 이상 보안 업데이트를 받지 않습니다. GitHub 공식 권장 사항은 메이저 버전을 올리고 SHA-pin 혹은 특정 태그로 고정하여 재현성을 확보하는 것입니다.

다음과 같이 수정 제안드립니다.

-      - uses: actions/checkout@v3
+      # checkout action 최신 버전 고정
+      - uses: actions/checkout@v4

---

최신 릴리스 정보를 확인하기 위해 다음 웹 검색을 수행해주세요:

---

🌐 Web query:

What is the latest version and release date of GitHub actions/checkout? Has actions/checkout@v3 received any security updates after October 2023?

💡 Result:

The latest version of actions/checkout is v4, as evidenced by multiple references encouraging or demonstrating its usage in workflows as of early 2025[4][7][10].

Regarding the specific timeline:

• The most recent explicit version reference found is v4.1.4 as mentioned in a February 2025 article[4], and several community threads suggest that v4 is now the standard.
• actions/checkout@v3 is considered outdated because it relies on Node.js 16, which has been deprecated by GitHub[7].

Security updates for actions/checkout@v3 after October 2023:

• There is no evidence in the search results of security updates to actions/checkout@v3 after October 2023.
• Instead, workflows and maintainers are being advised to move to v4 due to both deprecation of Node.js 16 and the general direction of GitHub Actions maintenance[7].
• The recommendation is clear: migrate to actions/checkout@v4 to avoid using older runtime environments and to benefit from ongoing security support[7].

Summary Table:

Version	Latest Known Release	Status	Security Updates After Oct 2023
actions/checkout@v3	2022–2023 era (no newer)	Deprecated, Node16 EOL[7]	None Found
actions/checkout@v4	v4.1.4 (as of Feb 2025)[4]	Latest, actively maintained	Yes

Recommendation:
Update all workflows to use actions/checkout@v4 to ensure continued security and compatibility with GitHub Actions' current infrastructure[7][4].

Citations:

• 1: https://github.blog/changelog/2024-04-16-deprecation-notice-v3-of-the-artifact-actions/
• 2: https://www.wiz.io/blog/github-actions-security-guide
• 3: https://cloud.google.com/bigquery/docs/release-notes
• 4: https://spacelift.io/blog/github-actions-checkout
• 5: https://github.com/orgs/community/discussions/151729
• 6: https://dev.to/phouchens/github-actions-using-a-aws-ecr-image-as-a-container-38g
• 7: [Github Actions] actions/checkout@v3 should be upgraded to v4 denoland/fresh#2285
• 8: Checkout@v3 hangs on exit forever causing the job to be stopped  actions/checkout#794
• 9: https://github.com/orgs/community/discussions/35410
• 10: https://github.com/marketplace/actions/github-actions-version-updater

---

actions/checkout 액션을 v4로 업그레이드하세요

현재 .github/workflows/deploy.yml 11행에서
actions/checkout@v3을 사용 중인데, v3은 Node.js 16 기반으로 2023년 10월 이후 더 이상 보안 업데이트를 받지 않습니다.
GitHub 공식 권장사항에 따라 최신 메이저 버전인 v4(현재 v4.1.4)를 사용해 주세요.

수정 위치:

• 파일: .github/workflows/deploy.yml
• 라인: 11

제안 변경사항:

-      - uses: actions/checkout@v3
+      # checkout action 최신 버전(v4) 고정
+      - uses: actions/checkout@v4

이렇게 변경하면 지속적인 보안 패치와 호환성을 보장할 수 있습니다.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	- uses: actions/checkout@v3
	# checkout action 최신 버전(v4) 고정
	- uses: actions/checkout@v4

🧰 Tools

🪛 actionlint (1.7.7)

11-11: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

🤖 Prompt for AI Agents

In .github/workflows/deploy.yml at line 11, update the GitHub Action version
from actions/checkout@v3 to actions/checkout@v4 to ensure ongoing security
updates and compatibility. Replace the version tag v3 with v4 in the uses field
on line 11.