41 refactor: task_definition healthCheck 설정 변경 #40
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Terraform Plan (sandbox) | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - sandbox | |
| jobs: | |
| terraform-plan: | |
| runs-on: ubuntu-latest | |
| env: | |
| TF_CLI_CONFIG_FILE: /home/runner/.terraformrc | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v3 | |
| with: | |
| terraform_version: 1.11.2 | |
| - name: Prepare Terraform plugin cache dir | |
| run: mkdir -p /home/runner/.terraform.d/plugin-cache | |
| - name: Configure Terraform plugin cache | |
| run: | | |
| cat <<EOF > /home/runner/.terraformrc | |
| plugin_cache_dir = "/home/runner/.terraform.d/plugin-cache" | |
| EOF | |
| - name: Cache Terraform | |
| uses: actions/cache@v4 | |
| with: | |
| path: /home/runner/.terraform.d/plugin-cache | |
| key: terraform-${{ runner.os }}-${{ hashFiles('**/.terraform.lock.hcl') }} | |
| restore-keys: | | |
| terraform-${{ runner.os }}- | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ap-northeast-2 | |
| - name: Setup AWS Profile | |
| run: | | |
| aws configure set aws_access_key_id ${{ secrets.AWS_ACCESS_KEY_ID }} --profile sandbox-nomoney | |
| aws configure set aws_secret_access_key ${{ secrets.AWS_SECRET_ACCESS_KEY }} --profile sandbox-nomoney | |
| aws configure set region ap-northeast-2 --profile sandbox-nomoney | |
| - name: Create sandbox tfvars | |
| run: | | |
| cat > sandbox.tfvars << 'EOF' | |
| environment = "sandbox" | |
| enable_sandbox = true | |
| aws_region = "ap-northeast-2" | |
| aws_profile = "sandbox-nomoney" | |
| instance_type = "t3.micro" | |
| ecs_desired_capacity = 1 | |
| ecs_min_size = 1 | |
| ecs_max_size = 1 | |
| ssh_ingress_cidrs = ["0.0.0.0/0"] | |
| app_ingress_cidrs = ["0.0.0.0/0"] | |
| container_image_tag = "bootstrap" | |
| container_port = 8080 | |
| EOF | |
| - name: Terraform Init | |
| run: | | |
| terraform init \ | |
| -backend-config="backend/backend-sandbox.hcl" \ | |
| -reconfigure | |
| - name: Terraform Plan | |
| run: | | |
| terraform plan \ | |
| -var-file="sandbox.tfvars" \ | |
| -no-color | tee plan.txt | |
| - name: Extract Plan Summary | |
| if: always() | |
| run: | | |
| echo "PLAN_ADD=$(grep -c 'will be created' plan.txt || true)" >> $GITHUB_ENV | |
| echo "PLAN_CHANGE=$(grep -c 'will be updated' plan.txt || true)" >> $GITHUB_ENV | |
| echo "PLAN_DESTROY=$(grep -c 'will be destroyed' plan.txt || true)" >> $GITHUB_ENV | |
| # 항상 Summary 기록 | |
| - name: Plan Summary | |
| if: always() | |
| run: | | |
| echo "## Terraform Plan (sandbox)" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "- Branch: sandbox" >> $GITHUB_STEP_SUMMARY | |
| echo "- Commit: ${{ github.sha }}" >> $GITHUB_STEP_SUMMARY | |
| echo "- Status: ${{ job.status }}" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "### Change Summary" >> $GITHUB_STEP_SUMMARY | |
| echo "- ➕ Add: ${PLAN_ADD:-0}" >> $GITHUB_STEP_SUMMARY | |
| echo "- 🔄 Change: ${PLAN_CHANGE:-0}" >> $GITHUB_STEP_SUMMARY | |
| echo "- ❌ Destroy: ${PLAN_DESTROY:-0}" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "<details><summary>📄 Full Terraform Plan</summary>" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo '```terraform' >> $GITHUB_STEP_SUMMARY | |
| sed -n '1,300p' plan.txt >> $GITHUB_STEP_SUMMARY | |
| echo '```' >> $GITHUB_STEP_SUMMARY | |
| echo "</details>" >> $GITHUB_STEP_SUMMARY | |
| # ✅ Plan 성공 → 동일한 스레드 이름 사용 | |
| - name: Send Discord Notification (Plan Success) | |
| if: success() | |
| env: | |
| DISCORD_WEBHOOK_URL: ${{ secrets.DISCORD_WEBHOOK_URL }} | |
| run: | | |
| if [ -n "$DISCORD_WEBHOOK_URL" ]; then | |
| FULL_SHA="${GITHUB_SHA}" | |
| APPLY_URL="${{ github.server_url }}/${{ github.repository }}/actions/workflows/terraform-apply-sandbox.yml" | |
| THREAD_NAME="[sandbox] Terraform Plan 성공" | |
| MESSAGE="**Terraform Plan (sandbox) 완료**\n\n- Branch: sandbox\n- Commit: ${FULL_SHA}\n\n👉 Apply 실행\n${APPLY_URL}\n- Workflow:\n${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" | |
| curl -X POST "$DISCORD_WEBHOOK_URL" \ | |
| -H "Content-Type: application/json" \ | |
| -d "{\"content\": \"$MESSAGE\", \"thread_name\": \"$THREAD_NAME\"}" | |
| fi | |
| # ❌ Plan 실패 → 스레드 이름은 동일, 메시지만 실패 표시 | |
| - name: Send Discord Notification (Plan Failure) | |
| if: failure() | |
| env: | |
| DISCORD_WEBHOOK_URL: ${{ secrets.DISCORD_WEBHOOK_URL }} | |
| run: | | |
| if [ -n "$DISCORD_WEBHOOK_URL" ]; then | |
| THREAD_NAME="❌ [sandbox] Terraform Plan 실패" | |
| MESSAGE="❌ **Terraform Plan (sandbox) 실패**\n\n- Branch: sandbox\n- Commit: ${{ github.sha }}\n- Workflow: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" | |
| curl -X POST "$DISCORD_WEBHOOK_URL" \ | |
| -H "Content-Type: application/json" \ | |
| -d "{\"content\": \"$MESSAGE\", \"thread_name\": \"$THREAD_NAME\"}" | |
| fi |