Skip to content

Infra 349: 새로운 GCP 계정으로 이전 #350

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
soun997 merged 5 commits into from
Nov 24, 2025
Merged

Infra 349: 새로운 GCP 계정으로 이전 #350

soun997 merged 5 commits into from
Nov 24, 2025

Conversation

@soun997
Copy link
Contributor

@soun997 soun997 commented Nov 24, 2025
edited
Loading

이슈 번호 (#349)

요약

  • 새로운 GCP 계정으로 이전
  • 클라우드 아키텍처 재구성 -> 기존 프로젝트 스크립트, 프로퍼티 수정

변경사항

GCP ADC 사용 및 관리 포인트 제거

이전에는 애플리케이션 서버에 GCP Credential 파일을 포함해줘야 했음

  • 세부적으로 권한 설정이 가능하다는 장점, 그러나 관리 포인트 증가 (파일 관리, 환경변수 세팅 등...)

ADC(Application Default Credentials)를 사용하면 그럴 필요 없음, GCP Project 내부에 있는 리소스(VM, Storage 등)는 자동으로 ADC를 Inject 받기 때문

Credential을 노출하지 않기 때문에 GCP 플랫폼을 사용할 때는 해당 방식을 사용하는 것이 보안적으로 좋아보임 (Credential JSON 파일을 지양하라는 레퍼런스)

# as-is
    gcp:
      storage:
        credentials:
          location: ${GCP_CREDENTIAL_LOCATION}
        project-id: ${GCP_PROJECT_ID}
        bucket: ${GCP_BUCKET_NAME}
# to-be
    gcp:
      storage:
        bucket: ${GCP_BUCKET_NAME}
// as-is
	@Bean
	public Storage storage() throws IOException {
		InputStream keyFile = ResourceUtils.getURL(keyFileName).openStream();

		return StorageOptions.newBuilder()
				.setCredentials(GoogleCredentials.fromStream(keyFile))
				.build()
				.getService();
	}
// to-be
	@Bean
	public Storage storage() throws IOException {
		return StorageOptions.getDefaultInstance().getService();
	}

로컬에서 Storage에 대한 권한이 필요한 경우에는 gcloud 명령을 사용해 로그인해주면 됨

gcloud auth login

@soun997 soun997 self-assigned this Nov 24, 2025
@soun997 soun997 added the infra 인프라 관련 이슈 label Nov 24, 2025
@soun997 soun997 linked an issue Nov 24, 2025 that may be closed by this pull request
[Infra] 새로운 GCP 계정으로 이전 #349
Closed
3 tasks
github-actions[bot]
github-actions bot reviewed Nov 24, 2025
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

github-actions[bot]
github-actions bot reviewed Nov 24, 2025
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

@soun997 soun997 merged commit 497aeed into develop Nov 24, 2025
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

Assignees

@soun997 soun997

Labels

infra 인프라 관련 이슈

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Infra] 새로운 GCP 계정으로 이전

2 participants

@soun997