Feat: 🎉 Staging서버 오픈 🎉

.github/workflows/ci-cd.yml

@@ -2,15 +2,15 @@ name: CI/CD — Backend (Build → Push → Deploy)
 
 on:
   push:
-    branches: [ dev ]
+    branches: [ dev, staging ]
   pull_request:
-    branches: [ dev ]
+    branches: [ dev, staging ]
   workflow_dispatch:
     inputs:
       tag:
-        description: "배포할 이미지 태그 (ex. release or <GIT_SHA>)"
+        description: "배포할 이미지 태그 (ex. dev or dev-SHORT_SHA)"
         required: false
-        default: "release"
+        default: "dev"
 
 concurrency:
   group: cicd-${{ github.ref_name }}
@@ -81,17 +81,32 @@ jobs:
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Build & Push image
+      - name: Decide tags by branch
+        if: github.event_name == 'push'
+        id: tags
+        shell: bash
+        run: |
+          REF="${{ github.ref_name }}"               # dev / staging
+          SHORT_SHA="${GITHUB_SHA::7}"
+          SAFE_REF=$(echo "$REF" | tr '[:upper:]' '[:lower:]' | sed -E 's#[^a-z0-9._-]+#-#g')
+          echo "channel=$SAFE_REF" >> $GITHUB_OUTPUT          # ex) dev, staging
+          echo "version=${SAFE_REF}-${SHORT_SHA}" >> $GITHUB_OUTPUT  # ex) dev-abc1234
+
+      - name: Build & Push (branch-tagged)
         if: github.event_name == 'push'
         run: |
-          GIT_SHA=${{ github.sha }}
-          docker build -f "${{ steps.df.outputs.path }}" -t $IMAGE:release -t $IMAGE:$GIT_SHA "${{ steps.df.outputs.ctx }}"
-          docker push $IMAGE:release
-          docker push $IMAGE:$GIT_SHA
+          CHAN=${{ steps.tags.outputs.channel }}   # dev | staging
+          VER=${{ steps.tags.outputs.version }}    # dev-<sha> | staging-<sha>
+          docker build -f "${{ steps.df.outputs.path }}" \
+            -t $IMAGE:$CHAN \
+            -t $IMAGE:$VER \
+            "${{ steps.df.outputs.ctx }}"
+          docker push $IMAGE:$CHAN
+          docker push $IMAGE:$VER
 
   deploy:
     needs: build-and-push
-    if: github.event_name == 'push' && (github.ref == 'refs/heads/dev') &&
+    if: github.event_name == 'push' && (github.ref == 'refs/heads/dev' || github.ref == 'refs/heads/staging') &&
       (needs.build-and-push.result == 'success')
       || (github.event_name == 'workflow_dispatch')
     runs-on: ubuntu-latest
@@ -103,7 +118,7 @@ jobs:
           if [ "${{ github.event_name }}" = "workflow_dispatch" ] && [ -n "${{ github.event.inputs.tag }}" ]; then
             echo "value=${{ github.event.inputs.tag }}" >> $GITHUB_OUTPUT
           else
-            echo "value=release" >> $GITHUB_OUTPUT
+            echo "value=${{ github.ref_name }}" >> $GITHUB_OUTPUT
           fi
 
       - name: Deploy
@@ -114,5 +129,10 @@ jobs:
           key: ${{ secrets.CD_SSH_KEY }}
           port: ${{ secrets.CD_PORT }}
           script: |
-            export DEPLOY_TAG='${{ steps.tag.outputs.value }}'
-            bash -lc '/srv/docsa/infra/deploy.sh'
+            if [ "${{ github.ref_name }}" = "staging" ]; then
+              export DEPLOY_TAG='${{ steps.tag.outputs.value }}'
+              bash -lc '/srv/docsa/infra/deploy.sh staging'
+            else
+              export DEPLOY_TAG='${{ steps.tag.outputs.value }}'
+              bash -lc '/srv/docsa/infra/deploy.sh dev'
+            fi

.gitignore

@@ -39,6 +39,7 @@ out/
 
 ### Secrets & Runtime
 infra/.env
+infra/*.env
 infra/**/*.env
 infra/certbot
 infra/mysql/exporter.cnf

infra/.env.example

@@ -5,6 +5,7 @@ SPRING_MAIL_PASSWORD=
 SPRING_DATASOURCE_URL=
 SPRING_DATASOURCE_USERNAME=
 SPRING_DATASOURCE_PASSWORD=
+DDL_AUTO=
 
 # ------------ SESSION/COOKIE ------------
 SESSION_COOKIE_NAME=

infra/deploy.sh

@@ -1,44 +1,88 @@
 #!/usr/bin/env bash
 set -euo pipefail
 
-cd /srv/docsa/infra
+# 사용법:
+#   /srv/docsa/infra/deploy.sh dev
+#   /srv/docsa/infra/deploy.sh staging
+# 환경변수(선택):
+#   DEPLOY_TAG       : 덮어쓸 이미지 태그(dev, dev-<sha>, staging, staging-<sha> 등)
+#   IMAGE_BASE       : GHCR 이미지 경로 (기본: ghcr.io/prgrms-web-devcourse-final-project/docsa-backend)
+#   SERVICE          : 배포할 서비스명 (기본 app)
+#   HEALTH_TIMEOUT   : 헬스 대기시간 초 (기본 120)
 
-# 특정 태그로 배포시 DEPLOY_TAG=...
-IMAGE_BASE="ghcr.io/prgrms-web-devcourse-final-project/docsa-backend"
-TAG="${DEPLOY_TAG:-}"      # 비어있으면 compose에 적힌 태그 사용
+TARGET="${1:-}"                             # ← dev 또는 staging 인자 필수
+if [[ "$TARGET" != "dev" && "$TARGET" != "staging" ]]; then
+  echo "Usage: $0 <dev|staging>"
+  exit 2
+fi
+
+IMAGE_BASE="${IMAGE_BASE:-ghcr.io/prgrms-web-devcourse-final-project/docsa-backend}"
+SERVICE="${SERVICE:-app}"
+HEALTH_TIMEOUT="${HEALTH_TIMEOUT:-120}"
+
+cd "$(dirname "$0")"
+ROOT="$(pwd)"
+
+# 타깃에 따라 compose/env 자동 선택
+if [[ "$TARGET" == "dev" ]]; then
+  COMPOSE_FILE="$ROOT/docker-compose.yml"
+  ENV_FILE="$ROOT/.env"
+else
+  COMPOSE_FILE="$ROOT/docker-compose.stg.yml"
+  ENV_FILE="$ROOT/.stg.env"
+fi
+
+TAG="${DEPLOY_TAG:-$TARGET}"               # ← 기본은 채널 태그(dev|staging), 입력 있으면 우선
+
+# 임시 override 파일로 이미지 태그만 덮어쓰기
 OVR=""
 if [[ -n "$TAG" ]]; then
-  OVR="docker-compose.override.deploy.yml"
+  OVR="$ROOT/docker-compose.override.deploy.yml"
   cat > "$OVR" <<EOF
 services:
-  app:
+  ${SERVICE}:
     image: ${IMAGE_BASE}:${TAG}
 EOF
 fi
 
-FILES=(-f docker-compose.yml)
-[[ -n "$OVR" ]] && FILES+=(-f "$OVR")
+# docker compose 인자 구성 (-p로 프로젝트 격리, --env-file로 env 명시)
+ARGS=(-f "$COMPOSE_FILE")
+[[ -n "$OVR" ]] && ARGS+=(-f "$OVR")
+ARGS+=(--env-file "$ENV_FILE")
+
+echo "[deploy] target=$TARGET tag=$TAG"
+echo "[deploy] compose=$COMPOSE_FILE env=$ENV_FILE service=$SERVICE"
+
+# 1) 유효성 검사(문법/치환 확인)
+docker compose "${ARGS[@]}" config >/dev/null
 
-# 최신 이미지 받고 교체
-docker compose "${FILES[@]}" pull app
-docker compose "${FILES[@]}" up -d app
+# 2) 이미지 풀 + 대상 서비스만 업데이트
+docker compose "${ARGS[@]}" pull "$SERVICE" || true
+docker compose "${ARGS[@]}" up -d "$SERVICE"
 
-# 헬스체크 대기 (최대 120s)
-echo -n "Waiting for app (docsa-app) to be healthy"
+# 3) 컨테이너 ID를 compose로 조회(이름 하드코딩 회피)
+CID="$(docker compose "${ARGS[@]}" ps -q "$SERVICE" | tail -n1 || true)"
+if [[ -z "$CID" ]]; then
+  echo "No container found for service '$SERVICE' (project $PROJECT)"; exit 1
+fi
+
+# 4) 헬스체크 대기
+echo -n "Waiting for $SERVICE to be healthy"
 ok=0
-for i in {1..60}; do
-  status="$(docker inspect -f '{{.State.Health.Status}}' docsa-app 2>/dev/null || echo none)"
-  if [[ "$status" == "healthy" ]]; then ok=1; echo -e "\nApp healthy"; break; fi
+ITER=$(( HEALTH_TIMEOUT / 2 ))
+for _ in $(seq 1 "$ITER"); do
+  status="$(docker inspect -f '{{.State.Health.Status}}' "$CID" 2>/dev/null || echo none)"
+  if [[ "$status" == "healthy" ]]; then ok=1; echo -e "\n$SERVICE healthy"; break; fi
   sleep 2; echo -n "."
 done
 
-# 임시 override 제거 & 청소
-[[ -n "$OVR" ]] && rm -f "$OVR"
+# 5) 임시 override 청소 + 이미지 정리
+[[ -n "$OVR" ]] && rm -f "$OVR" || true
 docker image prune -f >/dev/null 2>&1 || true
 
-# 실패 처리
+# 6) 실패 시 로그 출력 후 종료
 if [[ $ok -eq 0 ]]; then
-  echo -e "\nApp failed to become healthy (status=$status)"
-  docker logs --tail=200 docsa-app || true
+  echo -e "\n$SERVICE failed to become healthy (status=${status:-unknown})"
+  docker logs --tail=200 "$CID" || true
   exit 1
-fi
+fi