1414
1515jobs :
1616 tests :
17- strategy :
18- fail-fast : false
19- matrix :
20- os : [ ubuntu-latest ]
21- include :
22- - os : ubuntu-latest
23- gradle_cmd : " ./gradlew"
24- report_path : " backend/build/reports/tests"
25- domain_tasks : " testUser testExchange testTrade_log testWallet testCoin"
26-
27- runs-on : ${{ matrix.os }}
17+ runs-on : ubuntu-latest
2818 env :
19+ # 테스트 환경 설정
2920 SPRING_PROFILES_ACTIVE : test-ci
21+ # JWT 설정 (보안상 중요하므로 환경변수 처리)
22+ CUSTOM_JWT_SECRET_KEY : test-secret-key-for-ci-testing-only-minimum-32-characters-required
23+ CUSTOM_JWT_ACCESS_TOKEN_EXPIRATION_SECONDS : 3600
3024
31- # ✅ Redis 서비스 추가
3225 services :
3326 redis :
3427 image : redis:7-alpine
@@ -39,72 +32,59 @@ jobs:
3932 --health-interval 10s
4033 --health-timeout 5s
4134 --health-retries 5
42- env :
43- REDIS_PASSWORD : " "
4435
4536steps :
4637 - uses : actions/checkout@v4
38+
4739 - name : Set up JDK 21
4840 uses : actions/setup-java@v4
4941 with :
5042 java-version : ' 21'
5143 distribution : ' temurin'
5244 cache : gradle
5345
54- # ✅ gradlew 실행 권한 부여
5546 - name : Grant execute permission for gradlew
5647 run : chmod +x backend/gradlew
5748
58- # ✅ Redis 연결 테스트
5949 - name : Test Redis connection
6050 run : |
6151 echo "Testing Redis connection..."
6252 timeout 10s bash -c 'until printf "" 2>>/dev/null >>/dev/tcp/localhost/6379; do sleep 1; done'
6353 echo "Redis is ready!"
6454
65- # ✅ application-test.yml에서 사용하는 모든 환경변수를 .env 파일에 생성
66- - name : Create test .env file
67- working-directory : backend
68- run : |
69- cat > .env << 'EOF'
70- # Datasource 설정 (application-test.yml에서 참조)
71- TEST_DATASOURCE_URL=jdbc:h2:mem:db_test;MODE=MySQL
72- TEST_DATASOURCE_USERNAME=sa
73- TEST_DATASOURCE_PASSWORD=
74- TEST_DATASOURCE_DRIVER=org.h2.Driver
75-
76- # JPA 설정 (application-test.yml에서 참조)
77- TEST_JPA_HIBERNATE_DDL_AUTO=create-drop
78-
79- # Redis 설정 (application-test.yml에서 참조, GitHub Actions 서비스 사용)
80- TEST_REDIS_HOST=localhost
81- TEST_REDIS_PORT=6379
82- TEST_REDIS_PASSWORD=
83-
84- # CI/CD 환경에서는 Embedded Redis 끄기
85- SPRING_DATA_REDIS_EMBEDDED=false
86-
87- # JWT 설정 (application-test.yml에서 참조)
88- CUSTOM_JWT_SECRET_KEY=${{ secrets.JWT_SECRET_KEY }}
89- CUSTOM_JWT_ACCESS_TOKEN_EXPIRATION_SECONDS=3600
90- EOF
91-
92- name : Run unit, and domain tests
93- run : ${{ matrix.gradle_cmd }} clean test
55+ name : Run tests
56+ run : ./gradlew clean test
9457 working-directory : backend
9558
9659 - name : Upload Test Reports
9760 if : always()
9861 uses : actions/upload-artifact@v4
9962 with :
100- name : test-reports-${{ matrix.os }}
101- path : ${{ matrix.report_path }}
63+ name : test-reports
64+ path : backend/build/reports/tests
10265 retention-days : 7
10366
10467 build-artifacts :
10568 needs : tests
10669 runs-on : ubuntu-latest
107- if : github.ref == 'refs/heads/main' # ✅ main 브랜치일 때만 실행
70+ if : github.ref == 'refs/heads/main'
71+ env :
72+ # 빌드용 최소 환경변수 (컴파일 시 @Value 바인딩용)
73+ SPRING_PROFILES_ACTIVE : prod
74+ CUSTOM_JWT_SECRET_KEY : build-secret-key-for-compilation-only-minimum-32-characters-required
75+ CUSTOM_JWT_ACCESS_TOKEN_EXPIRATION_SECONDS : 3600
76+ # 빌드 시 필요한 더미 값들
77+ 78+ send_email_password : build-password
79+ send_email_address :
[email protected] 80+ PROD_DATASOURCE_URL : jdbc:mysql://localhost:3306/dummy
81+ PROD_DATASOURCE_DRIVER : com.mysql.cj.jdbc.Driver
82+ PROD_DATASOURCE_USERNAME : dummy
83+ PROD_DATASOURCE_PASSWORD : dummy
84+ PROD_JPA_HIBERNATE_DDL_AUTO : validate
85+ PROD_REDIS_HOST : localhost
86+ PROD_REDIS_PORT : 6379
87+ PROD_REDIS_PASSWORD : dummy
10888
10989 steps :
11090 - uses : actions/checkout@v4
@@ -115,20 +95,9 @@ jobs:
11595 java-version : 21
11696 cache : gradle
11797
118- # ✅ gradlew 실행 권한 부여
11998 - name : Grant execute permission for gradlew
12099 run : chmod +x backend/gradlew
121100
122- # ✅ 빌드용 .env 파일 생성 (Configuration Properties 바인딩용 최소 환경변수만)
123- - name : Create build .env file
124- working-directory : backend
125- run : |
126- cat > .env << 'EOF'
127- # JWT Configuration Properties 바인딩용 (빌드 시 필요)
128- CUSTOM_JWT_SECRET_KEY=${{ secrets.JWT_SECRET_KEY }}
129- CUSTOM_JWT_ACCESS_TOKEN_EXPIRATION_SECONDS=3600
130- EOF
131-
132101 - name : Gradle bootJar
133102 working-directory : backend
134103 run : ./gradlew --no-daemon clean bootJar -x test
@@ -148,7 +117,7 @@ jobs:
148117 docker-build :
149118 needs : build-artifacts
150119 runs-on : ubuntu-latest
151- if : github.ref == 'refs/heads/main' # ✅ main 브랜치일 때만 실행
120+ if : github.ref == 'refs/heads/main'
152121 env :
153122 REGISTRY : ghcr.io
154123
@@ -173,7 +142,7 @@ jobs:
173142 username : ${{ github.actor }}
174143 password : ${{ secrets.GITHUB_TOKEN }}
175144
176- - name : Build & push backend (runtime-only)
145+ - name : Build & push backend
177146 uses : docker/build-push-action@v6
178147 with :
179148 context : backend
@@ -184,10 +153,11 @@ jobs:
184153 ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/balaw:latest
185154cache-from : type=gha
186155 cache-to : type=gha,mode=max
156+
187157 deploy :
188158 needs : docker-build
189159 runs-on : ubuntu-latest
190- if : github.ref == 'refs/heads/main' # ✅ main 브랜치일 때만 실행
160+ if : github.ref == 'refs/heads/main'
191161 env :
192162 DOCKER_IMAGE_NAME : balaw
193163 REGISTRY : ghcr.io
@@ -197,19 +167,6 @@ jobs:
197167 run : |
198168 echo "IMAGE_PREFIX=$(echo $GITHUB_REPOSITORY | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV
199169
200- name : Create prod .env file
201- run : |
202- cat > .env << 'EOF'
203- SPRING_PROFILES_ACTIVE=prod
204- PROD_DATASOURCE_URL=jdbc:mysql://mysql_1:3306/${{ secrets.DB_NAME }}
205- PROD_DATASOURCE_USERNAME=${{ secrets.DB_USER }}
206- PROD_DATASOURCE_PASSWORD=${{ secrets.DB_PASSWORD }}
207-
208- PROD_REDIS_HOST=redis_1
209- PROD_REDIS_PORT=6379
210- PROD_REDIS_PASSWORD=${{ secrets.REDIS_PASSWORD }}
211- EOF
212-
213170name : AWS SSM Send-Command
214171 uses : peterkimzz/aws-ssm-send-command@master
215172 id : ssm
@@ -221,27 +178,34 @@ jobs:
221178 working-directory : /
222179 comment : Deploy
223180 command : |
224- # EC2 내부에서 prod.env 파일 생성
181+ # EC2에서 실제 운영 환경변수로 prod.env 파일 생성
225182 cat > /home/ec2-user/prod.env << 'EOF'
226183 SPRING_PROFILES_ACTIVE=prod
227-
184+
185+ # JWT 설정 (GitHub Secrets에서 가져옴)
228186 CUSTOM_JWT_SECRET_KEY=${{ secrets.JWT_SECRET_KEY }}
229187 CUSTOM_JWT_ACCESS_TOKEN_EXPIRATION_SECONDS=3600
230188
189+ # 데이터베이스 설정 (GitHub Secrets에서 가져옴)
231190 PROD_DATASOURCE_URL=jdbc:mysql://mysql_1:3306/${{ secrets.DB_NAME }}?useSSL=false&allowPublicKeyRetrieval=true&serverTimezone=Asia/Seoul
232191 PROD_DATASOURCE_DRIVER=com.mysql.cj.jdbc.Driver
233192 PROD_DATASOURCE_USERNAME=root
234193 PROD_DATASOURCE_PASSWORD=${{ secrets.DB_PASSWORD }}
235-
194+ PROD_JPA_HIBERNATE_DDL_AUTO=validate
195+
196+ # Redis 설정 (GitHub Secrets에서 가져옴)
236197 PROD_REDIS_HOST=redis_1
237198 PROD_REDIS_PORT=6379
238199 PROD_REDIS_PASSWORD=${{ secrets.REDIS_PASSWORD }}
200+
201+ # 이메일 설정 (GitHub Secrets에서 가져옴)
202+ email_address=${{ secrets.EMAIL_ADDRESS }}
203+ send_email_password=${{ secrets.EMAIL_PASSWORD }}
204+ send_email_address=${{ secrets.SEND_EMAIL_ADDRESS }}
239205 EOF
240206
241- # EC2에서 GHCR 로그인
207+ # GHCR 로그인 및 컨테이너 배포
242208 echo "${{ secrets.GHCR_PAT }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
243-
244- # 최신 이미지 pull & 컨테이너 실행
245209 docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/${{ env.DOCKER_IMAGE_NAME }}:latest
246210 docker stop app1 2>/dev/null || true
247211 docker rm app1 2>/dev/null || true
@@ -251,6 +215,6 @@ jobs:
251215 -p 8080:8080 \
252216 ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/${{ env.DOCKER_IMAGE_NAME }}:latest
253217
254- # dangling image 정리 + .env 삭제
218+ # 정리
255219 docker rmi $(docker images -f "dangling=true" -q) || true
256220 rm -f /home/ec2-user/prod.env
0 commit comments