refactor: 테스트용 secrets 임시 디렉토리 생성 후 삭제하도록 수정

taekkong · taekkong · commit af6966f285fd · 2025-10-02T02:55:59.000+09:00
diff --git a/.github/workflows/test-server-ci.yml b/.github/workflows/test-server-ci.yml
@@ -1,7 +1,6 @@
 # 워크플로우 이름
 name: Spring CI/CD Pipeline (Develop)
 
-# develop 브랜치 PR에서만 실행
 on:
   pull_request:
     branches:
@@ -15,41 +14,32 @@ on:
       - '.github/workflows/**'
 
 jobs:
-  # ==================================
-  # CI: Test and Build and Push Docker Image
-  # ==================================
   ci:
     runs-on: ubuntu-latest
     env:
       SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
 
-
-    # CI 작업이 실행되는 동안 RabbitMQ 서비스 컨테이너를 함께 실행
     services:
       rabbitmq:
         image: rabbitmq:3-management
         ports:
           - 5672:5672
-        # RabbitMQ가 완전히 준비될 때까지 기다리는 상태 확인 옵션
         options: >-
           --health-cmd "rabbitmq-diagnostics check_running"
           --health-interval 10s
           --health-timeout 5s
           --health-retries 5
 
     steps:
-      # 1. 소스 코드 체크아웃
       - name: Checkout source code
         uses: actions/checkout@v4
 
-      # 2. JDK 21 설치
       - name: Set up JDK 21
         uses: actions/setup-java@v4
         with:
           java-version: '21'
           distribution: 'temurin'
 
-      # 3. Gradle 캐시 설정
       - name: Cache Gradle packages
         uses: actions/cache@v4
         with:
@@ -60,21 +50,43 @@ jobs:
           restore-keys: |
             ${{ runner.os }}-gradle-
 
-      # 4. gradlew 실행 권한 부여
       - name: Grant execute permission for gradlew
         run: chmod +x ./gradlew
 
-      # 5. Gradle 테스트 실행
+      # ----------------------------------
+      # 1. 테스트용 임시 디렉토리 생성 + secrets yml 생성
+      # ----------------------------------
+      - name: Create temp directory for secrets
+        run: |
+          TMP_DIR=$(mktemp -d)
+          # application-secrets.yml
+          echo "${{ secrets.APPLICATION_SECRET_YML }}" > $TMP_DIR/application-secrets.yml
+          echo "OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}" >> $TMP_DIR/application-secrets.yml
+          echo "spring.cloud.aws.region.static: ${{ secrets.AWS_REGION }}" >> $TMP_DIR/application-secrets.yml
+          echo "spring.cloud.aws.credentials.access-key: ${{ secrets.AWS_ACCESS_KEY_ID }}" >> $TMP_DIR/application-secrets.yml
+          echo "spring.cloud.aws.credentials.secret-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}" >> $TMP_DIR/application-secrets.yml
+          echo "spring.cloud.aws.s3.bucket: ${{ secrets.AWS_S3_BUCKET_NAME }}" >> $TMP_DIR/application-secrets.yml
+          echo "spring.cloud.aws.stack.auto: false" >> $TMP_DIR/application-secrets.yml
+          echo "liveblocks.secret-key: ${{ secrets.LIVEBLOCKS_SECRET_KEY }}" >> $TMP_DIR/application-secrets.yml
+          # application-secrets-server.yml
+          echo "${{ secrets.APPLICATION_SECRET_SERVER_YML }}" > $TMP_DIR/application-secrets-server.yml
+          echo "OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}" >> $TMP_DIR/application-secrets-server.yml
+          echo "TMP_DIR=$TMP_DIR" >> $GITHUB_ENV
+
+      # ----------------------------------
+      # 2. Gradle 테스트 실행
+      # ----------------------------------
       - name: Test with Gradle
-        # 테스트 단계에서 RabbitMQ 연결을 위한 환경 변수 설정
         env:
           SPRING_RABBITMQ_HOST: localhost
           SPRING_RABBITMQ_PORT: 5672
           SPRING_RABBITMQ_USERNAME: guest
           SPRING_RABBITMQ_PASSWORD: guest
-        run: ./gradlew test
+        run: ./gradlew test -Dspring.config.additional-location=${TMP_DIR}/
 
-      # 6. 테스트 결과 요약 출력
+      # ----------------------------------
+      # 3. 테스트 결과 요약
+      # ----------------------------------
       - name: Show test results
         run: |
           echo "==== Test Results ===="
@@ -91,26 +103,29 @@ jobs:
             echo "No test results found."
           fi
 
-      # 7. Gradle 빌드 실행 (테스트 성공 시)
+      # ----------------------------------
+      # 4. 테스트용 secrets 임시 디렉토리 삭제
+      # ----------------------------------
+      - name: Remove temp secrets directory
+        run: rm -rf ${TMP_DIR}
+
+      # ----------------------------------
+      # 5. Gradle 빌드 (테스트 제외)
+      # ----------------------------------
       - name: Build with Gradle
         run: ./gradlew build -x test
 
-      # 8. GHCR 로그인
       - name: Log in to GHCR
         uses: docker/login-action@v2
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      # 9. Docker 이미지 빌드 & 푸시
       - name: Build & Push Docker Image
         run: |
           IMAGE_NAME=ghcr.io/${{ github.repository }}/zoopzoop
-          
-          docker build -t $IMAGE_NAME:${GITHUB_SHA} . 
+          docker build -t $IMAGE_NAME:${GITHUB_SHA} .
           docker tag $IMAGE_NAME:${GITHUB_SHA} $IMAGE_NAME:latest
-          
           docker push $IMAGE_NAME:${GITHUB_SHA}
           docker push $IMAGE_NAME:latest
-
