From 8b8cf81455474208cee1aaa460684e3c99903f00 Mon Sep 17 00:00:00 2001 From: taekyung Date: Sat, 4 Oct 2025 11:59:24 +0900 Subject: [PATCH 1/9] =?UTF-8?q?refactor:=20=EB=B9=8C=EB=93=9C=20=EC=A0=84?= =?UTF-8?q?=20secrets.yml=20=ED=8C=8C=EC=9D=BC=20=EC=82=AD=EC=A0=9C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/test-server-ci.yml | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/.github/workflows/test-server-ci.yml b/.github/workflows/test-server-ci.yml index 14655ca7..c10278d8 100644 --- a/.github/workflows/test-server-ci.yml +++ b/.github/workflows/test-server-ci.yml @@ -113,14 +113,12 @@ jobs: echo "No test results found." fi - # 8-1. S3 자격 증명 제거 (빌드 전에만) - - name: Remove only S3 credentials before building + # 8-1. secrets 파일 완전 삭제 + - name: Remove secrets files before building run: | - CONFIG_FILE="src/main/resources/application-secrets.yml" - sed -i '/spring.cloud.aws.credentials.access-key/d' $CONFIG_FILE - sed -i '/spring.cloud.aws.credentials.secret-key/d' $CONFIG_FILE - sed -i '/spring.cloud.aws.region.static/d' $CONFIG_FILE - sed -i '/spring.cloud.aws.stack.auto/d' $CONFIG_FILE + rm -f src/main/resources/application-secrets.yml + rm -f src/main/resources/application-secrets-server.yml + echo "Secrets files removed for build" # 9. Gradle 빌드 실행 (테스트 성공 시) - name: Build with Gradle From d225f2fc5f35bed3c9992e1d7ca69f777389ff7e Mon Sep 17 00:00:00 2001 From: taekyung Date: Sat, 4 Oct 2025 17:02:25 +0900 Subject: [PATCH 2/9] =?UTF-8?q?refactor=20:=20=ED=85=8C=EC=8A=A4=ED=8A=B8?= =?UTF-8?q?=20=EC=84=9C=EB=B2=84=20=ED=99=98=EA=B2=BD=EB=B3=80=EC=88=98=20?= =?UTF-8?q?=EC=A3=BC=EC=9E=85=20=EC=84=A4=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/test-server-cd.yml | 33 +++++++++++++++++++++++ src/main/resources/application-server.yml | 20 +++++++------- src/main/resources/application.yml | 20 +++++++++++++- 3 files changed, 63 insertions(+), 10 deletions(-) diff --git a/.github/workflows/test-server-cd.yml b/.github/workflows/test-server-cd.yml index 4162dd05..08b164b1 100644 --- a/.github/workflows/test-server-cd.yml +++ b/.github/workflows/test-server-cd.yml @@ -59,12 +59,45 @@ jobs: -p $NEW_PORT:8080 \ --name $NEW_CONTAINER \ --network common \ +<<<<<<< HEAD +======= + -e SPRING_PROFILES_ACTIVE=server \ + # DB +>>>>>>> 09b4d42 (refactor : 테스트 서버 환경변수 주입 설정) -e SPRING_DATASOURCE_URL="${{secrets.TEST_DB_URL}}" \ -e SPRING_DATASOURCE_USERNAME="${{secrets.TEST_DB_USERNAME}}" \ -e SPRING_DATASOURCE_PASSWORD="${{secrets.TEST_DB_PASSWORD}}" \ + # AWS + -e aws.access-key="${{secrets.AWS_ACCESS_KEY_ID}}" \ + -e aws.secret-key="${{secrets.AWS_SECRET_ACCESS_KEY}}" \ + -e aws.bucket="${{secrets.AWS_S3_BUCKET_NAME}}" \ + # RabbitMQ -e SPRING_RABBITMQ_HOST="${{secrets.TEST_RABBITMQ_HOST}}" \ -e SPRING_RABBITMQ_USERNAME="${{secrets.TEST_RABBITMQ_USERNAME}}" \ -e SPRING_RABBITMQ_PASSWORD="${{secrets.TEST_RABBITMQ_PASSWORD}}" \ + # Redis + -e redis-password-test="${{secrets.TEST_REDIS_PASSWORD}}" \ + # OAuth2 + -e kakao.client-id="${{secrets.OAUTH_KAKAO_CLIENT_ID}}" \ + -e google.client-id="${{secrets.OAUTH_GOOGLE_CLIENT_ID}}" \ + -e google.client-secret="${{secrets.OAUTH_GOOGLE_CLIENT_SECRET}}" \ + -e KAKAO_REDIRECT_URI="${{TEST_OAUTH_KAKAO_REDIRECT_URI}}" \ + -e GOOGLE_REDIRECT_URI="${{TEST_OAUTH_GOOGLE_REDIRECT_URI}}" \ + # Sentry + -e sentry-dsn="${{secrets.SENTRY_DSN}}" \ + # OpenAI + -e OPENAI_API_KEY="${{secrets.OPENAI_API_KEY}}" \ + # Liveblocks + -e liveblocks-secret-key="${{secrets.LIVEBLOCKS_SECRET_KEY}}" \ + # naver + -e NAVER_CLIENT_ID="${{secrets.NAVER_CLIENT_ID}}" \ + -e NAVER_CLIENT_SECRET="${{secrets.NAVER_CLIENT_SECRET}}" \ + # JWT + -e JWT_SECRET_KEY="${{secrets.JWT_SECRET_KEY}}" \ + -e JWT_ACCESS_TOKEN_VALIDITY="${{secrets.JWT_ACCESS_TOKEN_VALIDITY}}" \ + -e JWT_REFRESH_TOKEN_VALIDITY="${{secrets.JWT_REFRESH_TOKEN_VALIDITY}}" \ + # Front + -e front.redirect_domain="${{secrets.FRONT_REDIRECT_DOMAIN}}" \ ghcr.io/${{ github.repository }}/zoopzoop:latest # 헬스체크 diff --git a/src/main/resources/application-server.yml b/src/main/resources/application-server.yml index 30b1df91..17f8224c 100644 --- a/src/main/resources/application-server.yml +++ b/src/main/resources/application-server.yml @@ -20,17 +20,19 @@ spring: time-to-live: 300000 cache-null-values: false -management: - endpoints: - web: - exposure: - include: health,info - endpoint: - health: - show-details: always + security: + oauth2: + client: + registration: + kakao: + redirect-uri: ${KAKAO_REDIRECT_URI} + google: + redirect-uri: ${GOOGLE_REDIRECT_URI} + +front: + redirect_domain: ${FRONT_REDIRECT_DOMAIN} sentry: - dsn: https://60f1acad189d2994353d59b7895076ee@o4510100579155968.ingest.us.sentry.io/4510100584923136 # Add data like request headers and IP for users, # see https://docs.sentry.io/platforms/java/guides/spring-boot/data-management/data-collected/ for more info send-default-pii: true diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index b730aec3..d889c5a5 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -73,4 +73,22 @@ server: app: seed: - enabled: true \ No newline at end of file + enabled: true + +management: + endpoints: + web: + exposure: + include: health,info + endpoint: + health: + show-details: always + +sentry: #Sentry 모니터렁 기본 설정. + dsn: ${sentry-dsn} + +jwt: + secret-key: ${JWT_SECRET_KEY} + access-token-validity: ${JWT_ACCESS_TOKEN_VALIDITY} + refresh-token-validity: ${JWT_REFRESH_TOKEN_VALIDITY} + From 57d7a4336a3fefbe651e8bc6b5c41188f0a8caa7 Mon Sep 17 00:00:00 2001 From: taekyung Date: Sat, 4 Oct 2025 20:12:11 +0900 Subject: [PATCH 3/9] =?UTF-8?q?refactor=20:=20=EC=9A=B4=EC=98=81=EC=84=9C?= =?UTF-8?q?=EB=B2=84=20=ED=99=98=EA=B2=BD=EB=B3=80=EC=88=98=20=EC=A3=BC?= =?UTF-8?q?=EC=9E=85=20=EC=84=A4=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/prod-server.yml | 29 +++++++++++++++++++++++ .github/workflows/test-server-cd.yml | 4 ---- src/main/resources/application-server.yml | 4 ++-- src/main/resources/application.yml | 1 + 4 files changed, 32 insertions(+), 6 deletions(-) diff --git a/.github/workflows/prod-server.yml b/.github/workflows/prod-server.yml index d4062802..43c7b8f0 100644 --- a/.github/workflows/prod-server.yml +++ b/.github/workflows/prod-server.yml @@ -82,12 +82,41 @@ jobs: -p $NEW_PORT:8080 \ --name $NEW_CONTAINER \ --network common \ + -e SPRING_PROFILES_ACTIVE=server \ -e SPRING_DATASOURCE_URL="${{secrets.PROD_DB_URL}}" \ -e SPRING_DATASOURCE_USERNAME="${{secrets.PROD_DB_USERNAME}}" \ -e SPRING_DATASOURCE_PASSWORD="${{secrets.PROD_DB_PASSWORD}}" \ + # AWS + -e aws.access-key="${{secrets.AWS_ACCESS_KEY_ID}}" \ + -e aws.secret-key="${{secrets.AWS_SECRET_ACCESS_KEY}}" \ + -e aws.bucket="${{secrets.AWS_S3_BUCKET_NAME}}" \ + # RabbitMQ -e SPRING_RABBITMQ_HOST="${{secrets.PROD_RABBITMQ_HOST}}" \ -e SPRING_RABBITMQ_USERNAME="${{secrets.PROD_RABBITMQ_USERNAME}}" \ -e SPRING_RABBITMQ_PASSWORD="${{secrets.PROD_RABBITMQ_PASSWORD}}" \ + # Redis + -e redis-password="${{secrets.PROD_REDIS_PASSWORD}}" \ + # OAuth2 + -e kakao.client-id="${{secrets.OAUTH_KAKAO_CLIENT_ID}}" \ + -e google.client-id="${{secrets.OAUTH_GOOGLE_CLIENT_ID}}" \ + -e google.client-secret="${{secrets.OAUTH_GOOGLE_CLIENT_SECRET}}" \ + -e KAKAO_REDIRECT_URI="${{PROD_OAUTH_KAKAO_REDIRECT_URI}}" \ + -e GOOGLE_REDIRECT_URI="${{PROD_OAUTH_GOOGLE_REDIRECT_URI}}" \ + # Sentry + -e sentry-dsn="${{secrets.SENTRY_DSN}}" \ + # OpenAI + -e OPENAI_API_KEY="${{secrets.OPENAI_API_KEY}}" \ + # Liveblocks + -e liveblocks-secret-key="${{secrets.LIVEBLOCKS_SECRET_KEY}}" \ + # naver + -e NAVER_CLIENT_ID="${{secrets.NAVER_CLIENT_ID}}" \ + -e NAVER_CLIENT_SECRET="${{secrets.NAVER_CLIENT_SECRET}}" \ + # JWT + -e JWT_SECRET_KEY="${{secrets.JWT_SECRET_KEY}}" \ + -e JWT_ACCESS_TOKEN_VALIDITY="${{secrets.JWT_ACCESS_TOKEN_VALIDITY}}" \ + -e JWT_REFRESH_TOKEN_VALIDITY="${{secrets.JWT_REFRESH_TOKEN_VALIDITY}}" \ + # Front + -e front.redirect_domain="${{secrets.FRONT_REDIRECT_DOMAIN}}" \ ghcr.io/${{ github.repository }}/zoopzoop:latest diff --git a/.github/workflows/test-server-cd.yml b/.github/workflows/test-server-cd.yml index 08b164b1..40c87c4d 100644 --- a/.github/workflows/test-server-cd.yml +++ b/.github/workflows/test-server-cd.yml @@ -59,11 +59,7 @@ jobs: -p $NEW_PORT:8080 \ --name $NEW_CONTAINER \ --network common \ -<<<<<<< HEAD -======= -e SPRING_PROFILES_ACTIVE=server \ - # DB ->>>>>>> 09b4d42 (refactor : 테스트 서버 환경변수 주입 설정) -e SPRING_DATASOURCE_URL="${{secrets.TEST_DB_URL}}" \ -e SPRING_DATASOURCE_USERNAME="${{secrets.TEST_DB_USERNAME}}" \ -e SPRING_DATASOURCE_PASSWORD="${{secrets.TEST_DB_PASSWORD}}" \ diff --git a/src/main/resources/application-server.yml b/src/main/resources/application-server.yml index 17f8224c..40413387 100644 --- a/src/main/resources/application-server.yml +++ b/src/main/resources/application-server.yml @@ -10,10 +10,10 @@ spring: data: #RedisTemplate 등을 사용하기 위한 직접 연결용 redis: - host: 10.0.1.246 + host: } port: 6379 timeout: 6000 - password: zoopzoopRedisTest! + password: ${redis-password} cache: #Spring Cache를 사용하기 위한 Redis type: redis redis: diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index d889c5a5..61bbc690 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -51,6 +51,7 @@ spring: host: localhost port: 6379 timeout: 6000 + password: ${redis-password} cache: #Spring Cache를 사용하기 위한 Redis type: redis redis: From ba290987bd58578aff9c2ce5609c7b0789e5bf8b Mon Sep 17 00:00:00 2001 From: taekyung Date: Sat, 4 Oct 2025 23:47:43 +0900 Subject: [PATCH 4/9] =?UTF-8?q?refactor=20:=20=EC=9A=B4=EC=98=81=ED=99=98?= =?UTF-8?q?=EA=B2=BD=EB=B3=84=20YML=20=EB=B6=84=EB=A6=AC=20=EB=B0=8F=20?= =?UTF-8?q?=EB=B0=B0=ED=8F=AC=20=ED=99=98=EA=B2=BD=20=EC=84=A4=EC=A0=95=20?= =?UTF-8?q?=EA=B5=AC=EC=A1=B0=20=EA=B0=9C=EC=84=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/test-server-cd.yml | 4 +- src/main/resources/application-server.yml | 5 +- src/main/resources/application.yml | 64 ++++++++++++++++++++++- 3 files changed, 69 insertions(+), 4 deletions(-) diff --git a/.github/workflows/test-server-cd.yml b/.github/workflows/test-server-cd.yml index 40c87c4d..7b5de65f 100644 --- a/.github/workflows/test-server-cd.yml +++ b/.github/workflows/test-server-cd.yml @@ -60,6 +60,7 @@ jobs: --name $NEW_CONTAINER \ --network common \ -e SPRING_PROFILES_ACTIVE=server \ + # DB -e SPRING_DATASOURCE_URL="${{secrets.TEST_DB_URL}}" \ -e SPRING_DATASOURCE_USERNAME="${{secrets.TEST_DB_USERNAME}}" \ -e SPRING_DATASOURCE_PASSWORD="${{secrets.TEST_DB_PASSWORD}}" \ @@ -72,7 +73,8 @@ jobs: -e SPRING_RABBITMQ_USERNAME="${{secrets.TEST_RABBITMQ_USERNAME}}" \ -e SPRING_RABBITMQ_PASSWORD="${{secrets.TEST_RABBITMQ_PASSWORD}}" \ # Redis - -e redis-password-test="${{secrets.TEST_REDIS_PASSWORD}}" \ + -e REDIS_HOST="${{secrets.TEST_REDIS_HOST}}" \ + -e REDIS_PASSWORD="${{secrets.TEST_REDIS_PASSWORD}}" \ # OAuth2 -e kakao.client-id="${{secrets.OAUTH_KAKAO_CLIENT_ID}}" \ -e google.client-id="${{secrets.OAUTH_GOOGLE_CLIENT_ID}}" \ diff --git a/src/main/resources/application-server.yml b/src/main/resources/application-server.yml index 40413387..d2a28e02 100644 --- a/src/main/resources/application-server.yml +++ b/src/main/resources/application-server.yml @@ -10,10 +10,10 @@ spring: data: #RedisTemplate 등을 사용하기 위한 직접 연결용 redis: - host: } + host: ${REDIS_HOST} port: 6379 timeout: 6000 - password: ${redis-password} + password: ${REDIS_PASSWORD} cache: #Spring Cache를 사용하기 위한 Redis type: redis redis: @@ -38,3 +38,4 @@ sentry: send-default-pii: true environment: prod traces-sample-rate: 0.2 + diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 61bbc690..743e65ad 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -1,32 +1,42 @@ spring: application: name: back + profiles: active: dev + output: ansi: enabled: always + datasource: hikari: auto-commit: false + jackson: serialization: fail-on-empty-beans: false + jpa: show-sql: true hibernate: ddl-auto: create-drop + properties: hibernate: format_sql: true highlight_sql: true use_sql_comments: true + config: import: optional:classpath:application-secrets.yml + servlet: multipart: max-file-size: 10MB max-request-size: 10MB + + # Spring AI 설정 ai: openai: base-url: https://api.groq.com/openai # 내부 서버를 groq으로 @@ -35,6 +45,8 @@ spring: options: model: meta-llama/llama-4-scout-17b-16e-instruct temperature: 0 + + # RabbitMQ 설정 rabbitmq: host: ${SPRING_RABBITMQ_HOST:localhost} port: 5672 @@ -46,12 +58,13 @@ spring: enabled: true initial-interval: 2000 max-attempts: 3 + data: #RedisTemplate 등을 사용하기 위한 직접 연결용 redis: host: localhost port: 6379 timeout: 6000 - password: ${redis-password} + cache: #Spring Cache를 사용하기 위한 Redis type: redis redis: @@ -59,6 +72,49 @@ spring: cache-null-values: false key-prefix: + #OAuth2 설정 + security: + oauth2: + client: + registration: + kakao: + client-id: ${kakao.client-id} + scope: + - profile_nickname + - profile_image + authorization-grant-type: authorization_code + google: + client-id: ${google.client-id} + client-secret: ${google.client-secret} + scope: + - profile + authorization-grant-type: authorization_code + provider: + kakao: + authorization-uri: https://kauth.kakao.com/oauth/authorize + token-uri: https://kauth.kakao.com/oauth/token + user-info-uri: https://kapi.kakao.com/v2/user/me + user-name-attribute: id + google: + authorization-uri: https://accounts.google.com/o/oauth2/v2/auth + token-uri: https://oauth2.googleapis.com/token + user-info-uri: https://www.googleapis.com/oauth2/v3/userinfo + user-name-attribute: sub + + #S3 설정 + cloud: + aws: + credentials: + access-key: ${aws.access-key} + secret-key: ${aws.secret-key} + region: + static: ap-northeast-2 + s3: + bucket: ${aws.bucket} + stack: + auto: false + +#Spring doc 설정 springdoc: default-produces-media-type: application/json;charset=UTF-8 logging: @@ -93,3 +149,9 @@ jwt: access-token-validity: ${JWT_ACCESS_TOKEN_VALIDITY} refresh-token-validity: ${JWT_REFRESH_TOKEN_VALIDITY} +naver: + client_id: ${NAVER_CLIENT_ID} + client_secret: ${NAVER_CLIENT_SECRET} + +liveblocks: + secret-key: ${liveblocks-secret-key} \ No newline at end of file From be0eb5d132dc7d4537c087b7d38bd006f93da303 Mon Sep 17 00:00:00 2001 From: taekyung Date: Sun, 5 Oct 2025 00:07:53 +0900 Subject: [PATCH 5/9] =?UTF-8?q?refactor=20:=20=EB=A1=9C=EC=BB=AC(dev,test)?= =?UTF-8?q?.yml=20=EB=B3=B5=EA=B5=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/resources/application-dev.yml | 18 +++++++++--------- src/main/resources/application-server.yml | 1 + src/main/resources/application-test.yml | 21 +++++++++++++++++++++ 3 files changed, 31 insertions(+), 9 deletions(-) diff --git a/src/main/resources/application-dev.yml b/src/main/resources/application-dev.yml index 28f49010..82d651d3 100644 --- a/src/main/resources/application-dev.yml +++ b/src/main/resources/application-dev.yml @@ -15,20 +15,20 @@ spring: host: localhost port: 6379 timeout: 6000 - cache: #Spring Cache를 사용하기 위한 Redis - type: redis - redis: - time-to-live: 300000 - cache-null-values: false + security: + oauth2: + client: + registration: + kakao: + redirect-uri: http://localhost:8080/login/oauth2/code/kakao + google: + redirect-uri: http://localhost:8080/login/oauth2/code/google app: seed: enabled: true sentry: - dsn: https://60f1acad189d2994353d59b7895076ee@o4510100579155968.ingest.us.sentry.io/4510100584923136 - # Add data like request headers and IP for users, - # see https://docs.sentry.io/platforms/java/guides/spring-boot/data-management/data-collected/ for more info send-default-pii: true environment: local - traces-sample-rate: 0.0 \ No newline at end of file + traces-sample-rate: 0.0 diff --git a/src/main/resources/application-server.yml b/src/main/resources/application-server.yml index d2a28e02..42aaf406 100644 --- a/src/main/resources/application-server.yml +++ b/src/main/resources/application-server.yml @@ -14,6 +14,7 @@ spring: port: 6379 timeout: 6000 password: ${REDIS_PASSWORD} + cache: #Spring Cache를 사용하기 위한 Redis type: redis redis: diff --git a/src/main/resources/application-test.yml b/src/main/resources/application-test.yml index c43018a5..2e17b92e 100644 --- a/src/main/resources/application-test.yml +++ b/src/main/resources/application-test.yml @@ -13,6 +13,27 @@ spring: ddl-auto: create-drop show-sql: true + security: + oauth2: + client: + registration: + kakao: + redirect-uri: http://localhost:3000/oauth/callback/kakao + google: + redirect-uri: http://localhost:3000/oauth/callback/google + + front: + redirect_domain: http://localhost:3000 + + app: + seed: + enabled: false + + sentry: + send-default-pii: true + environment: local + traces-sample-rate: 0.0 + sql: init: mode: never From bac5e5ba5b41d87854a40d6add9e160e433bbea8 Mon Sep 17 00:00:00 2001 From: taekyung Date: Sun, 5 Oct 2025 00:16:47 +0900 Subject: [PATCH 6/9] =?UTF-8?q?refactor=20:=20=EB=B9=8C=EB=93=9C=EC=A0=84?= =?UTF-8?q?=20=ED=85=8C=EC=8A=A4=ED=8A=B8=20secrets.yml=20V2=EB=A1=9C=20?= =?UTF-8?q?=EB=B3=80=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/test-server-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test-server-ci.yml b/.github/workflows/test-server-ci.yml index c10278d8..b57b6016 100644 --- a/.github/workflows/test-server-ci.yml +++ b/.github/workflows/test-server-ci.yml @@ -68,7 +68,7 @@ jobs: - name: Generate application-secrets.yml run: | mkdir -p src/main/resources - echo "${{ secrets.APPLICATION_SECRET_YML }}" > src/main/resources/application-secrets.yml + echo "${{ secrets.APPLICATION_SECRET_YML_V2 }}" > src/main/resources/application-secrets.yml echo "OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}" >> src/main/resources/application-secrets.yml echo "spring.cloud.aws.region.static: ${{ secrets.AWS_REGION }}" >> src/main/resources/application-secrets.yml From 0bec5e04fc8717ee4c3460d76bdae88e87b7b53c Mon Sep 17 00:00:00 2001 From: taekyung Date: Sun, 5 Oct 2025 01:26:02 +0900 Subject: [PATCH 7/9] =?UTF-8?q?refactor:=20gradle=20=ED=85=8C=EC=8A=A4?= =?UTF-8?q?=ED=8A=B8=EC=8B=9C=20=ED=99=98=EA=B2=BD=EB=B3=80=EC=88=98?= =?UTF-8?q?=EB=A1=9C=20=EC=84=A4=EC=A0=95=EA=B0=92=20=EC=A3=BC=EC=9E=85?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/test-server-ci.yml | 57 +++++++++++++++++----------- src/main/resources/application.yml | 16 ++++---- 2 files changed, 43 insertions(+), 30 deletions(-) diff --git a/.github/workflows/test-server-ci.yml b/.github/workflows/test-server-ci.yml index b57b6016..4cfc8e3f 100644 --- a/.github/workflows/test-server-ci.yml +++ b/.github/workflows/test-server-ci.yml @@ -64,36 +64,49 @@ jobs: - name: Grant execute permission for gradlew run: chmod +x ./gradlew - # 5. application-secrets.yml 생성 - - name: Generate application-secrets.yml - run: | - mkdir -p src/main/resources - echo "${{ secrets.APPLICATION_SECRET_YML_V2 }}" > src/main/resources/application-secrets.yml - echo "OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}" >> src/main/resources/application-secrets.yml - - echo "spring.cloud.aws.region.static: ${{ secrets.AWS_REGION }}" >> src/main/resources/application-secrets.yml - echo "spring.cloud.aws.credentials.access-key: ${{ secrets.AWS_ACCESS_KEY_ID }}" >> src/main/resources/application-secrets.yml - echo "spring.cloud.aws.credentials.secret-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}" >> src/main/resources/application-secrets.yml - echo "spring.cloud.aws.s3.bucket: ${{ secrets.AWS_S3_BUCKET_NAME }}" >> src/main/resources/application-secrets.yml - echo "spring.cloud.aws.stack.auto: false" >> src/main/resources/application-secrets.yml - - echo "liveblocks.secret-key: ${{ secrets.LIVEBLOCKS_SECRET_KEY }}" >> src/main/resources/application-secrets.yml - - # 6. application-secrets-server.yml 생성 - - name: Generate application-secrets-server.yml - run: | - mkdir -p src/main/resources - echo "${{ secrets.APPLICATION_SECRET_SERVER_YML }}" > src/main/resources/application-secrets-server.yml - echo "OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}" >> src/main/resources/application-secrets-server.yml +# # 5. application-secrets.yml 생성 +# - name: Generate application-secrets.yml +# run: | +# mkdir -p src/main/resources +# echo "${{ secrets.APPLICATION_SECRET_YML_V2 }}" > src/main/resources/application-secrets.yml +# echo "OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}" >> src/main/resources/application-secrets.yml +# +# echo "spring.cloud.aws.region.static: ${{ secrets.AWS_REGION }}" >> src/main/resources/application-secrets.yml +# echo "spring.cloud.aws.credentials.access-key: ${{ secrets.AWS_ACCESS_KEY_ID }}" >> src/main/resources/application-secrets.yml +# echo "spring.cloud.aws.credentials.secret-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}" >> src/main/resources/application-secrets.yml +# echo "spring.cloud.aws.s3.bucket: ${{ secrets.AWS_S3_BUCKET_NAME }}" >> src/main/resources/application-secrets.yml +# echo "spring.cloud.aws.stack.auto: false" >> src/main/resources/application-secrets.yml +# +# echo "liveblocks.secret-key: ${{ secrets.LIVEBLOCKS_SECRET_KEY }}" >> src/main/resources/application-secrets.yml +# +# # 6. application-secrets-server.yml 생성 +# - name: Generate application-secrets-server.yml +# run: | +# mkdir -p src/main/resources +# echo "${{ secrets.APPLICATION_SECRET_SERVER_YML }}" > src/main/resources/application-secrets-server.yml +# echo "OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}" >> src/main/resources/application-secrets-server.yml # 7. Gradle 테스트 실행 - name: Test with Gradle # 테스트 단계에서 RabbitMQ 연결을 위한 환경 변수 설정 env: + OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} SPRING_RABBITMQ_HOST: localhost - SPRING_RABBITMQ_PORT: 5672 SPRING_RABBITMQ_USERNAME: guest SPRING_RABBITMQ_PASSWORD: guest + KAKAO_CLIENT_ID: ${{ secrets.OAUTH_KAKAO_CLIENT_ID }} + GOOGLE_CLIENT_ID: ${{ secrets.OAUTH_GOOGLE_CLIENT_ID }} + GOOGLE_CLIENT_SECRET: ${{ secrets.OAUTH_GOOGLE_CLIENT_SECRET }} + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + AWS_S3_BUCKET_NAME: ${{ secrets.AWS_S3_BUCKET_NAME }} + SENTRY_DSN: ${{ secrets.SENTRY_DSN }} + JWT_SECRET_KEY: ${{ secrets.JWT_SECRET_KEY }} + JWT_ACCESS_TOKEN_VALIDITY: ${{ secrets.JWT_ACCESS_TOKEN_VALIDITY }} + JWT_REFRESH_TOKEN_VALIDITY: ${{ secrets.JWT_REFRESH_TOKEN_VALIDITY }} + NAVER_CLIENT_ID: ${{ secrets.NAVER_CLIENT_ID }} + NAVER_CLIENT_SECRET: ${{ secrets.NAVER_CLIENT_SECRET }} + LIVEBLOCKS_SECRET_KEY: ${{ secrets.LIVEBLOCKS_SECRET_KEY }} run: ./gradlew test # 8. 테스트 결과 요약 출력 diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 743e65ad..801c394b 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -78,14 +78,14 @@ spring: client: registration: kakao: - client-id: ${kakao.client-id} + client-id: ${KAKAO_CLIENT_ID} scope: - profile_nickname - profile_image authorization-grant-type: authorization_code google: - client-id: ${google.client-id} - client-secret: ${google.client-secret} + client-id: ${GOOGLE_CLIENT_ID} + client-secret: ${GOOGLE_CLIENT_SECRET} scope: - profile authorization-grant-type: authorization_code @@ -105,12 +105,12 @@ spring: cloud: aws: credentials: - access-key: ${aws.access-key} - secret-key: ${aws.secret-key} + access-key: ${AWS_ACCESS_KEY_ID} + secret-key: ${AWS_SECRET_ACCESS_KEY} region: static: ap-northeast-2 s3: - bucket: ${aws.bucket} + bucket: ${AWS_S3_BUCKET_NAME} stack: auto: false @@ -142,7 +142,7 @@ management: show-details: always sentry: #Sentry 모니터렁 기본 설정. - dsn: ${sentry-dsn} + dsn: ${SENTRY_DSN} jwt: secret-key: ${JWT_SECRET_KEY} @@ -154,4 +154,4 @@ naver: client_secret: ${NAVER_CLIENT_SECRET} liveblocks: - secret-key: ${liveblocks-secret-key} \ No newline at end of file + secret-key: ${LIVEBLOCKS_SECRET_KEY} \ No newline at end of file From b4989be114aa27575e206f62e4bba4a251b76d18 Mon Sep 17 00:00:00 2001 From: taekyung Date: Sun, 5 Oct 2025 02:17:58 +0900 Subject: [PATCH 8/9] =?UTF-8?q?refactor:=20yml=ED=8C=8C=EC=9D=BC=20?= =?UTF-8?q?=EB=93=A4=EC=97=AC=EC=93=B0=EA=B8=B0=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/test-server-ci.yml | 42 +++++-------------------- src/main/resources/application-test.yml | 4 +-- 2 files changed, 9 insertions(+), 37 deletions(-) diff --git a/.github/workflows/test-server-ci.yml b/.github/workflows/test-server-ci.yml index 4cfc8e3f..d9b7c694 100644 --- a/.github/workflows/test-server-ci.yml +++ b/.github/workflows/test-server-ci.yml @@ -64,29 +64,7 @@ jobs: - name: Grant execute permission for gradlew run: chmod +x ./gradlew -# # 5. application-secrets.yml 생성 -# - name: Generate application-secrets.yml -# run: | -# mkdir -p src/main/resources -# echo "${{ secrets.APPLICATION_SECRET_YML_V2 }}" > src/main/resources/application-secrets.yml -# echo "OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}" >> src/main/resources/application-secrets.yml -# -# echo "spring.cloud.aws.region.static: ${{ secrets.AWS_REGION }}" >> src/main/resources/application-secrets.yml -# echo "spring.cloud.aws.credentials.access-key: ${{ secrets.AWS_ACCESS_KEY_ID }}" >> src/main/resources/application-secrets.yml -# echo "spring.cloud.aws.credentials.secret-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}" >> src/main/resources/application-secrets.yml -# echo "spring.cloud.aws.s3.bucket: ${{ secrets.AWS_S3_BUCKET_NAME }}" >> src/main/resources/application-secrets.yml -# echo "spring.cloud.aws.stack.auto: false" >> src/main/resources/application-secrets.yml -# -# echo "liveblocks.secret-key: ${{ secrets.LIVEBLOCKS_SECRET_KEY }}" >> src/main/resources/application-secrets.yml -# -# # 6. application-secrets-server.yml 생성 -# - name: Generate application-secrets-server.yml -# run: | -# mkdir -p src/main/resources -# echo "${{ secrets.APPLICATION_SECRET_SERVER_YML }}" > src/main/resources/application-secrets-server.yml -# echo "OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}" >> src/main/resources/application-secrets-server.yml - - # 7. Gradle 테스트 실행 + # 5. Gradle 테스트 실행 - name: Test with Gradle # 테스트 단계에서 RabbitMQ 연결을 위한 환경 변수 설정 env: @@ -107,10 +85,11 @@ jobs: NAVER_CLIENT_ID: ${{ secrets.NAVER_CLIENT_ID }} NAVER_CLIENT_SECRET: ${{ secrets.NAVER_CLIENT_SECRET }} LIVEBLOCKS_SECRET_KEY: ${{ secrets.LIVEBLOCKS_SECRET_KEY }} - run: ./gradlew test + run: ./gradlew test --stacktrace - # 8. 테스트 결과 요약 출력 + # 6. 테스트 결과 요약 출력 - name: Show test results + if: always() # 테스트 실패 여부와 상관없이 항상 실행 run: | echo "==== Test Results ====" if compgen -G "build/test-results/test/TEST-*.xml" > /dev/null; then @@ -126,18 +105,11 @@ jobs: echo "No test results found." fi - # 8-1. secrets 파일 완전 삭제 - - name: Remove secrets files before building - run: | - rm -f src/main/resources/application-secrets.yml - rm -f src/main/resources/application-secrets-server.yml - echo "Secrets files removed for build" - - # 9. Gradle 빌드 실행 (테스트 성공 시) + # 7. Gradle 빌드 실행 (테스트 성공 시) - name: Build with Gradle run: ./gradlew build -x test - # 10. GHCR 로그인 + # 8. GHCR 로그인 - name: Log in to GHCR uses: docker/login-action@v2 with: @@ -145,7 +117,7 @@ jobs: username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - # 11. Docker 이미지 빌드 & 푸시 + # 9. Docker 이미지 빌드 & 푸시 - name: Build & Push Docker Image run: | IMAGE_NAME=ghcr.io/${{ github.repository }}/zoopzoop diff --git a/src/main/resources/application-test.yml b/src/main/resources/application-test.yml index 2e17b92e..220e4820 100644 --- a/src/main/resources/application-test.yml +++ b/src/main/resources/application-test.yml @@ -22,8 +22,8 @@ spring: google: redirect-uri: http://localhost:3000/oauth/callback/google - front: - redirect_domain: http://localhost:3000 +front: + redirect_domain: http://localhost:3000 app: seed: From 110330d4a8d6a3da9f6fd8a71cbfccf49f0fd633 Mon Sep 17 00:00:00 2001 From: taekyung Date: Sun, 5 Oct 2025 14:27:28 +0900 Subject: [PATCH 9/9] =?UTF-8?q?refactor:=20yml=20=ED=94=8C=EB=A0=88?= =?UTF-8?q?=EC=9D=B4=EC=8A=A4=ED=99=80=EB=8D=94=20=EB=84=A4=EC=9D=B4?= =?UTF-8?q?=EB=B0=8D=20=EA=B7=9C=EC=B9=99=20=EC=9D=BC=EA=B4=80=EC=84=B1=20?= =?UTF-8?q?=EC=9C=A0=EC=A7=80=ED=95=98=EB=8F=84=EB=A1=9D=20=EC=88=98?= =?UTF-8?q?=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/prod-server.yml | 21 +++++++++++---------- .github/workflows/test-server-cd.yml | 18 +++++++++--------- 2 files changed, 20 insertions(+), 19 deletions(-) diff --git a/.github/workflows/prod-server.yml b/.github/workflows/prod-server.yml index 43c7b8f0..85298b85 100644 --- a/.github/workflows/prod-server.yml +++ b/.github/workflows/prod-server.yml @@ -87,27 +87,28 @@ jobs: -e SPRING_DATASOURCE_USERNAME="${{secrets.PROD_DB_USERNAME}}" \ -e SPRING_DATASOURCE_PASSWORD="${{secrets.PROD_DB_PASSWORD}}" \ # AWS - -e aws.access-key="${{secrets.AWS_ACCESS_KEY_ID}}" \ - -e aws.secret-key="${{secrets.AWS_SECRET_ACCESS_KEY}}" \ - -e aws.bucket="${{secrets.AWS_S3_BUCKET_NAME}}" \ + -e AWS_ACCESS_KEY_ID="${{secrets.AWS_ACCESS_KEY_ID}}" \ + -e AWS_SECRET_ACCESS_KEY="${{secrets.AWS_SECRET_ACCESS_KEY}}" \ + -e AWS_S3_BUCKET_NAME="${{secrets.AWS_S3_BUCKET_NAME}}" \ # RabbitMQ -e SPRING_RABBITMQ_HOST="${{secrets.PROD_RABBITMQ_HOST}}" \ -e SPRING_RABBITMQ_USERNAME="${{secrets.PROD_RABBITMQ_USERNAME}}" \ -e SPRING_RABBITMQ_PASSWORD="${{secrets.PROD_RABBITMQ_PASSWORD}}" \ # Redis - -e redis-password="${{secrets.PROD_REDIS_PASSWORD}}" \ + -e REDIS_HOST="${{secrets.PROD_REDIS_HOST}}" \ + -e REDIS_PASSWORD="${{secrets.PROD_REDIS_PASSWORD}}" \ # OAuth2 - -e kakao.client-id="${{secrets.OAUTH_KAKAO_CLIENT_ID}}" \ - -e google.client-id="${{secrets.OAUTH_GOOGLE_CLIENT_ID}}" \ - -e google.client-secret="${{secrets.OAUTH_GOOGLE_CLIENT_SECRET}}" \ + -e KAKAO_CLIENT_ID="${{secrets.OAUTH_KAKAO_CLIENT_ID}}" \ + -e GOOGLE_CLIENT_ID="${{secrets.OAUTH_GOOGLE_CLIENT_ID}}" \ + -e GOOGLE_CLIENT_SECRET="${{secrets.OAUTH_GOOGLE_CLIENT_SECRET}}" \ -e KAKAO_REDIRECT_URI="${{PROD_OAUTH_KAKAO_REDIRECT_URI}}" \ -e GOOGLE_REDIRECT_URI="${{PROD_OAUTH_GOOGLE_REDIRECT_URI}}" \ # Sentry - -e sentry-dsn="${{secrets.SENTRY_DSN}}" \ + -e SENTRY_DSN="${{secrets.SENTRY_DSN}}" \ # OpenAI -e OPENAI_API_KEY="${{secrets.OPENAI_API_KEY}}" \ # Liveblocks - -e liveblocks-secret-key="${{secrets.LIVEBLOCKS_SECRET_KEY}}" \ + -e LIVEBLOCKS_SECRET_KEY="${{secrets.LIVEBLOCKS_SECRET_KEY}}" \ # naver -e NAVER_CLIENT_ID="${{secrets.NAVER_CLIENT_ID}}" \ -e NAVER_CLIENT_SECRET="${{secrets.NAVER_CLIENT_SECRET}}" \ @@ -116,7 +117,7 @@ jobs: -e JWT_ACCESS_TOKEN_VALIDITY="${{secrets.JWT_ACCESS_TOKEN_VALIDITY}}" \ -e JWT_REFRESH_TOKEN_VALIDITY="${{secrets.JWT_REFRESH_TOKEN_VALIDITY}}" \ # Front - -e front.redirect_domain="${{secrets.FRONT_REDIRECT_DOMAIN}}" \ + -e FRONT_REDIRECT_DOMAIN="${{secrets.FRONT_REDIRECT_DOMAIN}}" \ ghcr.io/${{ github.repository }}/zoopzoop:latest diff --git a/.github/workflows/test-server-cd.yml b/.github/workflows/test-server-cd.yml index 7b5de65f..40289eb8 100644 --- a/.github/workflows/test-server-cd.yml +++ b/.github/workflows/test-server-cd.yml @@ -65,9 +65,9 @@ jobs: -e SPRING_DATASOURCE_USERNAME="${{secrets.TEST_DB_USERNAME}}" \ -e SPRING_DATASOURCE_PASSWORD="${{secrets.TEST_DB_PASSWORD}}" \ # AWS - -e aws.access-key="${{secrets.AWS_ACCESS_KEY_ID}}" \ - -e aws.secret-key="${{secrets.AWS_SECRET_ACCESS_KEY}}" \ - -e aws.bucket="${{secrets.AWS_S3_BUCKET_NAME}}" \ + -e AWS_ACCESS_KEY_ID="${{secrets.AWS_ACCESS_KEY_ID}}" \ + -e AWS_SECRET_ACCESS_KEY="${{secrets.AWS_SECRET_ACCESS_KEY}}" \ + -e AWS_S3_BUCKECT_NAME="${{secrets.AWS_S3_BUCKET_NAME}}" \ # RabbitMQ -e SPRING_RABBITMQ_HOST="${{secrets.TEST_RABBITMQ_HOST}}" \ -e SPRING_RABBITMQ_USERNAME="${{secrets.TEST_RABBITMQ_USERNAME}}" \ @@ -76,17 +76,17 @@ jobs: -e REDIS_HOST="${{secrets.TEST_REDIS_HOST}}" \ -e REDIS_PASSWORD="${{secrets.TEST_REDIS_PASSWORD}}" \ # OAuth2 - -e kakao.client-id="${{secrets.OAUTH_KAKAO_CLIENT_ID}}" \ - -e google.client-id="${{secrets.OAUTH_GOOGLE_CLIENT_ID}}" \ - -e google.client-secret="${{secrets.OAUTH_GOOGLE_CLIENT_SECRET}}" \ + -e KAKAO_CLIENT_ID="${{secrets.OAUTH_KAKAO_CLIENT_ID}}" \ + -e GOOGLE_CLIENT_ID="${{secrets.OAUTH_GOOGLE_CLIENT_ID}}" \ + -e GOOGLE_CLIENT_SECRET="${{secrets.OAUTH_GOOGLE_CLIENT_SECRET}}" \ -e KAKAO_REDIRECT_URI="${{TEST_OAUTH_KAKAO_REDIRECT_URI}}" \ -e GOOGLE_REDIRECT_URI="${{TEST_OAUTH_GOOGLE_REDIRECT_URI}}" \ # Sentry - -e sentry-dsn="${{secrets.SENTRY_DSN}}" \ + -e SENTRY_DSN="${{secrets.SENTRY_DSN}}" \ # OpenAI -e OPENAI_API_KEY="${{secrets.OPENAI_API_KEY}}" \ # Liveblocks - -e liveblocks-secret-key="${{secrets.LIVEBLOCKS_SECRET_KEY}}" \ + -e LIVEBLOCKS_SECRET_KEY="${{secrets.LIVEBLOCKS_SECRET_KEY}}" \ # naver -e NAVER_CLIENT_ID="${{secrets.NAVER_CLIENT_ID}}" \ -e NAVER_CLIENT_SECRET="${{secrets.NAVER_CLIENT_SECRET}}" \ @@ -95,7 +95,7 @@ jobs: -e JWT_ACCESS_TOKEN_VALIDITY="${{secrets.JWT_ACCESS_TOKEN_VALIDITY}}" \ -e JWT_REFRESH_TOKEN_VALIDITY="${{secrets.JWT_REFRESH_TOKEN_VALIDITY}}" \ # Front - -e front.redirect_domain="${{secrets.FRONT_REDIRECT_DOMAIN}}" \ + -e FRONT_REDIRECT_DOMAIN="${{secrets.FRONT_REDIRECT_DOMAIN}}" \ ghcr.io/${{ github.repository }}/zoopzoop:latest # 헬스체크