Ec2 deploy with Docker

[Hys-Lee]

배포

도커 사용해서 ec2에 배포하는 방식을 채택했습니다.
ec2 프리티어라서 인스턴스 내부에서 빌드가 힘들어서요

github action통해 cd 자동화 했습니다.

버그 수정

• 게스트모드 첫 진입 시 온보딩 진입하도록 수정
• 리프레시 토큰 없을 때 무한로딩 버그 수정

Summary by CodeRabbit

• Bug Fixes

  • Onboarding: Advances only when no local guest data exists, preventing unnecessary navigation.
  • Session handling: Reduces unexpected logout/redirects when a refresh token is missing.

• Chores

  • Added Docker support for building and running the app.
  • Implemented automated production deployment via container registry and remote host.
  • Added ignore rules to minimize Docker build context.

[coderabbitai]

Walkthrough

Adds Docker containerization and a production GitHub Actions deploy workflow, introduces a .dockerignore, adjusts token refresh behavior by removing automatic logout/redirect on missing refresh token, and updates onboarding login flow to conditionally advance based on presence of a guest IndexedDB.

Changes

Cohort / File(s)	Summary of Changes
Containerization & CI/CD Dockerfile, .dockerignore, .github/workflows/production-deploy.yml	New Dockerfile for Next.js build/run, new .dockerignore to trim build context, and new GitHub Actions workflow to build/push Docker image to Docker Hub and deploy on EC2 via SSH with env-file and port 3000 mapping.
Auth Token Handling api/service.ts	In tokenHandler, removed automatic logout and redirect when refresh token is absent; now throws “no refresh token” while leaving reissue/update logic unchanged.
Onboarding Flow app/onboarding/_components/LoginScreen.tsx	In handleBrowse, call onNext() only when no guest DB exists; retains login and guest state logic and IndexedDB check for DB_NAME.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor Dev as Developer
  participant GH as GitHub Actions (main)
  participant DH as Docker Hub
  participant EC2 as EC2 Host
  participant DK as Docker Runtime

  Dev->>GH: Push to main
  GH->>GH: Checkout, setup
  GH->>DH: docker login
  GH->>DH: docker build & push tag = ${GITHUB_SHA}
  GH->>EC2: SSH (secrets: host/user/key)
  EC2->>DK: docker pull ${user}/motimo-fe-production:${SHA}
  EC2->>DK: docker stop/rm motimo-fe-production (if exists)
  EC2->>DK: docker run -d --name motimo-fe-production -p 3000:3000 --env-file ./production.env IMAGE
  note over EC2,DK: Container serves on port 3000

Loading

sequenceDiagram
  autonumber
  actor U as User
  participant UI as LoginScreen
  participant IDB as IndexedDB
  participant Auth as Auth Service

  U->>UI: Browse (handleBrowse)
  UI->>IDB: Check for guest DB (DB_NAME)
  alt Guest DB missing
    UI->>Auth: login()
    UI->>UI: setIsGuest(true)
    UI->>U: onNext()
  else Guest DB exists
    UI->>Auth: login()
    UI->>UI: setIsGuest(true)
    UI->>U: Stay (no onNext)
  end

Loading

sequenceDiagram
  autonumber
  participant App as App
  participant Token as tokenHandler
  participant API as API Server

  App->>Token: Request with expired access token
  alt Has refresh token
    Token->>API: Reissue access/refresh
    API-->>Token: New tokens
    Token-->>App: Proceed with updated tokens
  else No refresh token
    Token-->>App: Throw "no refresh token" (no logout/redirect)
  end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• Login 무한 로딩 수정 #54 — Also changes LoginScreen handleBrowse flow, altering when onNext() is called after login, overlapping with this PR’s conditional navigation logic.

Poem

A dock I built of YAML dreams,
Where images sail on alpine streams.
A rabbit taps the deploy drum,
EC2 hums, the containers come.
Tokens behave, no sudden flight—
Guests may linger, apps ignite.
Hop, ship, run—production night! 🐇🚢

Tip

🔌 Remote MCP (Model Context Protocol) integration is now available!

Pro plan users can now connect to remote MCP servers from the Integrations page. Connect with popular remote MCPs such as Notion and Linear to add more context to your reviews and chats.

✨ Finishing Touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbit in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbit in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbit gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbit read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbit help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbit ignore or @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbit summary or @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbit or @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 3

🧹 Nitpick comments (2)

.dockerignore (1)

1-4: Missing trailing newline at end of file.

This is a minor formatting issue, but it's generally good practice to end files with a newline character.

Add a trailing newline at the end of the file:

 .next
 .git
 node_modules
 .gitignore
+

Dockerfile (1)

10-11: Consider using npm ci for production builds.

Using npm ci instead of npm install provides faster, reliable, reproducible builds by installing directly from package-lock.json without modifying it.

Replace npm install with npm ci for production builds:

-# 의존성을 설치합니다.
-RUN npm install
+# 의존성을 설치합니다.
+RUN npm ci --only=production

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 2c1657c and ef1704c.

📒 Files selected for processing (5)

• .dockerignore (1 hunks)
• .github/workflows/production-deploy.yml (1 hunks)
• Dockerfile (1 hunks)
• api/service.ts (1 hunks)
• app/onboarding/_components/LoginScreen.tsx (1 hunks)

🧰 Additional context used

🪛 actionlint (1.7.7)

.github/workflows/production-deploy.yml

16-16: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

---

20-20: the runner of "docker/login-action@v2" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: chromatic-test

🔇 Additional comments (5)

api/service.ts (1)

82-84: Verify removal of logout + redirect in 401/no-refresh-token path.
Commenting out api.authController.logout() / window.location.href="/" in api/service.ts (lines 82–84) changes the UX: a missing refresh token now throws instead of auto-logging-out/redirecting. I found other explicit logout usages (components/mypage/MyPage.tsx, app/mypage/edit/page.tsx). Confirm this is intentional and that global or caller error handling will reliably route users to login (or restore the logout+redirect).

app/onboarding/_components/LoginScreen.tsx (1)

181-188: Conditional onboarding flow looks correct.

The logic to check for existing guest database and conditionally call onNext() prevents users with existing guest data from repeating the onboarding process. This improves user experience by maintaining state across sessions.

The implementation correctly uses IndexedDB to detect existing guest data and sets the appropriate completion flag.

Dockerfile (2)

18-21: Environment variable configuration looks good.

The ARG and ENV pattern correctly allows build-time injection of the frontend base URL, which is essential for containerized deployments across different environments.

---

7-14: Optimize Docker layer caching.

The current approach copies all files before installing dependencies, which breaks Docker layer caching. When source code changes, dependency installation will re-run unnecessarily.

Reorder the COPY commands to optimize layer caching:

 # package.json과 package-lock.json (또는 yarn.lock)을 복사합니다.
 COPY package*.json ./
 
-# 의존성을 설치합니다.
-RUN npm install
-
-# 프로젝트의 모든 파일을 작업 디렉토리로 복사합니다.
-COPY . .
+# 의존성을 설치합니다.
+RUN npm ci --only=production
+
+# 프로젝트의 모든 파일을 작업 디렉토리로 복사합니다.
+COPY . .

Likely an incorrect or invalid review comment.

.github/workflows/production-deploy.yml (1)

49-49: Verify production.env file exists on EC2.

The deployment assumes a production.env file exists in the home directory of the EC2 instance. If this file doesn't exist, the container will fail to start.

Ensure that the production.env file is properly created on the EC2 instance before deployment, or add error handling:

             # 새 컨테이너 실행
-            docker run -d --name motimo-fe-production -p 3000:3000 --env-file ./production.env ${{ secrets.DOCKERHUB_USERNAME }}/motimo-fe-production:${{ github.sha }}
+            # production.env 파일 존재 확인
+            if [ ! -f ./production.env ]; then
+              echo "Error: production.env file not found"
+              exit 1
+            fi
+            
+            docker run -d --name motimo-fe-production -p 3000:3000 --env-file ./production.env ${{ secrets.DOCKERHUB_USERNAME }}/motimo-fe-production:${{ github.sha }}

[coderabbitai]

⚠️ Potential issue

Update GitHub Actions to newer versions.

The static analysis correctly identified that the actions versions are outdated and may not work on current GitHub runners.

Update the actions to newer versions:

       - name: Checkout source code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       # 1. Docker Hub에 로그인 (ECR 로그인 대신)
       - name: Login to Docker Hub
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3

Also applies to: 20-20

🧰 Tools

🪛 actionlint (1.7.7)

16-16: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

🤖 Prompt for AI Agents

In .github/workflows/production-deploy.yml around lines 16 and 20, the
referenced GitHub Action versions are outdated; update the actions to their
current stable releases (e.g., bump actions/checkout@v3 to actions/checkout@v4
and similarly upgrade the action used at line 20 to its latest major version),
ensure the workflow syntax and inputs remain compatible after the upgrade, and
run a workflow test to confirm no breaking changes.

[coderabbitai]

⚠️ Potential issue

Add build argument for environment variable.

The Docker build command doesn't pass the required build argument for NEXT_PUBLIC_FRONTEND_BASE_URL, which will result in an undefined environment variable.

Add the build argument to the Docker build command:

       - name: Build and push to Docker Hub
         run: |
-          docker build -t ${{ secrets.DOCKERHUB_USERNAME }}/motimo-fe-production:${{ github.sha }} .
+          docker build --build-arg NEXT_PUBLIC_FRONTEND_BASE_URL=${{ secrets.NEXT_PUBLIC_FRONTEND_BASE_URL }} -t ${{ secrets.DOCKERHUB_USERNAME }}/motimo-fe-production:${{ github.sha }} .
           docker push ${{ secrets.DOCKERHUB_USERNAME }}/motimo-fe-production:${{ github.sha }}

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	docker build -t ${{ secrets.DOCKERHUB_USERNAME }}/motimo-fe-production:${{ github.sha }} .
	docker push ${{ secrets.DOCKERHUB_USERNAME }}/motimo-fe-production:${{ github.sha }}
	- name: Build and push to Docker Hub
	run: |
	docker build --build-arg NEXT_PUBLIC_FRONTEND_BASE_URL=${{ secrets.NEXT_PUBLIC_FRONTEND_BASE_URL }} -t ${{ secrets.DOCKERHUB_USERNAME }}/motimo-fe-production:${{ github.sha }} .
	docker push ${{ secrets.DOCKERHUB_USERNAME }}/motimo-fe-production:${{ github.sha }}

🤖 Prompt for AI Agents

In .github/workflows/production-deploy.yml around lines 28 to 29, the docker
build command doesn't pass the NEXT_PUBLIC_FRONTEND_BASE_URL build argument,
causing that env var to be undefined; update the docker build invocation to
include a build-arg flag passing the secret (e.g. --build-arg
NEXT_PUBLIC_FRONTEND_BASE_URL=${{ secrets.NEXT_PUBLIC_FRONTEND_BASE_URL }}) so
the value is available at image build time before pushing.

[coderabbitai]

🛠️ Refactor suggestion

Improve container cleanup robustness.

The current container cleanup approach may fail if containers exist but are already stopped, potentially causing deployment failures.

Make the cleanup more robust by handling different container states:

             # 기존 컨테이너 중지 및 삭제
-            if [ $(docker ps -q -f name=motimo-fe-production) ]; then
-              docker stop motimo-fe-production
-              docker rm motimo-fe-production
-            fi
+            # 실행 중인 컨테이너가 있다면 중지
+            if [ $(docker ps -q -f name=motimo-fe-production) ]; then
+              docker stop motimo-fe-production
+            fi
+            
+            # 존재하는 컨테이너가 있다면 삭제
+            if [ $(docker ps -aq -f name=motimo-fe-production) ]; then
+              docker rm motimo-fe-production
+            fi

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	if [ $(docker ps -q -f name=motimo-fe-production) ]; then
	docker stop motimo-fe-production
	docker rm motimo-fe-production
	fi
	# 기존 컨테이너 중지 및 삭제
	# 실행 중인 컨테이너가 있다면 중지
	if [ $(docker ps -q -f name=motimo-fe-production) ]; then
	docker stop motimo-fe-production
	fi
	# 존재하는 컨테이너가 있다면 삭제
	if [ $(docker ps -aq -f name=motimo-fe-production) ]; then
	docker rm motimo-fe-production
	fi

🤖 Prompt for AI Agents

.github/workflows/production-deploy.yml around lines 43 to 46: the current
cleanup uses `docker ps -q -f name=motimo-fe-production` and only stops/removes
if running, which can fail when a container exists but is stopped; replace the
logic to query all containers by name (`docker ps -a -q -f
name=motimo-fe-production`) and then force-remove any found container (e.g., use
`docker rm -f <id>`), or if you prefer two-step: if container id exists, attempt
`docker stop <id>` (ignore errors if already stopped) then `docker rm <id>`;
ensure commands run safely in CI (handle empty id) so cleanup succeeds
regardless of container state.