[이지현] sprint8

.dockerignore

@@ -0,0 +1,14 @@
+# IDE 관련
+*.iml
+.idea/
+*.log
+
+# OS, 시스템
+.DS_Store
+
+# 빌드 결과물
+/build
+/out
+
+# 환경 파일
+.env

.github/workflows/deploy.yml

@@ -0,0 +1,160 @@
+name: Deploy to AWS ECS
+
+# 트리거 조건: release 브랜치에 푸시 시 자동 실행
+on:
+  push:
+    branches: [ release ]
+  workflow_dispatch:
+
+env:
+  AWS_REGION_ECR: us-east-1
+  AWS_REGION: ${{ vars.AWS_REGION }}
+  ECR_REPOSITORY: discodeit
+  ECR_REPOSITORY_URI: ${{ vars.ECR_REPOSITORY_URI }}
+  ECS_CLUSTER: ${{ vars.ECS_CLUSTER }}
+  ECS_SERVICE: ${{ vars.ECS_SERVICE }}
+  ECS_TASK_DEFINITION: ${{ vars.ECS_TASK_DEFINITION }}
+  ECR_PUBLIC_ALIAS: ${{ vars.ECR_PUBLIC_ALIAS }}
+  CONTAINER_NAME: discodeit-app
+
+
+jobs:
+  # 1. Build and Push Docker Image
+  build-and-push:
+    name: Build and Push Docker Image to ECR
+    runs-on: ubuntu-latest
+    outputs:
+      image: ${{ steps.build-image.outputs.image }}
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up JDK 17
+        uses: actions/setup-java@v4
+        with:
+          java-version: '17'
+          distribution: 'temurin'
+          cache: gradle
+
+      - name: Configure AWS credentials for ECR
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }}
+          aws-region: ${{ env.AWS_REGION_ECR }}
+
+      - name: Login to Amazon ECR Public
+        id: login-ecr-public
+        uses: aws-actions/amazon-ecr-login@v2
+        with:
+          registry-type: public
+
+      - name: Build, tag, and push docker image to Amazon ECR Public
+        id: build-image
+        env:
+          ECR_REGISTRY: ${{ steps.login-ecr-public.outputs.registry }}/${{ env.ECR_PUBLIC_ALIAS }}
+          IMAGE_TAG: ${{ github.sha }}
+        run: |
+          chmod +x ./gradlew
+          ./gradlew bootJar
+
+          docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -t $ECR_REGISTRY/$ECR_REPOSITORY:latest .
+
+          docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
+          docker push $ECR_REGISTRY/$ECR_REPOSITORY:latest
+          echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT
+
+      - name: Delete old images from public ECR
+        run: |
+          set -euo pipefail
+
+          # 1. latest 태그가 없는 이미지들을 오래된 순으로 정렬
+          IMAGES_TO_CONSIDER=$(aws ecr-public describe-images \
+            --repository-name $ECR_REPOSITORY \
+            --query "sort_by(imageDetails[?imageTags && !contains(imageTags, 'latest')], &imagePushedAt)")
+
+          IMAGE_COUNT=$(echo "$IMAGES_TO_CONSIDER" | jq 'length // 0')
+
+          if [ "$IMAGE_COUNT" -gt 5 ]; then
+            DELETE_COUNT=$((IMAGE_COUNT - 5))
+            echo "Found $IMAGE_COUNT images. Deleting $DELETE_COUNT oldest images..."
+
+            IMAGE_IDS_STRING=$(echo "$IMAGES_TO_CONSIDER" | \
+              jq -r --argjson count "$DELETE_COUNT" '.[0:$count] | .[].imageDigest' | \
+              sed 's/^/imageDigest=/' | tr '\n' ' ')
+
+            aws ecr-public batch-delete-image \
+              --repository-name $ECR_REPOSITORY \
+              --image-ids $IMAGE_IDS_STRING
+
+            echo "Successfully deleted $DELETE_COUNT images."
+          else
+            echo "No old images to delete. ($IMAGE_COUNT images found)"
+          fi
+        env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_KEY }}
+          AWS_REGION: ${{ env.AWS_REGION_ECR }}
+
+  # 2. Deploy to ECS
+  deploy:
+    name: Deploy to ECS
+    needs: build-and-push
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Configure AWS credentials for ECS
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }}
+          aws-region: ${{ env.AWS_REGION }}
+
+      # 런타임에 테스크 정의 다운로드
+      - name: Download task definition
+        run: |
+          aws ecs describe-task-definition \
+            --task-definition $ECS_TASK_DEFINITION \
+            --query taskDefinition > task-definition.json
+
+      - name: Clean up task definition JSON
+        run: |
+          jq 'del(.status, .revision, .taskDefinitionArn, .requiresAttributes, .compatibilities, .registeredAt, .registeredBy, .enableFaultInjection)' task-definition.json > cleaned-task-definition.json
+
+      # 이미지만 업데이트 (다른 설정들 유지)
+      - name: Fill in the new image ID in the Amazon ECS task definition
+        id: task-def
+        uses: aws-actions/amazon-ecs-render-task-definition@v1
+        with:
+          task-definition: cleaned-task-definition.json
+          container-name: ${{ env.CONTAINER_NAME }}
+          image: ${{ needs.build-and-push.outputs.image }}
+
+      - name: Stop existing ECS service
+        run: |
+          aws ecs update-service \
+            --cluster ${{ env.ECS_CLUSTER }} \
+            --service ${{ env.ECS_SERVICE }} \
+            --desired-count 0 
+
+          # Wait for tasks to stop
+          echo "Waiting for tasks to stop..."
+          aws ecs wait services-stable \
+          --cluster ${{ env.ECS_CLUSTER }} \
+          --services ${{ env.ECS_SERVICE }}
+
+      - name: Deploy new task definition to Amazon ECS
+        uses: aws-actions/amazon-ecs-deploy-task-definition@v1
+        with:
+          task-definition: ${{ steps.task-def.outputs.task-definition }}
+          service: ${{ env.ECS_SERVICE }}
+          cluster: ${{ env.ECS_CLUSTER }}
+          wait-for-service-stability: true
+
+      - name: Start ECS service
+        run: |
+          aws ecs update-service \
+            --cluster ${{ env.ECS_CLUSTER }} \
+            --service ${{ env.ECS_SERVICE }} \
+            --desired-count 1

.github/workflows/test.yml

@@ -0,0 +1,40 @@
+name: Run Tests and Report Coverage
+
+# 트리거 조건: main 브랜치에 PR 생성 시 자동 실행
+on:
+  pull_request:
+    branches: [ main ]
+  workflow_dispatch:
+
+env:
+  AWS_S3_ACCESS_KEY: ${{ secrets.AWS_ACCESS_KEY }}
+  AWS_S3_SECRET_KEY: ${{ secrets.AWS_SECRET_KEY }}
+  AWS_S3_REGION: ${{ vars.AWS_REGION }}
+  AWS_S3_BUCKET: ${{ vars.AWS_BUCKET }}
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+
+
+    steps:
+      # 1. 저장소 코드 체크아웃
+      - name: Checkout repository
+        uses: actions/checkout@v4
+      # 2. JDK 17 환경 설정
+      - name: Set up JDK 17
+        uses: actions/setup-java@v4
+        with:
+          java-version: '17'
+          distribution: 'temurin'
+      # 3. Gradle 실행 권한 부여
+      - name: Grant execute permission for gradlew
+        run: chmod +x gradlew
+      # 4. 테스트 실행
+      - name: Run tests
+        run: ./gradlew test
+      # 5. Codecov에 커버리지 업로드
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@v4
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}  # Codecov에서 발급한 토큰

.gitignore

@@ -47,3 +47,6 @@ bin/
 ### File 추가 ###
 .discodeit
 .logs
+
+.env
+discodeit.env