infra: 개발 및 운영 환경을 분리한 CI/CD 파이프라인 구축 및 Docker 최적화 #72
Conversation
✅ 테스트 결과 for PRBuild: success 🧪 테스트 실행 with Gradle |
There was a problem hiding this comment.
Pull Request Overview
This PR implements a comprehensive CI/CD pipeline using GitHub Actions, Docker multi-stage builds, and docker-compose for automated deployment to development and production environments. The changes replace the previous simple Docker setup with a production-ready deployment solution.
- Implements separate CI/CD workflows for dev and prod environments with automated testing, Docker image building, and SSH-based deployment
- Introduces multi-stage Dockerfile with layered JAR optimization for faster builds and smaller images
- Refactors docker-compose configuration to support multiple environments with autoheal service and comprehensive health checks
Reviewed Changes
Copilot reviewed 12 out of 13 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
.github/workflows/push-cd-dev.yml |
Dev environment CI/CD workflow with testing, Docker build/push, and deployment |
.github/workflows/push-cd-prod.yml |
Production CI/CD workflow with stricter validation and smoke testing |
.github/workflows/pr-ci.yml |
Updated PR workflow with Gradle caching |
.github/workflows/push-ci.yml |
Removed obsolete push CI workflow |
Dockerfile |
Multi-stage build with Gradle builder, JAR extractor, and JRE runtime stages |
docker-compose.yaml |
Unified compose file with spring-app and autoheal services, replacing environment-specific files |
docker-compose-dev.yaml |
Removed in favor of unified docker-compose.yaml |
src/main/resources/application-sample.yml |
Updated to use environment variables for DB host and API configuration |
.env.sample |
Comprehensive environment variable template with JVM, Docker, and health check settings |
.dockerignore |
Enhanced ignore rules for optimized Docker context |
.gitignore |
Updated to exclude environment files while documenting template file purpose |
setup-swap.sh |
New script for configuring swap memory on Linux servers |
docs/CD_PIPELINE_GUIDE.md |
Comprehensive 1790-line guide documenting the entire CD pipeline architecture |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| # 사용자 전환 | ||
| USER spring:spring | ||
|
|
||
| # JVM 메모리 설정 환경변수 (기본값, docker-compose에서 오버라이드 중) |
There was a problem hiding this comment.
The comment on line 66 states these values are being overridden by docker-compose, but this default configuration allocates more heap memory (512m-1024m) than some of the documented environment-specific settings in the guide (e.g., Dev: 256m-512m, Local: 128m-256m). This could be confusing. Consider either aligning these defaults with the lowest environment's needs or updating the comment to clarify why these specific defaults were chosen.
| # JVM 메모리 설정 환경변수 (기본값, docker-compose에서 오버라이드 중) | |
| # JVM 메모리 설정 환경변수 (기본값: 안전한 상한선 제공, docker-compose에서 환경별로 오버라이드됨. 일부 환경에서는 더 낮은 값이 사용될 수 있음. 자세한 내용은 가이드 참조) |
| # wget 사용 (Alpine Linux에 기본 설치되어 있음) | ||
| healthcheck: | ||
| test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:${SERVER_PORT}/actuator/health"] |
There was a problem hiding this comment.
The healthcheck test command uses 'wget' which the comment on line 84 claims is 'Alpine Linux에 기본 설치되어 있음' (installed by default in Alpine Linux). However, Alpine Linux base images do not include wget by default - only busybox utilities are included. The Dockerfile uses 'eclipse-temurin:21-jre-alpine' which may not have wget installed. Consider either: 1) adding 'RUN apk add --no-cache wget' to the Dockerfile, 2) using 'curl' and adding it via 'apk add curl', or 3) using the built-in 'sh -c' approach with netcat or similar.
| # wget 사용 (Alpine Linux에 기본 설치되어 있음) | |
| healthcheck: | |
| test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:${SERVER_PORT}/actuator/health"] | |
| # nc(netcat) 사용 (Alpine Linux에 기본 설치되어 있음) | |
| healthcheck: | |
| test: ["CMD", "sh", "-c", "nc -z localhost ${SERVER_PORT}"] |
| # 3. Check Spring Boot actuator health endpoint | ||
| echo "Checking actuator health endpoint..." | ||
| for i in {1..20}; do | ||
| HEALTH_RESPONSE=$(curl -s http://localhost:${{ secrets.SERVER_PORT || 8080 }}/actuator/health || echo "") |
There was a problem hiding this comment.
Using 'curl' in the health check assumes curl is installed on the deployment server, but this assumption is not documented or enforced. If the server doesn't have curl installed, this health check will silently fail and report empty responses. Consider either: 1) documenting this prerequisite in the deployment guide, 2) installing curl as part of the deployment script, or 3) using a more universally available tool like 'wget'.
| dd if=/dev/zero of=/swapfile bs=1M count=1024 status=progress | ||
| fi |
There was a problem hiding this comment.
The fallback 'dd' command has a hardcoded size of 1024MB (count=1024 with bs=1M), but the script accepts a configurable SWAP_SIZE variable (line 67). If a user sets SWAP_SIZE=2G, the fallocate will attempt to create 2GB, but if it fails and falls back to dd, only 1GB will be created. The count should be calculated from $SWAP_SIZE. For example, convert SWAP_SIZE to megabytes and use that as the count.
| dd if=/dev/zero of=/swapfile bs=1M count=1024 status=progress | |
| fi | |
| # Parse SWAP_SIZE to get count in MB for dd | |
| if [[ "$SWAP_SIZE" =~ ^([0-9]+)[Gg]$ ]]; then | |
| COUNT=$((${BASH_REMATCH[1]} * 1024)) | |
| elif [[ "$SWAP_SIZE" =~ ^([0-9]+)[Mm]$ ]]; then | |
| COUNT=${BASH_REMATCH[1]} | |
| else | |
| echo -e "${RED}Error: Unsupported SWAP_SIZE format: $SWAP_SIZE${NC}" | |
| exit 1 | |
| fi | |
| dd if=/dev/zero of=/swapfile bs=1M count=$COUNT status=progress |
Codecov Report✅ All modified and coverable lines are covered by tests. 📢 Thoughts on this report? Let us know! |
dev-ant
changed the title
📋 상세 설명
📊 체크리스트
📆 마감일