diff --git a/.github/workflows/member-ci.yml b/.github/workflows/member-ci.yml new file mode 100644 index 0000000..0685b6a --- /dev/null +++ b/.github/workflows/member-ci.yml @@ -0,0 +1,84 @@ +name: Build and Deploy Member Service + +on: + push: + branches: [ main, develop ] + paths: + - 'member/**' + - 'common/**' + pull_request: + branches: [ main ] + paths: + - 'member/**' + - 'common/**' +env: + ACR_NAME: acrdigitalgarage03 + IMAGE_NAME: hiorder/member + MANIFEST_REPO: dg04-hi/hi-manifest + MANIFEST_FILE_PATH: member/deployment.yml + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up JDK 21 + uses: actions/setup-java@v4 + with: + java-version: '21' + distribution: 'temurin' + + - name: Cache Gradle packages + uses: actions/cache@v4 + with: + path: | + ~/.gradle/caches + ~/.gradle/wrapper + key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} + restore-keys: | + ${{ runner.os }}-gradle- + + - name: Grant execute permission for gradlew + run: chmod +x ./gradlew + + - name: Build with Gradle + run: ./gradlew member:build -x test --no-daemon + + - name: Run tests + run: ./gradlew member:test --no-daemon + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to Azure Container Registry + uses: docker/login-action@v3 + with: + registry: ${{ env.ACR_NAME }}.azurecr.io + username: ${{ secrets.ACR_USERNAME }} + password: ${{ secrets.ACR_PASSWORD }} + + - name: Extract metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.ACR_NAME }}.azurecr.io/${{ env.IMAGE_NAME }}:${{ steps.timestamp.outputs.BUILD_TIME }} + tags: | + type=ref,event=branch + type=ref,event=pr + type=sha,prefix={{branch}}- + + - name: Build and push Docker image + uses: docker/build-push-action@v5 + with: + context: . + file: ./member/Dockerfile + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max + build-args: | + SERVICE_NAME=member \ No newline at end of file diff --git a/gradlew b/gradlew old mode 100644 new mode 100755 diff --git a/member/Dockerfile b/member/Dockerfile new file mode 100644 index 0000000..05d96bb --- /dev/null +++ b/member/Dockerfile @@ -0,0 +1,31 @@ +# 실행 단계 +FROM eclipse-temurin:21-jre-alpine + +# 애플리케이션 사용자 생성 +RUN addgroup -g 1001 -S appgroup && \ + adduser -u 1001 -S appuser -G appgroup + +# 작업 디렉토리 설정 +WORKDIR /app + +# 빌드된 JAR 파일 복사 +COPY --from=builder /app/member/build/libs/member-*.jar app.jar + +# 파일 소유권 변경 +RUN chown -R appuser:appgroup /app + +# 사용자 변경 +USER appuser + +# 포트 노출 +EXPOSE 8080 + +# 헬스체크 추가 +HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \ + CMD wget --no-verbose --tries=1 --spider http://localhost:8080/actuator/health || exit 1 + +# JVM 옵션 설정 +ENV JAVA_OPTS="-Xms512m -Xmx1024m -XX:+UseG1GC -XX:G1HeapRegionSize=16m -XX:+UseStringDeduplication" + +# 애플리케이션 실행 +ENTRYPOINT ["sh", "-c", "java $JAVA_OPTS -jar app.jar"] \ No newline at end of file