Jenkins CI/CD 파이프라인 업데이트

- Jenkinsfile 개선: SonarQube 분석, Quality Gate 추가 - 환경별 설정 파일 업데이트 (dev/staging/prod) - Kustomize base 및 overlay 파일 정리 - prod 환경 overlay 파일 추가 - 배포 스크립트 및 검증 스크립트 업데이트 - 파이프라인 가이드 문서 업데이트 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2026-06-13 03:59:10 +00:00 · 2025-12-01 12:57:35 +09:00
parent b467b84426
commit 0f054109bb
48 changed files with 372 additions and 387 deletions
@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: phonebill-common-config
+  name: cm-common
  labels:
    app.kubernetes.io/part-of: phonebill
 data:
@@ -7,21 +7,18 @@ resources:
  - ../../base

 patches:
-  # Common patches
  - path: cm-common-patch.yaml
    target:
      kind: ConfigMap
-      name: phonebill-common-config
+      name: cm-common
  - path: secret-common-patch.yaml
    target:
      kind: Secret
-      name: phonebill-common-secret
+      name: secret-common
  - path: ingress-patch.yaml
    target:
      kind: Ingress
      name: phonebill-ingress
-
-  # Deployment patches
  - path: deployment-api-gateway-patch.yaml
    target:
      kind: Deployment
@@ -42,29 +39,27 @@ patches:
    target:
      kind: Deployment
      name: kos-mock
-
-  # Service Secret patches
  - path: secret-user-service-patch.yaml
    target:
      kind: Secret
-      name: user-service-db-secret
+      name: secret-user-service
  - path: secret-bill-service-patch.yaml
    target:
      kind: Secret
-      name: bill-service-db-secret
+      name: secret-bill-service
  - path: secret-product-service-patch.yaml
    target:
      kind: Secret
-      name: product-service-db-secret
+      name: secret-product-service

 images:
  - name: docker.io/hiondal/api-gateway
-    newTag: latest
+    newTag: dev-latest
  - name: docker.io/hiondal/user-service
-    newTag: latest
+    newTag: dev-latest
  - name: docker.io/hiondal/bill-service
-    newTag: latest
+    newTag: dev-latest
  - name: docker.io/hiondal/product-service
-    newTag: latest
+    newTag: dev-latest
  - name: docker.io/hiondal/kos-mock
-    newTag: latest
+    newTag: dev-latest
@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: bill-service-db-secret
+  name: secret-bill-service
  labels:
    app: bill-service
    app.kubernetes.io/part-of: phonebill
@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: phonebill-common-secret
+  name: secret-common
  labels:
    app.kubernetes.io/part-of: phonebill
 type: Opaque
@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: product-service-db-secret
+  name: secret-product-service
  labels:
    app: product-service
    app.kubernetes.io/part-of: phonebill
@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: user-service-db-secret
+  name: secret-user-service
  labels:
    app: user-service
    app.kubernetes.io/part-of: phonebill
@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: phonebill-common-config
+  name: cm-common
  labels:
    app.kubernetes.io/part-of: phonebill
 data:
@@ -16,7 +16,7 @@ spec:
  tls:
  - hosts:
    - phonebill.example.com
-    secretName: phonebill-prod-tls
+    secretName: phonebill-tls
  rules:
  - host: phonebill.example.com
    http:
@@ -1,27 +1,24 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization

-namespace: phonebill-prod
+namespace: phonebill

 resources:
  - ../../base

 patches:
-  # Common patches
  - path: cm-common-patch.yaml
    target:
      kind: ConfigMap
-      name: phonebill-common-config
+      name: cm-common
  - path: secret-common-patch.yaml
    target:
      kind: Secret
-      name: phonebill-common-secret
+      name: secret-common
  - path: ingress-patch.yaml
    target:
      kind: Ingress
      name: phonebill-ingress
-
-  # Deployment patches
  - path: deployment-api-gateway-patch.yaml
    target:
      kind: Deployment
@@ -42,29 +39,27 @@ patches:
    target:
      kind: Deployment
      name: kos-mock
-
-  # Service Secret patches
  - path: secret-user-service-patch.yaml
    target:
      kind: Secret
-      name: user-service-db-secret
+      name: secret-user-service
  - path: secret-bill-service-patch.yaml
    target:
      kind: Secret
-      name: bill-service-db-secret
+      name: secret-bill-service
  - path: secret-product-service-patch.yaml
    target:
      kind: Secret
-      name: product-service-db-secret
+      name: secret-product-service

 images:
  - name: docker.io/hiondal/api-gateway
-    newTag: latest
+    newTag: prod-latest
  - name: docker.io/hiondal/user-service
-    newTag: latest
+    newTag: prod-latest
  - name: docker.io/hiondal/bill-service
-    newTag: latest
+    newTag: prod-latest
  - name: docker.io/hiondal/product-service
-    newTag: latest
+    newTag: prod-latest
  - name: docker.io/hiondal/kos-mock
-    newTag: latest
+    newTag: prod-latest
@@ -1,11 +1,11 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: bill-service-db-secret
+  name: secret-bill-service
  labels:
    app: bill-service
    app.kubernetes.io/part-of: phonebill
 type: Opaque
 stringData:
  DB_USERNAME: "unicorn"
-  DB_PASSWORD: "PROD_DB_PASSWORD"
+  DB_PASSWORD: "P@ssw0rd$"
@@ -1,10 +1,10 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: phonebill-common-secret
+  name: secret-common
  labels:
    app.kubernetes.io/part-of: phonebill
 type: Opaque
 stringData:
-  JWT_SECRET: "PROD_JWT_SECRET_REPLACE_WITH_SECURE_VALUE"
-  REDIS_PASSWORD: "PROD_REDIS_PASSWORD"
+  JWT_SECRET: "EK1ZV7vROOXREXbYe/BCISdQq0Yklk9JtoA2v88ux1DBDc0bDGiRRxHeDSb7GHkDP9IUYHMVsBi4/1rS4OhfRg=="
+  REDIS_PASSWORD: "P@ssw0rd$"
@@ -1,11 +1,11 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: product-service-db-secret
+  name: secret-product-service
  labels:
    app: product-service
    app.kubernetes.io/part-of: phonebill
 type: Opaque
 stringData:
  DB_USERNAME: "unicorn"
-  DB_PASSWORD: "PROD_DB_PASSWORD"
+  DB_PASSWORD: "P@ssw0rd$"
@@ -1,11 +1,11 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: user-service-db-secret
+  name: secret-user-service
  labels:
    app: user-service
    app.kubernetes.io/part-of: phonebill
 type: Opaque
 stringData:
  DB_USERNAME: "unicorn"
-  DB_PASSWORD: "PROD_DB_PASSWORD"
+  DB_PASSWORD: "P@ssw0rd$"
@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: phonebill-common-config
+  name: cm-common
  labels:
    app.kubernetes.io/part-of: phonebill
 data:
@@ -10,7 +10,7 @@ metadata:
    nginx.ingress.kubernetes.io/proxy-send-timeout: "60"
    nginx.ingress.kubernetes.io/proxy-connect-timeout: "60"
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
-    cert-manager.io/cluster-issuer: "letsencrypt-staging"
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
 spec:
  ingressClassName: nginx
  tls:
@@ -7,21 +7,18 @@ resources:
  - ../../base

 patches:
-  # Common patches
  - path: cm-common-patch.yaml
    target:
      kind: ConfigMap
-      name: phonebill-common-config
+      name: cm-common
  - path: secret-common-patch.yaml
    target:
      kind: Secret
-      name: phonebill-common-secret
+      name: secret-common
  - path: ingress-patch.yaml
    target:
      kind: Ingress
      name: phonebill-ingress
-
-  # Deployment patches
  - path: deployment-api-gateway-patch.yaml
    target:
      kind: Deployment
@@ -42,29 +39,27 @@ patches:
    target:
      kind: Deployment
      name: kos-mock
-
-  # Service Secret patches
  - path: secret-user-service-patch.yaml
    target:
      kind: Secret
-      name: user-service-db-secret
+      name: secret-user-service
  - path: secret-bill-service-patch.yaml
    target:
      kind: Secret
-      name: bill-service-db-secret
+      name: secret-bill-service
  - path: secret-product-service-patch.yaml
    target:
      kind: Secret
-      name: product-service-db-secret
+      name: secret-product-service

 images:
  - name: docker.io/hiondal/api-gateway
-    newTag: latest
+    newTag: staging-latest
  - name: docker.io/hiondal/user-service
-    newTag: latest
+    newTag: staging-latest
  - name: docker.io/hiondal/bill-service
-    newTag: latest
+    newTag: staging-latest
  - name: docker.io/hiondal/product-service
-    newTag: latest
+    newTag: staging-latest
  - name: docker.io/hiondal/kos-mock
-    newTag: latest
+    newTag: staging-latest
@@ -1,11 +1,11 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: bill-service-db-secret
+  name: secret-bill-service
  labels:
    app: bill-service
    app.kubernetes.io/part-of: phonebill
 type: Opaque
 stringData:
  DB_USERNAME: "unicorn"
-  DB_PASSWORD: "STAGING_DB_PASSWORD"
+  DB_PASSWORD: "P@ssw0rd$"
@@ -1,10 +1,10 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: phonebill-common-secret
+  name: secret-common
  labels:
    app.kubernetes.io/part-of: phonebill
 type: Opaque
 stringData:
-  JWT_SECRET: "STAGING_JWT_SECRET_REPLACE_WITH_SECURE_VALUE"
-  REDIS_PASSWORD: "STAGING_REDIS_PASSWORD"
+  JWT_SECRET: "EK1ZV7vROOXREXbYe/BCISdQq0Yklk9JtoA2v88ux1DBDc0bDGiRRxHeDSb7GHkDP9IUYHMVsBi4/1rS4OhfRg=="
+  REDIS_PASSWORD: "P@ssw0rd$"
@@ -1,11 +1,11 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: product-service-db-secret
+  name: secret-product-service
  labels:
    app: product-service
    app.kubernetes.io/part-of: phonebill
 type: Opaque
 stringData:
  DB_USERNAME: "unicorn"
-  DB_PASSWORD: "STAGING_DB_PASSWORD"
+  DB_PASSWORD: "P@ssw0rd$"
@@ -1,11 +1,11 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: user-service-db-secret
+  name: secret-user-service
  labels:
    app: user-service
    app.kubernetes.io/part-of: phonebill
 type: Opaque
 stringData:
  DB_USERNAME: "unicorn"
-  DB_PASSWORD: "STAGING_DB_PASSWORD"
+  DB_PASSWORD: "P@ssw0rd$"