Jenkins CI/CD 파이프라인 완전 구축 완료

- Kustomize 기반 환경별 매니페스트 관리 시스템 구축 - Base 매니페스트 및 환경별(dev/staging/prod) Overlay 작성 - Strategic Merge Patch → Patch 형식으로 업데이트 - Jenkinsfile 파드 자동 정리 기능 적용 - 배포 스크립트 및 검증 스크립트 작성 - 상세 구축 가이드 문서 작성 - 모든 환경 Kustomize 빌드 검증 완료 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2026-06-12 19:49:10 +00:00 · 2025-09-13 01:00:04 +09:00
parent e72f7ac9f6
commit 7f8593fb71
41 changed files with 605 additions and 726 deletions
@@ -1,4 +1,4 @@
 apiVersion: v1
 kind: Namespace
 metadata:
-  name: phonebill
+  name: placeholder
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: cm-common
+  
+data:
+  CORS_ALLOWED_ORIGINS: "http://localhost:8081,http://localhost:8082,http://localhost:8083,http://localhost:8084,http://phonebill.20.214.196.128.nip.io"
+  JWT_ACCESS_TOKEN_VALIDITY: "18000000"
+  JWT_REFRESH_TOKEN_VALIDITY: "86400000"
+  REDIS_PORT: "6379"
+  SPRING_PROFILES_ACTIVE: "dev"
+  DDL_AUTO: "update"
@@ -1,17 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: cm-common
-data:
-  # 환경별 프로파일 설정
-  SPRING_PROFILES_ACTIVE: "dev"
-  
-  # 개발 환경 도메인 설정
-  CORS_ALLOWED_ORIGINS: "http://phonebill-api.20.214.196.128.nip.io"
-  
-  # 개발 환경 DDL 설정 (데이터 보존을 위해 update 사용)
-  DDL_AUTO: "update"
-  
-  # JWT 토큰 유효시간 (개발 환경은 긴 유효시간)
-  JWT_ACCESS_TOKEN_EXPIRATION: "3600000"
-  JWT_REFRESH_TOKEN_EXPIRATION: "86400000"
@@ -1,7 +1,7 @@
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: phonebill
+  name: phonebill-ingress
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/ssl-redirect: "false"
@@ -7,7 +7,7 @@ resources:
  - ../../base

 patches:
-  - path: configmap-common-patch.yaml
+  - path: cm-common-patch.yaml
    target:
      kind: ConfigMap
      name: cm-common
@@ -64,5 +64,7 @@ images:
  - name: acrdigitalgarage01.azurecr.io/phonebill/kos-mock
    newTag: dev-latest

-commonLabels:
-  environment: dev
+labels:
+  - includeSelectors: true
+    pairs:
+      environment: dev
@@ -2,8 +2,10 @@ apiVersion: v1
 kind: Secret
 metadata:
  name: secret-bill-service
+  
 type: Opaque
 stringData:
-  # Bill Service DB 접속 정보 (개발 환경)
-  DB_PASSWORD: "billdb-dev-password"
-  DB_URL: "jdbc:postgresql://bill-inquiry-postgres-dev-postgresql:5432/bill_inquiry_db"
+  DB_HOST: "bill-inquiry-postgres-dev-postgresql"
+  DB_NAME: "bill_inquiry_db"
+  DB_USERNAME: "bill_inquiry_user"
+  DB_PASSWORD: "BillUser2025!"
@@ -2,12 +2,9 @@ apiVersion: v1
 kind: Secret
 metadata:
  name: secret-common
+  
 type: Opaque
 stringData:
-  # Redis 설정 (개발 환경)
-  REDIS_PASSWORD: "dev-redis-password"
-  
-  # JWT Secret Key (개발 환경용)
-  JWT_SECRET: "dev-jwt-secret-key-for-phonebill-development"
-  
-  # 개발 환경용 공통 시크릿
+  JWT_SECRET: "nwe5Yo9qaJ6FBD/Thl2/j6/SFAfNwUorAY1ZcWO2KI7uA4bmVLOCPxE9hYuUpRCOkgV2UF2DdHXtqHi3+BU/ecbz2zpHyf/720h48UbA3XOMYOX1sdM+dQ=="
+  REDIS_HOST: "redis-cache-dev-master"
+  REDIS_PASSWORD: "Redis2025Dev!"
@@ -2,8 +2,10 @@ apiVersion: v1
 kind: Secret
 metadata:
  name: secret-product-service
+  
 type: Opaque
 stringData:
-  # Product Service DB 접속 정보 (개발 환경)
-  DB_PASSWORD: "productdb-dev-password"
-  DB_URL: "jdbc:postgresql://product-change-postgres-dev-postgresql:5432/product_change_db"
+  DB_HOST: "product-change-postgres-dev-postgresql"
+  DB_NAME: "product_change_db"
+  DB_USERNAME: "product_change_user"
+  DB_PASSWORD: "ProductUser2025!"
@@ -2,8 +2,10 @@ apiVersion: v1
 kind: Secret
 metadata:
  name: secret-user-service
+  
 type: Opaque
 stringData:
-  # User Service DB 접속 정보 (개발 환경)
-  DB_PASSWORD: "userdb-dev-password"
-  DB_URL: "jdbc:postgresql://user-auth-postgres-dev-postgresql:5432/user_auth_db"
+  DB_HOST: "auth-postgres-dev-postgresql"
+  DB_NAME: "phonebill_auth"
+  DB_USERNAME: "auth_user"
+  DB_PASSWORD: "AuthUser2025!"
@@ -1,72 +0,0 @@
-# Production Overlay Configuration
-
-This directory contains the Kustomize overlay configuration for the production environment of the phonebill project.
-
-## Configuration Overview
-
-### Environment Details
- **Namespace**: `phonebill-prod`
- **Environment**: Production
- **Replicas**: 3 (for all services)
- **Domain**: `phonebill.yourdomain.com`
- **Image Tag**: `prod-latest`
- **SSL**: Enabled with HTTPS redirect
-
-### Security Configuration
- **JWT Access Token**: 30분 (1800000ms) - 보안 강화를 위한 짧은 만료시간
- **JWT Refresh Token**: 12시간 (43200000ms)
- **DDL Auto**: `validate` - 프로덕션 안전성을 위한 스키마 검증 모드
- **SSL Redirect**: 강제 HTTPS 리디렉션
-
-### Resource Allocation
-All services are configured with:
- **Requests**: 1024m CPU, 1024Mi Memory
- **Limits**: 4096m CPU, 4096Mi Memory
-
-### Health Checks
- **Liveness Probe**: 2분 초기 지연, 30초 간격
- **Readiness Probe**: 1분 초기 지연, 10초 간격
-
-## Files Structure
-
-```
-prod/
-├── kustomization.yaml                    # 메인 오버레이 설정
-├── configmap-common-patch.yaml          # 공통 설정 (프로덕션 프로파일)
-├── secret-common-patch.yaml             # 공통 시크릿 (JWT, Redis)
-├── ingress-patch.yaml                   # HTTPS 인그레스 설정
-├── deployment-api-gateway-patch.yaml    # API Gateway 배포 설정
-├── deployment-user-service-patch.yaml   # 사용자 서비스 배포 설정
-├── deployment-bill-service-patch.yaml   # 요금조회 서비스 배포 설정
-├── deployment-product-service-patch.yaml# 상품변경 서비스 배포 설정
-├── deployment-kos-mock-patch.yaml       # KOS Mock 배포 설정
-├── secret-user-service-patch.yaml       # 사용자 서비스 DB 연결정보
-├── secret-bill-service-patch.yaml       # 요금조회 서비스 DB 연결정보
-└── secret-product-service-patch.yaml    # 상품변경 서비스 DB 연결정보
-```
-
-## Deployment Command
-
-```bash
-# Apply production configuration
-kubectl apply -k deployment/cicd/kustomize/overlays/prod/
-
-# Validate configuration before applying
-kubectl kustomize deployment/cicd/kustomize/overlays/prod/
-```
-
-## Important Notes
-
-1. **Secret Values**: 모든 시크릿 값들은 실제 프로덕션 환경에 맞게 변경해야 합니다.
-2. **Domain Configuration**: `phonebill.yourdomain.com`을 실제 도메인으로 변경하세요.
-3. **Certificate**: SSL 인증서 설정을 위해 cert-manager가 구성되어 있어야 합니다.
-4. **Database**: 각 서비스별 전용 데이터베이스 인스턴스가 필요합니다.
-5. **Monitoring**: 프로덕션 환경에서는 모니터링 및 로깅 설정이 중요합니다.
-
-## Database Services Required
-
-프로덕션 환경에서는 다음 데이터베이스 서비스들이 필요합니다:
- `auth-postgres-prod-service` (사용자 서비스)
- `bill-inquiry-postgres-prod-service` (요금조회 서비스)
- `product-change-postgres-prod-service` (상품변경 서비스)
- `redis-prod-service` (공통 캐시)
@@ -2,18 +2,11 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
  name: cm-common
-  namespace: phonebill-prod
+  
 data:
+  CORS_ALLOWED_ORIGINS: "https://phonebill.example.com"
+  JWT_ACCESS_TOKEN_VALIDITY: "3600000"
+  JWT_REFRESH_TOKEN_VALIDITY: "86400000"
+  REDIS_PORT: "6379"
  SPRING_PROFILES_ACTIVE: "prod"
-  DDL_AUTO: "validate"
-  
-  # JWT 설정 - 프로덕션 보안 강화
-  JWT_ACCESS_EXPIRATION: "1800000"    # 30분 (1800초)
-  JWT_REFRESH_EXPIRATION: "43200000"  # 12시간 (43200초)
-  
-  # 로깅 설정
-  LOG_LEVEL_ROOT: "INFO"
-  LOG_LEVEL_COM_PHONEBILL: "INFO"
-  
-  # 캐시 설정
-  CACHE_TTL: "3600"  # 1시간
+  DDL_AUTO: "validate"
@@ -2,33 +2,16 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: api-gateway
-  namespace: phonebill-prod
 spec:
  replicas: 3
  template:
    spec:
      containers:
-        - name: api-gateway
-          resources:
-            requests:
-              memory: 1024Mi
-              cpu: 1024m
-            limits:
-              memory: 4096Mi
-              cpu: 4096m
-          livenessProbe:
-            httpGet:
-              path: /actuator/health
-              port: 8080
-            initialDelaySeconds: 120
-            periodSeconds: 30
-            timeoutSeconds: 10
-            failureThreshold: 3
-          readinessProbe:
-            httpGet:
-              path: /actuator/health/readiness
-              port: 8080
-            initialDelaySeconds: 60
-            periodSeconds: 10
-            timeoutSeconds: 5
-            failureThreshold: 3
+      - name: api-gateway
+        resources:
+          requests:
+            cpu: 1024m
+            memory: 1024Mi
+          limits:
+            cpu: 4096m
+            memory: 4096Mi
@@ -2,33 +2,16 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: bill-service
-  namespace: phonebill-prod
 spec:
  replicas: 3
  template:
    spec:
      containers:
-        - name: bill-service
-          resources:
-            requests:
-              memory: 1024Mi
-              cpu: 1024m
-            limits:
-              memory: 4096Mi
-              cpu: 4096m
-          livenessProbe:
-            httpGet:
-              path: /actuator/health
-              port: 8080
-            initialDelaySeconds: 120
-            periodSeconds: 30
-            timeoutSeconds: 10
-            failureThreshold: 3
-          readinessProbe:
-            httpGet:
-              path: /actuator/health/readiness
-              port: 8080
-            initialDelaySeconds: 60
-            periodSeconds: 10
-            timeoutSeconds: 5
-            failureThreshold: 3
+      - name: bill-service
+        resources:
+          requests:
+            cpu: 1024m
+            memory: 1024Mi
+          limits:
+            cpu: 4096m
+            memory: 4096Mi
@@ -2,33 +2,16 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: kos-mock
-  namespace: phonebill-prod
 spec:
  replicas: 3
  template:
    spec:
      containers:
-        - name: kos-mock
-          resources:
-            requests:
-              memory: 1024Mi
-              cpu: 1024m
-            limits:
-              memory: 4096Mi
-              cpu: 4096m
-          livenessProbe:
-            httpGet:
-              path: /actuator/health
-              port: 8080
-            initialDelaySeconds: 120
-            periodSeconds: 30
-            timeoutSeconds: 10
-            failureThreshold: 3
-          readinessProbe:
-            httpGet:
-              path: /actuator/health/readiness
-              port: 8080
-            initialDelaySeconds: 60
-            periodSeconds: 10
-            timeoutSeconds: 5
-            failureThreshold: 3
+      - name: kos-mock
+        resources:
+          requests:
+            cpu: 1024m
+            memory: 1024Mi
+          limits:
+            cpu: 4096m
+            memory: 4096Mi
@@ -2,33 +2,16 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: product-service
-  namespace: phonebill-prod
 spec:
  replicas: 3
  template:
    spec:
      containers:
-        - name: product-service
-          resources:
-            requests:
-              memory: 1024Mi
-              cpu: 1024m
-            limits:
-              memory: 4096Mi
-              cpu: 4096m
-          livenessProbe:
-            httpGet:
-              path: /actuator/health
-              port: 8080
-            initialDelaySeconds: 120
-            periodSeconds: 30
-            timeoutSeconds: 10
-            failureThreshold: 3
-          readinessProbe:
-            httpGet:
-              path: /actuator/health/readiness
-              port: 8080
-            initialDelaySeconds: 60
-            periodSeconds: 10
-            timeoutSeconds: 5
-            failureThreshold: 3
+      - name: product-service
+        resources:
+          requests:
+            cpu: 1024m
+            memory: 1024Mi
+          limits:
+            cpu: 4096m
+            memory: 4096Mi
@@ -2,33 +2,16 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: user-service
-  namespace: phonebill-prod
 spec:
  replicas: 3
  template:
    spec:
      containers:
-        - name: user-service
-          resources:
-            requests:
-              memory: 1024Mi
-              cpu: 1024m
-            limits:
-              memory: 4096Mi
-              cpu: 4096m
-          livenessProbe:
-            httpGet:
-              path: /actuator/health
-              port: 8080
-            initialDelaySeconds: 120
-            periodSeconds: 30
-            timeoutSeconds: 10
-            failureThreshold: 3
-          readinessProbe:
-            httpGet:
-              path: /actuator/health/readiness
-              port: 8080
-            initialDelaySeconds: 60
-            periodSeconds: 10
-            timeoutSeconds: 5
-            failureThreshold: 3
+      - name: user-service
+        resources:
+          requests:
+            cpu: 1024m
+            memory: 1024Mi
+          limits:
+            cpu: 4096m
+            memory: 4096Mi
@@ -1,30 +1,54 @@
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: phonebill
-  namespace: phonebill-prod
+  name: phonebill-ingress
  annotations:
-    nginx.ingress.kubernetes.io/rewrite-target: /
+    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
    cert-manager.io/cluster-issuer: "letsencrypt-prod"
-    nginx.ingress.kubernetes.io/proxy-body-size: "10m"
-    nginx.ingress.kubernetes.io/proxy-connect-timeout: "600"
-    nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
-    nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
 spec:
+  ingressClassName: nginx
  tls:
-    - hosts:
-        - phonebill.yourdomain.com
-      secretName: phonebill-prod-tls
+  - hosts:
+    - phonebill.example.com
+    secretName: phonebill-tls-secret
  rules:
-    - host: phonebill.yourdomain.com
-      http:
-        paths:
-          - path: /
-            pathType: Prefix
-            backend:
-              service:
-                name: api-gateway
-                port:
-                  number: 8080
+  - host: phonebill.example.com
+    http:
+      paths:
+      - path: /api/v1/auth
+        pathType: Prefix
+        backend:
+          service:
+            name: user-service
+            port:
+              number: 80
+      - path: /api/v1/users
+        pathType: Prefix
+        backend:
+          service:
+            name: user-service
+            port:
+              number: 80
+      - path: /api/v1/bills
+        pathType: Prefix
+        backend:
+          service:
+            name: bill-service
+            port:
+              number: 80
+      - path: /api/v1/products
+        pathType: Prefix
+        backend:
+          service:
+            name: product-service
+            port:
+              number: 80
+      - path: /api/v1/kos
+        pathType: Prefix
+        backend:
+          service:
+            name: kos-mock
+            port:
+              number: 80
@@ -11,6 +11,14 @@ patches:
    target:
      kind: ConfigMap
      name: cm-common
+  - path: secret-common-patch.yaml
+    target:
+      kind: Secret
+      name: secret-common
+  - path: ingress-patch.yaml
+    target:
+      kind: Ingress
+      name: phonebill
  - path: deployment-api-gateway-patch.yaml
    target:
      kind: Deployment
@@ -31,14 +39,6 @@ patches:
    target:
      kind: Deployment
      name: kos-mock
-  - path: ingress-patch.yaml
-    target:
-      kind: Ingress
-      name: phonebill
-  - path: secret-common-patch.yaml
-    target:
-      kind: Secret
-      name: secret-common
  - path: secret-user-service-patch.yaml
    target:
      kind: Secret
@@ -64,5 +64,7 @@ images:
  - name: acrdigitalgarage01.azurecr.io/phonebill/kos-mock
    newTag: prod-latest

-commonLabels:
-  environment: prod
+labels:
+  - includeSelectors: true
+    pairs:
+      environment: prod
@@ -2,21 +2,10 @@ apiVersion: v1
 kind: Secret
 metadata:
  name: secret-bill-service
-  namespace: phonebill-prod
+  
 type: Opaque
 stringData:
-  # 요금조회 서비스 전용 데이터베이스 연결정보
-  DB_HOST: "bill-inquiry-postgres-prod-service"
-  DB_PORT: "5432"
+  DB_HOST: "bill-inquiry-postgres-prod-postgresql"
  DB_NAME: "bill_inquiry_db"
-  DB_USERNAME: "postgres"
-  DB_PASSWORD: "your-production-bill-db-password"
-  
-  # 데이터베이스 연결 풀 설정 (프로덕션 최적화)
-  DB_MAX_POOL_SIZE: "20"
-  DB_MIN_IDLE: "5"
-  DB_CONNECTION_TIMEOUT: "30000"
-  
-  # KOS 연동 설정
-  KOS_BASE_URL: "http://kos-mock:8080"
-  KOS_API_KEY: "your-production-kos-api-key"
+  DB_USERNAME: "bill_inquiry_user"
+  DB_PASSWORD: "BillUserProd2025!"
@@ -2,16 +2,9 @@ apiVersion: v1
 kind: Secret
 metadata:
  name: secret-common
-  namespace: phonebill-prod
+  
 type: Opaque
 stringData:
-  # JWT 설정
-  JWT_SECRET: "your-production-jwt-secret-key-here-must-be-very-secure"
-  
-  # Redis 설정
-  REDIS_HOST: "redis-prod-service"
-  REDIS_PORT: "6379"
-  REDIS_PASSWORD: "your-production-redis-password"
-  
-  # 암호화 설정
-  ENCRYPTION_KEY: "your-production-encryption-key-32-chars"
+  JWT_SECRET: "nwe5Yo9qaJ6FBD/Thl2/j6/SFAfNwUorAY1ZcWO2KI7uA4bmVLOCPxE9hYuUpRCOkgV2UF2DdHXtqHi3+BU/ecbz2zpHyf/720h48UbA3XOMYOX1sdM+dQ=="
+  REDIS_HOST: "redis-cache-prod-master"
+  REDIS_PASSWORD: "Redis2025Prod!"
@@ -2,21 +2,10 @@ apiVersion: v1
 kind: Secret
 metadata:
  name: secret-product-service
-  namespace: phonebill-prod
+  
 type: Opaque
 stringData:
-  # 상품변경 서비스 전용 데이터베이스 연결정보
-  DB_HOST: "product-change-postgres-prod-service"
-  DB_PORT: "5432"
+  DB_HOST: "product-change-postgres-prod-postgresql"
  DB_NAME: "product_change_db"
-  DB_USERNAME: "postgres"
-  DB_PASSWORD: "your-production-product-db-password"
-  
-  # 데이터베이스 연결 풀 설정 (프로덕션 최적화)
-  DB_MAX_POOL_SIZE: "20"
-  DB_MIN_IDLE: "5"
-  DB_CONNECTION_TIMEOUT: "30000"
-  
-  # KOS 연동 설정
-  KOS_BASE_URL: "http://kos-mock:8080"
-  KOS_API_KEY: "your-production-kos-api-key"
+  DB_USERNAME: "product_change_user"
+  DB_PASSWORD: "ProductUserProd2025!"
@@ -2,17 +2,10 @@ apiVersion: v1
 kind: Secret
 metadata:
  name: secret-user-service
-  namespace: phonebill-prod
+  
 type: Opaque
 stringData:
-  # 사용자 서비스 전용 데이터베이스 연결정보
-  DB_HOST: "auth-postgres-prod-service"
-  DB_PORT: "5432"
-  DB_NAME: "auth_db"
-  DB_USERNAME: "postgres"
-  DB_PASSWORD: "your-production-auth-db-password"
-  
-  # 데이터베이스 연결 풀 설정 (프로덕션 최적화)
-  DB_MAX_POOL_SIZE: "20"
-  DB_MIN_IDLE: "5"
-  DB_CONNECTION_TIMEOUT: "30000"
+  DB_HOST: "auth-postgres-prod-postgresql"
+  DB_NAME: "phonebill_auth"
+  DB_USERNAME: "auth_user"
+  DB_PASSWORD: "AuthUserProd2025!"
@@ -2,16 +2,11 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
  name: cm-common
+  
 data:
-  # 환경별 프로파일 설정
+  CORS_ALLOWED_ORIGINS: "https://phonebill.example.com"
+  JWT_ACCESS_TOKEN_VALIDITY: "18000000"
+  JWT_REFRESH_TOKEN_VALIDITY: "86400000"
+  REDIS_PORT: "6379"
  SPRING_PROFILES_ACTIVE: "staging"
-  
-  # 스테이징 환경 도메인 설정
-  CORS_ALLOWED_ORIGINS: "https://phonebill-staging.yourdomain.com"
-  
-  # 스테이징 환경 DDL 설정 (데이터 검증을 위해 validate 사용)
-  DDL_AUTO: "validate"
-  
-  # JWT 토큰 유효시간 (스테이징 환경은 운영과 유사한 유효시간)
-  JWT_ACCESS_TOKEN_EXPIRATION: "1800000"
-  JWT_REFRESH_TOKEN_EXPIRATION: "43200000"
+  DDL_AUTO: "validate"
@@ -10,8 +10,8 @@ spec:
      - name: api-gateway
        resources:
          requests:
-            memory: 512Mi
            cpu: 512m
+            memory: 512Mi
          limits:
-            memory: 2048Mi
-            cpu: 2048m
+            cpu: 2048m
+            memory: 2048Mi
@@ -10,8 +10,8 @@ spec:
      - name: bill-service
        resources:
          requests:
-            memory: 512Mi
            cpu: 512m
+            memory: 512Mi
          limits:
-            memory: 2048Mi
-            cpu: 2048m
+            cpu: 2048m
+            memory: 2048Mi
@@ -10,8 +10,8 @@ spec:
      - name: kos-mock
        resources:
          requests:
-            memory: 512Mi
            cpu: 512m
+            memory: 512Mi
          limits:
-            memory: 2048Mi
-            cpu: 2048m
+            cpu: 2048m
+            memory: 2048Mi
@@ -10,8 +10,8 @@ spec:
      - name: product-service
        resources:
          requests:
-            memory: 512Mi
            cpu: 512m
+            memory: 512Mi
          limits:
-            memory: 2048Mi
-            cpu: 2048m
+            cpu: 2048m
+            memory: 2048Mi
@@ -10,8 +10,8 @@ spec:
      - name: user-service
        resources:
          requests:
-            memory: 512Mi
            cpu: 512m
+            memory: 512Mi
          limits:
-            memory: 2048Mi
-            cpu: 2048m
+            cpu: 2048m
+            memory: 2048Mi
@@ -5,15 +5,15 @@ metadata:
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
-    cert-manager.io/cluster-issuer: letsencrypt-prod
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
 spec:
  ingressClassName: nginx
  tls:
  - hosts:
-    - phonebill-staging.yourdomain.com
-    secretName: phonebill-staging-tls
+    - phonebill.example.com
+    secretName: phonebill-tls-cert
  rules:
-  - host: phonebill-staging.yourdomain.com
+  - host: phonebill.example.com
    http:
      paths:
      - path: /api/v1/auth
@@ -11,6 +11,14 @@ patches:
    target:
      kind: ConfigMap
      name: cm-common
+  - path: secret-common-patch.yaml
+    target:
+      kind: Secret
+      name: secret-common
+  - path: ingress-patch.yaml
+    target:
+      kind: Ingress
+      name: phonebill
  - path: deployment-api-gateway-patch.yaml
    target:
      kind: Deployment
@@ -31,14 +39,6 @@ patches:
    target:
      kind: Deployment
      name: kos-mock
-  - path: ingress-patch.yaml
-    target:
-      kind: Ingress
-      name: phonebill
-  - path: secret-common-patch.yaml
-    target:
-      kind: Secret
-      name: secret-common
  - path: secret-user-service-patch.yaml
    target:
      kind: Secret
@@ -64,5 +64,7 @@ images:
  - name: acrdigitalgarage01.azurecr.io/phonebill/kos-mock
    newTag: staging-latest

-commonLabels:
-  environment: staging
+labels:
+  - includeSelectors: true
+    pairs:
+      environment: staging
@@ -2,8 +2,10 @@ apiVersion: v1
 kind: Secret
 metadata:
  name: secret-bill-service
+  
 type: Opaque
 stringData:
-  # Bill Service DB 접속 정보 (스테이징 환경)
-  DB_PASSWORD: "billdb-staging-password"
-  DB_URL: "jdbc:postgresql://bill-inquiry-postgres-staging-postgresql:5432/bill_inquiry_db"
+  DB_HOST: "bill-inquiry-postgres-staging-postgresql"
+  DB_NAME: "bill_inquiry_db"
+  DB_USERNAME: "bill_inquiry_user"
+  DB_PASSWORD: "BillUser2025Staging!"
@@ -2,12 +2,9 @@ apiVersion: v1
 kind: Secret
 metadata:
  name: secret-common
+  
 type: Opaque
 stringData:
-  # Redis 설정 (스테이징 환경)
-  REDIS_PASSWORD: "staging-redis-password"
-  
-  # JWT Secret Key (스테이징 환경용)
-  JWT_SECRET: "staging-jwt-secret-key-for-phonebill-staging-environment"
-  
-  # 스테이징 환경용 공통 시크릿
+  JWT_SECRET: "nwe5Yo9qaJ6FBD/Thl2/j6/SFAfNwUorAY1ZcWO2KI7uA4bmVLOCPxE9hYuUpRCOkgV2UF2DdHXtqHi3+BU/ecbz2zpHyf/720h48UbA3XOMYOX1sdM+dQ=="
+  REDIS_HOST: "redis-cache-staging-master"
+  REDIS_PASSWORD: "Redis2025Staging!"
@@ -2,8 +2,10 @@ apiVersion: v1
 kind: Secret
 metadata:
  name: secret-product-service
+  
 type: Opaque
 stringData:
-  # Product Service DB 접속 정보 (스테이징 환경)
-  DB_PASSWORD: "productdb-staging-password"
-  DB_URL: "jdbc:postgresql://product-change-postgres-staging-postgresql:5432/product_change_db"
+  DB_HOST: "product-change-postgres-staging-postgresql"
+  DB_NAME: "product_change_db"
+  DB_USERNAME: "product_change_user"
+  DB_PASSWORD: "ProductUser2025Staging!"
@@ -2,8 +2,10 @@ apiVersion: v1
 kind: Secret
 metadata:
  name: secret-user-service
+  
 type: Opaque
 stringData:
-  # User Service DB 접속 정보 (스테이징 환경)
-  DB_PASSWORD: "userdb-staging-password"
-  DB_URL: "jdbc:postgresql://user-auth-postgres-staging-postgresql:5432/user_auth_db"
+  DB_HOST: "auth-postgres-staging-postgresql"
+  DB_NAME: "phonebill_auth"
+  DB_USERNAME: "auth_user"
+  DB_PASSWORD: "AuthUser2025Staging!"