From f3b068d1015f0bf7f4d3c4783b9bdc931681afb6 Mon Sep 17 00:00:00 2001 From: hiondal Date: Mon, 15 Sep 2025 12:50:04 +0900 Subject: [PATCH] =?UTF-8?q?GitHub=20Actions=20CI/CD=20=ED=8C=8C=EC=9D=B4?= =?UTF-8?q?=ED=94=84=EB=9D=BC=EC=9D=B8=20=EA=B5=AC=EC=B6=95=20=EC=99=84?= =?UTF-8?q?=EB=A3=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - GitHub Actions 전용 Kustomize 매니페스트 생성 (.github/kustomize/) - 환경별 Overlay 구성 (dev/staging/prod) - Base Kustomization 및 환경별 패치 파일 작성 - GitHub Actions 워크플로우 파일 작성 (.github/workflows/backend-cicd.yaml) - 환경별 설정 파일 및 수동 배포 스크립트 작성 - CI/CD 구축 가이드 문서 생성 (.github/deploy-actions-cicd-back.md) 주요 기능: - 자동 빌드/테스트/배포 파이프라인 - SonarQube 코드 품질 분석 (선택적) - 환경별 최적화 설정 (리소스, 보안, 도메인) - ACR 기반 컨테이너 이미지 관리 - 헬스체크 및 롤백 지원 --- .../deploy-actions-cicd-guide-back.md | 15 + .github/config/deploy_env_vars_dev | 3 + .github/config/deploy_env_vars_prod | 3 + .github/config/deploy_env_vars_staging | 3 + .github/deploy-actions-cicd-back.md | 237 ++++++++++++++ .../base/api-gateway/cm-api-gateway.yaml | 11 + .../base/api-gateway/deployment.yaml | 58 ++++ .../kustomize/base/api-gateway/service.yaml | 12 + .../base/bill-service/cm-bill-service.yaml | 22 ++ .../base/bill-service/deployment.yaml | 60 ++++ .../bill-service/secret-bill-service.yaml | 11 + .../kustomize/base/bill-service/service.yaml | 12 + .github/kustomize/base/common/cm-common.yaml | 12 + .github/kustomize/base/common/ingress.yaml | 49 +++ .../kustomize/base/common/secret-common.yaml | 10 + .../base/common/secret-imagepull.yaml | 17 + .../kustomize/base/kos-mock/cm-kos-mock.yaml | 7 + .../kustomize/base/kos-mock/deployment.yaml | 58 ++++ .github/kustomize/base/kos-mock/service.yaml | 12 + .github/kustomize/base/kustomization.yaml | 57 ++++ .github/kustomize/base/namespace.yaml | 4 + .../product-service/cm-product-service.yaml | 11 + .../base/product-service/deployment.yaml | 60 ++++ .../secret-product-service.yaml | 11 + .../base/product-service/service.yaml | 12 + .../base/user-service/cm-user-service.yaml | 12 + .../base/user-service/deployment.yaml | 60 ++++ .../user-service/secret-user-service.yaml | 11 + .../kustomize/base/user-service/service.yaml | 12 + .../overlays/dev/cm-common-patch.yaml | 12 + .../dev/deployment-api-gateway-patch.yaml | 17 + .../dev/deployment-bill-service-patch.yaml | 17 + .../dev/deployment-kos-mock-patch.yaml | 17 + .../dev/deployment-product-service-patch.yaml | 17 + .../dev/deployment-user-service-patch.yaml | 17 + .../kustomize/overlays/dev/ingress-patch.yaml | 49 +++ .../kustomize/overlays/dev/kustomization.yaml | 70 ++++ .../dev/secret-bill-service-patch.yaml | 11 + .../overlays/dev/secret-common-patch.yaml | 10 + .../dev/secret-product-service-patch.yaml | 11 + .../dev/secret-user-service-patch.yaml | 11 + .../overlays/prod/cm-common-patch.yaml | 12 + .../prod/deployment-api-gateway-patch.yaml | 17 + .../prod/deployment-bill-service-patch.yaml | 17 + .../prod/deployment-kos-mock-patch.yaml | 17 + .../deployment-product-service-patch.yaml | 17 + .../prod/deployment-user-service-patch.yaml | 17 + .../overlays/prod/ingress-patch.yaml | 54 +++ .../overlays/prod/kustomization.yaml | 70 ++++ .../prod/secret-bill-service-patch.yaml | 11 + .../overlays/prod/secret-common-patch.yaml | 10 + .../prod/secret-product-service-patch.yaml | 11 + .../prod/secret-user-service-patch.yaml | 11 + .../overlays/staging/cm-common-patch.yaml | 12 + .../staging/deployment-api-gateway-patch.yaml | 17 + .../deployment-bill-service-patch.yaml | 17 + .../staging/deployment-kos-mock-patch.yaml | 17 + .../deployment-product-service-patch.yaml | 17 + .../deployment-user-service-patch.yaml | 17 + .../overlays/staging/ingress-patch.yaml | 54 +++ .../overlays/staging/kustomization.yaml | 70 ++++ .../staging/secret-bill-service-patch.yaml | 11 + .../overlays/staging/secret-common-patch.yaml | 10 + .../staging/secret-product-service-patch.yaml | 11 + .../staging/secret-user-service-patch.yaml | 11 + .github/scripts/deploy-actions.sh | 64 ++++ .github/workflows/backend-cicd.yaml | 286 ++++++++++++++++ CLAUDE.md | 4 + claude/github-actions-migration-plan.md | 308 ------------------ fix-deployment-selector.sh | 46 --- 70 files changed, 2003 insertions(+), 354 deletions(-) create mode 100644 .claude/commands/deploy-actions-cicd-guide-back.md create mode 100644 .github/config/deploy_env_vars_dev create mode 100644 .github/config/deploy_env_vars_prod create mode 100644 .github/config/deploy_env_vars_staging create mode 100644 .github/deploy-actions-cicd-back.md create mode 100644 .github/kustomize/base/api-gateway/cm-api-gateway.yaml create mode 100644 .github/kustomize/base/api-gateway/deployment.yaml create mode 100644 .github/kustomize/base/api-gateway/service.yaml create mode 100644 .github/kustomize/base/bill-service/cm-bill-service.yaml create mode 100644 .github/kustomize/base/bill-service/deployment.yaml create mode 100644 .github/kustomize/base/bill-service/secret-bill-service.yaml create mode 100644 .github/kustomize/base/bill-service/service.yaml create mode 100644 .github/kustomize/base/common/cm-common.yaml create mode 100644 .github/kustomize/base/common/ingress.yaml create mode 100644 .github/kustomize/base/common/secret-common.yaml create mode 100644 .github/kustomize/base/common/secret-imagepull.yaml create mode 100644 .github/kustomize/base/kos-mock/cm-kos-mock.yaml create mode 100644 .github/kustomize/base/kos-mock/deployment.yaml create mode 100644 .github/kustomize/base/kos-mock/service.yaml create mode 100644 .github/kustomize/base/kustomization.yaml create mode 100644 .github/kustomize/base/namespace.yaml create mode 100644 .github/kustomize/base/product-service/cm-product-service.yaml create mode 100644 .github/kustomize/base/product-service/deployment.yaml create mode 100644 .github/kustomize/base/product-service/secret-product-service.yaml create mode 100644 .github/kustomize/base/product-service/service.yaml create mode 100644 .github/kustomize/base/user-service/cm-user-service.yaml create mode 100644 .github/kustomize/base/user-service/deployment.yaml create mode 100644 .github/kustomize/base/user-service/secret-user-service.yaml create mode 100644 .github/kustomize/base/user-service/service.yaml create mode 100644 .github/kustomize/overlays/dev/cm-common-patch.yaml create mode 100644 .github/kustomize/overlays/dev/deployment-api-gateway-patch.yaml create mode 100644 .github/kustomize/overlays/dev/deployment-bill-service-patch.yaml create mode 100644 .github/kustomize/overlays/dev/deployment-kos-mock-patch.yaml create mode 100644 .github/kustomize/overlays/dev/deployment-product-service-patch.yaml create mode 100644 .github/kustomize/overlays/dev/deployment-user-service-patch.yaml create mode 100644 .github/kustomize/overlays/dev/ingress-patch.yaml create mode 100644 .github/kustomize/overlays/dev/kustomization.yaml create mode 100644 .github/kustomize/overlays/dev/secret-bill-service-patch.yaml create mode 100644 .github/kustomize/overlays/dev/secret-common-patch.yaml create mode 100644 .github/kustomize/overlays/dev/secret-product-service-patch.yaml create mode 100644 .github/kustomize/overlays/dev/secret-user-service-patch.yaml create mode 100644 .github/kustomize/overlays/prod/cm-common-patch.yaml create mode 100644 .github/kustomize/overlays/prod/deployment-api-gateway-patch.yaml create mode 100644 .github/kustomize/overlays/prod/deployment-bill-service-patch.yaml create mode 100644 .github/kustomize/overlays/prod/deployment-kos-mock-patch.yaml create mode 100644 .github/kustomize/overlays/prod/deployment-product-service-patch.yaml create mode 100644 .github/kustomize/overlays/prod/deployment-user-service-patch.yaml create mode 100644 .github/kustomize/overlays/prod/ingress-patch.yaml create mode 100644 .github/kustomize/overlays/prod/kustomization.yaml create mode 100644 .github/kustomize/overlays/prod/secret-bill-service-patch.yaml create mode 100644 .github/kustomize/overlays/prod/secret-common-patch.yaml create mode 100644 .github/kustomize/overlays/prod/secret-product-service-patch.yaml create mode 100644 .github/kustomize/overlays/prod/secret-user-service-patch.yaml create mode 100644 .github/kustomize/overlays/staging/cm-common-patch.yaml create mode 100644 .github/kustomize/overlays/staging/deployment-api-gateway-patch.yaml create mode 100644 .github/kustomize/overlays/staging/deployment-bill-service-patch.yaml create mode 100644 .github/kustomize/overlays/staging/deployment-kos-mock-patch.yaml create mode 100644 .github/kustomize/overlays/staging/deployment-product-service-patch.yaml create mode 100644 .github/kustomize/overlays/staging/deployment-user-service-patch.yaml create mode 100644 .github/kustomize/overlays/staging/ingress-patch.yaml create mode 100644 .github/kustomize/overlays/staging/kustomization.yaml create mode 100644 .github/kustomize/overlays/staging/secret-bill-service-patch.yaml create mode 100644 .github/kustomize/overlays/staging/secret-common-patch.yaml create mode 100644 .github/kustomize/overlays/staging/secret-product-service-patch.yaml create mode 100644 .github/kustomize/overlays/staging/secret-user-service-patch.yaml create mode 100644 .github/scripts/deploy-actions.sh create mode 100644 .github/workflows/backend-cicd.yaml delete mode 100644 claude/github-actions-migration-plan.md delete mode 100755 fix-deployment-selector.sh diff --git a/.claude/commands/deploy-actions-cicd-guide-back.md b/.claude/commands/deploy-actions-cicd-guide-back.md new file mode 100644 index 0000000..4a6e5c6 --- /dev/null +++ b/.claude/commands/deploy-actions-cicd-guide-back.md @@ -0,0 +1,15 @@ +--- +command: "/deploy-actions-cicd-guide-back" +category: "배포" +purpose: "백엔드 GitHub Actions CI/CD 가이드 작성" +--- + +@cicd +'백엔드GitHubActions파이프라인작성가이드'에 따라 GitHub Actions를 이용한 CI/CD 가이드를 작성해 주세요. +프롬프트에 '[실행정보]'항목이 없으면 수행을 중단하고 안내 메시지를 표시해 주세요. +{안내메시지} +'[실행정보]'섹션 하위에 아래 예와 같이 필요한 정보를 제시해 주세요. +[실행정보] +- ACR_NAME: acrdigitalgarage01 +- RESOURCE_GROUP: rg-digitalgarage-01 +- AKS_CLUSTER: aks-digitalgarage-01 diff --git a/.github/config/deploy_env_vars_dev b/.github/config/deploy_env_vars_dev new file mode 100644 index 0000000..5a49197 --- /dev/null +++ b/.github/config/deploy_env_vars_dev @@ -0,0 +1,3 @@ +# dev Environment Configuration +resource_group=rg-digitalgarage-01 +cluster_name=aks-digitalgarage-01 \ No newline at end of file diff --git a/.github/config/deploy_env_vars_prod b/.github/config/deploy_env_vars_prod new file mode 100644 index 0000000..53ee4a0 --- /dev/null +++ b/.github/config/deploy_env_vars_prod @@ -0,0 +1,3 @@ +# prod Environment Configuration +resource_group=rg-digitalgarage-01 +cluster_name=aks-digitalgarage-01 \ No newline at end of file diff --git a/.github/config/deploy_env_vars_staging b/.github/config/deploy_env_vars_staging new file mode 100644 index 0000000..5873b90 --- /dev/null +++ b/.github/config/deploy_env_vars_staging @@ -0,0 +1,3 @@ +# staging Environment Configuration +resource_group=rg-digitalgarage-01 +cluster_name=aks-digitalgarage-01 \ No newline at end of file diff --git a/.github/deploy-actions-cicd-back.md b/.github/deploy-actions-cicd-back.md new file mode 100644 index 0000000..d634205 --- /dev/null +++ b/.github/deploy-actions-cicd-back.md @@ -0,0 +1,237 @@ +# 백엔드 GitHub Actions 파이프라인 구축 가이드 + +## 📋 프로젝트 정보 + +**시스템명**: phonebill +**서비스 목록**: api-gateway, user-service, bill-service, product-service, kos-mock +**JDK 버전**: 21 +**실행 환경**: +- **ACR**: acrdigitalgarage01 +- **리소스 그룹**: rg-digitalgarage-01 +- **AKS 클러스터**: aks-digitalgarage-01 + +## 🚀 GitHub Repository 환경 구성 + +### Repository Secrets 설정 +`Repository Settings > Secrets and variables > Actions > Repository secrets`에 등록: + +```bash +# Azure Service Principal +AZURE_CREDENTIALS: +{ + "clientId": "{클라이언트ID}", + "clientSecret": "{클라이언트시크릿}", + "subscriptionId": "{구독ID}", + "tenantId": "{테넌트ID}" +} + +# ACR Credentials +ACR_USERNAME: acrdigitalgarage01 +ACR_PASSWORD: {ACR패스워드} + +# SonarQube (선택사항) +SONAR_TOKEN: {SonarQube토큰} +SONAR_HOST_URL: {SonarQube서버URL} + +# Docker Hub (Rate Limit 해결용, 선택사항) +DOCKERHUB_USERNAME: {Docker Hub 사용자명} +DOCKERHUB_PASSWORD: {Docker Hub 패스워드} +``` + +### Repository Variables 설정 +`Repository Settings > Secrets and variables > Actions > Variables > Repository variables`에 등록: + +```bash +# Workflow 제어 변수 +ENVIRONMENT: dev (기본값, 수동실행시 선택 가능: dev/staging/prod) +SKIP_SONARQUBE: true (기본값, 수동실행시 선택 가능: true/false) +``` + +### 사용 방법 +- **자동 실행**: Push/PR 시 기본값 사용 (ENVIRONMENT=dev, SKIP_SONARQUBE=true) +- **수동 실행**: Actions 탭 > "Backend Services CI/CD" > "Run workflow" 버튼 클릭 + - Environment: dev/staging/prod 선택 + - Skip SonarQube Analysis: true/false 선택 + +## 📁 디렉토리 구조 + +``` +.github/ +├── kustomize/ # GitHub Actions 전용 Kustomize 매니페스트 +│ ├── base/ # 기본 매니페스트 +│ │ ├── kustomization.yaml +│ │ ├── namespace.yaml +│ │ ├── common/ # 공통 리소스 +│ │ │ ├── cm-common.yaml +│ │ │ ├── secret-common.yaml +│ │ │ ├── secret-imagepull.yaml +│ │ │ └── ingress.yaml +│ │ ├── api-gateway/ # API Gateway 리소스 +│ │ ├── user-service/ # User Service 리소스 +│ │ ├── bill-service/ # Bill Service 리소스 +│ │ ├── product-service/ # Product Service 리소스 +│ │ └── kos-mock/ # KOS Mock 리소스 +│ └── overlays/ # 환경별 오버레이 +│ ├── dev/ # 개발 환경 +│ ├── staging/ # 스테이징 환경 +│ └── prod/ # 운영 환경 +├── config/ # 환경별 배포 설정 +│ ├── deploy_env_vars_dev +│ ├── deploy_env_vars_staging +│ └── deploy_env_vars_prod +├── scripts/ # 배포 스크립트 +│ └── deploy-actions.sh +└── workflows/ # GitHub Actions 워크플로우 + └── backend-cicd.yaml +``` + +## 🔄 환경별 설정 + +### DEV 환경 +- **네임스페이스**: phonebill-dev +- **프로파일**: dev +- **DDL 모드**: update +- **리플리카**: 1개 +- **리소스**: 256Mi/256m (요청), 1024Mi/1024m (제한) +- **도메인**: phonebill-api.20.214.196.128.nip.io (기존과 동일) +- **HTTPS**: 비활성화 + +### STAGING 환경 +- **네임스페이스**: phonebill-staging +- **프로파일**: staging +- **DDL 모드**: validate +- **리플리카**: 2개 +- **리소스**: 512Mi/512m (요청), 2048Mi/2048m (제한) +- **도메인**: phonebill.staging.example.com +- **HTTPS**: 활성화 (ssl-redirect: true) + +### PROD 환경 +- **네임스페이스**: phonebill-prod +- **프로파일**: prod +- **DDL 모드**: validate +- **리플리카**: 3개 +- **리소스**: 1024Mi/1024m (요청), 4096Mi/4096m (제한) +- **도메인**: phonebill.example.com +- **HTTPS**: 활성화 (ssl-redirect: true) +- **JWT 토큰**: 보안 강화 (ACCESS: 1시간, REFRESH: 12시간) + +## 🚀 배포 방법 + +### 1. 자동 배포 (GitHub Actions) + +**코드 Push 시 자동 실행**: +```bash +git add . +git commit -m "feature: 새 기능 추가" +git push origin main # 또는 develop +``` + +**수동 트리거**: +1. GitHub > Actions 탭 이동 +2. "Backend Services CI/CD" 선택 +3. "Run workflow" 클릭 +4. 환경(dev/staging/prod) 및 SonarQube 분석 여부 선택 +5. "Run workflow" 실행 + +### 2. 수동 배포 (로컬) + +```bash +# 개발 환경 배포 +./.github/scripts/deploy-actions.sh dev latest + +# 스테이징 환경 배포 +./.github/scripts/deploy-actions.sh staging 20241215120000 + +# 운영 환경 배포 +./.github/scripts/deploy-actions.sh prod 20241215120000 +``` + +## 🔙 롤백 방법 + +### 1. GitHub Actions 롤백 +```bash +# 이전 성공한 워크플로우 실행으로 롤백 +1. GitHub > Actions > 성공한 이전 워크플로우 선택 +2. "Re-run all jobs" 클릭 +``` + +### 2. kubectl 롤백 +```bash +# 특정 버전으로 롤백 +kubectl rollout undo deployment/{환경}-{서비스명} -n phonebill-{환경} --to-revision=2 + +# 롤백 상태 확인 +kubectl rollout status deployment/{환경}-{서비스명} -n phonebill-{환경} +``` + +### 3. 수동 스크립트 롤백 +```bash +# 이전 안정 버전 이미지 태그로 배포 +./.github/scripts/deploy-actions.sh {환경} {이전태그} +``` + +## 📊 SonarQube 프로젝트 설정 + +각 서비스별 프로젝트 생성 및 Quality Gate 설정: +```bash +Coverage: >= 80% +Duplicated Lines: <= 3% +Maintainability Rating: <= A +Reliability Rating: <= A +Security Rating: <= A +``` + +## ✅ 체크리스트 + +### 사전 준비 +- [ ] GitHub Repository Secrets 설정 완료 +- [ ] GitHub Repository Variables 설정 완료 +- [ ] Azure Service Principal 권한 확인 +- [ ] ACR 접근 권한 확인 +- [ ] AKS 클러스터 접근 권한 확인 + +### 배포 확인 +- [ ] GitHub Actions 워크플로우 정상 실행 +- [ ] 모든 서비스 이미지 빌드 및 푸시 성공 +- [ ] Kustomize 매니페스트 적용 성공 +- [ ] 모든 Deployment 정상 배포 (Available 상태) +- [ ] Health Check 통과 +- [ ] Ingress 정상 동작 확인 + +### 서비스 검증 +- [ ] API Gateway 응답 확인: `curl -f http://localhost:8080/actuator/health` +- [ ] 각 서비스별 Pod 상태 확인: `kubectl get pods -n phonebill-{환경}` +- [ ] 서비스 연결 확인: `kubectl get services -n phonebill-{환경}` +- [ ] Ingress 설정 확인: `kubectl get ingress -n phonebill-{환경}` + +## 🔧 문제 해결 + +### 일반적인 문제 +1. **이미지 빌드 실패**: Dockerfile 경로 및 빌드 컨텍스트 확인 +2. **매니페스트 적용 실패**: Kustomize 구문 오류 확인 +3. **Pod 시작 실패**: 환경변수 및 Secret 설정 확인 +4. **Health Check 실패**: 애플리케이션 로그 확인 + +### 로그 확인 명령어 +```bash +# Pod 로그 확인 +kubectl logs -n phonebill-{환경} {pod-name} + +# Deployment 상태 확인 +kubectl describe deployment -n phonebill-{환경} {deployment-name} + +# 이벤트 확인 +kubectl get events -n phonebill-{환경} --sort-by='.lastTimestamp' +``` + +--- + +## 📞 지원 + +구축 과정에서 문제가 발생하거나 추가 지원이 필요한 경우, 다음 사항을 포함하여 문의: +1. 환경 정보 (dev/staging/prod) +2. 오류 메시지 및 로그 +3. 실행한 명령어 +4. 현재 상태 (kubectl get all -n phonebill-{환경}) + +**구축 완료 🎉** \ No newline at end of file diff --git a/.github/kustomize/base/api-gateway/cm-api-gateway.yaml b/.github/kustomize/base/api-gateway/cm-api-gateway.yaml new file mode 100644 index 0000000..16daedd --- /dev/null +++ b/.github/kustomize/base/api-gateway/cm-api-gateway.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: cm-api-gateway + +data: + SERVER_PORT: "8080" + BILL_SERVICE_URL: "http://bill-service" + PRODUCT_SERVICE_URL: "http://product-service" + USER_SERVICE_URL: "http://user-service" + KOS_MOCK_URL: "http://kos-mock" \ No newline at end of file diff --git a/.github/kustomize/base/api-gateway/deployment.yaml b/.github/kustomize/base/api-gateway/deployment.yaml new file mode 100644 index 0000000..f733b9b --- /dev/null +++ b/.github/kustomize/base/api-gateway/deployment.yaml @@ -0,0 +1,58 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: api-gateway + +spec: + replicas: 1 + selector: + matchLabels: + app: api-gateway + template: + metadata: + labels: + app: api-gateway + spec: + imagePullSecrets: + - name: phonebill + containers: + - name: api-gateway + image: acrdigitalgarage01.azurecr.io/phonebill/api-gateway:latest + imagePullPolicy: Always + ports: + - containerPort: 8080 + envFrom: + - configMapRef: + name: cm-common + - configMapRef: + name: cm-api-gateway + - secretRef: + name: secret-common + resources: + requests: + cpu: 256m + memory: 256Mi + limits: + cpu: 1024m + memory: 1024Mi + startupProbe: + httpGet: + path: /health + port: 8080 + initialDelaySeconds: 30 + periodSeconds: 10 + failureThreshold: 6 + readinessProbe: + httpGet: + path: /health + port: 8080 + initialDelaySeconds: 10 + periodSeconds: 5 + failureThreshold: 3 + livenessProbe: + httpGet: + path: /health + port: 8080 + initialDelaySeconds: 30 + periodSeconds: 10 + failureThreshold: 3 \ No newline at end of file diff --git a/.github/kustomize/base/api-gateway/service.yaml b/.github/kustomize/base/api-gateway/service.yaml new file mode 100644 index 0000000..da3acd6 --- /dev/null +++ b/.github/kustomize/base/api-gateway/service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: api-gateway + +spec: + selector: + app: api-gateway + ports: + - port: 80 + targetPort: 8080 + type: ClusterIP \ No newline at end of file diff --git a/.github/kustomize/base/bill-service/cm-bill-service.yaml b/.github/kustomize/base/bill-service/cm-bill-service.yaml new file mode 100644 index 0000000..6e09048 --- /dev/null +++ b/.github/kustomize/base/bill-service/cm-bill-service.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: cm-bill-service + +data: + SERVER_PORT: "8082" + DB_KIND: "postgresql" + DB_PORT: "5432" + DB_CONNECTION_TIMEOUT: "30000" + DB_IDLE_TIMEOUT: "600000" + DB_LEAK_DETECTION: "60000" + DB_MAX_LIFETIME: "1800000" + DB_MAX_POOL: "20" + DB_MIN_IDLE: "5" + KOS_BASE_URL: "http://kos-mock" + REDIS_DATABASE: "1" + REDIS_MAX_ACTIVE: "8" + REDIS_MAX_IDLE: "8" + REDIS_MAX_WAIT: "-1" + REDIS_MIN_IDLE: "0" + REDIS_TIMEOUT: "2000" \ No newline at end of file diff --git a/.github/kustomize/base/bill-service/deployment.yaml b/.github/kustomize/base/bill-service/deployment.yaml new file mode 100644 index 0000000..a628e88 --- /dev/null +++ b/.github/kustomize/base/bill-service/deployment.yaml @@ -0,0 +1,60 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: bill-service + +spec: + replicas: 1 + selector: + matchLabels: + app: bill-service + template: + metadata: + labels: + app: bill-service + spec: + imagePullSecrets: + - name: phonebill + containers: + - name: bill-service + image: acrdigitalgarage01.azurecr.io/phonebill/bill-service:latest + imagePullPolicy: Always + ports: + - containerPort: 8082 + envFrom: + - configMapRef: + name: cm-common + - configMapRef: + name: cm-bill-service + - secretRef: + name: secret-common + - secretRef: + name: secret-bill-service + resources: + requests: + cpu: 256m + memory: 256Mi + limits: + cpu: 1024m + memory: 1024Mi + startupProbe: + httpGet: + path: /actuator/health + port: 8082 + initialDelaySeconds: 30 + periodSeconds: 10 + failureThreshold: 6 + readinessProbe: + httpGet: + path: /actuator/health/readiness + port: 8082 + initialDelaySeconds: 10 + periodSeconds: 5 + failureThreshold: 3 + livenessProbe: + httpGet: + path: /actuator/health/liveness + port: 8082 + initialDelaySeconds: 30 + periodSeconds: 10 + failureThreshold: 3 \ No newline at end of file diff --git a/.github/kustomize/base/bill-service/secret-bill-service.yaml b/.github/kustomize/base/bill-service/secret-bill-service.yaml new file mode 100644 index 0000000..b1c0b01 --- /dev/null +++ b/.github/kustomize/base/bill-service/secret-bill-service.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-bill-service + +type: Opaque +stringData: + DB_HOST: "bill-inquiry-postgres-dev-postgresql" + DB_NAME: "bill_inquiry_db" + DB_USERNAME: "bill_inquiry_user" + DB_PASSWORD: "BillUser2025!" \ No newline at end of file diff --git a/.github/kustomize/base/bill-service/service.yaml b/.github/kustomize/base/bill-service/service.yaml new file mode 100644 index 0000000..5f14be7 --- /dev/null +++ b/.github/kustomize/base/bill-service/service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: bill-service + +spec: + selector: + app: bill-service + ports: + - port: 80 + targetPort: 8082 + type: ClusterIP \ No newline at end of file diff --git a/.github/kustomize/base/common/cm-common.yaml b/.github/kustomize/base/common/cm-common.yaml new file mode 100644 index 0000000..a96b039 --- /dev/null +++ b/.github/kustomize/base/common/cm-common.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: cm-common + +data: + CORS_ALLOWED_ORIGINS: "http://localhost:8081,http://localhost:8082,http://localhost:8083,http://localhost:8084,http://phonebill.20.214.196.128.nip.io" + JWT_ACCESS_TOKEN_VALIDITY: "18000000" + JWT_REFRESH_TOKEN_VALIDITY: "86400000" + REDIS_PORT: "6379" + SPRING_PROFILES_ACTIVE: "dev" + DDL_AUTO: "update" \ No newline at end of file diff --git a/.github/kustomize/base/common/ingress.yaml b/.github/kustomize/base/common/ingress.yaml new file mode 100644 index 0000000..b2bf566 --- /dev/null +++ b/.github/kustomize/base/common/ingress.yaml @@ -0,0 +1,49 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: phonebill + + annotations: + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/ssl-redirect: "false" +spec: + ingressClassName: nginx + rules: + - host: phonebill-api.20.214.196.128.nip.io + http: + paths: + - path: /api/v1/auth + pathType: Prefix + backend: + service: + name: user-service + port: + number: 80 + - path: /api/v1/users + pathType: Prefix + backend: + service: + name: user-service + port: + number: 80 + - path: /api/v1/bills + pathType: Prefix + backend: + service: + name: bill-service + port: + number: 80 + - path: /api/v1/products + pathType: Prefix + backend: + service: + name: product-service + port: + number: 80 + - path: /api/v1/kos + pathType: Prefix + backend: + service: + name: kos-mock + port: + number: 80 \ No newline at end of file diff --git a/.github/kustomize/base/common/secret-common.yaml b/.github/kustomize/base/common/secret-common.yaml new file mode 100644 index 0000000..c21c3ea --- /dev/null +++ b/.github/kustomize/base/common/secret-common.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-common + +type: Opaque +stringData: + JWT_SECRET: "nwe5Yo9qaJ6FBD/Thl2/j6/SFAfNwUorAY1ZcWO2KI7uA4bmVLOCPxE9hYuUpRCOkgV2UF2DdHXtqHi3+BU/ecbz2zpHyf/720h48UbA3XOMYOX1sdM+dQ==" + REDIS_HOST: "redis-cache-dev-master" + REDIS_PASSWORD: "Redis2025Dev!" \ No newline at end of file diff --git a/.github/kustomize/base/common/secret-imagepull.yaml b/.github/kustomize/base/common/secret-imagepull.yaml new file mode 100644 index 0000000..8292ced --- /dev/null +++ b/.github/kustomize/base/common/secret-imagepull.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Secret +metadata: + name: phonebill + +type: kubernetes.io/dockerconfigjson +stringData: + .dockerconfigjson: | + { + "auths": { + "acrdigitalgarage01.azurecr.io": { + "username": "acrdigitalgarage01", + "password": "+OY+rmOagorjWvQe/tTk6oqvnZI8SmNbY/Y2o5EDcY+ACRDCDbYk", + "auth": "YWNyZGlnaXRhbGdhcmFnZTAxOitPWStybU9hZ29yald2UWUvdFRrNm9xdm5aSThTbU5iWS9ZMm81RURjWStBQ1JEQ0RiWWs=" + } + } + } \ No newline at end of file diff --git a/.github/kustomize/base/kos-mock/cm-kos-mock.yaml b/.github/kustomize/base/kos-mock/cm-kos-mock.yaml new file mode 100644 index 0000000..47144ca --- /dev/null +++ b/.github/kustomize/base/kos-mock/cm-kos-mock.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: cm-kos-mock + +data: + SERVER_PORT: "8084" \ No newline at end of file diff --git a/.github/kustomize/base/kos-mock/deployment.yaml b/.github/kustomize/base/kos-mock/deployment.yaml new file mode 100644 index 0000000..40a34ef --- /dev/null +++ b/.github/kustomize/base/kos-mock/deployment.yaml @@ -0,0 +1,58 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kos-mock + +spec: + replicas: 1 + selector: + matchLabels: + app: kos-mock + template: + metadata: + labels: + app: kos-mock + spec: + imagePullSecrets: + - name: phonebill + containers: + - name: kos-mock + image: acrdigitalgarage01.azurecr.io/phonebill/kos-mock:latest + imagePullPolicy: Always + ports: + - containerPort: 8084 + envFrom: + - configMapRef: + name: cm-common + - configMapRef: + name: cm-kos-mock + - secretRef: + name: secret-common + resources: + requests: + cpu: 256m + memory: 256Mi + limits: + cpu: 1024m + memory: 1024Mi + startupProbe: + httpGet: + path: /actuator/health + port: 8084 + initialDelaySeconds: 30 + periodSeconds: 10 + failureThreshold: 6 + readinessProbe: + httpGet: + path: /actuator/health/readiness + port: 8084 + initialDelaySeconds: 10 + periodSeconds: 5 + failureThreshold: 3 + livenessProbe: + httpGet: + path: /actuator/health/liveness + port: 8084 + initialDelaySeconds: 30 + periodSeconds: 10 + failureThreshold: 3 \ No newline at end of file diff --git a/.github/kustomize/base/kos-mock/service.yaml b/.github/kustomize/base/kos-mock/service.yaml new file mode 100644 index 0000000..926ad82 --- /dev/null +++ b/.github/kustomize/base/kos-mock/service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: kos-mock + +spec: + selector: + app: kos-mock + ports: + - port: 80 + targetPort: 8084 + type: ClusterIP \ No newline at end of file diff --git a/.github/kustomize/base/kustomization.yaml b/.github/kustomize/base/kustomization.yaml new file mode 100644 index 0000000..6f8b410 --- /dev/null +++ b/.github/kustomize/base/kustomization.yaml @@ -0,0 +1,57 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +metadata: + name: phonebill-base + +resources: + # Common resources + - namespace.yaml + - common/cm-common.yaml + - common/secret-common.yaml + - common/secret-imagepull.yaml + - common/ingress.yaml + + # API Gateway + - api-gateway/deployment.yaml + - api-gateway/service.yaml + - api-gateway/cm-api-gateway.yaml + + # User Service + - user-service/deployment.yaml + - user-service/service.yaml + - user-service/cm-user-service.yaml + - user-service/secret-user-service.yaml + + # Bill Service + - bill-service/deployment.yaml + - bill-service/service.yaml + - bill-service/cm-bill-service.yaml + - bill-service/secret-bill-service.yaml + + # Product Service + - product-service/deployment.yaml + - product-service/service.yaml + - product-service/cm-product-service.yaml + - product-service/secret-product-service.yaml + + # KOS Mock + - kos-mock/deployment.yaml + - kos-mock/service.yaml + - kos-mock/cm-kos-mock.yaml + +commonLabels: + app: phonebill + version: v1 + +images: + - name: acrdigitalgarage01.azurecr.io/phonebill/api-gateway + newTag: latest + - name: acrdigitalgarage01.azurecr.io/phonebill/user-service + newTag: latest + - name: acrdigitalgarage01.azurecr.io/phonebill/bill-service + newTag: latest + - name: acrdigitalgarage01.azurecr.io/phonebill/product-service + newTag: latest + - name: acrdigitalgarage01.azurecr.io/phonebill/kos-mock + newTag: latest \ No newline at end of file diff --git a/.github/kustomize/base/namespace.yaml b/.github/kustomize/base/namespace.yaml new file mode 100644 index 0000000..0cfdc81 --- /dev/null +++ b/.github/kustomize/base/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: phonebill-dev \ No newline at end of file diff --git a/.github/kustomize/base/product-service/cm-product-service.yaml b/.github/kustomize/base/product-service/cm-product-service.yaml new file mode 100644 index 0000000..ad1c647 --- /dev/null +++ b/.github/kustomize/base/product-service/cm-product-service.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: cm-product-service + +data: + SERVER_PORT: "8083" + DB_KIND: "postgresql" + DB_PORT: "5432" + KOS_BASE_URL: "http://kos-mock" + REDIS_DATABASE: "2" \ No newline at end of file diff --git a/.github/kustomize/base/product-service/deployment.yaml b/.github/kustomize/base/product-service/deployment.yaml new file mode 100644 index 0000000..8e12d01 --- /dev/null +++ b/.github/kustomize/base/product-service/deployment.yaml @@ -0,0 +1,60 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: product-service + +spec: + replicas: 1 + selector: + matchLabels: + app: product-service + template: + metadata: + labels: + app: product-service + spec: + imagePullSecrets: + - name: phonebill + containers: + - name: product-service + image: acrdigitalgarage01.azurecr.io/phonebill/product-service:latest + imagePullPolicy: Always + ports: + - containerPort: 8083 + envFrom: + - configMapRef: + name: cm-common + - configMapRef: + name: cm-product-service + - secretRef: + name: secret-common + - secretRef: + name: secret-product-service + resources: + requests: + cpu: 256m + memory: 256Mi + limits: + cpu: 1024m + memory: 1024Mi + startupProbe: + httpGet: + path: /actuator/health + port: 8083 + initialDelaySeconds: 30 + periodSeconds: 10 + failureThreshold: 6 + readinessProbe: + httpGet: + path: /actuator/health/readiness + port: 8083 + initialDelaySeconds: 10 + periodSeconds: 5 + failureThreshold: 3 + livenessProbe: + httpGet: + path: /actuator/health/liveness + port: 8083 + initialDelaySeconds: 30 + periodSeconds: 10 + failureThreshold: 3 \ No newline at end of file diff --git a/.github/kustomize/base/product-service/secret-product-service.yaml b/.github/kustomize/base/product-service/secret-product-service.yaml new file mode 100644 index 0000000..b3ab681 --- /dev/null +++ b/.github/kustomize/base/product-service/secret-product-service.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-product-service + +type: Opaque +stringData: + DB_HOST: "product-change-postgres-dev-postgresql" + DB_NAME: "product_change_db" + DB_USERNAME: "product_change_user" + DB_PASSWORD: "ProductUser2025!" \ No newline at end of file diff --git a/.github/kustomize/base/product-service/service.yaml b/.github/kustomize/base/product-service/service.yaml new file mode 100644 index 0000000..37ec7d9 --- /dev/null +++ b/.github/kustomize/base/product-service/service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: product-service + +spec: + selector: + app: product-service + ports: + - port: 80 + targetPort: 8083 + type: ClusterIP \ No newline at end of file diff --git a/.github/kustomize/base/user-service/cm-user-service.yaml b/.github/kustomize/base/user-service/cm-user-service.yaml new file mode 100644 index 0000000..ac3f442 --- /dev/null +++ b/.github/kustomize/base/user-service/cm-user-service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: cm-user-service + +data: + SERVER_PORT: "8081" + DB_KIND: "postgresql" + DB_PORT: "5432" + DDL_AUTO: "update" + REDIS_DATABASE: "0" + SHOW_SQL: "true" \ No newline at end of file diff --git a/.github/kustomize/base/user-service/deployment.yaml b/.github/kustomize/base/user-service/deployment.yaml new file mode 100644 index 0000000..5287333 --- /dev/null +++ b/.github/kustomize/base/user-service/deployment.yaml @@ -0,0 +1,60 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: user-service + +spec: + replicas: 1 + selector: + matchLabels: + app: user-service + template: + metadata: + labels: + app: user-service + spec: + imagePullSecrets: + - name: phonebill + containers: + - name: user-service + image: acrdigitalgarage01.azurecr.io/phonebill/user-service:latest + imagePullPolicy: Always + ports: + - containerPort: 8081 + envFrom: + - configMapRef: + name: cm-common + - configMapRef: + name: cm-user-service + - secretRef: + name: secret-common + - secretRef: + name: secret-user-service + resources: + requests: + cpu: 256m + memory: 256Mi + limits: + cpu: 1024m + memory: 1024Mi + startupProbe: + httpGet: + path: /actuator/health + port: 8081 + initialDelaySeconds: 30 + periodSeconds: 10 + failureThreshold: 6 + readinessProbe: + httpGet: + path: /actuator/health/readiness + port: 8081 + initialDelaySeconds: 10 + periodSeconds: 5 + failureThreshold: 3 + livenessProbe: + httpGet: + path: /actuator/health/liveness + port: 8081 + initialDelaySeconds: 30 + periodSeconds: 10 + failureThreshold: 3 \ No newline at end of file diff --git a/.github/kustomize/base/user-service/secret-user-service.yaml b/.github/kustomize/base/user-service/secret-user-service.yaml new file mode 100644 index 0000000..87ab6d4 --- /dev/null +++ b/.github/kustomize/base/user-service/secret-user-service.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-user-service + +type: Opaque +stringData: + DB_HOST: "auth-postgres-dev-postgresql" + DB_NAME: "phonebill_auth" + DB_USERNAME: "auth_user" + DB_PASSWORD: "AuthUser2025!" \ No newline at end of file diff --git a/.github/kustomize/base/user-service/service.yaml b/.github/kustomize/base/user-service/service.yaml new file mode 100644 index 0000000..f6a8a5f --- /dev/null +++ b/.github/kustomize/base/user-service/service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: user-service + +spec: + selector: + app: user-service + ports: + - port: 80 + targetPort: 8081 + type: ClusterIP \ No newline at end of file diff --git a/.github/kustomize/overlays/dev/cm-common-patch.yaml b/.github/kustomize/overlays/dev/cm-common-patch.yaml new file mode 100644 index 0000000..a96b039 --- /dev/null +++ b/.github/kustomize/overlays/dev/cm-common-patch.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: cm-common + +data: + CORS_ALLOWED_ORIGINS: "http://localhost:8081,http://localhost:8082,http://localhost:8083,http://localhost:8084,http://phonebill.20.214.196.128.nip.io" + JWT_ACCESS_TOKEN_VALIDITY: "18000000" + JWT_REFRESH_TOKEN_VALIDITY: "86400000" + REDIS_PORT: "6379" + SPRING_PROFILES_ACTIVE: "dev" + DDL_AUTO: "update" \ No newline at end of file diff --git a/.github/kustomize/overlays/dev/deployment-api-gateway-patch.yaml b/.github/kustomize/overlays/dev/deployment-api-gateway-patch.yaml new file mode 100644 index 0000000..a0bdaec --- /dev/null +++ b/.github/kustomize/overlays/dev/deployment-api-gateway-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: api-gateway +spec: + replicas: 1 + template: + spec: + containers: + - name: api-gateway + resources: + requests: + memory: "256Mi" + cpu: "256m" + limits: + memory: "1024Mi" + cpu: "1024m" \ No newline at end of file diff --git a/.github/kustomize/overlays/dev/deployment-bill-service-patch.yaml b/.github/kustomize/overlays/dev/deployment-bill-service-patch.yaml new file mode 100644 index 0000000..bde12ae --- /dev/null +++ b/.github/kustomize/overlays/dev/deployment-bill-service-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: bill-service +spec: + replicas: 1 + template: + spec: + containers: + - name: bill-service + resources: + requests: + memory: "256Mi" + cpu: "256m" + limits: + memory: "1024Mi" + cpu: "1024m" \ No newline at end of file diff --git a/.github/kustomize/overlays/dev/deployment-kos-mock-patch.yaml b/.github/kustomize/overlays/dev/deployment-kos-mock-patch.yaml new file mode 100644 index 0000000..ab3676b --- /dev/null +++ b/.github/kustomize/overlays/dev/deployment-kos-mock-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kos-mock +spec: + replicas: 1 + template: + spec: + containers: + - name: kos-mock + resources: + requests: + memory: "256Mi" + cpu: "256m" + limits: + memory: "1024Mi" + cpu: "1024m" \ No newline at end of file diff --git a/.github/kustomize/overlays/dev/deployment-product-service-patch.yaml b/.github/kustomize/overlays/dev/deployment-product-service-patch.yaml new file mode 100644 index 0000000..ed481ca --- /dev/null +++ b/.github/kustomize/overlays/dev/deployment-product-service-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: product-service +spec: + replicas: 1 + template: + spec: + containers: + - name: product-service + resources: + requests: + memory: "256Mi" + cpu: "256m" + limits: + memory: "1024Mi" + cpu: "1024m" \ No newline at end of file diff --git a/.github/kustomize/overlays/dev/deployment-user-service-patch.yaml b/.github/kustomize/overlays/dev/deployment-user-service-patch.yaml new file mode 100644 index 0000000..611c4e3 --- /dev/null +++ b/.github/kustomize/overlays/dev/deployment-user-service-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: user-service +spec: + replicas: 1 + template: + spec: + containers: + - name: user-service + resources: + requests: + memory: "256Mi" + cpu: "256m" + limits: + memory: "1024Mi" + cpu: "1024m" \ No newline at end of file diff --git a/.github/kustomize/overlays/dev/ingress-patch.yaml b/.github/kustomize/overlays/dev/ingress-patch.yaml new file mode 100644 index 0000000..b2bf566 --- /dev/null +++ b/.github/kustomize/overlays/dev/ingress-patch.yaml @@ -0,0 +1,49 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: phonebill + + annotations: + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/ssl-redirect: "false" +spec: + ingressClassName: nginx + rules: + - host: phonebill-api.20.214.196.128.nip.io + http: + paths: + - path: /api/v1/auth + pathType: Prefix + backend: + service: + name: user-service + port: + number: 80 + - path: /api/v1/users + pathType: Prefix + backend: + service: + name: user-service + port: + number: 80 + - path: /api/v1/bills + pathType: Prefix + backend: + service: + name: bill-service + port: + number: 80 + - path: /api/v1/products + pathType: Prefix + backend: + service: + name: product-service + port: + number: 80 + - path: /api/v1/kos + pathType: Prefix + backend: + service: + name: kos-mock + port: + number: 80 \ No newline at end of file diff --git a/.github/kustomize/overlays/dev/kustomization.yaml b/.github/kustomize/overlays/dev/kustomization.yaml new file mode 100644 index 0000000..77c52f5 --- /dev/null +++ b/.github/kustomize/overlays/dev/kustomization.yaml @@ -0,0 +1,70 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: phonebill-dev + +resources: + - ../../base + +patches: + - path: cm-common-patch.yaml + target: + kind: ConfigMap + name: cm-common + - path: deployment-api-gateway-patch.yaml + target: + kind: Deployment + name: api-gateway + - path: deployment-user-service-patch.yaml + target: + kind: Deployment + name: user-service + - path: deployment-bill-service-patch.yaml + target: + kind: Deployment + name: bill-service + - path: deployment-product-service-patch.yaml + target: + kind: Deployment + name: product-service + - path: deployment-kos-mock-patch.yaml + target: + kind: Deployment + name: kos-mock + - path: ingress-patch.yaml + target: + kind: Ingress + name: phonebill + - path: secret-common-patch.yaml + target: + kind: Secret + name: secret-common + - path: secret-user-service-patch.yaml + target: + kind: Secret + name: secret-user-service + - path: secret-bill-service-patch.yaml + target: + kind: Secret + name: secret-bill-service + - path: secret-product-service-patch.yaml + target: + kind: Secret + name: secret-product-service + +images: + - name: acrdigitalgarage01.azurecr.io/phonebill/api-gateway + newTag: dev-latest + - name: acrdigitalgarage01.azurecr.io/phonebill/user-service + newTag: dev-latest + - name: acrdigitalgarage01.azurecr.io/phonebill/bill-service + newTag: dev-latest + - name: acrdigitalgarage01.azurecr.io/phonebill/product-service + newTag: dev-latest + - name: acrdigitalgarage01.azurecr.io/phonebill/kos-mock + newTag: dev-latest + +namePrefix: dev- + +commonLabels: + environment: dev \ No newline at end of file diff --git a/.github/kustomize/overlays/dev/secret-bill-service-patch.yaml b/.github/kustomize/overlays/dev/secret-bill-service-patch.yaml new file mode 100644 index 0000000..b1c0b01 --- /dev/null +++ b/.github/kustomize/overlays/dev/secret-bill-service-patch.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-bill-service + +type: Opaque +stringData: + DB_HOST: "bill-inquiry-postgres-dev-postgresql" + DB_NAME: "bill_inquiry_db" + DB_USERNAME: "bill_inquiry_user" + DB_PASSWORD: "BillUser2025!" \ No newline at end of file diff --git a/.github/kustomize/overlays/dev/secret-common-patch.yaml b/.github/kustomize/overlays/dev/secret-common-patch.yaml new file mode 100644 index 0000000..c21c3ea --- /dev/null +++ b/.github/kustomize/overlays/dev/secret-common-patch.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-common + +type: Opaque +stringData: + JWT_SECRET: "nwe5Yo9qaJ6FBD/Thl2/j6/SFAfNwUorAY1ZcWO2KI7uA4bmVLOCPxE9hYuUpRCOkgV2UF2DdHXtqHi3+BU/ecbz2zpHyf/720h48UbA3XOMYOX1sdM+dQ==" + REDIS_HOST: "redis-cache-dev-master" + REDIS_PASSWORD: "Redis2025Dev!" \ No newline at end of file diff --git a/.github/kustomize/overlays/dev/secret-product-service-patch.yaml b/.github/kustomize/overlays/dev/secret-product-service-patch.yaml new file mode 100644 index 0000000..b3ab681 --- /dev/null +++ b/.github/kustomize/overlays/dev/secret-product-service-patch.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-product-service + +type: Opaque +stringData: + DB_HOST: "product-change-postgres-dev-postgresql" + DB_NAME: "product_change_db" + DB_USERNAME: "product_change_user" + DB_PASSWORD: "ProductUser2025!" \ No newline at end of file diff --git a/.github/kustomize/overlays/dev/secret-user-service-patch.yaml b/.github/kustomize/overlays/dev/secret-user-service-patch.yaml new file mode 100644 index 0000000..87ab6d4 --- /dev/null +++ b/.github/kustomize/overlays/dev/secret-user-service-patch.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-user-service + +type: Opaque +stringData: + DB_HOST: "auth-postgres-dev-postgresql" + DB_NAME: "phonebill_auth" + DB_USERNAME: "auth_user" + DB_PASSWORD: "AuthUser2025!" \ No newline at end of file diff --git a/.github/kustomize/overlays/prod/cm-common-patch.yaml b/.github/kustomize/overlays/prod/cm-common-patch.yaml new file mode 100644 index 0000000..72c4f66 --- /dev/null +++ b/.github/kustomize/overlays/prod/cm-common-patch.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: cm-common + +data: + CORS_ALLOWED_ORIGINS: "https://phonebill.example.com" + JWT_ACCESS_TOKEN_VALIDITY: "3600000" + JWT_REFRESH_TOKEN_VALIDITY: "43200000" + REDIS_PORT: "6379" + SPRING_PROFILES_ACTIVE: "prod" + DDL_AUTO: "validate" \ No newline at end of file diff --git a/.github/kustomize/overlays/prod/deployment-api-gateway-patch.yaml b/.github/kustomize/overlays/prod/deployment-api-gateway-patch.yaml new file mode 100644 index 0000000..388166f --- /dev/null +++ b/.github/kustomize/overlays/prod/deployment-api-gateway-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: api-gateway +spec: + replicas: 3 + template: + spec: + containers: + - name: api-gateway + resources: + requests: + memory: "4096Mi" + cpu: "4096m" + limits: + memory: "4096Mi" + cpu: "4096m" \ No newline at end of file diff --git a/.github/kustomize/overlays/prod/deployment-bill-service-patch.yaml b/.github/kustomize/overlays/prod/deployment-bill-service-patch.yaml new file mode 100644 index 0000000..1c41997 --- /dev/null +++ b/.github/kustomize/overlays/prod/deployment-bill-service-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: bill-service +spec: + replicas: 3 + template: + spec: + containers: + - name: bill-service + resources: + requests: + memory: "4096Mi" + cpu: "4096m" + limits: + memory: "4096Mi" + cpu: "4096m" \ No newline at end of file diff --git a/.github/kustomize/overlays/prod/deployment-kos-mock-patch.yaml b/.github/kustomize/overlays/prod/deployment-kos-mock-patch.yaml new file mode 100644 index 0000000..e3778b6 --- /dev/null +++ b/.github/kustomize/overlays/prod/deployment-kos-mock-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kos-mock +spec: + replicas: 3 + template: + spec: + containers: + - name: kos-mock + resources: + requests: + memory: "4096Mi" + cpu: "4096m" + limits: + memory: "4096Mi" + cpu: "4096m" \ No newline at end of file diff --git a/.github/kustomize/overlays/prod/deployment-product-service-patch.yaml b/.github/kustomize/overlays/prod/deployment-product-service-patch.yaml new file mode 100644 index 0000000..a84ad82 --- /dev/null +++ b/.github/kustomize/overlays/prod/deployment-product-service-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: product-service +spec: + replicas: 3 + template: + spec: + containers: + - name: product-service + resources: + requests: + memory: "4096Mi" + cpu: "4096m" + limits: + memory: "4096Mi" + cpu: "4096m" \ No newline at end of file diff --git a/.github/kustomize/overlays/prod/deployment-user-service-patch.yaml b/.github/kustomize/overlays/prod/deployment-user-service-patch.yaml new file mode 100644 index 0000000..57f6315 --- /dev/null +++ b/.github/kustomize/overlays/prod/deployment-user-service-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: user-service +spec: + replicas: 3 + template: + spec: + containers: + - name: user-service + resources: + requests: + memory: "4096Mi" + cpu: "4096m" + limits: + memory: "4096Mi" + cpu: "4096m" \ No newline at end of file diff --git a/.github/kustomize/overlays/prod/ingress-patch.yaml b/.github/kustomize/overlays/prod/ingress-patch.yaml new file mode 100644 index 0000000..c31a764 --- /dev/null +++ b/.github/kustomize/overlays/prod/ingress-patch.yaml @@ -0,0 +1,54 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: phonebill + + annotations: + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/ssl-redirect: "true" + cert-manager.io/cluster-issuer: "letsencrypt-prod" +spec: + ingressClassName: nginx + tls: + - hosts: + - phonebill.example.com + secretName: phonebill-prod-tls + rules: + - host: phonebill.example.com + http: + paths: + - path: /api/v1/auth + pathType: Prefix + backend: + service: + name: user-service + port: + number: 80 + - path: /api/v1/users + pathType: Prefix + backend: + service: + name: user-service + port: + number: 80 + - path: /api/v1/bills + pathType: Prefix + backend: + service: + name: bill-service + port: + number: 80 + - path: /api/v1/products + pathType: Prefix + backend: + service: + name: product-service + port: + number: 80 + - path: /api/v1/kos + pathType: Prefix + backend: + service: + name: kos-mock + port: + number: 80 \ No newline at end of file diff --git a/.github/kustomize/overlays/prod/kustomization.yaml b/.github/kustomize/overlays/prod/kustomization.yaml new file mode 100644 index 0000000..7ed5d01 --- /dev/null +++ b/.github/kustomize/overlays/prod/kustomization.yaml @@ -0,0 +1,70 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: phonebill-prod + +resources: + - ../../base + +patches: + - path: cm-common-patch.yaml + target: + kind: ConfigMap + name: cm-common + - path: deployment-api-gateway-patch.yaml + target: + kind: Deployment + name: api-gateway + - path: deployment-user-service-patch.yaml + target: + kind: Deployment + name: user-service + - path: deployment-bill-service-patch.yaml + target: + kind: Deployment + name: bill-service + - path: deployment-product-service-patch.yaml + target: + kind: Deployment + name: product-service + - path: deployment-kos-mock-patch.yaml + target: + kind: Deployment + name: kos-mock + - path: ingress-patch.yaml + target: + kind: Ingress + name: phonebill + - path: secret-common-patch.yaml + target: + kind: Secret + name: secret-common + - path: secret-user-service-patch.yaml + target: + kind: Secret + name: secret-user-service + - path: secret-bill-service-patch.yaml + target: + kind: Secret + name: secret-bill-service + - path: secret-product-service-patch.yaml + target: + kind: Secret + name: secret-product-service + +images: + - name: acrdigitalgarage01.azurecr.io/phonebill/api-gateway + newTag: prod-latest + - name: acrdigitalgarage01.azurecr.io/phonebill/user-service + newTag: prod-latest + - name: acrdigitalgarage01.azurecr.io/phonebill/bill-service + newTag: prod-latest + - name: acrdigitalgarage01.azurecr.io/phonebill/product-service + newTag: prod-latest + - name: acrdigitalgarage01.azurecr.io/phonebill/kos-mock + newTag: prod-latest + +namePrefix: prod- + +commonLabels: + environment: prod \ No newline at end of file diff --git a/.github/kustomize/overlays/prod/secret-bill-service-patch.yaml b/.github/kustomize/overlays/prod/secret-bill-service-patch.yaml new file mode 100644 index 0000000..b1c0b01 --- /dev/null +++ b/.github/kustomize/overlays/prod/secret-bill-service-patch.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-bill-service + +type: Opaque +stringData: + DB_HOST: "bill-inquiry-postgres-dev-postgresql" + DB_NAME: "bill_inquiry_db" + DB_USERNAME: "bill_inquiry_user" + DB_PASSWORD: "BillUser2025!" \ No newline at end of file diff --git a/.github/kustomize/overlays/prod/secret-common-patch.yaml b/.github/kustomize/overlays/prod/secret-common-patch.yaml new file mode 100644 index 0000000..c21c3ea --- /dev/null +++ b/.github/kustomize/overlays/prod/secret-common-patch.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-common + +type: Opaque +stringData: + JWT_SECRET: "nwe5Yo9qaJ6FBD/Thl2/j6/SFAfNwUorAY1ZcWO2KI7uA4bmVLOCPxE9hYuUpRCOkgV2UF2DdHXtqHi3+BU/ecbz2zpHyf/720h48UbA3XOMYOX1sdM+dQ==" + REDIS_HOST: "redis-cache-dev-master" + REDIS_PASSWORD: "Redis2025Dev!" \ No newline at end of file diff --git a/.github/kustomize/overlays/prod/secret-product-service-patch.yaml b/.github/kustomize/overlays/prod/secret-product-service-patch.yaml new file mode 100644 index 0000000..b3ab681 --- /dev/null +++ b/.github/kustomize/overlays/prod/secret-product-service-patch.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-product-service + +type: Opaque +stringData: + DB_HOST: "product-change-postgres-dev-postgresql" + DB_NAME: "product_change_db" + DB_USERNAME: "product_change_user" + DB_PASSWORD: "ProductUser2025!" \ No newline at end of file diff --git a/.github/kustomize/overlays/prod/secret-user-service-patch.yaml b/.github/kustomize/overlays/prod/secret-user-service-patch.yaml new file mode 100644 index 0000000..87ab6d4 --- /dev/null +++ b/.github/kustomize/overlays/prod/secret-user-service-patch.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-user-service + +type: Opaque +stringData: + DB_HOST: "auth-postgres-dev-postgresql" + DB_NAME: "phonebill_auth" + DB_USERNAME: "auth_user" + DB_PASSWORD: "AuthUser2025!" \ No newline at end of file diff --git a/.github/kustomize/overlays/staging/cm-common-patch.yaml b/.github/kustomize/overlays/staging/cm-common-patch.yaml new file mode 100644 index 0000000..19a91ee --- /dev/null +++ b/.github/kustomize/overlays/staging/cm-common-patch.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: cm-common + +data: + CORS_ALLOWED_ORIGINS: "https://phonebill.staging.example.com" + JWT_ACCESS_TOKEN_VALIDITY: "18000000" + JWT_REFRESH_TOKEN_VALIDITY: "86400000" + REDIS_PORT: "6379" + SPRING_PROFILES_ACTIVE: "staging" + DDL_AUTO: "validate" \ No newline at end of file diff --git a/.github/kustomize/overlays/staging/deployment-api-gateway-patch.yaml b/.github/kustomize/overlays/staging/deployment-api-gateway-patch.yaml new file mode 100644 index 0000000..db065e1 --- /dev/null +++ b/.github/kustomize/overlays/staging/deployment-api-gateway-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: api-gateway +spec: + replicas: 2 + template: + spec: + containers: + - name: api-gateway + resources: + requests: + memory: "512Mi" + cpu: "512m" + limits: + memory: "2048Mi" + cpu: "2048m" \ No newline at end of file diff --git a/.github/kustomize/overlays/staging/deployment-bill-service-patch.yaml b/.github/kustomize/overlays/staging/deployment-bill-service-patch.yaml new file mode 100644 index 0000000..68f23c7 --- /dev/null +++ b/.github/kustomize/overlays/staging/deployment-bill-service-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: bill-service +spec: + replicas: 2 + template: + spec: + containers: + - name: bill-service + resources: + requests: + memory: "512Mi" + cpu: "512m" + limits: + memory: "2048Mi" + cpu: "2048m" \ No newline at end of file diff --git a/.github/kustomize/overlays/staging/deployment-kos-mock-patch.yaml b/.github/kustomize/overlays/staging/deployment-kos-mock-patch.yaml new file mode 100644 index 0000000..6c6761d --- /dev/null +++ b/.github/kustomize/overlays/staging/deployment-kos-mock-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kos-mock +spec: + replicas: 2 + template: + spec: + containers: + - name: kos-mock + resources: + requests: + memory: "512Mi" + cpu: "512m" + limits: + memory: "2048Mi" + cpu: "2048m" \ No newline at end of file diff --git a/.github/kustomize/overlays/staging/deployment-product-service-patch.yaml b/.github/kustomize/overlays/staging/deployment-product-service-patch.yaml new file mode 100644 index 0000000..142a2d0 --- /dev/null +++ b/.github/kustomize/overlays/staging/deployment-product-service-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: product-service +spec: + replicas: 2 + template: + spec: + containers: + - name: product-service + resources: + requests: + memory: "512Mi" + cpu: "512m" + limits: + memory: "2048Mi" + cpu: "2048m" \ No newline at end of file diff --git a/.github/kustomize/overlays/staging/deployment-user-service-patch.yaml b/.github/kustomize/overlays/staging/deployment-user-service-patch.yaml new file mode 100644 index 0000000..f81f044 --- /dev/null +++ b/.github/kustomize/overlays/staging/deployment-user-service-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: user-service +spec: + replicas: 2 + template: + spec: + containers: + - name: user-service + resources: + requests: + memory: "512Mi" + cpu: "512m" + limits: + memory: "2048Mi" + cpu: "2048m" \ No newline at end of file diff --git a/.github/kustomize/overlays/staging/ingress-patch.yaml b/.github/kustomize/overlays/staging/ingress-patch.yaml new file mode 100644 index 0000000..c06fac1 --- /dev/null +++ b/.github/kustomize/overlays/staging/ingress-patch.yaml @@ -0,0 +1,54 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: phonebill + + annotations: + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/ssl-redirect: "true" + cert-manager.io/cluster-issuer: "letsencrypt-prod" +spec: + ingressClassName: nginx + tls: + - hosts: + - phonebill.staging.example.com + secretName: phonebill-staging-tls + rules: + - host: phonebill.staging.example.com + http: + paths: + - path: /api/v1/auth + pathType: Prefix + backend: + service: + name: user-service + port: + number: 80 + - path: /api/v1/users + pathType: Prefix + backend: + service: + name: user-service + port: + number: 80 + - path: /api/v1/bills + pathType: Prefix + backend: + service: + name: bill-service + port: + number: 80 + - path: /api/v1/products + pathType: Prefix + backend: + service: + name: product-service + port: + number: 80 + - path: /api/v1/kos + pathType: Prefix + backend: + service: + name: kos-mock + port: + number: 80 \ No newline at end of file diff --git a/.github/kustomize/overlays/staging/kustomization.yaml b/.github/kustomize/overlays/staging/kustomization.yaml new file mode 100644 index 0000000..ec0416d --- /dev/null +++ b/.github/kustomize/overlays/staging/kustomization.yaml @@ -0,0 +1,70 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: phonebill-staging + +resources: + - ../../base + +patches: + - path: cm-common-patch.yaml + target: + kind: ConfigMap + name: cm-common + - path: deployment-api-gateway-patch.yaml + target: + kind: Deployment + name: api-gateway + - path: deployment-user-service-patch.yaml + target: + kind: Deployment + name: user-service + - path: deployment-bill-service-patch.yaml + target: + kind: Deployment + name: bill-service + - path: deployment-product-service-patch.yaml + target: + kind: Deployment + name: product-service + - path: deployment-kos-mock-patch.yaml + target: + kind: Deployment + name: kos-mock + - path: ingress-patch.yaml + target: + kind: Ingress + name: phonebill + - path: secret-common-patch.yaml + target: + kind: Secret + name: secret-common + - path: secret-user-service-patch.yaml + target: + kind: Secret + name: secret-user-service + - path: secret-bill-service-patch.yaml + target: + kind: Secret + name: secret-bill-service + - path: secret-product-service-patch.yaml + target: + kind: Secret + name: secret-product-service + +images: + - name: acrdigitalgarage01.azurecr.io/phonebill/api-gateway + newTag: staging-latest + - name: acrdigitalgarage01.azurecr.io/phonebill/user-service + newTag: staging-latest + - name: acrdigitalgarage01.azurecr.io/phonebill/bill-service + newTag: staging-latest + - name: acrdigitalgarage01.azurecr.io/phonebill/product-service + newTag: staging-latest + - name: acrdigitalgarage01.azurecr.io/phonebill/kos-mock + newTag: staging-latest + +namePrefix: staging- + +commonLabels: + environment: staging \ No newline at end of file diff --git a/.github/kustomize/overlays/staging/secret-bill-service-patch.yaml b/.github/kustomize/overlays/staging/secret-bill-service-patch.yaml new file mode 100644 index 0000000..b1c0b01 --- /dev/null +++ b/.github/kustomize/overlays/staging/secret-bill-service-patch.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-bill-service + +type: Opaque +stringData: + DB_HOST: "bill-inquiry-postgres-dev-postgresql" + DB_NAME: "bill_inquiry_db" + DB_USERNAME: "bill_inquiry_user" + DB_PASSWORD: "BillUser2025!" \ No newline at end of file diff --git a/.github/kustomize/overlays/staging/secret-common-patch.yaml b/.github/kustomize/overlays/staging/secret-common-patch.yaml new file mode 100644 index 0000000..c21c3ea --- /dev/null +++ b/.github/kustomize/overlays/staging/secret-common-patch.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-common + +type: Opaque +stringData: + JWT_SECRET: "nwe5Yo9qaJ6FBD/Thl2/j6/SFAfNwUorAY1ZcWO2KI7uA4bmVLOCPxE9hYuUpRCOkgV2UF2DdHXtqHi3+BU/ecbz2zpHyf/720h48UbA3XOMYOX1sdM+dQ==" + REDIS_HOST: "redis-cache-dev-master" + REDIS_PASSWORD: "Redis2025Dev!" \ No newline at end of file diff --git a/.github/kustomize/overlays/staging/secret-product-service-patch.yaml b/.github/kustomize/overlays/staging/secret-product-service-patch.yaml new file mode 100644 index 0000000..b3ab681 --- /dev/null +++ b/.github/kustomize/overlays/staging/secret-product-service-patch.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-product-service + +type: Opaque +stringData: + DB_HOST: "product-change-postgres-dev-postgresql" + DB_NAME: "product_change_db" + DB_USERNAME: "product_change_user" + DB_PASSWORD: "ProductUser2025!" \ No newline at end of file diff --git a/.github/kustomize/overlays/staging/secret-user-service-patch.yaml b/.github/kustomize/overlays/staging/secret-user-service-patch.yaml new file mode 100644 index 0000000..87ab6d4 --- /dev/null +++ b/.github/kustomize/overlays/staging/secret-user-service-patch.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-user-service + +type: Opaque +stringData: + DB_HOST: "auth-postgres-dev-postgresql" + DB_NAME: "phonebill_auth" + DB_USERNAME: "auth_user" + DB_PASSWORD: "AuthUser2025!" \ No newline at end of file diff --git a/.github/scripts/deploy-actions.sh b/.github/scripts/deploy-actions.sh new file mode 100644 index 0000000..05b4cd0 --- /dev/null +++ b/.github/scripts/deploy-actions.sh @@ -0,0 +1,64 @@ +#!/bin/bash +set -e + +ENVIRONMENT=${1:-dev} +IMAGE_TAG=${2:-latest} + +echo "🚀 Manual deployment starting..." +echo "Environment: $ENVIRONMENT" +echo "Image Tag: $IMAGE_TAG" + +# Check if kustomize is installed +if ! command -v kustomize &> /dev/null; then + echo "Installing Kustomize..." + curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash + sudo mv kustomize /usr/local/bin/ +fi + +# Load environment variables from .github/config +if [[ -f ".github/config/deploy_env_vars_${ENVIRONMENT}" ]]; then + source ".github/config/deploy_env_vars_${ENVIRONMENT}" + echo "✅ Environment variables loaded for $ENVIRONMENT" +else + echo "❌ Environment configuration file not found: .github/config/deploy_env_vars_${ENVIRONMENT}" + exit 1 +fi + +# Create namespace +echo "📝 Creating namespace phonebill-${ENVIRONMENT}..." +kubectl create namespace phonebill-${ENVIRONMENT} --dry-run=client -o yaml | kubectl apply -f - + +# 환경별 이미지 태그 업데이트 (.github/kustomize 사용) +cd .github/kustomize/overlays/${ENVIRONMENT} + +echo "🔄 Updating image tags..." +# 서비스 배열 정의 +services=(api-gateway user-service bill-service product-service kos-mock) + +# 각 서비스별 이미지 태그 업데이트 +for service in "${services[@]}"; do + kustomize edit set image acrdigitalgarage01.azurecr.io/phonebill/$service:${ENVIRONMENT}-${IMAGE_TAG} +done + +echo "🚀 Deploying to Kubernetes..." +# 배포 실행 +kubectl apply -k . + +echo "⏳ Waiting for deployments to be ready..." +# 서비스별 배포 상태 확인 +for service in "${services[@]}"; do + kubectl rollout status deployment/${ENVIRONMENT}-$service -n phonebill-${ENVIRONMENT} --timeout=300s +done + +echo "🔍 Health check..." +# API Gateway Health Check (첫 번째 서비스가 API Gateway라고 가정) +GATEWAY_SERVICE=${services[0]} +GATEWAY_POD=$(kubectl get pod -n phonebill-${ENVIRONMENT} -l app.kubernetes.io/name=${ENVIRONMENT}-$GATEWAY_SERVICE -o jsonpath='{.items[0].metadata.name}') +kubectl -n phonebill-${ENVIRONMENT} exec $GATEWAY_POD -- curl -f http://localhost:8080/actuator/health || echo "Health check failed, but deployment completed" + +echo "📋 Service Information:" +kubectl get pods -n phonebill-${ENVIRONMENT} +kubectl get services -n phonebill-${ENVIRONMENT} +kubectl get ingress -n phonebill-${ENVIRONMENT} + +echo "✅ GitHub Actions deployment completed successfully!" \ No newline at end of file diff --git a/.github/workflows/backend-cicd.yaml b/.github/workflows/backend-cicd.yaml new file mode 100644 index 0000000..554adaf --- /dev/null +++ b/.github/workflows/backend-cicd.yaml @@ -0,0 +1,286 @@ +name: Backend Services CI/CD + +on: + push: + branches: [ main, develop ] + paths: + - 'api-gateway/**' + - 'user-service/**' + - 'bill-service/**' + - 'product-service/**' + - 'kos-mock/**' + - 'common/**' + - '.github/**' + pull_request: + branches: [ main ] + workflow_dispatch: + inputs: + ENVIRONMENT: + description: 'Target environment' + required: true + default: 'dev' + type: choice + options: + - dev + - staging + - prod + SKIP_SONARQUBE: + description: 'Skip SonarQube Analysis' + required: false + default: 'true' + type: choice + options: + - 'true' + - 'false' + +env: + REGISTRY: acrdigitalgarage01.azurecr.io + IMAGE_ORG: phonebill + RESOURCE_GROUP: rg-digitalgarage-01 + AKS_CLUSTER: aks-digitalgarage-01 + +jobs: + build: + name: Build and Test + runs-on: ubuntu-latest + outputs: + image_tag: ${{ steps.set_outputs.outputs.image_tag }} + environment: ${{ steps.set_outputs.outputs.environment }} + + steps: + - name: Check out code + uses: actions/checkout@v4 + + - name: Set up JDK 21 + uses: actions/setup-java@v3 + with: + java-version: '21' + distribution: 'temurin' + cache: 'gradle' + + - name: Determine environment + id: determine_env + run: | + # Use input parameter or default to 'dev' + ENVIRONMENT="${{ github.event.inputs.ENVIRONMENT || 'dev' }}" + echo "environment=$ENVIRONMENT" >> $GITHUB_OUTPUT + + - name: Load environment variables + id: env_vars + run: | + ENV=${{ steps.determine_env.outputs.environment }} + + # Initialize variables with defaults + REGISTRY="acrdigitalgarage01.azurecr.io" + IMAGE_ORG="phonebill" + RESOURCE_GROUP="rg-digitalgarage-01" + AKS_CLUSTER="aks-digitalgarage-01" + + # Read environment variables from .github/config file + if [[ -f ".github/config/deploy_env_vars_${ENV}" ]]; then + while IFS= read -r line || [[ -n "$line" ]]; do + # Skip comments and empty lines + [[ "$line" =~ ^#.*$ ]] && continue + [[ -z "$line" ]] && continue + + # Extract key-value pairs + key=$(echo "$line" | cut -d '=' -f1) + value=$(echo "$line" | cut -d '=' -f2-) + + # Override defaults if found in config + case "$key" in + "resource_group") RESOURCE_GROUP="$value" ;; + "cluster_name") AKS_CLUSTER="$value" ;; + esac + done < ".github/config/deploy_env_vars_${ENV}" + fi + + # Export for other jobs + echo "REGISTRY=$REGISTRY" >> $GITHUB_ENV + echo "IMAGE_ORG=$IMAGE_ORG" >> $GITHUB_ENV + echo "RESOURCE_GROUP=$RESOURCE_GROUP" >> $GITHUB_ENV + echo "AKS_CLUSTER=$AKS_CLUSTER" >> $GITHUB_ENV + + - name: Grant execute permission for gradlew + run: chmod +x gradlew + + - name: Build with Gradle + run: | + ./gradlew build -x test + + - name: SonarQube Analysis & Quality Gate + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} + run: | + # Check if SonarQube should be skipped + SKIP_SONARQUBE="${{ github.event.inputs.SKIP_SONARQUBE || 'true' }}" + + if [[ "$SKIP_SONARQUBE" == "true" ]]; then + echo "⏭️ Skipping SonarQube Analysis (SKIP_SONARQUBE=$SKIP_SONARQUBE)" + exit 0 + fi + + # Define services array + services=(api-gateway user-service bill-service product-service kos-mock) + + # Run tests, coverage reports, and SonarQube analysis for each service + for service in "${services[@]}"; do + ./gradlew :$service:test :$service:jacocoTestReport :$service:sonar \ + -Dsonar.projectKey=phonebill-$service-${{ steps.determine_env.outputs.environment }} \ + -Dsonar.projectName=phonebill-$service-${{ steps.determine_env.outputs.environment }} \ + -Dsonar.host.url=$SONAR_HOST_URL \ + -Dsonar.token=$SONAR_TOKEN \ + -Dsonar.java.binaries=build/classes/java/main \ + -Dsonar.coverage.jacoco.xmlReportPaths=build/reports/jacoco/test/jacocoTestReport.xml \ + -Dsonar.exclusions=**/config/**,**/entity/**,**/dto/**,**/*Application.class,**/exception/** + done + + - name: Upload build artifacts + uses: actions/upload-artifact@v4 + with: + name: app-builds + path: | + api-gateway/build/libs/*.jar + user-service/build/libs/*.jar + bill-service/build/libs/*.jar + product-service/build/libs/*.jar + kos-mock/build/libs/*.jar + + - name: Set outputs + id: set_outputs + run: | + # Generate timestamp for image tag + IMAGE_TAG=$(date +%Y%m%d%H%M%S) + echo "image_tag=$IMAGE_TAG" >> $GITHUB_OUTPUT + echo "environment=${{ steps.determine_env.outputs.environment }}" >> $GITHUB_OUTPUT + + release: + name: Build and Push Docker Images + needs: build + runs-on: ubuntu-latest + + steps: + - name: Check out code + uses: actions/checkout@v4 + + - name: Download build artifacts + uses: actions/download-artifact@v4 + with: + name: app-builds + + - name: Set environment variables from build job + run: | + echo "REGISTRY=${{ env.REGISTRY }}" >> $GITHUB_ENV + echo "IMAGE_ORG=${{ env.IMAGE_ORG }}" >> $GITHUB_ENV + echo "ENVIRONMENT=${{ needs.build.outputs.environment }}" >> $GITHUB_ENV + echo "IMAGE_TAG=${{ needs.build.outputs.image_tag }}" >> $GITHUB_ENV + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to Azure Container Registry + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ secrets.ACR_USERNAME }} + password: ${{ secrets.ACR_PASSWORD }} + + - name: Build and push Docker images for all services + run: | + # Define services array + services=(api-gateway user-service bill-service product-service kos-mock) + + # Build and push each service image + for service in "${services[@]}"; do + echo "Building and pushing $service..." + docker build \ + --build-arg BUILD_LIB_DIR="$service/build/libs" \ + --build-arg ARTIFACTORY_FILE="$service.jar" \ + -f deployment/container/Dockerfile-backend \ + -t ${{ env.REGISTRY }}/${{ env.IMAGE_ORG }}/$service:${{ needs.build.outputs.environment }}-${{ needs.build.outputs.image_tag }} . + + docker push ${{ env.REGISTRY }}/${{ env.IMAGE_ORG }}/$service:${{ needs.build.outputs.environment }}-${{ needs.build.outputs.image_tag }} + done + + deploy: + name: Deploy to Kubernetes + needs: [build, release] + runs-on: ubuntu-latest + + steps: + - name: Check out code + uses: actions/checkout@v4 + + - name: Set image tag environment variable + run: | + echo "IMAGE_TAG=${{ needs.build.outputs.image_tag }}" >> $GITHUB_ENV + echo "ENVIRONMENT=${{ needs.build.outputs.environment }}" >> $GITHUB_ENV + + - name: Install Azure CLI + run: | + curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash + + - name: Azure Login + uses: azure/login@v1 + with: + creds: ${{ secrets.AZURE_CREDENTIALS }} + + - name: Setup kubectl + uses: azure/setup-kubectl@v3 + + - name: Get AKS Credentials + run: | + az aks get-credentials --resource-group ${{ env.RESOURCE_GROUP }} --name ${{ env.AKS_CLUSTER }} --overwrite-existing + + - name: Create namespace + run: | + kubectl create namespace phonebill-${{ env.ENVIRONMENT }} --dry-run=client -o yaml | kubectl apply -f - + + - name: Install Kustomize + run: | + curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash + sudo mv kustomize /usr/local/bin/ + + - name: Update Kustomize images and deploy + run: | + # 환경별 디렉토리로 이동 + cd .github/kustomize/overlays/${{ env.ENVIRONMENT }} + + # 각 서비스별 이미지 태그 업데이트 + kustomize edit set image ${{ env.REGISTRY }}/${{ env.IMAGE_ORG }}/api-gateway:${{ env.ENVIRONMENT }}-${{ env.IMAGE_TAG }} + kustomize edit set image ${{ env.REGISTRY }}/${{ env.IMAGE_ORG }}/user-service:${{ env.ENVIRONMENT }}-${{ env.IMAGE_TAG }} + kustomize edit set image ${{ env.REGISTRY }}/${{ env.IMAGE_ORG }}/bill-service:${{ env.ENVIRONMENT }}-${{ env.IMAGE_TAG }} + kustomize edit set image ${{ env.REGISTRY }}/${{ env.IMAGE_ORG }}/product-service:${{ env.ENVIRONMENT }}-${{ env.IMAGE_TAG }} + kustomize edit set image ${{ env.REGISTRY }}/${{ env.IMAGE_ORG }}/kos-mock:${{ env.ENVIRONMENT }}-${{ env.IMAGE_TAG }} + + # 매니페스트 적용 + kubectl apply -k . + + - name: Wait for deployments to be ready + run: | + echo "Waiting for deployments to be ready..." + kubectl -n phonebill-${{ env.ENVIRONMENT }} wait --for=condition=available deployment/${{ env.ENVIRONMENT }}-api-gateway --timeout=300s + kubectl -n phonebill-${{ env.ENVIRONMENT }} wait --for=condition=available deployment/${{ env.ENVIRONMENT }}-user-service --timeout=300s + kubectl -n phonebill-${{ env.ENVIRONMENT }} wait --for=condition=available deployment/${{ env.ENVIRONMENT }}-bill-service --timeout=300s + kubectl -n phonebill-${{ env.ENVIRONMENT }} wait --for=condition=available deployment/${{ env.ENVIRONMENT }}-product-service --timeout=300s + kubectl -n phonebill-${{ env.ENVIRONMENT }} wait --for=condition=available deployment/${{ env.ENVIRONMENT }}-kos-mock --timeout=300s + + - name: Health Check + run: | + echo "🔍 Health Check starting..." + + # API Gateway Health Check + GATEWAY_POD=$(kubectl get pod -n phonebill-${{ env.ENVIRONMENT }} -l app.kubernetes.io/name=${{ env.ENVIRONMENT }}-api-gateway -o jsonpath='{.items[0].metadata.name}') + kubectl -n phonebill-${{ env.ENVIRONMENT }} exec $GATEWAY_POD -- curl -f http://localhost:8080/actuator/health || exit 1 + + echo "✅ All services are healthy!" + + - name: Get service information + run: | + echo "📋 Service Information:" + kubectl get pods -n phonebill-${{ env.ENVIRONMENT }} + kubectl get services -n phonebill-${{ env.ENVIRONMENT }} + kubectl get ingress -n phonebill-${{ env.ENVIRONMENT }} + echo "Ingress IP: $(kubectl -n phonebill-${{ env.ENVIRONMENT }} get ingress phonebill-ingress -o jsonpath='{.status.loadBalancer.ingress[0].ip}' 2>/dev/null || echo 'Pending')" \ No newline at end of file diff --git a/CLAUDE.md b/CLAUDE.md index fd4828b..9a46bb7 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -310,6 +310,10 @@ QA Engineer - 설명: 백엔드 서비스를 Jenkins를 이용하여 CI/CD하는 배포 가이드 - URL: https://raw.githubusercontent.com/cna-bootcamp/clauding-guide/refs/heads/main/guides/deploy/deploy-jenkins-cicd-back.md - 파일명: deploy-jenkins-cicd-back.md +- 백엔드GitHubActions파이프라인작성가이드 + - 설명: 백엔드 서비스를 GitHub Actions를 이용하여 CI/CD하는 배포 가이드 + - URL: https://raw.githubusercontent.com/cna-bootcamp/clauding-guide/refs/heads/main/guides/deploy/deploy-actions-cicd-back.md + - 파일명: deploy-actions-cicd-back.md ## 참조 문서 - 프로젝트지침템플릿 diff --git a/claude/github-actions-migration-plan.md b/claude/github-actions-migration-plan.md deleted file mode 100644 index 81020eb..0000000 --- a/claude/github-actions-migration-plan.md +++ /dev/null @@ -1,308 +0,0 @@ -# GitHub Actions CI/CD 전환 작업계획서 - -## 📋 개요 - -현재 Jenkins 기반 CI/CD 파이프라인을 GitHub Actions로 전환하여 더 효율적이고 관리하기 쉬운 DevOps 환경을 구축하는 작업계획서입니다. - -## 🎯 전환 목표 - -- **통합 개발 환경**: GitHub과 CI/CD의 완전한 통합 -- **관리 효율성**: Jenkins 인프라 관리 부담 제거 -- **보안 강화**: GitHub Secrets를 통한 안전한 자격증명 관리 -- **개발자 경험**: GitHub 인터페이스와 통합된 워크플로우 -- **비용 최적화**: 자체 관리형 Jenkins 인프라 비용 절감 - -## 🔍 현재 Jenkins CI/CD 분석 - -### 기존 Jenkins 파이프라인 구조 - -``` -Jenkins Pipeline -├── Pod Template (Kubernetes 기반) -│ ├── podman container (이미지 빌드) -│ ├── gradle container (빌드 & 테스트) -│ └── azure-cli container (배포) -├── 5개 서비스 병렬 처리 -│ ├── api-gateway -│ ├── user-service -│ ├── bill-service -│ ├── product-service -│ └── kos-mock -└── Kustomize 기반 쿠버네티스 배포 -``` - -### 현재 파이프라인 단계 -1. **Get Source**: SCM checkout -2. **Setup AKS**: Azure 인증 및 쿠버네티스 클러스터 연결 -3. **Build**: Gradle 빌드 (테스트 제외) -4. **SonarQube Analysis**: 코드 품질 분석 (선택적) -5. **Build & Push Images**: Podman으로 컨테이너 이미지 빌드/푸시 -6. **Update Kustomize & Deploy**: 쿠버네티스 배포 - -### 사용 중인 도구 및 서비스 -- **빌드 도구**: Gradle with JDK 21 -- **컨테이너**: Podman (Docker 대신 사용) -- **레지스트리**: Azure Container Registry (ACR) -- **배포**: Kustomize + kubectl -- **코드 품질**: SonarQube -- **인프라**: Azure Kubernetes Service (AKS) - -## 📊 전환 범위 및 우선순위 - -### 1단계: 핵심 워크플로우 구축 (필수) -- [ ] **기본 빌드 워크플로우**: Gradle 빌드 자동화 -- [ ] **컨테이너 이미지 빌드**: Docker 기반 이미지 빌드/푸시 -- [ ] **환경별 배포**: dev/staging/prod 환경 지원 -- [ ] **시크릿 관리**: 자격증명 및 환경변수 관리 - -### 2단계: 고도화 기능 (중요) -- [ ] **코드 품질 분석**: SonarQube 통합 -- [ ] **테스트 자동화**: 단위/통합 테스트 실행 -- [ ] **병렬 처리**: 5개 서비스 동시 빌드/배포 -- [ ] **배포 검증**: Health check 및 rollback 기능 - -### 3단계: 최적화 및 확장 (선택) -- [ ] **캐싱 전략**: 빌드 속도 최적화 -- [ ] **매트릭스 빌드**: 다중 환경/버전 지원 -- [ ] **알림 시스템**: 빌드 상태 알림 -- [ ] **보안 스캔**: 컨테이너 취약점 검사 - -## 🗂️ 파일 구조 계획 - -``` -.github/ -└── workflows/ - ├── ci-cd.yml # 메인 CI/CD 워크플로우 - ├── build-and-test.yml # 빌드 및 테스트만 실행 - ├── deploy-dev.yml # 개발환경 배포 - ├── deploy-staging.yml # 스테이징환경 배포 - └── deploy-prod.yml # 운영환경 배포 - -scripts/ -├── build-images.sh # 이미지 빌드 스크립트 -├── deploy-services.sh # 서비스 배포 스크립트 -└── health-check.sh # 배포 검증 스크립트 -``` - -## 🔧 기술 스택 매핑 - -### Jenkins → GitHub Actions 매핑 - -| Jenkins 요소 | GitHub Actions 대체 | 비고 | -|---------------|-------------------|------| -| Jenkinsfile | .github/workflows/*.yml | YAML 기반 워크플로우 | -| Pod Template | Ubuntu/Windows runners | GitHub hosted runners | -| Podman container | Docker/build-push-action | Docker 기반 이미지 빌드 | -| Gradle container | actions/setup-java | Java 21 + Gradle wrapper | -| Azure CLI container | azure/login | Azure 서비스 연결 | -| Credentials | GitHub Secrets | 암호화된 환경변수 | -| SonarQube | sonarqube-github-action | 코드 품질 분석 | - -### 환경변수 및 시크릿 - -**GitHub Secrets 필요 항목:** -``` -AZURE_CLIENT_ID -AZURE_CLIENT_SECRET -AZURE_TENANT_ID -ACR_USERNAME -ACR_PASSWORD -DOCKERHUB_USERNAME -DOCKERHUB_PASSWORD -SONARQUBE_TOKEN -SONARQUBE_HOST_URL -RESOURCE_GROUP_DEV -RESOURCE_GROUP_STAGING -RESOURCE_GROUP_PROD -CLUSTER_NAME_DEV -CLUSTER_NAME_STAGING -CLUSTER_NAME_PROD -``` - -## 📝 상세 작업 단계 - -### Phase 1: 환경 준비 (1-2일) - -#### 1.1 GitHub Repository 설정 -- [ ] GitHub Actions 활성화 확인 -- [ ] Branch protection rules 설정 -- [ ] Required status checks 구성 - -#### 1.2 시크릿 구성 -- [ ] Azure 서비스 주체 정보 등록 -- [ ] ACR 자격증명 등록 -- [ ] SonarQube 토큰 등록 -- [ ] 환경별 클러스터 정보 등록 - -#### 1.3 권한 설정 -- [ ] GitHub Actions service account 생성 -- [ ] AKS 클러스터 접근 권한 부여 -- [ ] ACR 이미지 푸시 권한 확인 - -### Phase 2: 기본 워크플로우 구축 (3-4일) - -#### 2.1 빌드 워크플로우 (.github/workflows/build.yml) -```yaml -# 예시 구조 -name: Build and Test -on: - push: - branches: [ main, develop ] - pull_request: - branches: [ main ] - -jobs: - build: - runs-on: ubuntu-latest - strategy: - matrix: - service: [api-gateway, user-service, bill-service, product-service, kos-mock] - steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v4 - with: - java-version: '21' - distribution: 'temurin' - - name: Build with Gradle - run: ./gradlew :${{ matrix.service }}:build -x test -``` - -#### 2.2 이미지 빌드 워크플로우 -- [ ] Docker 기반 이미지 빌드 -- [ ] Multi-stage build 최적화 -- [ ] ACR 푸시 자동화 -- [ ] 이미지 태그 전략 수립 - -#### 2.3 배포 워크플로우 -- [ ] Kustomize 이미지 태그 업데이트 -- [ ] kubectl 배포 실행 -- [ ] 배포 상태 확인 -- [ ] Rollback 메커니즘 - -### Phase 3: 고도화 기능 (2-3일) - -#### 3.1 테스트 통합 -- [ ] 단위 테스트 실행 -- [ ] 통합 테스트 실행 -- [ ] 테스트 결과 리포팅 -- [ ] 커버리지 측정 - -#### 3.2 코드 품질 분석 -- [ ] SonarQube 분석 통합 -- [ ] Quality Gate 적용 -- [ ] PR 댓글로 품질 리포트 -- [ ] 실패 시 배포 중단 - -#### 3.3 병렬 처리 최적화 -- [ ] Matrix strategy 활용 -- [ ] Job dependencies 설정 -- [ ] 빌드 시간 최적화 -- [ ] 캐싱 전략 적용 - -### Phase 4: 검증 및 안정화 (2-3일) - -#### 4.1 기능 검증 -- [ ] 전체 파이프라인 End-to-End 테스트 -- [ ] 각 환경별 배포 검증 -- [ ] 롤백 기능 테스트 -- [ ] 성능 벤치마크 비교 - -#### 4.2 문서화 -- [ ] 워크플로우 사용법 문서 -- [ ] 트러블슈팅 가이드 -- [ ] 마이그레이션 체크리스트 -- [ ] 운영 매뉴얼 작성 - -## ⚠️ 위험 요소 및 대응 방안 - -### 기술적 위험 -| 위험 요소 | 영향도 | 대응 방안 | -|-----------|--------|----------| -| Podman → Docker 변환 | 중 | Docker 호환성 테스트, 이미지 빌드 검증 | -| Jenkins 종속성 | 높음 | 단계적 전환, 병렬 운영 기간 확보 | -| 환경별 설정 차이 | 중 | 환경별 상세 테스트, 설정 검증 도구 | -| 성능 차이 | 낮음 | 빌드 시간 벤치마크, 캐싱 최적화 | - -### 운영적 위험 -| 위험 요소 | 영향도 | 대응 방안 | -|-----------|--------|----------| -| 배포 중단 | 높음 | Blue-Green 배포, 즉시 롤백 가능 | -| 학습 곡선 | 중 | 교육 계획, 문서화 강화 | -| 권한 관리 복잡성 | 중 | IAM 정책 표준화, 최소 권한 원칙 | - -## 📊 성공 지표 - -### 기술적 지표 -- [ ] **빌드 시간**: 현재 대비 20% 이내 유지 -- [ ] **배포 성공률**: 99% 이상 -- [ ] **MTTR**: 평균 복구 시간 10분 이내 -- [ ] **파이프라인 가용성**: 99.9% 이상 - -### 운영적 지표 -- [ ] **관리 복잡성**: Jenkins 인프라 관리 불필요 -- [ ] **개발자 만족도**: GitHub 통합 워크플로우 -- [ ] **보안 개선**: 중앙화된 시크릿 관리 -- [ ] **비용 절감**: Jenkins 인프라 비용 제거 - -## 🗓️ 일정 계획 - -### 전체 일정: 8-12 일 -``` -Week 1 (Day 1-4): 환경 준비 + 기본 워크플로우 -├── Day 1-2: GitHub 설정, 시크릿 구성 -└── Day 3-4: 빌드 워크플로우 구축 - -Week 2 (Day 5-8): 고도화 + 검증 -├── Day 5-6: 이미지 빌드, 배포 워크플로우 -├── Day 7-8: 테스트, 품질 분석 통합 - -Week 3 (Day 9-12): 최적화 + 안정화 -├── Day 9-10: 병렬 처리, 성능 최적화 -└── Day 11-12: 검증, 문서화, 운영 전환 -``` - -### 마일스톤 -- **M1** (Day 4): 기본 빌드 파이프라인 완료 -- **M2** (Day 8): 전체 CI/CD 파이프라인 완료 -- **M3** (Day 12): 운영 환경 전환 완료 - -## ✅ 체크리스트 - -### 전환 전 준비사항 -- [ ] 현재 Jenkins 파이프라인 백업 -- [ ] GitHub Actions 사용량 한도 확인 -- [ ] 팀 구성원 GitHub Actions 교육 -- [ ] 롤백 계획 수립 - -### 전환 후 검증사항 -- [ ] 전체 서비스 빌드/배포 테스트 -- [ ] 환경별 배포 검증 -- [ ] 성능 벤치마크 비교 -- [ ] 보안 설정 점검 -- [ ] 문서화 완료 확인 - -## 📞 담당자 및 역할 - -### 핵심 담당자 -- **DevOps 리드**: 최운영/데옵스 - 워크플로우 설계, 인프라 연동 -- **Backend 리드**: 이개발/백엔더 - 빌드 스크립트, 테스트 통합 -- **QA 리드**: 정테스트/QA매니저 - 배포 검증, 품질 게이트 - -### 지원 역할 -- **Product Owner**: 김기획/기획자 - 일정 조율, 우선순위 결정 -- **Frontend Dev**: 박화면/프론트 - 프론트엔드 빌드 프로세스 - -## 💡 추천사항 - -1. **점진적 전환**: 개발환경부터 단계적으로 전환 -2. **병렬 운영**: 초기 안정화까지 Jenkins와 병행 운영 -3. **모니터링 강화**: 전환 후 집중 모니터링 기간 운영 -4. **피드백 수집**: 개발팀 피드백 기반 지속 개선 -5. **문서화 우선**: 모든 변경사항 실시간 문서화 - ---- - -**작성일**: 2025-01-14 -**작성자**: 최운영/데옵스 -**검토자**: 김기획/기획자, 이개발/백엔더 -**승인자**: Project Owner \ No newline at end of file diff --git a/fix-deployment-selector.sh b/fix-deployment-selector.sh deleted file mode 100755 index 1945207..0000000 --- a/fix-deployment-selector.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash - -# Deployment selector 문제 해결을 위한 스크립트 -# 기존 Deployment 삭제 후 새로운 설정으로 재생성 - -echo "=== Deployment Selector 문제 해결 시작 ===" - -NAMESPACE="phonebill-dev" -SERVICES=("api-gateway" "bill-service" "kos-mock" "product-service" "user-service") - -# 1단계: 기존 Deployment들을 안전하게 삭제 -echo "1단계: 기존 Deployment 삭제" -for service in "${SERVICES[@]}"; do - echo "삭제 중: $service" - kubectl delete deployment $service -n $NAMESPACE --ignore-not-found=true - - # Deployment가 완전히 삭제될 때까지 대기 - while kubectl get deployment $service -n $NAMESPACE &>/dev/null; do - echo "대기 중: $service 삭제 완료 대기..." - sleep 2 - done - echo "완료: $service 삭제됨" -done - -echo "모든 Deployment 삭제 완료" - -# 2단계: 잠시 대기 -echo "2단계: 리소스 정리 대기 (5초)" -sleep 5 - -# 3단계: Kustomize를 통해 새로운 Deployment 생성 -echo "3단계: 새로운 Deployment 생성" -echo "Kustomize 적용 중..." - -cd deployment/cicd/kustomize/overlays/dev -kubectl apply -k . - -echo "=== Deployment Selector 문제 해결 완료 ===" - -# 4단계: 결과 확인 -echo "4단계: 배포 결과 확인" -kubectl get deployments -n $NAMESPACE -o wide - -echo "" -echo "Pod 상태 확인:" -kubectl get pods -n $NAMESPACE \ No newline at end of file