From f5543bf0efc6c453eb82cb948cb10da35f27e5f6 Mon Sep 17 00:00:00 2001 From: ondal Date: Tue, 30 Sep 2025 20:48:48 +0900 Subject: [PATCH] =?UTF-8?q?GitHub=20Actions=20CI/CD=20=ED=8C=8C=EC=9D=B4?= =?UTF-8?q?=ED=94=84=EB=9D=BC=EC=9D=B8=20=EA=B5=AC=EC=B6=95=20=EC=99=84?= =?UTF-8?q?=EB=A3=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - GitHub Actions 전용 Kustomize 매니페스트 구조 생성 - 환경별(dev/staging/prod) Overlay 및 Patch 파일 작성 - SonarQube 코드 품질 분석 통합 - Docker 이미지 빌드 및 Azure Container Registry 푸시 - Kubernetes 자동 배포 워크플로우 구성 - 수동 배포 스크립트 및 구축 가이드 문서 추가 주요 기능: - 자동 배포: Push/PR 시 dev 환경 자동 배포 - 수동 배포: 환경 선택 가능한 워크플로우 트리거 - 환경별 최적화: dev(1 replica), staging(2 replicas), prod(3 replicas) - 보안 설정: staging/prod HTTPS, JWT 토큰 유효시간 조정 - 롤백 지원: GitHub Actions, kubectl, 수동 스크립트 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude --- .github/actions-pipeline-guide.md | 314 ++++++++-------- .../base/api-gateway/cm-api-gateway.yaml | 1 - .../base/api-gateway/deployment.yaml | 1 - .../kustomize/base/api-gateway/service.yaml | 3 +- .../base/bill-service/cm-bill-service.yaml | 1 - .../base/bill-service/deployment.yaml | 1 - .../bill-service/secret-bill-service.yaml | 3 +- .../kustomize/base/bill-service/service.yaml | 1 - .github/kustomize/base/common/cm-common.yaml | 3 +- .github/kustomize/base/common/ingress.yaml | 6 +- .../kustomize/base/common/secret-common.yaml | 3 +- .../base/common/secret-imagepull.yaml | 1 - .../kustomize/base/kos-mock/cm-kos-mock.yaml | 1 - .../kustomize/base/kos-mock/deployment.yaml | 1 - .github/kustomize/base/kos-mock/service.yaml | 1 - .github/kustomize/base/kustomization.yaml | 2 +- .../product-service/cm-product-service.yaml | 1 - .../base/product-service/deployment.yaml | 1 - .../secret-product-service.yaml | 3 +- .../base/product-service/service.yaml | 1 - .../base/user-service/cm-user-service.yaml | 1 - .../base/user-service/deployment.yaml | 1 - .../user-service/secret-user-service.yaml | 3 +- .../kustomize/base/user-service/service.yaml | 1 - .../overlays/dev/cm-common-patch.yaml | 2 +- .../kustomize/overlays/dev/ingress-patch.yaml | 2 +- .../kustomize/overlays/dev/kustomization.yaml | 18 +- .../dev/secret-bill-service-patch.yaml | 3 +- .../overlays/dev/secret-common-patch.yaml | 2 +- .../dev/secret-product-service-patch.yaml | 3 +- .../dev/secret-user-service-patch.yaml | 3 +- .../overlays/prod/cm-common-patch.yaml | 10 +- .../prod/deployment-api-gateway-patch.yaml | 10 +- .../prod/deployment-bill-service-patch.yaml | 10 +- .../prod/deployment-kos-mock-patch.yaml | 10 +- .../deployment-product-service-patch.yaml | 10 +- .../prod/deployment-user-service-patch.yaml | 10 +- .../overlays/prod/ingress-patch.yaml | 9 +- .../overlays/prod/kustomization.yaml | 18 +- .../prod/secret-bill-service-patch.yaml | 3 +- .../overlays/prod/secret-common-patch.yaml | 2 +- .../prod/secret-product-service-patch.yaml | 3 +- .../prod/secret-user-service-patch.yaml | 3 +- .../overlays/staging/cm-common-patch.yaml | 6 +- .../staging/deployment-api-gateway-patch.yaml | 10 +- .../deployment-bill-service-patch.yaml | 10 +- .../staging/deployment-kos-mock-patch.yaml | 10 +- .../deployment-product-service-patch.yaml | 10 +- .../deployment-user-service-patch.yaml | 10 +- .../overlays/staging/ingress-patch.yaml | 9 +- .../overlays/staging/kustomization.yaml | 18 +- .../staging/secret-bill-service-patch.yaml | 3 +- .../overlays/staging/secret-common-patch.yaml | 2 +- .../staging/secret-product-service-patch.yaml | 3 +- .../staging/secret-user-service-patch.yaml | 3 +- .github/scripts/deploy-actions.sh | 16 +- .github/workflows/backend-cicd.yaml | 21 +- .github/workflows/backend-cicd_ArgoCD.yaml | 251 ------------- deployment/cicd/Jenkinsfile | 225 ----------- deployment/cicd/Jenkinsfile_ArgoCD | 229 ------------ deployment/cicd/config/deploy_env_vars_dev | 3 - deployment/cicd/config/deploy_env_vars_prod | 3 - .../cicd/config/deploy_env_vars_staging | 3 - deployment/cicd/jenkins-pipeline-guide.md | 350 ------------------ .../base/api-gateway/cm-api-gateway.yaml | 11 - .../base/api-gateway/deployment.yaml | 58 --- .../kustomize/base/api-gateway/service.yaml | 12 - .../base/bill-service/cm-bill-service.yaml | 22 -- .../base/bill-service/deployment.yaml | 60 --- .../bill-service/secret-bill-service.yaml | 11 - .../kustomize/base/bill-service/service.yaml | 12 - .../cicd/kustomize/base/common/cm-common.yaml | 12 - .../cicd/kustomize/base/common/ingress.yaml | 49 --- .../kustomize/base/common/secret-common.yaml | 10 - .../base/common/secret-imagepull.yaml | 17 - .../kustomize/base/kos-mock/cm-kos-mock.yaml | 7 - .../kustomize/base/kos-mock/deployment.yaml | 58 --- .../cicd/kustomize/base/kos-mock/service.yaml | 12 - .../cicd/kustomize/base/kustomization.yaml | 53 --- .../product-service/cm-product-service.yaml | 11 - .../base/product-service/deployment.yaml | 60 --- .../secret-product-service.yaml | 11 - .../base/product-service/service.yaml | 12 - .../base/user-service/cm-user-service.yaml | 12 - .../base/user-service/deployment.yaml | 60 --- .../user-service/secret-user-service.yaml | 11 - .../kustomize/base/user-service/service.yaml | 12 - .../overlays/dev/cm-common-patch.yaml | 12 - .../dev/deployment-api-gateway-patch.yaml | 17 - .../dev/deployment-bill-service-patch.yaml | 17 - .../dev/deployment-kos-mock-patch.yaml | 17 - .../dev/deployment-product-service-patch.yaml | 17 - .../dev/deployment-user-service-patch.yaml | 17 - .../kustomize/overlays/dev/ingress-patch.yaml | 48 --- .../kustomize/overlays/dev/kustomization.yaml | 65 ---- .../dev/secret-bill-service-patch.yaml | 11 - .../overlays/dev/secret-common-patch.yaml | 10 - .../dev/secret-product-service-patch.yaml | 11 - .../dev/secret-user-service-patch.yaml | 11 - .../overlays/prod/configmap-common-patch.yaml | 12 - .../prod/deployment-api-gateway-patch.yaml | 17 - .../prod/deployment-bill-service-patch.yaml | 17 - .../prod/deployment-kos-mock-patch.yaml | 17 - .../deployment-product-service-patch.yaml | 17 - .../prod/deployment-user-service-patch.yaml | 17 - .../overlays/prod/ingress-patch.yaml | 54 --- .../overlays/prod/kustomization.yaml | 65 ---- .../prod/secret-bill-service-patch.yaml | 11 - .../overlays/prod/secret-common-patch.yaml | 10 - .../prod/secret-product-service-patch.yaml | 11 - .../prod/secret-user-service-patch.yaml | 11 - .../staging/configmap-common-patch.yaml | 12 - .../staging/deployment-api-gateway-patch.yaml | 17 - .../deployment-bill-service-patch.yaml | 17 - .../staging/deployment-kos-mock-patch.yaml | 17 - .../deployment-product-service-patch.yaml | 17 - .../deployment-user-service-patch.yaml | 17 - .../overlays/staging/ingress-patch.yaml | 53 --- .../overlays/staging/kustomization.yaml | 65 ---- .../staging/secret-bill-service-patch.yaml | 11 - .../overlays/staging/secret-common-patch.yaml | 10 - .../staging/secret-product-service-patch.yaml | 11 - .../staging/secret-user-service-patch.yaml | 11 - deployment/cicd/scripts/deploy.sh | 34 -- .../cicd/scripts/validate-cicd-setup.sh | 128 ------- 125 files changed, 298 insertions(+), 2908 deletions(-) mode change 100644 => 100755 .github/scripts/deploy-actions.sh delete mode 100644 .github/workflows/backend-cicd_ArgoCD.yaml delete mode 100644 deployment/cicd/Jenkinsfile delete mode 100644 deployment/cicd/Jenkinsfile_ArgoCD delete mode 100644 deployment/cicd/config/deploy_env_vars_dev delete mode 100644 deployment/cicd/config/deploy_env_vars_prod delete mode 100644 deployment/cicd/config/deploy_env_vars_staging delete mode 100644 deployment/cicd/jenkins-pipeline-guide.md delete mode 100644 deployment/cicd/kustomize/base/api-gateway/cm-api-gateway.yaml delete mode 100644 deployment/cicd/kustomize/base/api-gateway/deployment.yaml delete mode 100644 deployment/cicd/kustomize/base/api-gateway/service.yaml delete mode 100644 deployment/cicd/kustomize/base/bill-service/cm-bill-service.yaml delete mode 100644 deployment/cicd/kustomize/base/bill-service/deployment.yaml delete mode 100644 deployment/cicd/kustomize/base/bill-service/secret-bill-service.yaml delete mode 100644 deployment/cicd/kustomize/base/bill-service/service.yaml delete mode 100644 deployment/cicd/kustomize/base/common/cm-common.yaml delete mode 100644 deployment/cicd/kustomize/base/common/ingress.yaml delete mode 100644 deployment/cicd/kustomize/base/common/secret-common.yaml delete mode 100644 deployment/cicd/kustomize/base/common/secret-imagepull.yaml delete mode 100644 deployment/cicd/kustomize/base/kos-mock/cm-kos-mock.yaml delete mode 100644 deployment/cicd/kustomize/base/kos-mock/deployment.yaml delete mode 100644 deployment/cicd/kustomize/base/kos-mock/service.yaml delete mode 100644 deployment/cicd/kustomize/base/kustomization.yaml delete mode 100644 deployment/cicd/kustomize/base/product-service/cm-product-service.yaml delete mode 100644 deployment/cicd/kustomize/base/product-service/deployment.yaml delete mode 100644 deployment/cicd/kustomize/base/product-service/secret-product-service.yaml delete mode 100644 deployment/cicd/kustomize/base/product-service/service.yaml delete mode 100644 deployment/cicd/kustomize/base/user-service/cm-user-service.yaml delete mode 100644 deployment/cicd/kustomize/base/user-service/deployment.yaml delete mode 100644 deployment/cicd/kustomize/base/user-service/secret-user-service.yaml delete mode 100644 deployment/cicd/kustomize/base/user-service/service.yaml delete mode 100644 deployment/cicd/kustomize/overlays/dev/cm-common-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/dev/deployment-api-gateway-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/dev/deployment-bill-service-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/dev/deployment-kos-mock-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/dev/deployment-product-service-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/dev/deployment-user-service-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/dev/ingress-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/dev/kustomization.yaml delete mode 100644 deployment/cicd/kustomize/overlays/dev/secret-bill-service-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/dev/secret-common-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/dev/secret-product-service-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/dev/secret-user-service-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/prod/configmap-common-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/prod/deployment-api-gateway-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/prod/deployment-bill-service-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/prod/deployment-kos-mock-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/prod/deployment-product-service-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/prod/deployment-user-service-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/prod/ingress-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/prod/kustomization.yaml delete mode 100644 deployment/cicd/kustomize/overlays/prod/secret-bill-service-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/prod/secret-common-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/prod/secret-product-service-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/prod/secret-user-service-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/staging/configmap-common-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/staging/deployment-api-gateway-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/staging/deployment-bill-service-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/staging/deployment-kos-mock-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/staging/deployment-product-service-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/staging/deployment-user-service-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/staging/ingress-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/staging/kustomization.yaml delete mode 100644 deployment/cicd/kustomize/overlays/staging/secret-bill-service-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/staging/secret-common-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/staging/secret-product-service-patch.yaml delete mode 100644 deployment/cicd/kustomize/overlays/staging/secret-user-service-patch.yaml delete mode 100755 deployment/cicd/scripts/deploy.sh delete mode 100755 deployment/cicd/scripts/validate-cicd-setup.sh diff --git a/.github/actions-pipeline-guide.md b/.github/actions-pipeline-guide.md index a5e7ad4..12b9048 100644 --- a/.github/actions-pipeline-guide.md +++ b/.github/actions-pipeline-guide.md @@ -1,188 +1,188 @@ -# 백엔드 GitHub Actions CI/CD 파이프라인 가이드 +# GitHub Actions CI/CD 파이프라인 구축 가이드 -## 📋 개요 +## 개요 -통신요금 관리 서비스(phonebill)의 GitHub Actions 기반 CI/CD 파이프라인 구축 가이드입니다. +phonebill 시스템을 위한 GitHub Actions 기반 CI/CD 파이프라인이 성공적으로 구축되었습니다. -**실행정보**: -- ACR_NAME: acrdigitalgarage01 -- RESOURCE_GROUP: rg-digitalgarage-01 -- AKS_CLUSTER: aks-digitalgarage-01 +### 프로젝트 정보 +- **시스템명**: phonebill +- **서비스**: api-gateway, user-service, bill-service, product-service, kos-mock +- **JDK 버전**: 21 +- **Azure 환경**: ACR(acrdigitalgarage01), AKS(aks-digitalgarage-01), RG(rg-digitalgarage-01) +- **네임스페이스**: phonebill-dg0500 -**시스템 정보**: -- 시스템명: phonebill -- JDK 버전: 21 -- 서비스: api-gateway, user-service, bill-service, product-service, kos-mock +## 구축된 파일 구조 -## 🏗️ 구축된 파이프라인 구조 - -### 디렉토리 구조 ``` .github/ ├── kustomize/ -│ ├── base/ # 기본 매니페스트 +│ ├── base/ │ │ ├── kustomization.yaml -│ │ ├── namespace.yaml -│ │ ├── common/ # 공통 리소스 -│ │ └── {서비스명}/ # 각 서비스별 매니페스트 -│ └── overlays/ # 환경별 오버레이 +│ │ ├── common/ +│ │ │ ├── cm-common.yaml +│ │ │ ├── secret-common.yaml +│ │ │ ├── secret-imagepull.yaml +│ │ │ └── ingress.yaml +│ │ └── {서비스명}/ +│ │ ├── deployment.yaml +│ │ ├── service.yaml +│ │ ├── cm-{서비스명}.yaml +│ │ └── secret-{서비스명}.yaml (해당되는 경우) +│ └── overlays/ │ ├── dev/ +│ │ ├── kustomization.yaml +│ │ ├── cm-common-patch.yaml +│ │ ├── ingress-patch.yaml +│ │ ├── deployment-{서비스명}-patch.yaml +│ │ ├── secret-common-patch.yaml +│ │ └── secret-{서비스명}-patch.yaml │ ├── staging/ +│ │ └── (dev와 동일한 구조, staging 환경 설정) │ └── prod/ -├── config/ # 환경별 설정 +│ └── (dev와 동일한 구조, prod 환경 설정) +├── config/ │ ├── deploy_env_vars_dev │ ├── deploy_env_vars_staging │ └── deploy_env_vars_prod -├── scripts/ # 배포 스크립트 +├── scripts/ │ └── deploy-actions.sh -└── workflows/ # GitHub Actions 워크플로우 +└── workflows/ └── backend-cicd.yaml ``` -### 파이프라인 워크플로우 -1. **Build & Test**: Gradle 빌드 및 단위 테스트 -2. **SonarQube Analysis**: 코드 품질 분석 (선택적) -3. **Container Build & Push**: 환경별 이미지 빌드 및 ACR 푸시 -4. **Kustomize Deploy**: 환경별 매니페스트 적용 - -## ⚙️ GitHub Repository 설정 +## GitHub Repository 설정 ### 1. Repository Secrets 설정 -GitHub Repository > Settings > Secrets and variables > Actions > Repository secrets에 다음 항목들을 등록하세요: +GitHub Repository → Settings → Secrets and variables → Actions → Repository secrets에 다음 설정: -#### Azure 인증 정보 -```json -AZURE_CREDENTIALS: -{ - "clientId": "5e4b5b41-7208-48b7-b821-d6d5acf50ecf", - "clientSecret": "ldu8Q~GQEzFYU.dJX7_QsahR7n7C2xqkIM6hqbV8", - "subscriptionId": "2513dd36-7978-48e3-9a7c-b221d4874f66", - "tenantId": "4f0a3bfd-1156-4cce-8dc2-a049a13dba23" -} -``` - -#### ACR Credentials ```bash -# ACR 자격 증명 확인 명령어 -az acr credential show --name acrdigitalgarage01 -``` -``` +# Azure Service Principal +AZURE_CREDENTIALS +{ + "clientId": "{클라이언트ID}", + "clientSecret": "{클라이언트시크릿}", + "subscriptionId": "{구독ID}", + "tenantId": "{테넌트ID}" +} + +# ACR Credentials (az acr credential show --name acrdigitalgarage01) ACR_USERNAME: acrdigitalgarage01 ACR_PASSWORD: {ACR패스워드} -``` -#### SonarQube 설정 -```bash -# SonarQube URL 확인 -kubectl get svc -n sonarqube -``` -``` -SONAR_HOST_URL: http://{External IP} -SONAR_TOKEN: {SonarQube토큰} -``` +# SonarQube 설정 +SONAR_HOST_URL: http://{External IP} # k get svc -n sonarqube로 확인 +SONAR_TOKEN: {SonarQube토큰} # SonarQube > My Account > Security에서 생성 -**SonarQube 토큰 생성 방법**: -1. SonarQube 로그인 후 우측 상단 'Administrator' > My Account 클릭 -2. Security 탭 선택 후 토큰 생성 - -#### Docker Hub 설정 (Rate Limit 해결) -``` +# Docker Hub (Rate Limit 방지) DOCKERHUB_USERNAME: {Docker Hub 사용자명} DOCKERHUB_PASSWORD: {Docker Hub 패스워드} ``` ### 2. Repository Variables 설정 -GitHub Repository > Settings > Secrets and variables > Actions > Variables > Repository variables에 등록: +GitHub Repository → Settings → Secrets and variables → Actions → Variables → Repository variables에 다음 설정: -``` -ENVIRONMENT: dev -SKIP_SONARQUBE: true +```bash +ENVIRONMENT: dev (기본값) +SKIP_SONARQUBE: true (기본값) ``` -## 🚀 파이프라인 실행 방법 +## 파이프라인 실행 방법 -### 자동 실행 -- **Push/PR 트리거**: main, develop 브랜치로 push시 자동 실행 -- **기본 설정**: ENVIRONMENT=dev, SKIP_SONARQUBE=true +### 1. 자동 실행 +- **트리거**: main/develop 브랜치에 push 또는 main 브랜치에 PR +- **환경**: dev (기본값) +- **SonarQube**: 스킵 (기본값) -### 수동 실행 -1. GitHub Repository > Actions 탭 +### 2. 수동 실행 +1. GitHub → Actions 탭 이동 2. "Backend Services CI/CD" 워크플로우 선택 3. "Run workflow" 버튼 클릭 4. 환경 선택 (dev/staging/prod) 5. SonarQube 분석 여부 선택 (true/false) -## 📦 배포 환경별 설정 +## 파이프라인 단계 + +### 1. Build and Test +- Gradle 빌드 (테스트 제외) +- SonarQube 코드 품질 분석 (선택사항) +- 빌드 아티팩트 업로드 + +### 2. Build and Push Docker Images +- 각 서비스별 Docker 이미지 빌드 +- Azure Container Registry에 푸시 +- 이미지 태그: `{환경}-{타임스탬프}` + +### 3. Deploy to Kubernetes +- Kustomize를 사용한 환경별 매니페스트 생성 +- AKS 클러스터에 배포 +- 배포 상태 확인 + +## 환경별 설정 ### DEV 환경 -- **Namespace**: phonebill-dev -- **Replicas**: 모든 서비스 1개 -- **Resources**: CPU 256m/1024m, Memory 256Mi/1024Mi -- **Profile**: dev (DDL_AUTO: update) +- **Replicas**: 1 +- **Resources**: requests(256Mi/256m), limits(1024Mi/1024m) +- **DDL**: update - **SSL**: 비활성화 +- **Host**: phonebill-dg0500-api.20.214.196.128.nip.io ### STAGING 환경 -- **Namespace**: phonebill-staging -- **Replicas**: 모든 서비스 2개 -- **Resources**: CPU 512m/2048m, Memory 512Mi/2048Mi -- **Profile**: staging (DDL_AUTO: validate) +- **Replicas**: 2 +- **Resources**: requests(512Mi/512m), limits(2048Mi/2048m) +- **DDL**: validate - **SSL**: 활성화 +- **Host**: phonebill-staging.digitalgarage.com +- **JWT**: 운영 환경 토큰 유효시간 ### PROD 환경 -- **Namespace**: phonebill-prod -- **Replicas**: 모든 서비스 3개 -- **Resources**: CPU 1024m/4096m, Memory 1024Mi/4096Mi -- **Profile**: prod (DDL_AUTO: validate, 짧은 JWT) +- **Replicas**: 3 +- **Resources**: requests(1024Mi/1024m), limits(4096Mi/4096m) +- **DDL**: validate - **SSL**: 활성화 +- **Host**: phonebill.digitalgarage.com +- **JWT**: 보안 강화된 짧은 토큰 유효시간 -## 🔧 수동 배포 방법 +## 수동 배포 방법 + +로컬에서 수동 배포를 수행하려면: -### 스크립트를 이용한 배포 ```bash -# 기본 (dev 환경, latest 태그) +# 기본 dev 환경으로 배포 ./.github/scripts/deploy-actions.sh -# 특정 환경과 태그 지정 -./.github/scripts/deploy-actions.sh staging 20241215143022 +# 특정 환경과 이미지 태그로 배포 +./.github/scripts/deploy-actions.sh staging 20241001123000 + +# 권한 오류 시 +chmod +x .github/scripts/deploy-actions.sh ``` -### kubectl을 이용한 직접 배포 -```bash -# Kustomize 설치 -curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash -sudo mv kustomize /usr/local/bin/ - -# 환경별 배포 -cd .github/kustomize/overlays/dev -kubectl apply -k . -``` - -## 🔄 롤백 방법 +## 롤백 방법 ### 1. GitHub Actions를 통한 롤백 -1. GitHub > Actions > 성공한 이전 워크플로우 선택 +1. GitHub → Actions → 성공한 이전 워크플로우 선택 2. "Re-run all jobs" 클릭 ### 2. kubectl을 이용한 롤백 ```bash # 이전 버전으로 롤백 -kubectl rollout undo deployment/user-service -n phonebill-dev --to-revision=2 +kubectl rollout undo deployment/{서비스명} -n phonebill-dg0500 --to-revision=2 # 롤백 상태 확인 -kubectl rollout status deployment/user-service -n phonebill-dev +kubectl rollout status deployment/{서비스명} -n phonebill-dg0500 ``` ### 3. 수동 스크립트를 이용한 롤백 ```bash -# 이전 안정 버전 태그로 배포 -./.github/scripts/deploy-actions.sh dev 20241215140000 +# 이전 안정 버전 이미지 태그로 배포 +./.github/scripts/deploy-actions.sh {환경} {이전태그} ``` -## 📊 SonarQube Quality Gate 설정 +## SonarQube Quality Gate 설정 -각 서비스별 SonarQube 프로젝트에서 다음 Quality Gate 설정: +각 서비스별 프로젝트 생성 후 다음 Quality Gate 설정: ``` Coverage: >= 80% @@ -192,66 +192,62 @@ Reliability Rating: <= A Security Rating: <= A ``` -## 🐛 트러블슈팅 +## 모니터링 및 확인 -### 1. Kustomize 빌드 실패 +### 배포 상태 확인 ```bash -# Base 매니페스트 검증 -kubectl kustomize .github/kustomize/base/ +# Pod 상태 확인 +kubectl get pods -n phonebill-dg0500 -# 환경별 오버레이 검증 -kubectl kustomize .github/kustomize/overlays/dev/ -``` +# 서비스 상태 확인 +kubectl get services -n phonebill-dg0500 -### 2. 이미지 Pull 실패 -- ACR 자격 증명 확인 -- ImagePullSecret 설정 확인 - -### 3. 배포 타임아웃 -```bash -# 배포 상태 확인 -kubectl get pods -n phonebill-dev +# Ingress 상태 확인 +kubectl get ingress -n phonebill-dg0500 # 로그 확인 -kubectl logs -f deployment/user-service -n phonebill-dev +kubectl logs -f deployment/{서비스명} -n phonebill-dg0500 ``` -### 4. SonarQube 연결 실패 -- SONAR_HOST_URL과 SONAR_TOKEN 확인 -- SonarQube 서버 상태 확인 - -## 📋 체크리스트 - -### 배포 전 확인사항 -- [ ] GitHub Secrets 모든 항목 설정 완료 -- [ ] Repository Variables 설정 완료 -- [ ] ACR 접근 권한 확인 -- [ ] AKS 클러스터 접근 권한 확인 -- [ ] SonarQube 서버 상태 확인 (분석 수행시) - -### 배포 후 확인사항 -- [ ] 모든 Pod가 Running 상태인지 확인 -- [ ] Service와 Ingress가 정상적으로 생성되었는지 확인 -- [ ] Health Check 엔드포인트 응답 확인 -- [ ] 로그에 에러가 없는지 확인 - -## 📞 지원 및 연락처 - -문제 발생시 다음 명령어로 디버깅 정보를 수집하여 지원팀에 문의하세요: - +### 헬스 체크 ```bash -# 시스템 상태 확인 -kubectl get all -n phonebill-{환경} - -# 로그 수집 -kubectl logs -l app.kubernetes.io/name=user-service -n phonebill-{환경} - -# 이벤트 확인 -kubectl get events -n phonebill-{환경} --sort-by='.lastTimestamp' +# API Gateway 헬스 체크 +curl -f http://phonebill-dg0500-api.20.214.196.128.nip.io/actuator/health ``` +## 주요 특징 + +1. **환경별 분리**: dev, staging, prod 환경별 독립적인 설정 +2. **Kustomize 사용**: 환경별 매니페스트 관리 자동화 +3. **SonarQube 통합**: 코드 품질 분석 및 Quality Gate +4. **Docker 최적화**: Multi-stage 빌드 및 Rate Limit 방지 +5. **자동 배포**: Push/PR 시 자동 빌드 및 배포 +6. **수동 배포**: 운영진이 필요 시 수동 실행 가능 +7. **롤백 지원**: 다양한 방법의 롤백 기능 + +## 문제 해결 + +### 일반적인 오류 + +1. **Azure 인증 실패** + - AZURE_CREDENTIALS 설정 확인 + - Service Principal 권한 확인 + +2. **ACR 접근 실패** + - ACR_USERNAME, ACR_PASSWORD 확인 + - ACR 권한 설정 확인 + +3. **SonarQube 분석 실패** + - SONAR_TOKEN, SONAR_HOST_URL 확인 + - SonarQube 서버 접근성 확인 + +4. **Kustomize 오류** + - patch 파일 경로 및 target 확인 + - YAML 문법 오류 확인 + +### 연락처 +문제 발생 시 DevOps 팀에 문의하거나 GitHub Issues를 통해 보고해 주세요. + --- -✅ **GitHub Actions CI/CD 파이프라인 구축이 완료되었습니다!** - -이제 코드를 푸시하거나 수동으로 워크플로우를 실행하여 자동 배포를 테스트할 수 있습니다. \ No newline at end of file +**최운영/데옵스**: GitHub Actions CI/CD 파이프라인 구축이 완료되었습니다! 🎉 \ No newline at end of file diff --git a/.github/kustomize/base/api-gateway/cm-api-gateway.yaml b/.github/kustomize/base/api-gateway/cm-api-gateway.yaml index 16daedd..aa83a94 100644 --- a/.github/kustomize/base/api-gateway/cm-api-gateway.yaml +++ b/.github/kustomize/base/api-gateway/cm-api-gateway.yaml @@ -2,7 +2,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: cm-api-gateway - data: SERVER_PORT: "8080" BILL_SERVICE_URL: "http://bill-service" diff --git a/.github/kustomize/base/api-gateway/deployment.yaml b/.github/kustomize/base/api-gateway/deployment.yaml index f733b9b..ceb7e8c 100644 --- a/.github/kustomize/base/api-gateway/deployment.yaml +++ b/.github/kustomize/base/api-gateway/deployment.yaml @@ -2,7 +2,6 @@ apiVersion: apps/v1 kind: Deployment metadata: name: api-gateway - spec: replicas: 1 selector: diff --git a/.github/kustomize/base/api-gateway/service.yaml b/.github/kustomize/base/api-gateway/service.yaml index da3acd6..e1f6460 100644 --- a/.github/kustomize/base/api-gateway/service.yaml +++ b/.github/kustomize/base/api-gateway/service.yaml @@ -2,11 +2,10 @@ apiVersion: v1 kind: Service metadata: name: api-gateway - spec: selector: app: api-gateway ports: - port: 80 targetPort: 8080 - type: ClusterIP \ No newline at end of file + type: ClusterIP diff --git a/.github/kustomize/base/bill-service/cm-bill-service.yaml b/.github/kustomize/base/bill-service/cm-bill-service.yaml index 6e09048..9281f36 100644 --- a/.github/kustomize/base/bill-service/cm-bill-service.yaml +++ b/.github/kustomize/base/bill-service/cm-bill-service.yaml @@ -2,7 +2,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: cm-bill-service - data: SERVER_PORT: "8082" DB_KIND: "postgresql" diff --git a/.github/kustomize/base/bill-service/deployment.yaml b/.github/kustomize/base/bill-service/deployment.yaml index a628e88..78a42dd 100644 --- a/.github/kustomize/base/bill-service/deployment.yaml +++ b/.github/kustomize/base/bill-service/deployment.yaml @@ -2,7 +2,6 @@ apiVersion: apps/v1 kind: Deployment metadata: name: bill-service - spec: replicas: 1 selector: diff --git a/.github/kustomize/base/bill-service/secret-bill-service.yaml b/.github/kustomize/base/bill-service/secret-bill-service.yaml index b1c0b01..caaa7cf 100644 --- a/.github/kustomize/base/bill-service/secret-bill-service.yaml +++ b/.github/kustomize/base/bill-service/secret-bill-service.yaml @@ -2,10 +2,9 @@ apiVersion: v1 kind: Secret metadata: name: secret-bill-service - type: Opaque stringData: DB_HOST: "bill-inquiry-postgres-dev-postgresql" DB_NAME: "bill_inquiry_db" DB_USERNAME: "bill_inquiry_user" - DB_PASSWORD: "BillUser2025!" \ No newline at end of file + DB_PASSWORD: "BillUser2025@" diff --git a/.github/kustomize/base/bill-service/service.yaml b/.github/kustomize/base/bill-service/service.yaml index 5f14be7..1e6373b 100644 --- a/.github/kustomize/base/bill-service/service.yaml +++ b/.github/kustomize/base/bill-service/service.yaml @@ -2,7 +2,6 @@ apiVersion: v1 kind: Service metadata: name: bill-service - spec: selector: app: bill-service diff --git a/.github/kustomize/base/common/cm-common.yaml b/.github/kustomize/base/common/cm-common.yaml index a96b039..3c16172 100644 --- a/.github/kustomize/base/common/cm-common.yaml +++ b/.github/kustomize/base/common/cm-common.yaml @@ -2,9 +2,8 @@ apiVersion: v1 kind: ConfigMap metadata: name: cm-common - data: - CORS_ALLOWED_ORIGINS: "http://localhost:8081,http://localhost:8082,http://localhost:8083,http://localhost:8084,http://phonebill.20.214.196.128.nip.io" + CORS_ALLOWED_ORIGINS: "http://localhost:8081,http://localhost:8082,http://localhost:8083,http://localhost:8084,http://phonebill-dg0500.20.214.196.128.nip.io" JWT_ACCESS_TOKEN_VALIDITY: "18000000" JWT_REFRESH_TOKEN_VALIDITY: "86400000" REDIS_PORT: "6379" diff --git a/.github/kustomize/base/common/ingress.yaml b/.github/kustomize/base/common/ingress.yaml index b2bf566..da97115 100644 --- a/.github/kustomize/base/common/ingress.yaml +++ b/.github/kustomize/base/common/ingress.yaml @@ -2,14 +2,13 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: phonebill - annotations: kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/ssl-redirect: "false" spec: ingressClassName: nginx rules: - - host: phonebill-api.20.214.196.128.nip.io + - host: phonebill-dg0500-api.20.214.196.128.nip.io http: paths: - path: /api/v1/auth @@ -46,4 +45,5 @@ spec: service: name: kos-mock port: - number: 80 \ No newline at end of file + number: 80 + diff --git a/.github/kustomize/base/common/secret-common.yaml b/.github/kustomize/base/common/secret-common.yaml index c21c3ea..53795ab 100644 --- a/.github/kustomize/base/common/secret-common.yaml +++ b/.github/kustomize/base/common/secret-common.yaml @@ -2,9 +2,8 @@ apiVersion: v1 kind: Secret metadata: name: secret-common - type: Opaque stringData: JWT_SECRET: "nwe5Yo9qaJ6FBD/Thl2/j6/SFAfNwUorAY1ZcWO2KI7uA4bmVLOCPxE9hYuUpRCOkgV2UF2DdHXtqHi3+BU/ecbz2zpHyf/720h48UbA3XOMYOX1sdM+dQ==" REDIS_HOST: "redis-cache-dev-master" - REDIS_PASSWORD: "Redis2025Dev!" \ No newline at end of file + REDIS_PASSWORD: "Redis2025Dev@" \ No newline at end of file diff --git a/.github/kustomize/base/common/secret-imagepull.yaml b/.github/kustomize/base/common/secret-imagepull.yaml index 8292ced..6bd576e 100644 --- a/.github/kustomize/base/common/secret-imagepull.yaml +++ b/.github/kustomize/base/common/secret-imagepull.yaml @@ -2,7 +2,6 @@ apiVersion: v1 kind: Secret metadata: name: phonebill - type: kubernetes.io/dockerconfigjson stringData: .dockerconfigjson: | diff --git a/.github/kustomize/base/kos-mock/cm-kos-mock.yaml b/.github/kustomize/base/kos-mock/cm-kos-mock.yaml index 47144ca..3e55476 100644 --- a/.github/kustomize/base/kos-mock/cm-kos-mock.yaml +++ b/.github/kustomize/base/kos-mock/cm-kos-mock.yaml @@ -2,6 +2,5 @@ apiVersion: v1 kind: ConfigMap metadata: name: cm-kos-mock - data: SERVER_PORT: "8084" \ No newline at end of file diff --git a/.github/kustomize/base/kos-mock/deployment.yaml b/.github/kustomize/base/kos-mock/deployment.yaml index 40a34ef..bd588f4 100644 --- a/.github/kustomize/base/kos-mock/deployment.yaml +++ b/.github/kustomize/base/kos-mock/deployment.yaml @@ -2,7 +2,6 @@ apiVersion: apps/v1 kind: Deployment metadata: name: kos-mock - spec: replicas: 1 selector: diff --git a/.github/kustomize/base/kos-mock/service.yaml b/.github/kustomize/base/kos-mock/service.yaml index 926ad82..fdb5336 100644 --- a/.github/kustomize/base/kos-mock/service.yaml +++ b/.github/kustomize/base/kos-mock/service.yaml @@ -2,7 +2,6 @@ apiVersion: v1 kind: Service metadata: name: kos-mock - spec: selector: app: kos-mock diff --git a/.github/kustomize/base/kustomization.yaml b/.github/kustomize/base/kustomization.yaml index 86fb5de..28ac4cb 100644 --- a/.github/kustomize/base/kustomization.yaml +++ b/.github/kustomize/base/kustomization.yaml @@ -6,10 +6,10 @@ metadata: resources: # Common resources - - common/ingress.yaml - common/cm-common.yaml - common/secret-common.yaml - common/secret-imagepull.yaml + - common/ingress.yaml # API Gateway - api-gateway/deployment.yaml diff --git a/.github/kustomize/base/product-service/cm-product-service.yaml b/.github/kustomize/base/product-service/cm-product-service.yaml index ad1c647..5a3893d 100644 --- a/.github/kustomize/base/product-service/cm-product-service.yaml +++ b/.github/kustomize/base/product-service/cm-product-service.yaml @@ -2,7 +2,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: cm-product-service - data: SERVER_PORT: "8083" DB_KIND: "postgresql" diff --git a/.github/kustomize/base/product-service/deployment.yaml b/.github/kustomize/base/product-service/deployment.yaml index 8e12d01..0b463a3 100644 --- a/.github/kustomize/base/product-service/deployment.yaml +++ b/.github/kustomize/base/product-service/deployment.yaml @@ -2,7 +2,6 @@ apiVersion: apps/v1 kind: Deployment metadata: name: product-service - spec: replicas: 1 selector: diff --git a/.github/kustomize/base/product-service/secret-product-service.yaml b/.github/kustomize/base/product-service/secret-product-service.yaml index b3ab681..e773ec9 100644 --- a/.github/kustomize/base/product-service/secret-product-service.yaml +++ b/.github/kustomize/base/product-service/secret-product-service.yaml @@ -2,10 +2,9 @@ apiVersion: v1 kind: Secret metadata: name: secret-product-service - type: Opaque stringData: DB_HOST: "product-change-postgres-dev-postgresql" DB_NAME: "product_change_db" DB_USERNAME: "product_change_user" - DB_PASSWORD: "ProductUser2025!" \ No newline at end of file + DB_PASSWORD: "ProductUser2025@" \ No newline at end of file diff --git a/.github/kustomize/base/product-service/service.yaml b/.github/kustomize/base/product-service/service.yaml index 37ec7d9..b784a5d 100644 --- a/.github/kustomize/base/product-service/service.yaml +++ b/.github/kustomize/base/product-service/service.yaml @@ -2,7 +2,6 @@ apiVersion: v1 kind: Service metadata: name: product-service - spec: selector: app: product-service diff --git a/.github/kustomize/base/user-service/cm-user-service.yaml b/.github/kustomize/base/user-service/cm-user-service.yaml index ac3f442..4031913 100644 --- a/.github/kustomize/base/user-service/cm-user-service.yaml +++ b/.github/kustomize/base/user-service/cm-user-service.yaml @@ -2,7 +2,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: cm-user-service - data: SERVER_PORT: "8081" DB_KIND: "postgresql" diff --git a/.github/kustomize/base/user-service/deployment.yaml b/.github/kustomize/base/user-service/deployment.yaml index 5287333..2dbd2d4 100644 --- a/.github/kustomize/base/user-service/deployment.yaml +++ b/.github/kustomize/base/user-service/deployment.yaml @@ -2,7 +2,6 @@ apiVersion: apps/v1 kind: Deployment metadata: name: user-service - spec: replicas: 1 selector: diff --git a/.github/kustomize/base/user-service/secret-user-service.yaml b/.github/kustomize/base/user-service/secret-user-service.yaml index 87ab6d4..8424423 100644 --- a/.github/kustomize/base/user-service/secret-user-service.yaml +++ b/.github/kustomize/base/user-service/secret-user-service.yaml @@ -2,10 +2,9 @@ apiVersion: v1 kind: Secret metadata: name: secret-user-service - type: Opaque stringData: DB_HOST: "auth-postgres-dev-postgresql" DB_NAME: "phonebill_auth" DB_USERNAME: "auth_user" - DB_PASSWORD: "AuthUser2025!" \ No newline at end of file + DB_PASSWORD: "AuthUser2025@" \ No newline at end of file diff --git a/.github/kustomize/base/user-service/service.yaml b/.github/kustomize/base/user-service/service.yaml index f6a8a5f..c9fb9cf 100644 --- a/.github/kustomize/base/user-service/service.yaml +++ b/.github/kustomize/base/user-service/service.yaml @@ -2,7 +2,6 @@ apiVersion: v1 kind: Service metadata: name: user-service - spec: selector: app: user-service diff --git a/.github/kustomize/overlays/dev/cm-common-patch.yaml b/.github/kustomize/overlays/dev/cm-common-patch.yaml index 0511102..e2a7a88 100644 --- a/.github/kustomize/overlays/dev/cm-common-patch.yaml +++ b/.github/kustomize/overlays/dev/cm-common-patch.yaml @@ -3,7 +3,7 @@ kind: ConfigMap metadata: name: cm-common data: - CORS_ALLOWED_ORIGINS: "http://localhost:8081,http://localhost:8082,http://localhost:8083,http://localhost:8084,http://phonebill.20.214.196.128.nip.io" + CORS_ALLOWED_ORIGINS: "http://localhost:8081,http://localhost:8082,http://localhost:8083,http://localhost:8084,http://phonebill-dg0500-api.20.214.196.128.nip.io" JWT_ACCESS_TOKEN_VALIDITY: "18000000" JWT_REFRESH_TOKEN_VALIDITY: "86400000" REDIS_PORT: "6379" diff --git a/.github/kustomize/overlays/dev/ingress-patch.yaml b/.github/kustomize/overlays/dev/ingress-patch.yaml index 3c5cec7..8fb360e 100644 --- a/.github/kustomize/overlays/dev/ingress-patch.yaml +++ b/.github/kustomize/overlays/dev/ingress-patch.yaml @@ -8,7 +8,7 @@ metadata: spec: ingressClassName: nginx rules: - - host: phonebill-api.20.214.196.128.nip.io + - host: phonebill-dg0500-api.20.214.196.128.nip.io http: paths: - path: /api/v1/auth diff --git a/.github/kustomize/overlays/dev/kustomization.yaml b/.github/kustomize/overlays/dev/kustomization.yaml index 98de2ab..0723c59 100644 --- a/.github/kustomize/overlays/dev/kustomization.yaml +++ b/.github/kustomize/overlays/dev/kustomization.yaml @@ -1,7 +1,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -namespace: phonebill-dev +namespace: phonebill-dg0500 resources: - ../../base @@ -11,14 +11,6 @@ patches: target: kind: ConfigMap name: cm-common - - path: secret-common-patch.yaml - target: - kind: Secret - name: secret-common - - path: ingress-patch.yaml - target: - kind: Ingress - name: phonebill - path: deployment-api-gateway-patch.yaml target: kind: Deployment @@ -39,6 +31,14 @@ patches: target: kind: Deployment name: kos-mock + - path: ingress-patch.yaml + target: + kind: Ingress + name: phonebill + - path: secret-common-patch.yaml + target: + kind: Secret + name: secret-common - path: secret-user-service-patch.yaml target: kind: Secret diff --git a/.github/kustomize/overlays/dev/secret-bill-service-patch.yaml b/.github/kustomize/overlays/dev/secret-bill-service-patch.yaml index b1c0b01..caaa7cf 100644 --- a/.github/kustomize/overlays/dev/secret-bill-service-patch.yaml +++ b/.github/kustomize/overlays/dev/secret-bill-service-patch.yaml @@ -2,10 +2,9 @@ apiVersion: v1 kind: Secret metadata: name: secret-bill-service - type: Opaque stringData: DB_HOST: "bill-inquiry-postgres-dev-postgresql" DB_NAME: "bill_inquiry_db" DB_USERNAME: "bill_inquiry_user" - DB_PASSWORD: "BillUser2025!" \ No newline at end of file + DB_PASSWORD: "BillUser2025@" diff --git a/.github/kustomize/overlays/dev/secret-common-patch.yaml b/.github/kustomize/overlays/dev/secret-common-patch.yaml index b641d81..53795ab 100644 --- a/.github/kustomize/overlays/dev/secret-common-patch.yaml +++ b/.github/kustomize/overlays/dev/secret-common-patch.yaml @@ -6,4 +6,4 @@ type: Opaque stringData: JWT_SECRET: "nwe5Yo9qaJ6FBD/Thl2/j6/SFAfNwUorAY1ZcWO2KI7uA4bmVLOCPxE9hYuUpRCOkgV2UF2DdHXtqHi3+BU/ecbz2zpHyf/720h48UbA3XOMYOX1sdM+dQ==" REDIS_HOST: "redis-cache-dev-master" - REDIS_PASSWORD: "Redis2025Dev!" \ No newline at end of file + REDIS_PASSWORD: "Redis2025Dev@" \ No newline at end of file diff --git a/.github/kustomize/overlays/dev/secret-product-service-patch.yaml b/.github/kustomize/overlays/dev/secret-product-service-patch.yaml index b3ab681..e773ec9 100644 --- a/.github/kustomize/overlays/dev/secret-product-service-patch.yaml +++ b/.github/kustomize/overlays/dev/secret-product-service-patch.yaml @@ -2,10 +2,9 @@ apiVersion: v1 kind: Secret metadata: name: secret-product-service - type: Opaque stringData: DB_HOST: "product-change-postgres-dev-postgresql" DB_NAME: "product_change_db" DB_USERNAME: "product_change_user" - DB_PASSWORD: "ProductUser2025!" \ No newline at end of file + DB_PASSWORD: "ProductUser2025@" \ No newline at end of file diff --git a/.github/kustomize/overlays/dev/secret-user-service-patch.yaml b/.github/kustomize/overlays/dev/secret-user-service-patch.yaml index 87ab6d4..8424423 100644 --- a/.github/kustomize/overlays/dev/secret-user-service-patch.yaml +++ b/.github/kustomize/overlays/dev/secret-user-service-patch.yaml @@ -2,10 +2,9 @@ apiVersion: v1 kind: Secret metadata: name: secret-user-service - type: Opaque stringData: DB_HOST: "auth-postgres-dev-postgresql" DB_NAME: "phonebill_auth" DB_USERNAME: "auth_user" - DB_PASSWORD: "AuthUser2025!" \ No newline at end of file + DB_PASSWORD: "AuthUser2025@" \ No newline at end of file diff --git a/.github/kustomize/overlays/prod/cm-common-patch.yaml b/.github/kustomize/overlays/prod/cm-common-patch.yaml index 0511102..9888684 100644 --- a/.github/kustomize/overlays/prod/cm-common-patch.yaml +++ b/.github/kustomize/overlays/prod/cm-common-patch.yaml @@ -3,9 +3,9 @@ kind: ConfigMap metadata: name: cm-common data: - CORS_ALLOWED_ORIGINS: "http://localhost:8081,http://localhost:8082,http://localhost:8083,http://localhost:8084,http://phonebill.20.214.196.128.nip.io" - JWT_ACCESS_TOKEN_VALIDITY: "18000000" - JWT_REFRESH_TOKEN_VALIDITY: "86400000" + CORS_ALLOWED_ORIGINS: "https://phonebill.digitalgarage.com,https://phonebill-prod.digitalgarage.com" + JWT_ACCESS_TOKEN_VALIDITY: "3600000" + JWT_REFRESH_TOKEN_VALIDITY: "43200000" REDIS_PORT: "6379" - SPRING_PROFILES_ACTIVE: "dev" - DDL_AUTO: "update" \ No newline at end of file + SPRING_PROFILES_ACTIVE: "prod" + DDL_AUTO: "validate" \ No newline at end of file diff --git a/.github/kustomize/overlays/prod/deployment-api-gateway-patch.yaml b/.github/kustomize/overlays/prod/deployment-api-gateway-patch.yaml index a0bdaec..e1aa47d 100644 --- a/.github/kustomize/overlays/prod/deployment-api-gateway-patch.yaml +++ b/.github/kustomize/overlays/prod/deployment-api-gateway-patch.yaml @@ -3,15 +3,15 @@ kind: Deployment metadata: name: api-gateway spec: - replicas: 1 + replicas: 3 template: spec: containers: - name: api-gateway resources: requests: - memory: "256Mi" - cpu: "256m" - limits: memory: "1024Mi" - cpu: "1024m" \ No newline at end of file + cpu: "1024m" + limits: + memory: "4096Mi" + cpu: "4096m" diff --git a/.github/kustomize/overlays/prod/deployment-bill-service-patch.yaml b/.github/kustomize/overlays/prod/deployment-bill-service-patch.yaml index bde12ae..8ea7b73 100644 --- a/.github/kustomize/overlays/prod/deployment-bill-service-patch.yaml +++ b/.github/kustomize/overlays/prod/deployment-bill-service-patch.yaml @@ -3,15 +3,15 @@ kind: Deployment metadata: name: bill-service spec: - replicas: 1 + replicas: 3 template: spec: containers: - name: bill-service resources: requests: - memory: "256Mi" - cpu: "256m" - limits: memory: "1024Mi" - cpu: "1024m" \ No newline at end of file + cpu: "1024m" + limits: + memory: "4096Mi" + cpu: "4096m" diff --git a/.github/kustomize/overlays/prod/deployment-kos-mock-patch.yaml b/.github/kustomize/overlays/prod/deployment-kos-mock-patch.yaml index ab3676b..4fb4bc9 100644 --- a/.github/kustomize/overlays/prod/deployment-kos-mock-patch.yaml +++ b/.github/kustomize/overlays/prod/deployment-kos-mock-patch.yaml @@ -3,15 +3,15 @@ kind: Deployment metadata: name: kos-mock spec: - replicas: 1 + replicas: 3 template: spec: containers: - name: kos-mock resources: requests: - memory: "256Mi" - cpu: "256m" - limits: memory: "1024Mi" - cpu: "1024m" \ No newline at end of file + cpu: "1024m" + limits: + memory: "4096Mi" + cpu: "4096m" diff --git a/.github/kustomize/overlays/prod/deployment-product-service-patch.yaml b/.github/kustomize/overlays/prod/deployment-product-service-patch.yaml index ed481ca..f7f7b00 100644 --- a/.github/kustomize/overlays/prod/deployment-product-service-patch.yaml +++ b/.github/kustomize/overlays/prod/deployment-product-service-patch.yaml @@ -3,15 +3,15 @@ kind: Deployment metadata: name: product-service spec: - replicas: 1 + replicas: 3 template: spec: containers: - name: product-service resources: requests: - memory: "256Mi" - cpu: "256m" - limits: memory: "1024Mi" - cpu: "1024m" \ No newline at end of file + cpu: "1024m" + limits: + memory: "4096Mi" + cpu: "4096m" diff --git a/.github/kustomize/overlays/prod/deployment-user-service-patch.yaml b/.github/kustomize/overlays/prod/deployment-user-service-patch.yaml index 611c4e3..6ce746f 100644 --- a/.github/kustomize/overlays/prod/deployment-user-service-patch.yaml +++ b/.github/kustomize/overlays/prod/deployment-user-service-patch.yaml @@ -3,15 +3,15 @@ kind: Deployment metadata: name: user-service spec: - replicas: 1 + replicas: 3 template: spec: containers: - name: user-service resources: requests: - memory: "256Mi" - cpu: "256m" - limits: memory: "1024Mi" - cpu: "1024m" \ No newline at end of file + cpu: "1024m" + limits: + memory: "4096Mi" + cpu: "4096m" diff --git a/.github/kustomize/overlays/prod/ingress-patch.yaml b/.github/kustomize/overlays/prod/ingress-patch.yaml index 3c5cec7..bad44da 100644 --- a/.github/kustomize/overlays/prod/ingress-patch.yaml +++ b/.github/kustomize/overlays/prod/ingress-patch.yaml @@ -4,11 +4,16 @@ metadata: name: phonebill annotations: kubernetes.io/ingress.class: nginx - nginx.ingress.kubernetes.io/ssl-redirect: "false" + nginx.ingress.kubernetes.io/ssl-redirect: "true" + cert-manager.io/cluster-issuer: "letsencrypt-prod" spec: ingressClassName: nginx + tls: + - hosts: + - phonebill.digitalgarage.com + secretName: phonebill-prod-tls rules: - - host: phonebill-api.20.214.196.128.nip.io + - host: phonebill.digitalgarage.com http: paths: - path: /api/v1/auth diff --git a/.github/kustomize/overlays/prod/kustomization.yaml b/.github/kustomize/overlays/prod/kustomization.yaml index 91ba3a6..2cafbfe 100644 --- a/.github/kustomize/overlays/prod/kustomization.yaml +++ b/.github/kustomize/overlays/prod/kustomization.yaml @@ -1,7 +1,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -namespace: phonebill-prod +namespace: phonebill-dg0500 resources: - ../../base @@ -11,14 +11,6 @@ patches: target: kind: ConfigMap name: cm-common - - path: secret-common-patch.yaml - target: - kind: Secret - name: secret-common - - path: ingress-patch.yaml - target: - kind: Ingress - name: phonebill - path: deployment-api-gateway-patch.yaml target: kind: Deployment @@ -39,6 +31,14 @@ patches: target: kind: Deployment name: kos-mock + - path: ingress-patch.yaml + target: + kind: Ingress + name: phonebill + - path: secret-common-patch.yaml + target: + kind: Secret + name: secret-common - path: secret-user-service-patch.yaml target: kind: Secret diff --git a/.github/kustomize/overlays/prod/secret-bill-service-patch.yaml b/.github/kustomize/overlays/prod/secret-bill-service-patch.yaml index b1c0b01..caaa7cf 100644 --- a/.github/kustomize/overlays/prod/secret-bill-service-patch.yaml +++ b/.github/kustomize/overlays/prod/secret-bill-service-patch.yaml @@ -2,10 +2,9 @@ apiVersion: v1 kind: Secret metadata: name: secret-bill-service - type: Opaque stringData: DB_HOST: "bill-inquiry-postgres-dev-postgresql" DB_NAME: "bill_inquiry_db" DB_USERNAME: "bill_inquiry_user" - DB_PASSWORD: "BillUser2025!" \ No newline at end of file + DB_PASSWORD: "BillUser2025@" diff --git a/.github/kustomize/overlays/prod/secret-common-patch.yaml b/.github/kustomize/overlays/prod/secret-common-patch.yaml index b641d81..53795ab 100644 --- a/.github/kustomize/overlays/prod/secret-common-patch.yaml +++ b/.github/kustomize/overlays/prod/secret-common-patch.yaml @@ -6,4 +6,4 @@ type: Opaque stringData: JWT_SECRET: "nwe5Yo9qaJ6FBD/Thl2/j6/SFAfNwUorAY1ZcWO2KI7uA4bmVLOCPxE9hYuUpRCOkgV2UF2DdHXtqHi3+BU/ecbz2zpHyf/720h48UbA3XOMYOX1sdM+dQ==" REDIS_HOST: "redis-cache-dev-master" - REDIS_PASSWORD: "Redis2025Dev!" \ No newline at end of file + REDIS_PASSWORD: "Redis2025Dev@" \ No newline at end of file diff --git a/.github/kustomize/overlays/prod/secret-product-service-patch.yaml b/.github/kustomize/overlays/prod/secret-product-service-patch.yaml index b3ab681..e773ec9 100644 --- a/.github/kustomize/overlays/prod/secret-product-service-patch.yaml +++ b/.github/kustomize/overlays/prod/secret-product-service-patch.yaml @@ -2,10 +2,9 @@ apiVersion: v1 kind: Secret metadata: name: secret-product-service - type: Opaque stringData: DB_HOST: "product-change-postgres-dev-postgresql" DB_NAME: "product_change_db" DB_USERNAME: "product_change_user" - DB_PASSWORD: "ProductUser2025!" \ No newline at end of file + DB_PASSWORD: "ProductUser2025@" \ No newline at end of file diff --git a/.github/kustomize/overlays/prod/secret-user-service-patch.yaml b/.github/kustomize/overlays/prod/secret-user-service-patch.yaml index 87ab6d4..8424423 100644 --- a/.github/kustomize/overlays/prod/secret-user-service-patch.yaml +++ b/.github/kustomize/overlays/prod/secret-user-service-patch.yaml @@ -2,10 +2,9 @@ apiVersion: v1 kind: Secret metadata: name: secret-user-service - type: Opaque stringData: DB_HOST: "auth-postgres-dev-postgresql" DB_NAME: "phonebill_auth" DB_USERNAME: "auth_user" - DB_PASSWORD: "AuthUser2025!" \ No newline at end of file + DB_PASSWORD: "AuthUser2025@" \ No newline at end of file diff --git a/.github/kustomize/overlays/staging/cm-common-patch.yaml b/.github/kustomize/overlays/staging/cm-common-patch.yaml index 0511102..335a19e 100644 --- a/.github/kustomize/overlays/staging/cm-common-patch.yaml +++ b/.github/kustomize/overlays/staging/cm-common-patch.yaml @@ -3,9 +3,9 @@ kind: ConfigMap metadata: name: cm-common data: - CORS_ALLOWED_ORIGINS: "http://localhost:8081,http://localhost:8082,http://localhost:8083,http://localhost:8084,http://phonebill.20.214.196.128.nip.io" + CORS_ALLOWED_ORIGINS: "https://phonebill.staging.digitalgarage.com,https://phonebill-staging.digitalgarage.com" JWT_ACCESS_TOKEN_VALIDITY: "18000000" JWT_REFRESH_TOKEN_VALIDITY: "86400000" REDIS_PORT: "6379" - SPRING_PROFILES_ACTIVE: "dev" - DDL_AUTO: "update" \ No newline at end of file + SPRING_PROFILES_ACTIVE: "staging" + DDL_AUTO: "validate" \ No newline at end of file diff --git a/.github/kustomize/overlays/staging/deployment-api-gateway-patch.yaml b/.github/kustomize/overlays/staging/deployment-api-gateway-patch.yaml index a0bdaec..db5ce64 100644 --- a/.github/kustomize/overlays/staging/deployment-api-gateway-patch.yaml +++ b/.github/kustomize/overlays/staging/deployment-api-gateway-patch.yaml @@ -3,15 +3,15 @@ kind: Deployment metadata: name: api-gateway spec: - replicas: 1 + replicas: 2 template: spec: containers: - name: api-gateway resources: requests: - memory: "256Mi" - cpu: "256m" + memory: "512Mi" + cpu: "512m" limits: - memory: "1024Mi" - cpu: "1024m" \ No newline at end of file + memory: "2048Mi" + cpu: "2048m" diff --git a/.github/kustomize/overlays/staging/deployment-bill-service-patch.yaml b/.github/kustomize/overlays/staging/deployment-bill-service-patch.yaml index bde12ae..4ebd2d2 100644 --- a/.github/kustomize/overlays/staging/deployment-bill-service-patch.yaml +++ b/.github/kustomize/overlays/staging/deployment-bill-service-patch.yaml @@ -3,15 +3,15 @@ kind: Deployment metadata: name: bill-service spec: - replicas: 1 + replicas: 2 template: spec: containers: - name: bill-service resources: requests: - memory: "256Mi" - cpu: "256m" + memory: "512Mi" + cpu: "512m" limits: - memory: "1024Mi" - cpu: "1024m" \ No newline at end of file + memory: "2048Mi" + cpu: "2048m" diff --git a/.github/kustomize/overlays/staging/deployment-kos-mock-patch.yaml b/.github/kustomize/overlays/staging/deployment-kos-mock-patch.yaml index ab3676b..cc30074 100644 --- a/.github/kustomize/overlays/staging/deployment-kos-mock-patch.yaml +++ b/.github/kustomize/overlays/staging/deployment-kos-mock-patch.yaml @@ -3,15 +3,15 @@ kind: Deployment metadata: name: kos-mock spec: - replicas: 1 + replicas: 2 template: spec: containers: - name: kos-mock resources: requests: - memory: "256Mi" - cpu: "256m" + memory: "512Mi" + cpu: "512m" limits: - memory: "1024Mi" - cpu: "1024m" \ No newline at end of file + memory: "2048Mi" + cpu: "2048m" diff --git a/.github/kustomize/overlays/staging/deployment-product-service-patch.yaml b/.github/kustomize/overlays/staging/deployment-product-service-patch.yaml index ed481ca..2bf8c00 100644 --- a/.github/kustomize/overlays/staging/deployment-product-service-patch.yaml +++ b/.github/kustomize/overlays/staging/deployment-product-service-patch.yaml @@ -3,15 +3,15 @@ kind: Deployment metadata: name: product-service spec: - replicas: 1 + replicas: 2 template: spec: containers: - name: product-service resources: requests: - memory: "256Mi" - cpu: "256m" + memory: "512Mi" + cpu: "512m" limits: - memory: "1024Mi" - cpu: "1024m" \ No newline at end of file + memory: "2048Mi" + cpu: "2048m" diff --git a/.github/kustomize/overlays/staging/deployment-user-service-patch.yaml b/.github/kustomize/overlays/staging/deployment-user-service-patch.yaml index 611c4e3..2a75059 100644 --- a/.github/kustomize/overlays/staging/deployment-user-service-patch.yaml +++ b/.github/kustomize/overlays/staging/deployment-user-service-patch.yaml @@ -3,15 +3,15 @@ kind: Deployment metadata: name: user-service spec: - replicas: 1 + replicas: 2 template: spec: containers: - name: user-service resources: requests: - memory: "256Mi" - cpu: "256m" + memory: "512Mi" + cpu: "512m" limits: - memory: "1024Mi" - cpu: "1024m" \ No newline at end of file + memory: "2048Mi" + cpu: "2048m" diff --git a/.github/kustomize/overlays/staging/ingress-patch.yaml b/.github/kustomize/overlays/staging/ingress-patch.yaml index 3c5cec7..4487e4f 100644 --- a/.github/kustomize/overlays/staging/ingress-patch.yaml +++ b/.github/kustomize/overlays/staging/ingress-patch.yaml @@ -4,11 +4,16 @@ metadata: name: phonebill annotations: kubernetes.io/ingress.class: nginx - nginx.ingress.kubernetes.io/ssl-redirect: "false" + nginx.ingress.kubernetes.io/ssl-redirect: "true" + cert-manager.io/cluster-issuer: "letsencrypt-prod" spec: ingressClassName: nginx + tls: + - hosts: + - phonebill-staging.digitalgarage.com + secretName: phonebill-staging-tls rules: - - host: phonebill-api.20.214.196.128.nip.io + - host: phonebill-staging.digitalgarage.com http: paths: - path: /api/v1/auth diff --git a/.github/kustomize/overlays/staging/kustomization.yaml b/.github/kustomize/overlays/staging/kustomization.yaml index daffaa8..7dad525 100644 --- a/.github/kustomize/overlays/staging/kustomization.yaml +++ b/.github/kustomize/overlays/staging/kustomization.yaml @@ -1,7 +1,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -namespace: phonebill-staging +namespace: phonebill-dg0500 resources: - ../../base @@ -11,14 +11,6 @@ patches: target: kind: ConfigMap name: cm-common - - path: secret-common-patch.yaml - target: - kind: Secret - name: secret-common - - path: ingress-patch.yaml - target: - kind: Ingress - name: phonebill - path: deployment-api-gateway-patch.yaml target: kind: Deployment @@ -39,6 +31,14 @@ patches: target: kind: Deployment name: kos-mock + - path: ingress-patch.yaml + target: + kind: Ingress + name: phonebill + - path: secret-common-patch.yaml + target: + kind: Secret + name: secret-common - path: secret-user-service-patch.yaml target: kind: Secret diff --git a/.github/kustomize/overlays/staging/secret-bill-service-patch.yaml b/.github/kustomize/overlays/staging/secret-bill-service-patch.yaml index b1c0b01..caaa7cf 100644 --- a/.github/kustomize/overlays/staging/secret-bill-service-patch.yaml +++ b/.github/kustomize/overlays/staging/secret-bill-service-patch.yaml @@ -2,10 +2,9 @@ apiVersion: v1 kind: Secret metadata: name: secret-bill-service - type: Opaque stringData: DB_HOST: "bill-inquiry-postgres-dev-postgresql" DB_NAME: "bill_inquiry_db" DB_USERNAME: "bill_inquiry_user" - DB_PASSWORD: "BillUser2025!" \ No newline at end of file + DB_PASSWORD: "BillUser2025@" diff --git a/.github/kustomize/overlays/staging/secret-common-patch.yaml b/.github/kustomize/overlays/staging/secret-common-patch.yaml index b641d81..53795ab 100644 --- a/.github/kustomize/overlays/staging/secret-common-patch.yaml +++ b/.github/kustomize/overlays/staging/secret-common-patch.yaml @@ -6,4 +6,4 @@ type: Opaque stringData: JWT_SECRET: "nwe5Yo9qaJ6FBD/Thl2/j6/SFAfNwUorAY1ZcWO2KI7uA4bmVLOCPxE9hYuUpRCOkgV2UF2DdHXtqHi3+BU/ecbz2zpHyf/720h48UbA3XOMYOX1sdM+dQ==" REDIS_HOST: "redis-cache-dev-master" - REDIS_PASSWORD: "Redis2025Dev!" \ No newline at end of file + REDIS_PASSWORD: "Redis2025Dev@" \ No newline at end of file diff --git a/.github/kustomize/overlays/staging/secret-product-service-patch.yaml b/.github/kustomize/overlays/staging/secret-product-service-patch.yaml index b3ab681..e773ec9 100644 --- a/.github/kustomize/overlays/staging/secret-product-service-patch.yaml +++ b/.github/kustomize/overlays/staging/secret-product-service-patch.yaml @@ -2,10 +2,9 @@ apiVersion: v1 kind: Secret metadata: name: secret-product-service - type: Opaque stringData: DB_HOST: "product-change-postgres-dev-postgresql" DB_NAME: "product_change_db" DB_USERNAME: "product_change_user" - DB_PASSWORD: "ProductUser2025!" \ No newline at end of file + DB_PASSWORD: "ProductUser2025@" \ No newline at end of file diff --git a/.github/kustomize/overlays/staging/secret-user-service-patch.yaml b/.github/kustomize/overlays/staging/secret-user-service-patch.yaml index 87ab6d4..8424423 100644 --- a/.github/kustomize/overlays/staging/secret-user-service-patch.yaml +++ b/.github/kustomize/overlays/staging/secret-user-service-patch.yaml @@ -2,10 +2,9 @@ apiVersion: v1 kind: Secret metadata: name: secret-user-service - type: Opaque stringData: DB_HOST: "auth-postgres-dev-postgresql" DB_NAME: "phonebill_auth" DB_USERNAME: "auth_user" - DB_PASSWORD: "AuthUser2025!" \ No newline at end of file + DB_PASSWORD: "AuthUser2025@" \ No newline at end of file diff --git a/.github/scripts/deploy-actions.sh b/.github/scripts/deploy-actions.sh old mode 100644 new mode 100755 index 6ffc27f..75c0412 --- a/.github/scripts/deploy-actions.sh +++ b/.github/scripts/deploy-actions.sh @@ -25,8 +25,8 @@ else fi # Create namespace -echo "📝 Creating namespace phonebill-${ENVIRONMENT}..." -kubectl create namespace phonebill-${ENVIRONMENT} --dry-run=client -o yaml | kubectl apply -f - +echo "📝 Creating namespace phonebill-dg0500..." +kubectl create namespace phonebill-dg0500 --dry-run=client -o yaml | kubectl apply -f - # 환경별 이미지 태그 업데이트 (.github/kustomize 사용) cd .github/kustomize/overlays/${ENVIRONMENT} @@ -47,18 +47,18 @@ kubectl apply -k . echo "⏳ Waiting for deployments to be ready..." # 서비스별 배포 상태 확인 for service in "${services[@]}"; do - kubectl rollout status deployment/$service -n phonebill-${ENVIRONMENT} --timeout=300s + kubectl rollout status deployment/$service -n phonebill-dg0500 --timeout=300s done echo "🔍 Health check..." # API Gateway Health Check (첫 번째 서비스가 API Gateway라고 가정) GATEWAY_SERVICE=${services[0]} -GATEWAY_POD=$(kubectl get pod -n phonebill-${ENVIRONMENT} -l app.kubernetes.io/name=$GATEWAY_SERVICE -o jsonpath='{.items[0].metadata.name}') -kubectl -n phonebill-${ENVIRONMENT} exec $GATEWAY_POD -- curl -f http://localhost:8080/actuator/health || echo "Health check failed, but deployment completed" +GATEWAY_POD=$(kubectl get pod -n phonebill-dg0500 -l app.kubernetes.io/name=$GATEWAY_SERVICE -o jsonpath='{.items[0].metadata.name}') +kubectl -n phonebill-dg0500 exec $GATEWAY_POD -- curl -f http://localhost:8080/actuator/health || echo "Health check failed, but deployment completed" echo "📋 Service Information:" -kubectl get pods -n phonebill-${ENVIRONMENT} -kubectl get services -n phonebill-${ENVIRONMENT} -kubectl get ingress -n phonebill-${ENVIRONMENT} +kubectl get pods -n phonebill-dg0500 +kubectl get services -n phonebill-dg0500 +kubectl get ingress -n phonebill-dg0500 echo "✅ GitHub Actions deployment completed successfully!" \ No newline at end of file diff --git a/.github/workflows/backend-cicd.yaml b/.github/workflows/backend-cicd.yaml index e5e76a2..c3e67e9 100644 --- a/.github/workflows/backend-cicd.yaml +++ b/.github/workflows/backend-cicd.yaml @@ -1,4 +1,5 @@ name: Backend Services CI/CD + on: push: branches: [ main, develop ] @@ -74,6 +75,7 @@ jobs: IMAGE_ORG="phonebill" RESOURCE_GROUP="rg-digitalgarage-01" AKS_CLUSTER="aks-digitalgarage-01" + NAMESPACE="phonebill-dg0500" # Read environment variables from .github/config file if [[ -f ".github/config/deploy_env_vars_${ENV}" ]]; then @@ -127,8 +129,8 @@ jobs: # Run tests, coverage reports, and SonarQube analysis for each service for service in "${services[@]}"; do ./gradlew :$service:test :$service:jacocoTestReport :$service:sonar \ - -Dsonar.projectKey=phonebill-$service-${{ steps.determine_env.outputs.environment }} \ - -Dsonar.projectName=phonebill-$service-${{ steps.determine_env.outputs.environment }} \ + -Dsonar.projectKey=phonebill-$service-dg0500 \ + -Dsonar.projectName=phonebill-$service-dg0500 \ -Dsonar.host.url=$SONAR_HOST_URL \ -Dsonar.token=$SONAR_TOKEN \ -Dsonar.java.binaries=build/classes/java/main \ @@ -151,7 +153,8 @@ jobs: id: set_outputs run: | # Generate timestamp for image tag - IMAGE_TAG=$(date +%Y%m%d%H%M%S) + #IMAGE_TAG=$(date +%Y%m%d%H%M%S) + IMAGE_TAG=dg0500 echo "image_tag=$IMAGE_TAG" >> $GITHUB_OUTPUT echo "environment=${{ steps.determine_env.outputs.environment }}" >> $GITHUB_OUTPUT @@ -241,7 +244,7 @@ jobs: - name: Create namespace run: | - kubectl create namespace phonebill-${{ env.ENVIRONMENT }} --dry-run=client -o yaml | kubectl apply -f - + kubectl create namespace phonebill-dg0500 --dry-run=client -o yaml | kubectl apply -f - - name: Install Kustomize run: | @@ -266,8 +269,8 @@ jobs: - name: Wait for deployments to be ready run: | echo "Waiting for deployments to be ready..." - kubectl -n phonebill-${{ env.ENVIRONMENT }} wait --for=condition=available deployment/api-gateway --timeout=300s - kubectl -n phonebill-${{ env.ENVIRONMENT }} wait --for=condition=available deployment/user-service --timeout=300s - kubectl -n phonebill-${{ env.ENVIRONMENT }} wait --for=condition=available deployment/bill-service --timeout=300s - kubectl -n phonebill-${{ env.ENVIRONMENT }} wait --for=condition=available deployment/product-service --timeout=300s - kubectl -n phonebill-${{ env.ENVIRONMENT }} wait --for=condition=available deployment/kos-mock --timeout=300s \ No newline at end of file + kubectl -n phonebill-dg0500 wait --for=condition=available deployment/api-gateway --timeout=300s + kubectl -n phonebill-dg0500 wait --for=condition=available deployment/user-service --timeout=300s + kubectl -n phonebill-dg0500 wait --for=condition=available deployment/bill-service --timeout=300s + kubectl -n phonebill-dg0500 wait --for=condition=available deployment/product-service --timeout=300s + kubectl -n phonebill-dg0500 wait --for=condition=available deployment/kos-mock --timeout=300s \ No newline at end of file diff --git a/.github/workflows/backend-cicd_ArgoCD.yaml b/.github/workflows/backend-cicd_ArgoCD.yaml deleted file mode 100644 index 8dcf1d0..0000000 --- a/.github/workflows/backend-cicd_ArgoCD.yaml +++ /dev/null @@ -1,251 +0,0 @@ -name: Backend Services CI/CD (ArgoCD) -on: - push: - branches: [ main, develop ] - paths: - - 'api-gateway/**' - - 'user-service/**' - - 'bill-service/**' - - 'product-service/**' - - 'kos-mock/**' - - 'common/**' - - '.github/**' - pull_request: - branches: [ main ] - workflow_dispatch: - inputs: - ENVIRONMENT: - description: 'Target environment' - required: true - default: 'dev' - type: choice - options: - - dev - - staging - - prod - SKIP_SONARQUBE: - description: 'Skip SonarQube Analysis' - required: false - default: 'true' - type: choice - options: - - 'true' - - 'false' - -env: - REGISTRY: acrdigitalgarage01.azurecr.io - IMAGE_ORG: phonebill - RESOURCE_GROUP: rg-digitalgarage-01 - AKS_CLUSTER: aks-digitalgarage-01 - -jobs: - build: - name: Build and Test - runs-on: ubuntu-latest - outputs: - image_tag: ${{ steps.set_outputs.outputs.image_tag }} - environment: ${{ steps.set_outputs.outputs.environment }} - - steps: - - name: Check out code - uses: actions/checkout@v4 - - - name: Set up JDK 21 - uses: actions/setup-java@v3 - with: - java-version: '21' - distribution: 'temurin' - cache: 'gradle' - - - name: Determine environment - id: determine_env - run: | - # Use input parameter or default to 'dev' - ENVIRONMENT="${{ github.event.inputs.ENVIRONMENT || 'dev' }}" - echo "environment=$ENVIRONMENT" >> $GITHUB_OUTPUT - - - name: Load environment variables - id: env_vars - run: | - ENV=${{ steps.determine_env.outputs.environment }} - - # Initialize variables with defaults - REGISTRY="acrdigitalgarage01.azurecr.io" - IMAGE_ORG="phonebill" - RESOURCE_GROUP="rg-digitalgarage-01" - AKS_CLUSTER="aks-digitalgarage-01" - - # Read environment variables from .github/config file - if [[ -f ".github/config/deploy_env_vars_${ENV}" ]]; then - while IFS= read -r line || [[ -n "$line" ]]; do - # Skip comments and empty lines - [[ "$line" =~ ^#.*$ ]] && continue - [[ -z "$line" ]] && continue - - # Extract key-value pairs - key=$(echo "$line" | cut -d '=' -f1) - value=$(echo "$line" | cut -d '=' -f2-) - - # Override defaults if found in config - case "$key" in - "resource_group") RESOURCE_GROUP="$value" ;; - "cluster_name") AKS_CLUSTER="$value" ;; - esac - done < ".github/config/deploy_env_vars_${ENV}" - fi - - # Export for other jobs - echo "REGISTRY=$REGISTRY" >> $GITHUB_ENV - echo "IMAGE_ORG=$IMAGE_ORG" >> $GITHUB_ENV - echo "RESOURCE_GROUP=$RESOURCE_GROUP" >> $GITHUB_ENV - echo "AKS_CLUSTER=$AKS_CLUSTER" >> $GITHUB_ENV - - - name: Grant execute permission for gradlew - run: chmod +x gradlew - - - name: Build with Gradle - run: | - ./gradlew build -x test - - - name: SonarQube Analysis & Quality Gate - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} - run: | - # Check if SonarQube should be skipped - SKIP_SONARQUBE="${{ github.event.inputs.SKIP_SONARQUBE || 'true' }}" - - if [[ "$SKIP_SONARQUBE" == "true" ]]; then - echo "⏭️ Skipping SonarQube Analysis (SKIP_SONARQUBE=$SKIP_SONARQUBE)" - exit 0 - fi - - # Define services array - services=(api-gateway user-service bill-service product-service kos-mock) - - # Run tests, coverage reports, and SonarQube analysis for each service - for service in "${services[@]}"; do - ./gradlew :$service:test :$service:jacocoTestReport :$service:sonar \ - -Dsonar.projectKey=phonebill-$service-${{ steps.determine_env.outputs.environment }} \ - -Dsonar.projectName=phonebill-$service-${{ steps.determine_env.outputs.environment }} \ - -Dsonar.host.url=$SONAR_HOST_URL \ - -Dsonar.token=$SONAR_TOKEN \ - -Dsonar.java.binaries=build/classes/java/main \ - -Dsonar.coverage.jacoco.xmlReportPaths=build/reports/jacoco/test/jacocoTestReport.xml \ - -Dsonar.exclusions=**/config/**,**/entity/**,**/dto/**,**/*Application.class,**/exception/** - done - - - name: Upload build artifacts - uses: actions/upload-artifact@v4 - with: - name: app-builds - path: | - api-gateway/build/libs/*.jar - user-service/build/libs/*.jar - bill-service/build/libs/*.jar - product-service/build/libs/*.jar - kos-mock/build/libs/*.jar - - - name: Set outputs - id: set_outputs - run: | - # Generate timestamp for image tag - IMAGE_TAG=$(date +%Y%m%d%H%M%S) - echo "image_tag=$IMAGE_TAG" >> $GITHUB_OUTPUT - echo "environment=${{ steps.determine_env.outputs.environment }}" >> $GITHUB_OUTPUT - - release: - name: Build and Push Docker Images - needs: build - runs-on: ubuntu-latest - - steps: - - name: Check out code - uses: actions/checkout@v4 - - - name: Download build artifacts - uses: actions/download-artifact@v4 - with: - name: app-builds - - - name: Set environment variables from build job - run: | - echo "REGISTRY=${{ env.REGISTRY }}" >> $GITHUB_ENV - echo "IMAGE_ORG=${{ env.IMAGE_ORG }}" >> $GITHUB_ENV - echo "ENVIRONMENT=${{ needs.build.outputs.environment }}" >> $GITHUB_ENV - echo "IMAGE_TAG=${{ needs.build.outputs.image_tag }}" >> $GITHUB_ENV - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Login to Docker Hub (prevent rate limit) - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_PASSWORD }} - - - name: Login to Azure Container Registry - uses: docker/login-action@v3 - with: - registry: ${{ env.REGISTRY }} - username: ${{ secrets.ACR_USERNAME }} - password: ${{ secrets.ACR_PASSWORD }} - - - name: Build and push Docker images for all services - run: | - # Define services array - services=(api-gateway user-service bill-service product-service kos-mock) - - # Build and push each service image - for service in "${services[@]}"; do - echo "Building and pushing $service..." - docker build \ - --build-arg BUILD_LIB_DIR="$service/build/libs" \ - --build-arg ARTIFACTORY_FILE="$service.jar" \ - -f deployment/container/Dockerfile-backend \ - -t ${{ env.REGISTRY }}/${{ env.IMAGE_ORG }}/$service:${{ needs.build.outputs.environment }}-${{ needs.build.outputs.image_tag }} . - - docker push ${{ env.REGISTRY }}/${{ env.IMAGE_ORG }}/$service:${{ needs.build.outputs.environment }}-${{ needs.build.outputs.image_tag }} - done - - update-manifest: - name: Update Manifest Repository - needs: [build, release] - runs-on: ubuntu-latest - - steps: - - name: Set image tag environment variable - run: | - echo "IMAGE_TAG=${{ needs.build.outputs.image_tag }}" >> $GITHUB_ENV - echo "ENVIRONMENT=${{ needs.build.outputs.environment }}" >> $GITHUB_ENV - - - name: Update Manifest Repository - run: | - # 매니페스트 레포지토리 클론 - REPO_URL=$(echo "https://github.com/cna-bootcamp/phonebill-manifest.git" | sed 's|https://||') - git clone https://${{ secrets.GIT_USERNAME }}:${{ secrets.GIT_PASSWORD }}@${REPO_URL} manifest-repo - cd manifest-repo - - # Kustomize 설치 - curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash - sudo mv kustomize /usr/local/bin/ - - # 매니페스트 업데이트 - cd phonebill/kustomize/overlays/${{ env.ENVIRONMENT }} - - # 각 서비스별 이미지 태그 업데이트 - services="api-gateway user-service bill-service product-service kos-mock" - for service in $services; do - kustomize edit set image acrdigitalgarage01.azurecr.io/phonebill/$service:${{ env.ENVIRONMENT }}-${{ env.IMAGE_TAG }} - done - - # Git 설정 및 푸시 - cd ../../../.. - git config user.name "GitHub Actions" - git config user.email "actions@github.com" - git add . - git commit -m "🚀 Update phonebill ${{ env.ENVIRONMENT }} images to ${{ env.ENVIRONMENT }}-${{ env.IMAGE_TAG }}" - git push origin main - - echo "✅ 매니페스트 업데이트 완료. ArgoCD가 자동으로 배포합니다." \ No newline at end of file diff --git a/deployment/cicd/Jenkinsfile b/deployment/cicd/Jenkinsfile deleted file mode 100644 index 4696d4c..0000000 --- a/deployment/cicd/Jenkinsfile +++ /dev/null @@ -1,225 +0,0 @@ -def PIPELINE_ID = "${env.BUILD_NUMBER}" - -def getImageTag() { - def dateFormat = new java.text.SimpleDateFormat('yyyyMMddHHmmss') - def currentDate = new Date() - return dateFormat.format(currentDate) -} - -podTemplate( - label: "${PIPELINE_ID}", - serviceAccount: 'jenkins', - slaveConnectTimeout: 300, - idleMinutes: 1, - activeDeadlineSeconds: 3600, - podRetention: never(), // 파드 자동 정리 옵션: never(), onFailure(), always(), default() - yaml: ''' - spec: - terminationGracePeriodSeconds: 3 - restartPolicy: Never - tolerations: - - effect: NoSchedule - key: dedicated - operator: Equal - value: cicd - ''', - containers: [ - containerTemplate( - name: 'podman', - image: "mgoltzsche/podman", - ttyEnabled: true, - command: 'cat', - privileged: true, - resourceRequestCpu: '500m', - resourceRequestMemory: '2Gi', - resourceLimitCpu: '2000m', - resourceLimitMemory: '4Gi' - ), - containerTemplate( - name: 'gradle', - image: 'gradle:jdk21', - ttyEnabled: true, - command: 'cat', - resourceRequestCpu: '500m', - resourceRequestMemory: '1Gi', - resourceLimitCpu: '1000m', - resourceLimitMemory: '2Gi', - envVars: [ - envVar(key: 'DOCKER_HOST', value: 'unix:///run/podman/podman.sock'), - envVar(key: 'TESTCONTAINERS_DOCKER_SOCKET_OVERRIDE', value: '/run/podman/podman.sock'), - envVar(key: 'TESTCONTAINERS_RYUK_DISABLED', value: 'true') - ] - ), - containerTemplate( - name: 'azure-cli', - image: 'hiondal/azure-kubectl:latest', - command: 'cat', - ttyEnabled: true, - resourceRequestCpu: '200m', - resourceRequestMemory: '512Mi', - resourceLimitCpu: '500m', - resourceLimitMemory: '1Gi' - ) - ], - volumes: [ - emptyDirVolume(mountPath: '/home/gradle/.gradle', memory: false), - emptyDirVolume(mountPath: '/root/.azure', memory: false), - emptyDirVolume(mountPath: '/run/podman', memory: false) - ] -) { - node(PIPELINE_ID) { - def props - def imageTag = getImageTag() - def environment = params.ENVIRONMENT ?: 'dev' - def id = params.ID ?: 'dg0500' - def skipSonarQube = (params.SKIP_SONARQUBE?.toLowerCase() == 'true') - def services = ['api-gateway', 'user-service', 'bill-service', 'product-service', 'kos-mock'] - - try { - stage("Get Source") { - checkout scm - props = readProperties file: "deployment/cicd/config/deploy_env_vars_${environment}" - } - - stage("Setup AKS") { - container('azure-cli') { - withCredentials([azureServicePrincipal('azure-credentials')]) { - sh """ - az login --service-principal -u \$AZURE_CLIENT_ID -p \$AZURE_CLIENT_SECRET -t \$AZURE_TENANT_ID - az aks get-credentials --resource-group ${props.resource_group} --name ${props.cluster_name} --overwrite-existing - kubectl create namespace phonebill-${id} --dry-run=client -o yaml | kubectl apply -f - - """ - } - } - } - - stage('Build') { - container('gradle') { - sh """ - chmod +x gradlew - ./gradlew build -x test - """ - } - } - - stage('SonarQube Analysis & Quality Gate') { - if (skipSonarQube) { - echo "⏭️ Skipping SonarQube Analysis (SKIP_SONARQUBE=${params.SKIP_SONARQUBE})" - } else { - container('gradle') { - withSonarQubeEnv('SonarQube') { - // 각 서비스별 테스트 및 SonarQube 분석 - services.each { service -> - sh """ - ./gradlew :${service}:test :${service}:jacocoTestReport :${service}:sonar \\ - -Dsonar.projectKey=phonebill-${service}-${id} \\ - -Dsonar.projectName=phonebill-${service}-${id} \\ - -Dsonar.java.binaries=build/classes/java/main \\ - -Dsonar.coverage.jacoco.xmlReportPaths=build/reports/jacoco/test/jacocoTestReport.xml \\ - -Dsonar.exclusions=**/config/**,**/entity/**,**/dto/**,**/*Application.class,**/exception/** - """ - } - - // Quality Gate 확인 - timeout(time: 10, unit: 'MINUTES') { - def qg = waitForQualityGate() - if (qg.status != 'OK') { - error "Pipeline aborted due to quality gate failure: ${qg.status}" - } - } - } - } - } - } - - stage('Build & Push Images') { - timeout(time: 30, unit: 'MINUTES') { - container('podman') { - withCredentials([ - usernamePassword( - credentialsId: 'acr-credentials', - usernameVariable: 'ACR_USERNAME', - passwordVariable: 'ACR_PASSWORD' - ), - usernamePassword( - credentialsId: 'dockerhub-credentials', - usernameVariable: 'DOCKERHUB_USERNAME', - passwordVariable: 'DOCKERHUB_PASSWORD' - ) - ]) { - // Docker Hub 로그인 (rate limit 해결) - sh "podman login docker.io --username \$DOCKERHUB_USERNAME --password \$DOCKERHUB_PASSWORD" - - // ACR 로그인 - sh "podman login acrdigitalgarage01.azurecr.io --username \$ACR_USERNAME --password \$ACR_PASSWORD" - - services.each { service -> - sh """ - podman build \\ - --build-arg BUILD_LIB_DIR="${service}/build/libs" \\ - --build-arg ARTIFACTORY_FILE="${service}.jar" \\ - -f deployment/container/Dockerfile-backend \\ - -t acrdigitalgarage01.azurecr.io/phonebill/${service}:${id}-${imageTag} . - - podman push acrdigitalgarage01.azurecr.io/phonebill/${service}:${id}-${imageTag} - """ - } - } - } - } - } - - stage('Update Kustomize & Deploy') { - container('azure-cli') { - sh """ - # Kustomize 설치 (sudo 없이 사용자 디렉토리에 설치) - curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash - mkdir -p \$HOME/bin - mv kustomize \$HOME/bin/ - export PATH=\$PATH:\$HOME/bin - - # 환경별 디렉토리로 이동 - cd deployment/cicd/kustomize/overlays/${environment} - - # 서비스 목록 정의 (공백으로 구분) - services="api-gateway user-service bill-service product-service kos-mock" - - # 이미지 태그 업데이트 - for service in \$services; do - \$HOME/bin/kustomize edit set image acrdigitalgarage01.azurecr.io/phonebill/\$service:${id}-${imageTag} - done - - # 매니페스트 적용 - kubectl apply -k . - - # 배포 상태 확인 - echo "Waiting for deployments to be ready..." - for service in \$services; do - kubectl -n phonebill-${id} wait --for=condition=available deployment/\$service --timeout=300s - done - """ - } - } - - // 파이프라인 완료 로그 (Scripted Pipeline 방식) - stage('Pipeline Complete') { - echo "🧹 Pipeline completed. Pod cleanup handled by Jenkins Kubernetes Plugin." - - // 성공/실패 여부 로깅 - if (currentBuild.result == null || currentBuild.result == 'SUCCESS') { - echo "✅ Pipeline completed successfully!" - } else { - echo "❌ Pipeline failed with result: ${currentBuild.result}" - } - } - - } catch (Exception e) { - currentBuild.result = 'FAILURE' - echo "❌ Pipeline failed with exception: ${e.getMessage()}" - throw e - } finally { - echo "🧹 Cleaning up resources and preparing for pod termination..." - echo "Pod will be terminated in 3 seconds due to terminationGracePeriodSeconds: 3" - } - } -} \ No newline at end of file diff --git a/deployment/cicd/Jenkinsfile_ArgoCD b/deployment/cicd/Jenkinsfile_ArgoCD deleted file mode 100644 index 3dbed8a..0000000 --- a/deployment/cicd/Jenkinsfile_ArgoCD +++ /dev/null @@ -1,229 +0,0 @@ -def PIPELINE_ID = "${env.BUILD_NUMBER}" - -def getImageTag() { - def dateFormat = new java.text.SimpleDateFormat('yyyyMMddHHmmss') - def currentDate = new Date() - return dateFormat.format(currentDate) -} - -podTemplate( - label: "${PIPELINE_ID}", - serviceAccount: 'jenkins', - slaveConnectTimeout: 300, - idleMinutes: 1, - activeDeadlineSeconds: 3600, - podRetention: never(), // 파드 자동 정리 옵션: never(), onFailure(), always(), default() - yaml: ''' - spec: - terminationGracePeriodSeconds: 3 - restartPolicy: Never - tolerations: - - effect: NoSchedule - key: dedicated - operator: Equal - value: cicd - ''', - containers: [ - containerTemplate( - name: 'podman', - image: "mgoltzsche/podman", - ttyEnabled: true, - command: 'cat', - privileged: true, - resourceRequestCpu: '500m', - resourceRequestMemory: '2Gi', - resourceLimitCpu: '2000m', - resourceLimitMemory: '4Gi' - ), - containerTemplate( - name: 'gradle', - image: 'gradle:jdk21', - ttyEnabled: true, - command: 'cat', - resourceRequestCpu: '500m', - resourceRequestMemory: '1Gi', - resourceLimitCpu: '1000m', - resourceLimitMemory: '2Gi', - envVars: [ - envVar(key: 'DOCKER_HOST', value: 'unix:///run/podman/podman.sock'), - envVar(key: 'TESTCONTAINERS_DOCKER_SOCKET_OVERRIDE', value: '/run/podman/podman.sock'), - envVar(key: 'TESTCONTAINERS_RYUK_DISABLED', value: 'true') - ] - ), - containerTemplate( - name: 'azure-cli', - image: 'hiondal/azure-kubectl:latest', - command: 'cat', - ttyEnabled: true, - resourceRequestCpu: '200m', - resourceRequestMemory: '512Mi', - resourceLimitCpu: '500m', - resourceLimitMemory: '1Gi' - ), - containerTemplate( - name: 'git', - image: 'alpine/git:latest', - command: 'cat', - ttyEnabled: true, - resourceRequestCpu: '100m', - resourceRequestMemory: '256Mi', - resourceLimitCpu: '300m', - resourceLimitMemory: '512Mi' - ) - ], - volumes: [ - emptyDirVolume(mountPath: '/home/gradle/.gradle', memory: false), - emptyDirVolume(mountPath: '/root/.azure', memory: false), - emptyDirVolume(mountPath: '/run/podman', memory: false) - ] -) { - node(PIPELINE_ID) { - def props - def imageTag = getImageTag() - def environment = params.ENVIRONMENT ?: 'dev' - def skipSonarQube = (params.SKIP_SONARQUBE?.toLowerCase() == 'true') - def services = ['api-gateway', 'user-service', 'bill-service', 'product-service', 'kos-mock'] - - try { - stage("Get Source") { - checkout scm - props = readProperties file: "deployment/cicd/config/deploy_env_vars_${environment}" - } - - stage('Build') { - container('gradle') { - sh """ - chmod +x gradlew - ./gradlew build -x test - """ - } - } - - stage('SonarQube Analysis & Quality Gate') { - if (skipSonarQube) { - echo "⏭️ Skipping SonarQube Analysis (SKIP_SONARQUBE=${params.SKIP_SONARQUBE})" - } else { - container('gradle') { - withSonarQubeEnv('SonarQube') { - // 각 서비스별 테스트 및 SonarQube 분석 - services.each { service -> - sh """ - ./gradlew :${service}:test :${service}:jacocoTestReport :${service}:sonar \\ - -Dsonar.projectKey=phonebill-${service}-${environment} \\ - -Dsonar.projectName=phonebill-${service}-${environment} \\ - -Dsonar.java.binaries=build/classes/java/main \\ - -Dsonar.coverage.jacoco.xmlReportPaths=build/reports/jacoco/test/jacocoTestReport.xml \\ - -Dsonar.exclusions=**/config/**,**/entity/**,**/dto/**,**/*Application.class,**/exception/** - """ - } - - // Quality Gate 확인 - timeout(time: 10, unit: 'MINUTES') { - def qg = waitForQualityGate() - if (qg.status != 'OK') { - error "Pipeline aborted due to quality gate failure: ${qg.status}" - } - } - } - } - } - } - - stage('Build & Push Images') { - timeout(time: 30, unit: 'MINUTES') { - container('podman') { - withCredentials([ - usernamePassword( - credentialsId: 'acr-credentials', - usernameVariable: 'ACR_USERNAME', - passwordVariable: 'ACR_PASSWORD' - ), - usernamePassword( - credentialsId: 'dockerhub-credentials', - usernameVariable: 'DOCKERHUB_USERNAME', - passwordVariable: 'DOCKERHUB_PASSWORD' - ) - ]) { - // Docker Hub 로그인 (rate limit 해결) - sh "podman login docker.io --username \$DOCKERHUB_USERNAME --password \$DOCKERHUB_PASSWORD" - - // ACR 로그인 - sh "podman login acrdigitalgarage01.azurecr.io --username \$ACR_USERNAME --password \$ACR_PASSWORD" - - services.each { service -> - sh """ - podman build \\ - --build-arg BUILD_LIB_DIR="${service}/build/libs" \\ - --build-arg ARTIFACTORY_FILE="${service}.jar" \\ - -f deployment/container/Dockerfile-backend \\ - -t acrdigitalgarage01.azurecr.io/phonebill/${service}:${environment}-${imageTag} . - - podman push acrdigitalgarage01.azurecr.io/phonebill/${service}:${environment}-${imageTag} - """ - } - } - } - } - } - - stage('Update Manifest Repository') { - container('git') { - withCredentials([usernamePassword( - credentialsId: 'github-credentials-dg0500', - usernameVariable: 'GIT_USERNAME', - passwordVariable: 'GIT_TOKEN' - )]) { - sh """ - # 매니페스트 레포지토리 클론 - REPO_URL=\$(echo "https://github.com/cna-bootcamp/phonebill-manifest.git" | sed 's|https://||') - git clone https://\${GIT_USERNAME}:\${GIT_TOKEN}@\${REPO_URL} manifest-repo - cd manifest-repo - - # 각 서비스별 이미지 태그 업데이트 (sed 명령 사용) - services="api-gateway user-service bill-service product-service kos-mock" - for service in \$services; do - echo "Updating \$service image tag..." - sed -i "s|image: acrdigitalgarage01.azurecr.io/phonebill/\$service:.*|image: acrdigitalgarage01.azurecr.io/phonebill/\$service:${environment}-${imageTag}|g" \\ - phonebill/kustomize/base/\$service/deployment.yaml - - # 변경 사항 확인 - echo "Updated \$service deployment.yaml:" - grep "image: acrdigitalgarage01.azurecr.io/phonebill/\$service" phonebill/kustomize/base/\$service/deployment.yaml - done - - # Git 설정 및 푸시 - git config user.name "Jenkins CI" - git config user.email "jenkins@example.com" - git add . - git commit -m "🚀 Update phonebill ${environment} images to ${environment}-${imageTag}" - git push origin main - - echo "✅ 매니페스트 업데이트 완료. ArgoCD가 자동으로 배포합니다." - """ - } - } - } - - // 파이프라인 완료 로그 (Scripted Pipeline 방식) - stage('Pipeline Complete') { - echo "🧹 Pipeline completed. Pod cleanup handled by Jenkins Kubernetes Plugin." - - // 성공/실패 여부 로깅 - if (currentBuild.result == null || currentBuild.result == 'SUCCESS') { - echo "✅ Pipeline completed successfully!" - echo "✅ 매니페스트가 업데이트되었습니다. ArgoCD에서 배포를 확인하세요." - } else { - echo "❌ Pipeline failed with result: ${currentBuild.result}" - } - } - - } catch (Exception e) { - currentBuild.result = 'FAILURE' - echo "❌ Pipeline failed with exception: ${e.getMessage()}" - throw e - } finally { - echo "🧹 Cleaning up resources and preparing for pod termination..." - echo "Pod will be terminated in 3 seconds due to terminationGracePeriodSeconds: 3" - } - } -} \ No newline at end of file diff --git a/deployment/cicd/config/deploy_env_vars_dev b/deployment/cicd/config/deploy_env_vars_dev deleted file mode 100644 index 5a49197..0000000 --- a/deployment/cicd/config/deploy_env_vars_dev +++ /dev/null @@ -1,3 +0,0 @@ -# dev Environment Configuration -resource_group=rg-digitalgarage-01 -cluster_name=aks-digitalgarage-01 \ No newline at end of file diff --git a/deployment/cicd/config/deploy_env_vars_prod b/deployment/cicd/config/deploy_env_vars_prod deleted file mode 100644 index 53ee4a0..0000000 --- a/deployment/cicd/config/deploy_env_vars_prod +++ /dev/null @@ -1,3 +0,0 @@ -# prod Environment Configuration -resource_group=rg-digitalgarage-01 -cluster_name=aks-digitalgarage-01 \ No newline at end of file diff --git a/deployment/cicd/config/deploy_env_vars_staging b/deployment/cicd/config/deploy_env_vars_staging deleted file mode 100644 index 5873b90..0000000 --- a/deployment/cicd/config/deploy_env_vars_staging +++ /dev/null @@ -1,3 +0,0 @@ -# staging Environment Configuration -resource_group=rg-digitalgarage-01 -cluster_name=aks-digitalgarage-01 \ No newline at end of file diff --git a/deployment/cicd/jenkins-pipeline-guide.md b/deployment/cicd/jenkins-pipeline-guide.md deleted file mode 100644 index b8b8de4..0000000 --- a/deployment/cicd/jenkins-pipeline-guide.md +++ /dev/null @@ -1,350 +0,0 @@ -# Jenkins CI/CD 파이프라인 구축 가이드 - -**최운영/데옵스**가 작성한 통신요금 관리 서비스 Jenkins CI/CD 파이프라인 구축 가이드입니다. - -## 📋 프로젝트 정보 - -### 시스템 정보 -- **시스템명**: phonebill -- **서비스**: api-gateway, user-service, bill-service, product-service, kos-mock -- **JDK 버전**: 21 -- **Container Registry**: acrdigitalgarage01.azurecr.io -- **Resource Group**: rg-digitalgarage-01 -- **AKS Cluster**: aks-digitalgarage-01 - -## 🏗️ 아키텍처 개요 - -본 CI/CD 파이프라인은 다음 구성 요소들로 이루어져 있습니다: - -- **Jenkins**: 파이프라인 오케스트레이션 -- **Kustomize**: 환경별 Kubernetes 매니페스트 관리 -- **SonarQube**: 코드 품질 분석 및 Quality Gate -- **Azure Container Registry (ACR)**: 컨테이너 이미지 저장소 -- **Azure Kubernetes Service (AKS)**: 배포 대상 클러스터 - -## 🔧 사전 준비사항 - -### 1. Jenkins 서버 환경 구성 - -#### 필수 플러그인 설치 -``` -- Kubernetes -- Pipeline Utility Steps -- Docker Pipeline -- GitHub -- SonarQube Scanner -- Azure Credentials -``` - -#### Jenkins Credentials 등록 - -**Azure Service Principal** -``` -Manage Jenkins > Credentials > Add Credentials -- Kind: Microsoft Azure Service Principal -- ID: azure-credentials -- Subscription ID: {구독ID} -- Client ID: {클라이언트ID} -- Client Secret: {클라이언트시크릿} -- Tenant ID: {테넌트ID} -- Azure Environment: Azure -``` - -**ACR Credentials** -``` -- Kind: Username with password -- ID: acr-credentials -- Username: acrdigitalgarage01 -- Password: {ACR_PASSWORD} -``` - -**Docker Hub Credentials** (Rate Limit 해결용) -``` -- Kind: Username with password -- ID: dockerhub-credentials -- Username: {DOCKERHUB_USERNAME} -- Password: {DOCKERHUB_PASSWORD} -참고: Docker Hub 무료 계정 생성 (https://hub.docker.com) -``` - -**SonarQube Token** -``` -- Kind: Secret text -- ID: sonarqube-token -- Secret: {SonarQube토큰} -``` - -### 2. SonarQube 프로젝트 설정 - -각 서비스별 프로젝트 생성 및 Quality Gate 설정: -``` -Coverage: >= 80% -Duplicated Lines: <= 3% -Maintainability Rating: <= A -Reliability Rating: <= A -Security Rating: <= A -``` - -## 📁 디렉토리 구조 - -구축 완료된 디렉토리 구조: -``` -deployment/cicd/ -├── kustomize/ -│ ├── base/ -│ │ ├── common/ -│ │ │ ├── cm-common.yaml -│ │ │ ├── secret-common.yaml -│ │ │ ├── secret-imagepull.yaml -│ │ │ └── ingress.yaml -│ │ ├── api-gateway/ -│ │ ├── user-service/ -│ │ ├── bill-service/ -│ │ ├── product-service/ -│ │ ├── kos-mock/ -│ │ ├── namespace.yaml -│ │ └── kustomization.yaml -│ └── overlays/ -│ ├── dev/ -│ ├── staging/ -│ └── prod/ -├── config/ -│ ├── deploy_env_vars_dev -│ ├── deploy_env_vars_staging -│ └── deploy_env_vars_prod -├── scripts/ -│ ├── deploy.sh -│ └── validate-cicd-setup.sh -└── Jenkinsfile -``` - -## 🚀 파이프라인 단계 - -### 1. Get Source -- GitHub에서 소스코드 체크아웃 -- 환경별 설정 파일 읽기 - -### 2. Setup AKS -- Azure CLI로 인증 -- AKS 클러스터 연결 -- 환경별 네임스페이스 생성 - -### 3. Build & SonarQube Analysis -- Gradle 빌드 (테스트 제외) -- 각 서비스별 단위 테스트 실행 -- JaCoCo 커버리지 리포트 생성 -- SonarQube 코드 품질 분석 - -### 4. Quality Gate -- SonarQube Quality Gate 대기 (10분 타임아웃) -- 품질 기준 미달 시 파이프라인 중단 - -### 5. Build & Push Images -- Podman을 사용한 컨테이너 이미지 빌드 -- 환경별 이미지 태그로 ACR에 푸시 -- 30분 타임아웃 설정 - -### 6. Update Kustomize & Deploy -- Kustomize를 사용한 이미지 태그 업데이트 -- Kubernetes 매니페스트 적용 -- 배포 상태 확인 (5분 타임아웃) - -### 7. Pipeline Complete -- 성공/실패 로깅 -- 자동 파드 정리 - -## 🔄 파이프라인 실행 방법 - -### Jenkins 파이프라인 Job 생성 - -1. Jenkins 웹 UI에서 **New Item > Pipeline** 선택 -2. **Pipeline script from SCM** 설정: - ``` - SCM: Git - Repository URL: {Git저장소URL} - Branch: main - Script Path: deployment/cicd/Jenkinsfile - ``` -3. **Pipeline Parameters** 설정: - ``` - ENVIRONMENT: Choice Parameter (dev, staging, prod) - IMAGE_TAG: String Parameter (default: latest) - ``` - -### 배포 실행 - -1. Jenkins > {프로젝트명} > **Build with Parameters** -2. **ENVIRONMENT** 선택 (dev/staging/prod) -3. **IMAGE_TAG** 입력 (선택사항) -4. **Build** 클릭 - -## 📊 환경별 설정 - -### DEV 환경 -- **네임스페이스**: phonebill-dev -- **Replicas**: 1 -- **Resources**: 256m CPU/256Mi Memory → 1024m CPU/1024Mi Memory -- **Database**: DDL update 모드 -- **Ingress**: HTTP, SSL 리다이렉션 비활성화 - -### STAGING 환경 -- **네임스페이스**: phonebill-staging -- **Replicas**: 2 -- **Resources**: 512m CPU/512Mi Memory → 2048m CPU/2048Mi Memory -- **Database**: DDL validate 모드 -- **Ingress**: HTTPS, SSL 리다이렉션 활성화 - -### PROD 환경 -- **네임스페이스**: phonebill-prod -- **Replicas**: 3 -- **Resources**: 1024m CPU/1024Mi Memory → 4096m CPU/4096Mi Memory -- **Database**: DDL validate 모드, 짧은 JWT 토큰 (1시간) -- **Ingress**: HTTPS, SSL 리다이렉션 활성화, Let's Encrypt 인증서 - -## 🛠️ 수동 배포 방법 - -스크립트를 사용한 수동 배포: -```bash -# DEV 환경 배포 -./deployment/cicd/scripts/deploy.sh dev latest - -# STAGING 환경 배포 -./deployment/cicd/scripts/deploy.sh staging 20241213151500 - -# PROD 환경 배포 -./deployment/cicd/scripts/deploy.sh prod 20241213151500 -``` - -## 📋 배포 상태 확인 - -```bash -# 파드 상태 확인 -kubectl get pods -n phonebill-{환경} - -# 서비스 확인 -kubectl get services -n phonebill-{환경} - -# Ingress 확인 -kubectl get ingress -n phonebill-{환경} - -# 배포 히스토리 확인 -kubectl rollout history deployment/{서비스명} -n phonebill-{환경} -``` - -## 🔄 롤백 방법 - -### 이전 리비전으로 롤백 -```bash -# 특정 버전으로 롤백 -kubectl rollout undo deployment/{서비스명} -n phonebill-{환경} --to-revision=2 - -# 롤백 상태 확인 -kubectl rollout status deployment/{서비스명} -n phonebill-{환경} -``` - -### 이미지 태그 기반 롤백 -```bash -# 이전 안정 버전 이미지 태그로 업데이트 -cd deployment/cicd/kustomize/overlays/{환경} -kustomize edit set image acrdigitalgarage01.azurecr.io/phonebill/{서비스명}:{환경}-{이전태그} -kubectl apply -k . -``` - -## 🔍 트러블슈팅 - -### 일반적인 문제 해결 - -**1. SonarQube Quality Gate 실패** -- 코드 커버리지 확인 (80% 이상) -- 코드 중복도 확인 (3% 이하) -- 보안/신뢰성 등급 확인 (A등급) - -**2. 컨테이너 이미지 빌드 실패** -- Dockerfile 경로 확인: `deployment/container/Dockerfile-backend` -- JAR 파일 경로 확인: `{서비스명}/build/libs/{서비스명}.jar` -- ACR 인증 상태 확인 - -**3. 배포 실패** -- Kubernetes 매니페스트 문법 확인 -- 네임스페이스 존재 확인 -- 리소스 할당량 확인 - -**4. 파드 시작 실패** -- 환경변수 설정 확인 -- Secret/ConfigMap 존재 확인 -- 이미지 태그 정확성 확인 - -### 검증 스크립트 - -리소스 누락 검증: -```bash -./deployment/cicd/scripts/validate-cicd-setup.sh -``` - -## 🔐 보안 고려사항 - -### Jenkins 보안 -- **Service Account**: jenkins 전용 계정 사용 -- **Pod Security**: 최소 권한 원칙 적용 -- **Credential 관리**: Jenkins Credential Store 사용 - -### 컨테이너 보안 -- **Base Image**: 공식 이미지 사용 -- **Image Scanning**: ACR 취약점 스캔 활용 -- **Secrets 관리**: Kubernetes Secret으로 관리 - -### 네트워크 보안 -- **TLS**: HTTPS 강제 적용 (Staging/Prod) -- **Network Policy**: 네임스페이스 격리 -- **Ingress**: 인증서 자동 갱신 - -## 📈 성능 최적화 - -### 빌드 최적화 -- **Gradle Daemon**: 빌드 속도 향상 -- **Docker Layer Caching**: 이미지 빌드 최적화 -- **Parallel Build**: 병렬 빌드 활용 - -### 배포 최적화 -- **Rolling Update**: 무중단 배포 -- **Health Check**: 정확한 상태 확인 -- **Resource Limit**: 적절한 리소스 할당 - -## 🔧 유지보수 가이드 - -### 정기 점검 항목 -- [ ] Jenkins 플러그인 업데이트 -- [ ] SonarQube 룰 세트 검토 -- [ ] ACR 이미지 정리 -- [ ] 인증서 만료일 확인 - -### 모니터링 권장사항 -- 빌드 실패율 모니터링 -- 배포 소요시간 추적 -- Quality Gate 통과율 확인 -- 리소스 사용률 모니터링 - ---- - -## ✅ 체크리스트 - -### 사전 준비 완료 -- [x] Jenkins 필수 플러그인 설치 -- [x] Jenkins Credentials 등록 -- [x] SonarQube 프로젝트 설정 -- [x] ACR 접근 권한 설정 -- [x] AKS 클러스터 연결 설정 - -### Kustomize 구성 완료 -- [x] Base 매니페스트 생성 -- [x] 환경별 Overlay 생성 -- [x] Patch 파일 작성 -- [x] 매니페스트 검증 완료 - -### 파이프라인 구성 완료 -- [x] Jenkinsfile 작성 -- [x] 환경별 설정 파일 생성 -- [x] 배포 스크립트 작성 -- [x] 검증 스크립트 작성 - -**🎯 모든 구성이 완료되어 Jenkins CI/CD 파이프라인을 실행할 준비가 완료되었습니다!** \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/api-gateway/cm-api-gateway.yaml b/deployment/cicd/kustomize/base/api-gateway/cm-api-gateway.yaml deleted file mode 100644 index 16daedd..0000000 --- a/deployment/cicd/kustomize/base/api-gateway/cm-api-gateway.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cm-api-gateway - -data: - SERVER_PORT: "8080" - BILL_SERVICE_URL: "http://bill-service" - PRODUCT_SERVICE_URL: "http://product-service" - USER_SERVICE_URL: "http://user-service" - KOS_MOCK_URL: "http://kos-mock" \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/api-gateway/deployment.yaml b/deployment/cicd/kustomize/base/api-gateway/deployment.yaml deleted file mode 100644 index f733b9b..0000000 --- a/deployment/cicd/kustomize/base/api-gateway/deployment.yaml +++ /dev/null @@ -1,58 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: api-gateway - -spec: - replicas: 1 - selector: - matchLabels: - app: api-gateway - template: - metadata: - labels: - app: api-gateway - spec: - imagePullSecrets: - - name: phonebill - containers: - - name: api-gateway - image: acrdigitalgarage01.azurecr.io/phonebill/api-gateway:latest - imagePullPolicy: Always - ports: - - containerPort: 8080 - envFrom: - - configMapRef: - name: cm-common - - configMapRef: - name: cm-api-gateway - - secretRef: - name: secret-common - resources: - requests: - cpu: 256m - memory: 256Mi - limits: - cpu: 1024m - memory: 1024Mi - startupProbe: - httpGet: - path: /health - port: 8080 - initialDelaySeconds: 30 - periodSeconds: 10 - failureThreshold: 6 - readinessProbe: - httpGet: - path: /health - port: 8080 - initialDelaySeconds: 10 - periodSeconds: 5 - failureThreshold: 3 - livenessProbe: - httpGet: - path: /health - port: 8080 - initialDelaySeconds: 30 - periodSeconds: 10 - failureThreshold: 3 \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/api-gateway/service.yaml b/deployment/cicd/kustomize/base/api-gateway/service.yaml deleted file mode 100644 index da3acd6..0000000 --- a/deployment/cicd/kustomize/base/api-gateway/service.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: api-gateway - -spec: - selector: - app: api-gateway - ports: - - port: 80 - targetPort: 8080 - type: ClusterIP \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/bill-service/cm-bill-service.yaml b/deployment/cicd/kustomize/base/bill-service/cm-bill-service.yaml deleted file mode 100644 index 6e09048..0000000 --- a/deployment/cicd/kustomize/base/bill-service/cm-bill-service.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cm-bill-service - -data: - SERVER_PORT: "8082" - DB_KIND: "postgresql" - DB_PORT: "5432" - DB_CONNECTION_TIMEOUT: "30000" - DB_IDLE_TIMEOUT: "600000" - DB_LEAK_DETECTION: "60000" - DB_MAX_LIFETIME: "1800000" - DB_MAX_POOL: "20" - DB_MIN_IDLE: "5" - KOS_BASE_URL: "http://kos-mock" - REDIS_DATABASE: "1" - REDIS_MAX_ACTIVE: "8" - REDIS_MAX_IDLE: "8" - REDIS_MAX_WAIT: "-1" - REDIS_MIN_IDLE: "0" - REDIS_TIMEOUT: "2000" \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/bill-service/deployment.yaml b/deployment/cicd/kustomize/base/bill-service/deployment.yaml deleted file mode 100644 index a628e88..0000000 --- a/deployment/cicd/kustomize/base/bill-service/deployment.yaml +++ /dev/null @@ -1,60 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: bill-service - -spec: - replicas: 1 - selector: - matchLabels: - app: bill-service - template: - metadata: - labels: - app: bill-service - spec: - imagePullSecrets: - - name: phonebill - containers: - - name: bill-service - image: acrdigitalgarage01.azurecr.io/phonebill/bill-service:latest - imagePullPolicy: Always - ports: - - containerPort: 8082 - envFrom: - - configMapRef: - name: cm-common - - configMapRef: - name: cm-bill-service - - secretRef: - name: secret-common - - secretRef: - name: secret-bill-service - resources: - requests: - cpu: 256m - memory: 256Mi - limits: - cpu: 1024m - memory: 1024Mi - startupProbe: - httpGet: - path: /actuator/health - port: 8082 - initialDelaySeconds: 30 - periodSeconds: 10 - failureThreshold: 6 - readinessProbe: - httpGet: - path: /actuator/health/readiness - port: 8082 - initialDelaySeconds: 10 - periodSeconds: 5 - failureThreshold: 3 - livenessProbe: - httpGet: - path: /actuator/health/liveness - port: 8082 - initialDelaySeconds: 30 - periodSeconds: 10 - failureThreshold: 3 \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/bill-service/secret-bill-service.yaml b/deployment/cicd/kustomize/base/bill-service/secret-bill-service.yaml deleted file mode 100644 index b1c0b01..0000000 --- a/deployment/cicd/kustomize/base/bill-service/secret-bill-service.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: secret-bill-service - -type: Opaque -stringData: - DB_HOST: "bill-inquiry-postgres-dev-postgresql" - DB_NAME: "bill_inquiry_db" - DB_USERNAME: "bill_inquiry_user" - DB_PASSWORD: "BillUser2025!" \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/bill-service/service.yaml b/deployment/cicd/kustomize/base/bill-service/service.yaml deleted file mode 100644 index 5f14be7..0000000 --- a/deployment/cicd/kustomize/base/bill-service/service.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: bill-service - -spec: - selector: - app: bill-service - ports: - - port: 80 - targetPort: 8082 - type: ClusterIP \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/common/cm-common.yaml b/deployment/cicd/kustomize/base/common/cm-common.yaml deleted file mode 100644 index a96b039..0000000 --- a/deployment/cicd/kustomize/base/common/cm-common.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cm-common - -data: - CORS_ALLOWED_ORIGINS: "http://localhost:8081,http://localhost:8082,http://localhost:8083,http://localhost:8084,http://phonebill.20.214.196.128.nip.io" - JWT_ACCESS_TOKEN_VALIDITY: "18000000" - JWT_REFRESH_TOKEN_VALIDITY: "86400000" - REDIS_PORT: "6379" - SPRING_PROFILES_ACTIVE: "dev" - DDL_AUTO: "update" \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/common/ingress.yaml b/deployment/cicd/kustomize/base/common/ingress.yaml deleted file mode 100644 index b2bf566..0000000 --- a/deployment/cicd/kustomize/base/common/ingress.yaml +++ /dev/null @@ -1,49 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: phonebill - - annotations: - kubernetes.io/ingress.class: nginx - nginx.ingress.kubernetes.io/ssl-redirect: "false" -spec: - ingressClassName: nginx - rules: - - host: phonebill-api.20.214.196.128.nip.io - http: - paths: - - path: /api/v1/auth - pathType: Prefix - backend: - service: - name: user-service - port: - number: 80 - - path: /api/v1/users - pathType: Prefix - backend: - service: - name: user-service - port: - number: 80 - - path: /api/v1/bills - pathType: Prefix - backend: - service: - name: bill-service - port: - number: 80 - - path: /api/v1/products - pathType: Prefix - backend: - service: - name: product-service - port: - number: 80 - - path: /api/v1/kos - pathType: Prefix - backend: - service: - name: kos-mock - port: - number: 80 \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/common/secret-common.yaml b/deployment/cicd/kustomize/base/common/secret-common.yaml deleted file mode 100644 index c21c3ea..0000000 --- a/deployment/cicd/kustomize/base/common/secret-common.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: secret-common - -type: Opaque -stringData: - JWT_SECRET: "nwe5Yo9qaJ6FBD/Thl2/j6/SFAfNwUorAY1ZcWO2KI7uA4bmVLOCPxE9hYuUpRCOkgV2UF2DdHXtqHi3+BU/ecbz2zpHyf/720h48UbA3XOMYOX1sdM+dQ==" - REDIS_HOST: "redis-cache-dev-master" - REDIS_PASSWORD: "Redis2025Dev!" \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/common/secret-imagepull.yaml b/deployment/cicd/kustomize/base/common/secret-imagepull.yaml deleted file mode 100644 index 8292ced..0000000 --- a/deployment/cicd/kustomize/base/common/secret-imagepull.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: phonebill - -type: kubernetes.io/dockerconfigjson -stringData: - .dockerconfigjson: | - { - "auths": { - "acrdigitalgarage01.azurecr.io": { - "username": "acrdigitalgarage01", - "password": "+OY+rmOagorjWvQe/tTk6oqvnZI8SmNbY/Y2o5EDcY+ACRDCDbYk", - "auth": "YWNyZGlnaXRhbGdhcmFnZTAxOitPWStybU9hZ29yald2UWUvdFRrNm9xdm5aSThTbU5iWS9ZMm81RURjWStBQ1JEQ0RiWWs=" - } - } - } \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/kos-mock/cm-kos-mock.yaml b/deployment/cicd/kustomize/base/kos-mock/cm-kos-mock.yaml deleted file mode 100644 index 47144ca..0000000 --- a/deployment/cicd/kustomize/base/kos-mock/cm-kos-mock.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cm-kos-mock - -data: - SERVER_PORT: "8084" \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/kos-mock/deployment.yaml b/deployment/cicd/kustomize/base/kos-mock/deployment.yaml deleted file mode 100644 index 40a34ef..0000000 --- a/deployment/cicd/kustomize/base/kos-mock/deployment.yaml +++ /dev/null @@ -1,58 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: kos-mock - -spec: - replicas: 1 - selector: - matchLabels: - app: kos-mock - template: - metadata: - labels: - app: kos-mock - spec: - imagePullSecrets: - - name: phonebill - containers: - - name: kos-mock - image: acrdigitalgarage01.azurecr.io/phonebill/kos-mock:latest - imagePullPolicy: Always - ports: - - containerPort: 8084 - envFrom: - - configMapRef: - name: cm-common - - configMapRef: - name: cm-kos-mock - - secretRef: - name: secret-common - resources: - requests: - cpu: 256m - memory: 256Mi - limits: - cpu: 1024m - memory: 1024Mi - startupProbe: - httpGet: - path: /actuator/health - port: 8084 - initialDelaySeconds: 30 - periodSeconds: 10 - failureThreshold: 6 - readinessProbe: - httpGet: - path: /actuator/health/readiness - port: 8084 - initialDelaySeconds: 10 - periodSeconds: 5 - failureThreshold: 3 - livenessProbe: - httpGet: - path: /actuator/health/liveness - port: 8084 - initialDelaySeconds: 30 - periodSeconds: 10 - failureThreshold: 3 \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/kos-mock/service.yaml b/deployment/cicd/kustomize/base/kos-mock/service.yaml deleted file mode 100644 index 926ad82..0000000 --- a/deployment/cicd/kustomize/base/kos-mock/service.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: kos-mock - -spec: - selector: - app: kos-mock - ports: - - port: 80 - targetPort: 8084 - type: ClusterIP \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/kustomization.yaml b/deployment/cicd/kustomize/base/kustomization.yaml deleted file mode 100644 index e4c3872..0000000 --- a/deployment/cicd/kustomize/base/kustomization.yaml +++ /dev/null @@ -1,53 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -metadata: - name: phonebill-base - -resources: - - # Common resources - - common/cm-common.yaml - - common/secret-common.yaml - - common/secret-imagepull.yaml - - common/ingress.yaml - - # api-gateway - - api-gateway/deployment.yaml - - api-gateway/service.yaml - - api-gateway/cm-api-gateway.yaml - - # user-service - - user-service/deployment.yaml - - user-service/service.yaml - - user-service/cm-user-service.yaml - - user-service/secret-user-service.yaml - - # bill-service - - bill-service/deployment.yaml - - bill-service/service.yaml - - bill-service/cm-bill-service.yaml - - bill-service/secret-bill-service.yaml - - # product-service - - product-service/deployment.yaml - - product-service/service.yaml - - product-service/cm-product-service.yaml - - product-service/secret-product-service.yaml - - # kos-mock - - kos-mock/deployment.yaml - - kos-mock/service.yaml - - kos-mock/cm-kos-mock.yaml - -images: - - name: acrdigitalgarage01.azurecr.io/phonebill/api-gateway - newTag: latest - - name: acrdigitalgarage01.azurecr.io/phonebill/user-service - newTag: latest - - name: acrdigitalgarage01.azurecr.io/phonebill/bill-service - newTag: latest - - name: acrdigitalgarage01.azurecr.io/phonebill/product-service - newTag: latest - - name: acrdigitalgarage01.azurecr.io/phonebill/kos-mock - newTag: latest \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/product-service/cm-product-service.yaml b/deployment/cicd/kustomize/base/product-service/cm-product-service.yaml deleted file mode 100644 index ad1c647..0000000 --- a/deployment/cicd/kustomize/base/product-service/cm-product-service.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cm-product-service - -data: - SERVER_PORT: "8083" - DB_KIND: "postgresql" - DB_PORT: "5432" - KOS_BASE_URL: "http://kos-mock" - REDIS_DATABASE: "2" \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/product-service/deployment.yaml b/deployment/cicd/kustomize/base/product-service/deployment.yaml deleted file mode 100644 index 8e12d01..0000000 --- a/deployment/cicd/kustomize/base/product-service/deployment.yaml +++ /dev/null @@ -1,60 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: product-service - -spec: - replicas: 1 - selector: - matchLabels: - app: product-service - template: - metadata: - labels: - app: product-service - spec: - imagePullSecrets: - - name: phonebill - containers: - - name: product-service - image: acrdigitalgarage01.azurecr.io/phonebill/product-service:latest - imagePullPolicy: Always - ports: - - containerPort: 8083 - envFrom: - - configMapRef: - name: cm-common - - configMapRef: - name: cm-product-service - - secretRef: - name: secret-common - - secretRef: - name: secret-product-service - resources: - requests: - cpu: 256m - memory: 256Mi - limits: - cpu: 1024m - memory: 1024Mi - startupProbe: - httpGet: - path: /actuator/health - port: 8083 - initialDelaySeconds: 30 - periodSeconds: 10 - failureThreshold: 6 - readinessProbe: - httpGet: - path: /actuator/health/readiness - port: 8083 - initialDelaySeconds: 10 - periodSeconds: 5 - failureThreshold: 3 - livenessProbe: - httpGet: - path: /actuator/health/liveness - port: 8083 - initialDelaySeconds: 30 - periodSeconds: 10 - failureThreshold: 3 \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/product-service/secret-product-service.yaml b/deployment/cicd/kustomize/base/product-service/secret-product-service.yaml deleted file mode 100644 index b3ab681..0000000 --- a/deployment/cicd/kustomize/base/product-service/secret-product-service.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: secret-product-service - -type: Opaque -stringData: - DB_HOST: "product-change-postgres-dev-postgresql" - DB_NAME: "product_change_db" - DB_USERNAME: "product_change_user" - DB_PASSWORD: "ProductUser2025!" \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/product-service/service.yaml b/deployment/cicd/kustomize/base/product-service/service.yaml deleted file mode 100644 index 37ec7d9..0000000 --- a/deployment/cicd/kustomize/base/product-service/service.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: product-service - -spec: - selector: - app: product-service - ports: - - port: 80 - targetPort: 8083 - type: ClusterIP \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/user-service/cm-user-service.yaml b/deployment/cicd/kustomize/base/user-service/cm-user-service.yaml deleted file mode 100644 index ac3f442..0000000 --- a/deployment/cicd/kustomize/base/user-service/cm-user-service.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cm-user-service - -data: - SERVER_PORT: "8081" - DB_KIND: "postgresql" - DB_PORT: "5432" - DDL_AUTO: "update" - REDIS_DATABASE: "0" - SHOW_SQL: "true" \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/user-service/deployment.yaml b/deployment/cicd/kustomize/base/user-service/deployment.yaml deleted file mode 100644 index 5287333..0000000 --- a/deployment/cicd/kustomize/base/user-service/deployment.yaml +++ /dev/null @@ -1,60 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: user-service - -spec: - replicas: 1 - selector: - matchLabels: - app: user-service - template: - metadata: - labels: - app: user-service - spec: - imagePullSecrets: - - name: phonebill - containers: - - name: user-service - image: acrdigitalgarage01.azurecr.io/phonebill/user-service:latest - imagePullPolicy: Always - ports: - - containerPort: 8081 - envFrom: - - configMapRef: - name: cm-common - - configMapRef: - name: cm-user-service - - secretRef: - name: secret-common - - secretRef: - name: secret-user-service - resources: - requests: - cpu: 256m - memory: 256Mi - limits: - cpu: 1024m - memory: 1024Mi - startupProbe: - httpGet: - path: /actuator/health - port: 8081 - initialDelaySeconds: 30 - periodSeconds: 10 - failureThreshold: 6 - readinessProbe: - httpGet: - path: /actuator/health/readiness - port: 8081 - initialDelaySeconds: 10 - periodSeconds: 5 - failureThreshold: 3 - livenessProbe: - httpGet: - path: /actuator/health/liveness - port: 8081 - initialDelaySeconds: 30 - periodSeconds: 10 - failureThreshold: 3 \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/user-service/secret-user-service.yaml b/deployment/cicd/kustomize/base/user-service/secret-user-service.yaml deleted file mode 100644 index 87ab6d4..0000000 --- a/deployment/cicd/kustomize/base/user-service/secret-user-service.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: secret-user-service - -type: Opaque -stringData: - DB_HOST: "auth-postgres-dev-postgresql" - DB_NAME: "phonebill_auth" - DB_USERNAME: "auth_user" - DB_PASSWORD: "AuthUser2025!" \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/user-service/service.yaml b/deployment/cicd/kustomize/base/user-service/service.yaml deleted file mode 100644 index f6a8a5f..0000000 --- a/deployment/cicd/kustomize/base/user-service/service.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: user-service - -spec: - selector: - app: user-service - ports: - - port: 80 - targetPort: 8081 - type: ClusterIP \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/dev/cm-common-patch.yaml b/deployment/cicd/kustomize/overlays/dev/cm-common-patch.yaml deleted file mode 100644 index 2bfa235..0000000 --- a/deployment/cicd/kustomize/overlays/dev/cm-common-patch.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cm-common - -data: - CORS_ALLOWED_ORIGINS: "http://localhost:8081,http://localhost:8082,http://localhost:8083,http://localhost:8084,http://phonebill-dg0500.20.214.196.128.nip.io" - JWT_ACCESS_TOKEN_VALIDITY: "18000000" - JWT_REFRESH_TOKEN_VALIDITY: "86400000" - REDIS_PORT: "6379" - SPRING_PROFILES_ACTIVE: "dev" - DDL_AUTO: "update" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/dev/deployment-api-gateway-patch.yaml b/deployment/cicd/kustomize/overlays/dev/deployment-api-gateway-patch.yaml deleted file mode 100644 index f7dad01..0000000 --- a/deployment/cicd/kustomize/overlays/dev/deployment-api-gateway-patch.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: api-gateway -spec: - replicas: 1 - template: - spec: - containers: - - name: api-gateway - resources: - requests: - cpu: 256m - memory: 256Mi - limits: - cpu: 1024m - memory: 1024Mi \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/dev/deployment-bill-service-patch.yaml b/deployment/cicd/kustomize/overlays/dev/deployment-bill-service-patch.yaml deleted file mode 100644 index c20c2a0..0000000 --- a/deployment/cicd/kustomize/overlays/dev/deployment-bill-service-patch.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: bill-service -spec: - replicas: 1 - template: - spec: - containers: - - name: bill-service - resources: - requests: - cpu: 256m - memory: 256Mi - limits: - cpu: 1024m - memory: 1024Mi \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/dev/deployment-kos-mock-patch.yaml b/deployment/cicd/kustomize/overlays/dev/deployment-kos-mock-patch.yaml deleted file mode 100644 index 98346b2..0000000 --- a/deployment/cicd/kustomize/overlays/dev/deployment-kos-mock-patch.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: kos-mock -spec: - replicas: 1 - template: - spec: - containers: - - name: kos-mock - resources: - requests: - cpu: 256m - memory: 256Mi - limits: - cpu: 1024m - memory: 1024Mi \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/dev/deployment-product-service-patch.yaml b/deployment/cicd/kustomize/overlays/dev/deployment-product-service-patch.yaml deleted file mode 100644 index 1447a22..0000000 --- a/deployment/cicd/kustomize/overlays/dev/deployment-product-service-patch.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: product-service -spec: - replicas: 1 - template: - spec: - containers: - - name: product-service - resources: - requests: - cpu: 256m - memory: 256Mi - limits: - cpu: 1024m - memory: 1024Mi \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/dev/deployment-user-service-patch.yaml b/deployment/cicd/kustomize/overlays/dev/deployment-user-service-patch.yaml deleted file mode 100644 index 9faf21f..0000000 --- a/deployment/cicd/kustomize/overlays/dev/deployment-user-service-patch.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: user-service -spec: - replicas: 1 - template: - spec: - containers: - - name: user-service - resources: - requests: - cpu: 256m - memory: 256Mi - limits: - cpu: 1024m - memory: 1024Mi \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/dev/ingress-patch.yaml b/deployment/cicd/kustomize/overlays/dev/ingress-patch.yaml deleted file mode 100644 index 485cbfc..0000000 --- a/deployment/cicd/kustomize/overlays/dev/ingress-patch.yaml +++ /dev/null @@ -1,48 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: phonebill-ingress - annotations: - kubernetes.io/ingress.class: nginx - nginx.ingress.kubernetes.io/ssl-redirect: "false" -spec: - ingressClassName: nginx - rules: - - host: phonebill-dg0500-api.20.214.196.128.nip.io - http: - paths: - - path: /api/v1/auth - pathType: Prefix - backend: - service: - name: user-service - port: - number: 80 - - path: /api/v1/users - pathType: Prefix - backend: - service: - name: user-service - port: - number: 80 - - path: /api/v1/bills - pathType: Prefix - backend: - service: - name: bill-service - port: - number: 80 - - path: /api/v1/products - pathType: Prefix - backend: - service: - name: product-service - port: - number: 80 - - path: /api/v1/kos - pathType: Prefix - backend: - service: - name: kos-mock - port: - number: 80 \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/dev/kustomization.yaml b/deployment/cicd/kustomize/overlays/dev/kustomization.yaml deleted file mode 100644 index affcb67..0000000 --- a/deployment/cicd/kustomize/overlays/dev/kustomization.yaml +++ /dev/null @@ -1,65 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -namespace: phonebill-dg0500 - -resources: - - ../../base - -patches: - - path: cm-common-patch.yaml - target: - kind: ConfigMap - name: cm-common - - path: deployment-api-gateway-patch.yaml - target: - kind: Deployment - name: api-gateway - - path: deployment-user-service-patch.yaml - target: - kind: Deployment - name: user-service - - path: deployment-bill-service-patch.yaml - target: - kind: Deployment - name: bill-service - - path: deployment-product-service-patch.yaml - target: - kind: Deployment - name: product-service - - path: deployment-kos-mock-patch.yaml - target: - kind: Deployment - name: kos-mock - - path: ingress-patch.yaml - target: - kind: Ingress - name: phonebill - - path: secret-common-patch.yaml - target: - kind: Secret - name: secret-common - - path: secret-user-service-patch.yaml - target: - kind: Secret - name: secret-user-service - - path: secret-bill-service-patch.yaml - target: - kind: Secret - name: secret-bill-service - - path: secret-product-service-patch.yaml - target: - kind: Secret - name: secret-product-service - -images: - - name: acrdigitalgarage01.azurecr.io/phonebill/api-gateway - newTag: dev-latest - - name: acrdigitalgarage01.azurecr.io/phonebill/user-service - newTag: dev-latest - - name: acrdigitalgarage01.azurecr.io/phonebill/bill-service - newTag: dev-latest - - name: acrdigitalgarage01.azurecr.io/phonebill/product-service - newTag: dev-latest - - name: acrdigitalgarage01.azurecr.io/phonebill/kos-mock - newTag: dev-latest diff --git a/deployment/cicd/kustomize/overlays/dev/secret-bill-service-patch.yaml b/deployment/cicd/kustomize/overlays/dev/secret-bill-service-patch.yaml deleted file mode 100644 index b1c0b01..0000000 --- a/deployment/cicd/kustomize/overlays/dev/secret-bill-service-patch.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: secret-bill-service - -type: Opaque -stringData: - DB_HOST: "bill-inquiry-postgres-dev-postgresql" - DB_NAME: "bill_inquiry_db" - DB_USERNAME: "bill_inquiry_user" - DB_PASSWORD: "BillUser2025!" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/dev/secret-common-patch.yaml b/deployment/cicd/kustomize/overlays/dev/secret-common-patch.yaml deleted file mode 100644 index c21c3ea..0000000 --- a/deployment/cicd/kustomize/overlays/dev/secret-common-patch.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: secret-common - -type: Opaque -stringData: - JWT_SECRET: "nwe5Yo9qaJ6FBD/Thl2/j6/SFAfNwUorAY1ZcWO2KI7uA4bmVLOCPxE9hYuUpRCOkgV2UF2DdHXtqHi3+BU/ecbz2zpHyf/720h48UbA3XOMYOX1sdM+dQ==" - REDIS_HOST: "redis-cache-dev-master" - REDIS_PASSWORD: "Redis2025Dev!" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/dev/secret-product-service-patch.yaml b/deployment/cicd/kustomize/overlays/dev/secret-product-service-patch.yaml deleted file mode 100644 index b3ab681..0000000 --- a/deployment/cicd/kustomize/overlays/dev/secret-product-service-patch.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: secret-product-service - -type: Opaque -stringData: - DB_HOST: "product-change-postgres-dev-postgresql" - DB_NAME: "product_change_db" - DB_USERNAME: "product_change_user" - DB_PASSWORD: "ProductUser2025!" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/dev/secret-user-service-patch.yaml b/deployment/cicd/kustomize/overlays/dev/secret-user-service-patch.yaml deleted file mode 100644 index 87ab6d4..0000000 --- a/deployment/cicd/kustomize/overlays/dev/secret-user-service-patch.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: secret-user-service - -type: Opaque -stringData: - DB_HOST: "auth-postgres-dev-postgresql" - DB_NAME: "phonebill_auth" - DB_USERNAME: "auth_user" - DB_PASSWORD: "AuthUser2025!" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/prod/configmap-common-patch.yaml b/deployment/cicd/kustomize/overlays/prod/configmap-common-patch.yaml deleted file mode 100644 index 91ff4bb..0000000 --- a/deployment/cicd/kustomize/overlays/prod/configmap-common-patch.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cm-common - -data: - CORS_ALLOWED_ORIGINS: "https://phonebill.example.com" - JWT_ACCESS_TOKEN_VALIDITY: "3600000" - JWT_REFRESH_TOKEN_VALIDITY: "86400000" - REDIS_PORT: "6379" - SPRING_PROFILES_ACTIVE: "prod" - DDL_AUTO: "validate" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/prod/deployment-api-gateway-patch.yaml b/deployment/cicd/kustomize/overlays/prod/deployment-api-gateway-patch.yaml deleted file mode 100644 index 0c6bd3d..0000000 --- a/deployment/cicd/kustomize/overlays/prod/deployment-api-gateway-patch.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: api-gateway -spec: - replicas: 3 - template: - spec: - containers: - - name: api-gateway - resources: - requests: - cpu: 1024m - memory: 1024Mi - limits: - cpu: 4096m - memory: 4096Mi \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/prod/deployment-bill-service-patch.yaml b/deployment/cicd/kustomize/overlays/prod/deployment-bill-service-patch.yaml deleted file mode 100644 index 3049a8a..0000000 --- a/deployment/cicd/kustomize/overlays/prod/deployment-bill-service-patch.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: bill-service -spec: - replicas: 3 - template: - spec: - containers: - - name: bill-service - resources: - requests: - cpu: 1024m - memory: 1024Mi - limits: - cpu: 4096m - memory: 4096Mi \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/prod/deployment-kos-mock-patch.yaml b/deployment/cicd/kustomize/overlays/prod/deployment-kos-mock-patch.yaml deleted file mode 100644 index 5918e81..0000000 --- a/deployment/cicd/kustomize/overlays/prod/deployment-kos-mock-patch.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: kos-mock -spec: - replicas: 3 - template: - spec: - containers: - - name: kos-mock - resources: - requests: - cpu: 1024m - memory: 1024Mi - limits: - cpu: 4096m - memory: 4096Mi \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/prod/deployment-product-service-patch.yaml b/deployment/cicd/kustomize/overlays/prod/deployment-product-service-patch.yaml deleted file mode 100644 index eb12921..0000000 --- a/deployment/cicd/kustomize/overlays/prod/deployment-product-service-patch.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: product-service -spec: - replicas: 3 - template: - spec: - containers: - - name: product-service - resources: - requests: - cpu: 1024m - memory: 1024Mi - limits: - cpu: 4096m - memory: 4096Mi \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/prod/deployment-user-service-patch.yaml b/deployment/cicd/kustomize/overlays/prod/deployment-user-service-patch.yaml deleted file mode 100644 index e464a6f..0000000 --- a/deployment/cicd/kustomize/overlays/prod/deployment-user-service-patch.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: user-service -spec: - replicas: 3 - template: - spec: - containers: - - name: user-service - resources: - requests: - cpu: 1024m - memory: 1024Mi - limits: - cpu: 4096m - memory: 4096Mi \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/prod/ingress-patch.yaml b/deployment/cicd/kustomize/overlays/prod/ingress-patch.yaml deleted file mode 100644 index f944db9..0000000 --- a/deployment/cicd/kustomize/overlays/prod/ingress-patch.yaml +++ /dev/null @@ -1,54 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: phonebill-ingress - annotations: - kubernetes.io/ingress.class: nginx - nginx.ingress.kubernetes.io/ssl-redirect: "true" - nginx.ingress.kubernetes.io/force-ssl-redirect: "true" - cert-manager.io/cluster-issuer: "letsencrypt-prod" -spec: - ingressClassName: nginx - tls: - - hosts: - - phonebill.example.com - secretName: phonebill-tls-secret - rules: - - host: phonebill.example.com - http: - paths: - - path: /api/v1/auth - pathType: Prefix - backend: - service: - name: user-service - port: - number: 80 - - path: /api/v1/users - pathType: Prefix - backend: - service: - name: user-service - port: - number: 80 - - path: /api/v1/bills - pathType: Prefix - backend: - service: - name: bill-service - port: - number: 80 - - path: /api/v1/products - pathType: Prefix - backend: - service: - name: product-service - port: - number: 80 - - path: /api/v1/kos - pathType: Prefix - backend: - service: - name: kos-mock - port: - number: 80 \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/prod/kustomization.yaml b/deployment/cicd/kustomize/overlays/prod/kustomization.yaml deleted file mode 100644 index 238bd73..0000000 --- a/deployment/cicd/kustomize/overlays/prod/kustomization.yaml +++ /dev/null @@ -1,65 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -namespace: phonebill-prod - -resources: - - ../../base - -patches: - - path: configmap-common-patch.yaml - target: - kind: ConfigMap - name: cm-common - - path: secret-common-patch.yaml - target: - kind: Secret - name: secret-common - - path: ingress-patch.yaml - target: - kind: Ingress - name: phonebill - - path: deployment-api-gateway-patch.yaml - target: - kind: Deployment - name: api-gateway - - path: deployment-user-service-patch.yaml - target: - kind: Deployment - name: user-service - - path: deployment-bill-service-patch.yaml - target: - kind: Deployment - name: bill-service - - path: deployment-product-service-patch.yaml - target: - kind: Deployment - name: product-service - - path: deployment-kos-mock-patch.yaml - target: - kind: Deployment - name: kos-mock - - path: secret-user-service-patch.yaml - target: - kind: Secret - name: secret-user-service - - path: secret-bill-service-patch.yaml - target: - kind: Secret - name: secret-bill-service - - path: secret-product-service-patch.yaml - target: - kind: Secret - name: secret-product-service - -images: - - name: acrdigitalgarage01.azurecr.io/phonebill/api-gateway - newTag: prod-latest - - name: acrdigitalgarage01.azurecr.io/phonebill/user-service - newTag: prod-latest - - name: acrdigitalgarage01.azurecr.io/phonebill/bill-service - newTag: prod-latest - - name: acrdigitalgarage01.azurecr.io/phonebill/product-service - newTag: prod-latest - - name: acrdigitalgarage01.azurecr.io/phonebill/kos-mock - newTag: prod-latest diff --git a/deployment/cicd/kustomize/overlays/prod/secret-bill-service-patch.yaml b/deployment/cicd/kustomize/overlays/prod/secret-bill-service-patch.yaml deleted file mode 100644 index 3cdad4c..0000000 --- a/deployment/cicd/kustomize/overlays/prod/secret-bill-service-patch.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: secret-bill-service - -type: Opaque -stringData: - DB_HOST: "bill-inquiry-postgres-prod-postgresql" - DB_NAME: "bill_inquiry_db" - DB_USERNAME: "bill_inquiry_user" - DB_PASSWORD: "BillUserProd2025!" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/prod/secret-common-patch.yaml b/deployment/cicd/kustomize/overlays/prod/secret-common-patch.yaml deleted file mode 100644 index 6e269a1..0000000 --- a/deployment/cicd/kustomize/overlays/prod/secret-common-patch.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: secret-common - -type: Opaque -stringData: - JWT_SECRET: "nwe5Yo9qaJ6FBD/Thl2/j6/SFAfNwUorAY1ZcWO2KI7uA4bmVLOCPxE9hYuUpRCOkgV2UF2DdHXtqHi3+BU/ecbz2zpHyf/720h48UbA3XOMYOX1sdM+dQ==" - REDIS_HOST: "redis-cache-prod-master" - REDIS_PASSWORD: "Redis2025Prod!" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/prod/secret-product-service-patch.yaml b/deployment/cicd/kustomize/overlays/prod/secret-product-service-patch.yaml deleted file mode 100644 index f10314f..0000000 --- a/deployment/cicd/kustomize/overlays/prod/secret-product-service-patch.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: secret-product-service - -type: Opaque -stringData: - DB_HOST: "product-change-postgres-prod-postgresql" - DB_NAME: "product_change_db" - DB_USERNAME: "product_change_user" - DB_PASSWORD: "ProductUserProd2025!" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/prod/secret-user-service-patch.yaml b/deployment/cicd/kustomize/overlays/prod/secret-user-service-patch.yaml deleted file mode 100644 index 70766cb..0000000 --- a/deployment/cicd/kustomize/overlays/prod/secret-user-service-patch.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: secret-user-service - -type: Opaque -stringData: - DB_HOST: "auth-postgres-prod-postgresql" - DB_NAME: "phonebill_auth" - DB_USERNAME: "auth_user" - DB_PASSWORD: "AuthUserProd2025!" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/staging/configmap-common-patch.yaml b/deployment/cicd/kustomize/overlays/staging/configmap-common-patch.yaml deleted file mode 100644 index 8bae940..0000000 --- a/deployment/cicd/kustomize/overlays/staging/configmap-common-patch.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cm-common - -data: - CORS_ALLOWED_ORIGINS: "https://phonebill.example.com" - JWT_ACCESS_TOKEN_VALIDITY: "18000000" - JWT_REFRESH_TOKEN_VALIDITY: "86400000" - REDIS_PORT: "6379" - SPRING_PROFILES_ACTIVE: "staging" - DDL_AUTO: "validate" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/staging/deployment-api-gateway-patch.yaml b/deployment/cicd/kustomize/overlays/staging/deployment-api-gateway-patch.yaml deleted file mode 100644 index d0703ba..0000000 --- a/deployment/cicd/kustomize/overlays/staging/deployment-api-gateway-patch.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: api-gateway -spec: - replicas: 2 - template: - spec: - containers: - - name: api-gateway - resources: - requests: - cpu: 512m - memory: 512Mi - limits: - cpu: 2048m - memory: 2048Mi \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/staging/deployment-bill-service-patch.yaml b/deployment/cicd/kustomize/overlays/staging/deployment-bill-service-patch.yaml deleted file mode 100644 index 792bcfa..0000000 --- a/deployment/cicd/kustomize/overlays/staging/deployment-bill-service-patch.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: bill-service -spec: - replicas: 2 - template: - spec: - containers: - - name: bill-service - resources: - requests: - cpu: 512m - memory: 512Mi - limits: - cpu: 2048m - memory: 2048Mi \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/staging/deployment-kos-mock-patch.yaml b/deployment/cicd/kustomize/overlays/staging/deployment-kos-mock-patch.yaml deleted file mode 100644 index 71d74a1..0000000 --- a/deployment/cicd/kustomize/overlays/staging/deployment-kos-mock-patch.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: kos-mock -spec: - replicas: 2 - template: - spec: - containers: - - name: kos-mock - resources: - requests: - cpu: 512m - memory: 512Mi - limits: - cpu: 2048m - memory: 2048Mi \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/staging/deployment-product-service-patch.yaml b/deployment/cicd/kustomize/overlays/staging/deployment-product-service-patch.yaml deleted file mode 100644 index 28b9d65..0000000 --- a/deployment/cicd/kustomize/overlays/staging/deployment-product-service-patch.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: product-service -spec: - replicas: 2 - template: - spec: - containers: - - name: product-service - resources: - requests: - cpu: 512m - memory: 512Mi - limits: - cpu: 2048m - memory: 2048Mi \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/staging/deployment-user-service-patch.yaml b/deployment/cicd/kustomize/overlays/staging/deployment-user-service-patch.yaml deleted file mode 100644 index b7df416..0000000 --- a/deployment/cicd/kustomize/overlays/staging/deployment-user-service-patch.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: user-service -spec: - replicas: 2 - template: - spec: - containers: - - name: user-service - resources: - requests: - cpu: 512m - memory: 512Mi - limits: - cpu: 2048m - memory: 2048Mi \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/staging/ingress-patch.yaml b/deployment/cicd/kustomize/overlays/staging/ingress-patch.yaml deleted file mode 100644 index 086ece6..0000000 --- a/deployment/cicd/kustomize/overlays/staging/ingress-patch.yaml +++ /dev/null @@ -1,53 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: phonebill - annotations: - kubernetes.io/ingress.class: nginx - nginx.ingress.kubernetes.io/ssl-redirect: "true" - cert-manager.io/cluster-issuer: "letsencrypt-prod" -spec: - ingressClassName: nginx - tls: - - hosts: - - phonebill.example.com - secretName: phonebill-tls-cert - rules: - - host: phonebill.example.com - http: - paths: - - path: /api/v1/auth - pathType: Prefix - backend: - service: - name: user-service - port: - number: 80 - - path: /api/v1/users - pathType: Prefix - backend: - service: - name: user-service - port: - number: 80 - - path: /api/v1/bills - pathType: Prefix - backend: - service: - name: bill-service - port: - number: 80 - - path: /api/v1/products - pathType: Prefix - backend: - service: - name: product-service - port: - number: 80 - - path: /api/v1/kos - pathType: Prefix - backend: - service: - name: kos-mock - port: - number: 80 \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/staging/kustomization.yaml b/deployment/cicd/kustomize/overlays/staging/kustomization.yaml deleted file mode 100644 index cef79a5..0000000 --- a/deployment/cicd/kustomize/overlays/staging/kustomization.yaml +++ /dev/null @@ -1,65 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -namespace: phonebill-staging - -resources: - - ../../base - -patches: - - path: configmap-common-patch.yaml - target: - kind: ConfigMap - name: cm-common - - path: secret-common-patch.yaml - target: - kind: Secret - name: secret-common - - path: ingress-patch.yaml - target: - kind: Ingress - name: phonebill - - path: deployment-api-gateway-patch.yaml - target: - kind: Deployment - name: api-gateway - - path: deployment-user-service-patch.yaml - target: - kind: Deployment - name: user-service - - path: deployment-bill-service-patch.yaml - target: - kind: Deployment - name: bill-service - - path: deployment-product-service-patch.yaml - target: - kind: Deployment - name: product-service - - path: deployment-kos-mock-patch.yaml - target: - kind: Deployment - name: kos-mock - - path: secret-user-service-patch.yaml - target: - kind: Secret - name: secret-user-service - - path: secret-bill-service-patch.yaml - target: - kind: Secret - name: secret-bill-service - - path: secret-product-service-patch.yaml - target: - kind: Secret - name: secret-product-service - -images: - - name: acrdigitalgarage01.azurecr.io/phonebill/api-gateway - newTag: staging-latest - - name: acrdigitalgarage01.azurecr.io/phonebill/user-service - newTag: staging-latest - - name: acrdigitalgarage01.azurecr.io/phonebill/bill-service - newTag: staging-latest - - name: acrdigitalgarage01.azurecr.io/phonebill/product-service - newTag: staging-latest - - name: acrdigitalgarage01.azurecr.io/phonebill/kos-mock - newTag: staging-latest diff --git a/deployment/cicd/kustomize/overlays/staging/secret-bill-service-patch.yaml b/deployment/cicd/kustomize/overlays/staging/secret-bill-service-patch.yaml deleted file mode 100644 index 4a5a7da..0000000 --- a/deployment/cicd/kustomize/overlays/staging/secret-bill-service-patch.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: secret-bill-service - -type: Opaque -stringData: - DB_HOST: "bill-inquiry-postgres-staging-postgresql" - DB_NAME: "bill_inquiry_db" - DB_USERNAME: "bill_inquiry_user" - DB_PASSWORD: "BillUser2025Staging!" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/staging/secret-common-patch.yaml b/deployment/cicd/kustomize/overlays/staging/secret-common-patch.yaml deleted file mode 100644 index bcf22fb..0000000 --- a/deployment/cicd/kustomize/overlays/staging/secret-common-patch.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: secret-common - -type: Opaque -stringData: - JWT_SECRET: "nwe5Yo9qaJ6FBD/Thl2/j6/SFAfNwUorAY1ZcWO2KI7uA4bmVLOCPxE9hYuUpRCOkgV2UF2DdHXtqHi3+BU/ecbz2zpHyf/720h48UbA3XOMYOX1sdM+dQ==" - REDIS_HOST: "redis-cache-staging-master" - REDIS_PASSWORD: "Redis2025Staging!" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/staging/secret-product-service-patch.yaml b/deployment/cicd/kustomize/overlays/staging/secret-product-service-patch.yaml deleted file mode 100644 index 0397162..0000000 --- a/deployment/cicd/kustomize/overlays/staging/secret-product-service-patch.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: secret-product-service - -type: Opaque -stringData: - DB_HOST: "product-change-postgres-staging-postgresql" - DB_NAME: "product_change_db" - DB_USERNAME: "product_change_user" - DB_PASSWORD: "ProductUser2025Staging!" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/staging/secret-user-service-patch.yaml b/deployment/cicd/kustomize/overlays/staging/secret-user-service-patch.yaml deleted file mode 100644 index b65f7c9..0000000 --- a/deployment/cicd/kustomize/overlays/staging/secret-user-service-patch.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: secret-user-service - -type: Opaque -stringData: - DB_HOST: "auth-postgres-staging-postgresql" - DB_NAME: "phonebill_auth" - DB_USERNAME: "auth_user" - DB_PASSWORD: "AuthUser2025Staging!" \ No newline at end of file diff --git a/deployment/cicd/scripts/deploy.sh b/deployment/cicd/scripts/deploy.sh deleted file mode 100755 index 057bacd..0000000 --- a/deployment/cicd/scripts/deploy.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -set -e - -ENVIRONMENT=${1:-dev} -IMAGE_TAG=${2:-latest} - -echo "🚀 Starting deployment for environment: $ENVIRONMENT with image tag: $IMAGE_TAG" - -# 환경별 이미지 태그 업데이트 -cd deployment/cicd/kustomize/overlays/${ENVIRONMENT} - -# 서비스 목록 (공백으로 구분) -services="api-gateway user-service bill-service product-service kos-mock" - -# 각 서비스 이미지 태그 업데이트 -for service in $services; do - echo "📦 Updating image tag for $service to ${ENVIRONMENT}-${IMAGE_TAG}" - kustomize edit set image acrdigitalgarage01.azurecr.io/phonebill/$service:${ENVIRONMENT}-${IMAGE_TAG} -done - -# 배포 실행 -echo "🔧 Applying manifests to Kubernetes cluster..." -kubectl apply -k . - -# 배포 상태 확인 -echo "⏳ Waiting for deployments to be ready..." -for service in $services; do - echo " Checking $service..." - kubectl rollout status deployment/$service -n phonebill-${ENVIRONMENT} --timeout=300s -done - -echo "✅ Deployment completed successfully!" -echo "🌐 Application endpoints:" -kubectl get ingress -n phonebill-${ENVIRONMENT} -o wide \ No newline at end of file diff --git a/deployment/cicd/scripts/validate-cicd-setup.sh b/deployment/cicd/scripts/validate-cicd-setup.sh deleted file mode 100755 index c8374c3..0000000 --- a/deployment/cicd/scripts/validate-cicd-setup.sh +++ /dev/null @@ -1,128 +0,0 @@ -#!/bin/bash -# Base 리소스 누락 검증 스크립트 (범용) - -echo "🔍 phonebill Base 리소스 누락 검증 시작..." - -BASE_DIR="deployment/cicd/kustomize/base" -MISSING_RESOURCES=0 -REQUIRED_FILES=("deployment.yaml" "service.yaml") -OPTIONAL_FILES=("cm-" "secret-") - -# 1. 각 서비스 디렉토리의 파일 확인 -echo "1. 서비스 디렉토리별 파일 목록:" -for dir in $BASE_DIR/*/; do - if [ -d "$dir" ] && [[ $(basename "$dir") != "common" ]]; then - service=$(basename "$dir") - echo "=== $service ===" - - # 필수 파일 확인 - for required in "${REQUIRED_FILES[@]}"; do - if [ -f "$dir$required" ]; then - echo " ✅ $required" - else - echo " ❌ MISSING REQUIRED: $required" - ((MISSING_RESOURCES++)) - fi - done - - # 선택적 파일 확인 - for optional in "${OPTIONAL_FILES[@]}"; do - files=($(ls "$dir"$optional*".yaml" 2>/dev/null)) - if [ ${#files[@]} -gt 0 ]; then - for file in "${files[@]}"; do - echo " ✅ $(basename "$file")" - done - fi - done - echo "" - fi -done - -# 2. Common 리소스 확인 -echo "2. Common 리소스 확인:" -COMMON_DIR="$BASE_DIR/common" -if [ -d "$COMMON_DIR" ]; then - common_files=($(ls "$COMMON_DIR"/*.yaml 2>/dev/null)) - if [ ${#common_files[@]} -gt 0 ]; then - for file in "${common_files[@]}"; do - echo " ✅ common/$(basename "$file")" - done - else - echo " ❌ Common 디렉토리에 YAML 파일이 없습니다" - ((MISSING_RESOURCES++)) - fi -else - echo " ❌ Common 디렉토리가 없습니다" - ((MISSING_RESOURCES++)) -fi - -# 3. kustomization.yaml과 실제 파일 비교 -echo "" -echo "3. kustomization.yaml 리소스 검증:" -if [ -f "$BASE_DIR/kustomization.yaml" ]; then - while IFS= read -r line; do - # resources 섹션의 YAML 파일 경로 추출 - if [[ $line =~ ^[[:space:]]*-[[:space:]]*([^#]+\.yaml)[[:space:]]*$ ]]; then - resource_path=$(echo "${BASH_REMATCH[1]}" | xargs) # 공백 제거 - full_path="$BASE_DIR/$resource_path" - if [ -f "$full_path" ]; then - echo " ✅ $resource_path" - else - echo " ❌ MISSING: $resource_path" - ((MISSING_RESOURCES++)) - fi - fi - done < "$BASE_DIR/kustomization.yaml" -else - echo " ❌ kustomization.yaml 파일이 없습니다" - ((MISSING_RESOURCES++)) -fi - -# 4. kubectl kustomize 검증 -echo "" -echo "4. Kustomize 빌드 테스트:" -if kubectl kustomize "$BASE_DIR" > /dev/null 2>&1; then - echo " ✅ Base kustomization 빌드 성공" -else - echo " ❌ Base kustomization 빌드 실패:" - kubectl kustomize "$BASE_DIR" 2>&1 | head -5 | sed 's/^/ /' - ((MISSING_RESOURCES++)) -fi - -# 5. 환경별 overlay 검증 -echo "" -echo "5. 환경별 Overlay 검증:" -for env in dev staging prod; do - overlay_dir="deployment/cicd/kustomize/overlays/$env" - if [ -d "$overlay_dir" ] && [ -f "$overlay_dir/kustomization.yaml" ]; then - if kubectl kustomize "$overlay_dir" > /dev/null 2>&1; then - echo " ✅ $env 환경 빌드 성공" - else - echo " ❌ $env 환경 빌드 실패" - ((MISSING_RESOURCES++)) - fi - else - echo " ⚠️ $env 환경 설정 없음 (선택사항)" - fi -done - -# 결과 출력 -echo "" -echo "======================================" -if [ $MISSING_RESOURCES -eq 0 ]; then - echo "🎯 검증 완료! 모든 리소스가 정상입니다." - echo "======================================" - exit 0 -else - echo "❌ $MISSING_RESOURCES개의 문제가 발견되었습니다." - echo "======================================" - echo "" - echo "💡 문제 해결 가이드:" - echo "1. 누락된 파일들을 base 디렉토리에 추가하세요" - echo "2. kustomization.yaml에서 존재하지 않는 파일 참조를 제거하세요" - echo "3. 파일명이 명명 규칙을 따르는지 확인하세요:" - echo " - ConfigMap: cm-{서비스명}.yaml" - echo " - Secret: secret-{서비스명}.yaml" - echo "4. 다시 검증: ./deployment/cicd/scripts/validate-cicd-setup.sh" - exit 1 -fi \ No newline at end of file