33-Auto · yangjiseonn · Oct 27, 2025 · Oct 9, 2025 · Oct 10, 2025 · Oct 10, 2025
diff --git a/.DS_Store → .github/.DS_Store b/.DS_Store → .github/.DS_Store
diff --git a/.github/workflows/.DS_Store b/.github/workflows/.DS_Store
diff --git a/.github/workflows/assign-issue-creator.yml b/.github/workflows/assign-issue-creator.yml
@@ -0,0 +1,14 @@
+# 각 레포지토리의 .github/workflows/assign-issue-creator.yml
+
+name: Assign issue creator
+
+on:
+  issues:
+    types: [opened]
+
+jobs:
+  call-reusable-workflow:
+    # @main 은 .github 레포지토리의 main 브랜치를 사용한다는 의미입니다. 버전을 위해 @v1과 같이 태그를 사용하는 것을 권장합니다.
+    uses: 33-Auto/.github/.github/workflows/reusable-assign-issue-creator.yml@main
+    # 이 워크플로우는 secrets를 전달할 필요가 없지만, 필요 시 아래와 같이 전달합니다.
+    # secrets: inherit
@@ -1,6 +1,8 @@
 # 각 레포지토리의 .github/workflows/assign-issue-creator.yml
 name: Assign issue creator
+permissions:
+  contents: read
 on:
  issues:
@@ -1,6 +1,8 @@
 # 각 레포지토리의 .github/workflows/assign-issue-creator.yml

 name: Assign issue creator
+permissions:
+  contents: read

 on:
  issues:
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -77,4 +77,26 @@ jobs:
           provenance: false
           tags: |
             ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG_VERSION }}
-            ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG_LATEST }}
+            ${{ steps.vars.outputs.IMAGE }}:${{ steps.vars.outputs.TAG_LATEST }}
+
+
+      # EC2 자동 배포
+      - name: Deploy to EC2 (Part)
+        uses: appleboy/ssh-action@master
+        with:
+          host: 3.38.218.173
+          username: ubuntu
+          key: ${{ secrets.SAMPOOM_KEY }}
+          script: |
+            echo "배포 시작..."
+            sudo docker login -u ${{ secrets.DOCKERHUB_USERNAME }} -p ${{ secrets.DOCKERHUB_PASSWORD }}
+            sudo docker pull hysungzzang/sampoom:part-latest
+            sudo docker stop part-service || true
+            sudo docker rm part-service || true
+            sudo docker run -d --name part-service -p 8080:8080 \
+              -e SPRING_APPLICATION_JSON='{"server":{"address":"0.0.0.0","port":8080}}' \
+              -e SPRING_DATASOURCE_URL=jdbc:postgresql://3.38.218.173:5432/mydb \
+              -e SPRING_DATASOURCE_USERNAME=myuser \
+              -e SPRING_DATASOURCE_PASSWORD=mypassword \
+              hysungzzang/sampoom:part-latest
+            echo "배포 완료!"
diff --git a/.github/workflows/close-issues-on-dev-merge.yml b/.github/workflows/close-issues-on-dev-merge.yml
@@ -0,0 +1,19 @@
+# 각 레포지토리의 .github/workflows/close-issues-on-dev-merge.yml
+
+name: Auto Close Issues on dev merge
+
+on:
+  pull_request:
+    types: [closed]
+
+jobs:
+  call-reusable-workflow:
+    if: >
+      github.event.pull_request.merged == true &&
+      github.event.pull_request.base.ref == 'dev'
+    uses: 33-Auto/.github/.github/workflows/reusable-close-linked-issues.yml@main
+    # with를 통해 재사용 워크플로우의 inputs에 값을 전달합니다.
+    with:
+      pr-body: ${{ github.event.pull_request.body }}
+      issue-number: ${{ github.event.pull_request.number }}
+    secrets: inherit # 재사용 워크플로우가 GITHUB_TOKEN을 사용할 수 있도록 전달
@@ -1,6 +1,9 @@
 # 각 레포지토리의 .github/workflows/close-issues-on-dev-merge.yml
 name: Auto Close Issues on dev merge
+permissions:
+  contents: read
+  issues: write
 on:
  pull_request:
@@ -1,6 +1,9 @@
 # 각 레포지토리의 .github/workflows/close-issues-on-dev-merge.yml

 name: Auto Close Issues on dev merge
+permissions:
+  contents: read
+  issues: write

 on:
  pull_request:
diff --git a/.github/workflows/pr-reminder.yml b/.github/workflows/pr-reminder.yml
@@ -1,13 +1,15 @@
-name: PR Reminder
+  name: PR Reminder
 
-on:
-  schedule:
-    - cron: "0 0,5,8 * * *" # 아침 9시, 오후 2시, 오후 5시에 실행 (UTC 기준으로 설정해서 한국 시간에 맞춤)
-  workflow_dispatch:
+  on:
+    schedule:
+      - cron: "47 23,4,7,8,10 * * *" # 아침 8시 47분, 오후 2시 47분, 오후 4시 47분, 오후 5시 47분, 오후 7시 47분 에 실행 (UTC 기준으로 설정해서 한국 시간에 맞춤)
+    workflow_dispatch:
 
-jobs:
-  call-reusable-reminder:
-    uses: 33-Auto/.github/.github/workflows/reusable-pr-reminder.yml@main
-    secrets:
-      # 해당 시크릿은 조직의 시크릿에 저장되어 있음
-      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+  jobs:
+    call-reusable-reminder:
+      uses: 33-Auto/.github/.github/workflows/reusable-pr-reminder.yml@main
+      secrets:
+        # 해당 시크릿은 조직의 시크릿에 저장되어 있음
+        SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+      with:
+        SLACK_USER_MAP: ${{ vars.SLACK_USER_MAP }}
@@ -1,4 +1,6 @@
  name: PR Reminder
+  permissions:
+    contents: read
  on:
    schedule:
@@ -1,4 +1,6 @@
  name: PR Reminder
+  permissions:
+    contents: read

  on:
    schedule:
diff --git a/.github/workflows/request-pr-review.yml b/.github/workflows/request-pr-review.yml
@@ -0,0 +1,17 @@
+# 각 레포지토리의 .github/workflows/request-pr-review.yml
+
+name: PR Assignee & Team Review Request
+
+on:
+  pull_request:
+    types: [opened, reopened, ready_for_review]
+
+jobs:
+  call-reusable-workflow:
+    uses: 33-Auto/.github/.github/workflows/reusable-pr-assign-and-review.yml@main
+    with:
+      team-slug-for-review: "review_avengers" # 여기에 리뷰를 요청할 팀의 slug를 입력합니다.
+      pr-author: ${{ github.event.pull_request.user.login }}
+      pr-number: ${{ github.event.pull_request.number }}
+    secrets:
+      ORGANIZATION_TOKEN: ${{ secrets.ORGANIZATION_TOKEN }} # 재사용 워크플로우가 ORGANIZATION_TOKEN을 사용할 수 있도록 전달
@@ -2,6 +2,10 @@
 name: PR Assignee & Team Review Request
+permissions:
+  contents: read
+  pull-requests: write
+
 on:
  pull_request:
    types: [opened, reopened, ready_for_review]
@@ -2,6 +2,10 @@

 name: PR Assignee & Team Review Request

+permissions:
+  contents: read
+  pull-requests: write
+
 on:
  pull_request:
    types: [opened, reopened, ready_for_review]
diff --git a/.github/workflows/trigger_infra.yml b/.github/workflows/trigger_infra.yml
@@ -0,0 +1,20 @@
+name: Trigger Infra CD
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  trigger-infra:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Trigger infra repo deploy workflow
+        uses: peter-evans/repository-dispatch@v3
+        with:
+          token: ${{ secrets.ORGANIZATION_TOKEN }}
+          # [중요] 아래 repository 값은 모든 앱이 공유하는 '중앙 인프라 리포지토리' 주소이다.
+          repository: 33-Auto/Sampoom-Management-Infra
+          event-type: deploy
+          # 'Sampoom-Management-Backend-Part'은 스크립트가 동적으로 치환할 자리표시자(placeholder)이다.
+          client-payload: '{"service":"Sampoom-Management-Backend-Part","branch":"main"}'
@@ -1,4 +1,5 @@
 name: Trigger Infra CD
+permissions: {}
 on:
  push:
@@ -1,4 +1,5 @@
 name: Trigger Infra CD
+permissions: {}

 on:
  push: