Skip to content

[RELEASE-20251127] #192

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
alsgud8311 merged 26 commits into from
Nov 27, 2025
Merged

[RELEASE-20251127] #192

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
26 commits
Select commit Hold shift + click to select a range
b50967a
fix : meta tag pathname 누락된 resume 부분 추가
alsgud8311 Nov 24, 2025
684a74f
fix : 클라이언트 dev 서버 self-hosted 방식으로 변경 및 actions 설정
alsgud8311 Nov 24, 2025
e2cad6e
fix : 서버 이관에 따른 runner tag 변경
alsgud8311 Nov 25, 2025
85de284
chore : gitignore에 sitemap과 Robots 설정 추가
alsgud8311 Nov 25, 2025
2809924
fix : cd 명령어 일부 수정
alsgud8311 Nov 25, 2025
6c67707
fix : dev 인스턴스 통일로 인한 nginx 웹서버 제거
alsgud8311 Nov 25, 2025
41fbede
fix : 서버 설정 변경으로 인한 Nginx 설정 및 compose 설정 변경
alsgud8311 Nov 25, 2025
1f62c2a
fix : dev compose network 설정
alsgud8311 Nov 25, 2025
f12f043
fix : nginx 지정 파일 변경
alsgud8311 Nov 25, 2025
14a4085
fix : docker compose 전 디스크 정리
alsgud8311 Nov 25, 2025
f49c77a
fix : 클라이언트 배포 수정
alsgud8311 Nov 26, 2025
8c8c51a
fix : gitignore 수정
alsgud8311 Nov 26, 2025
deca764
fix : Dockerfile yarn 버전 포함하도록 수정
alsgud8311 Nov 26, 2025
a96431d
fix : actions 일부 수정
alsgud8311 Nov 26, 2025
4508338
fix : 환경변수 참조 수정
alsgud8311 Nov 26, 2025
3b8732d
fix : 패키지 매니저 설정 커맨드 추가
alsgud8311 Nov 26, 2025
5ba9a2d
fix : 러너 node 버전 변경
alsgud8311 Nov 26, 2025
8a4e9ac
fix : dockerfile 이미지 빌드 과정 추가
alsgud8311 Nov 26, 2025
44f8e8b
fix : prod 환경 배포 수정
alsgud8311 Nov 26, 2025
6d7f6c4
fix : nginx 설정 라우트 경로 컨테이너명으로 변경
alsgud8311 Nov 26, 2025
ce22130
refactor : docker compose 파일 중복 라벨로 인한 의도치 않은 컨테이너 종료를 방지하기 위해 디렉토리 정리
alsgud8311 Nov 26, 2025
63a3a94
fix : Dockerfile 경로 변경
alsgud8311 Nov 26, 2025
925a094
fix : actions에 checkout 추가
alsgud8311 Nov 26, 2025
1087614
fix : docker 경로 수정
alsgud8311 Nov 26, 2025
3f3efaf
fix : 클라이언트 prod 환경 nginx 설정 변경
alsgud8311 Nov 27, 2025
a59ab62
fix : cloudfront 이전한 서브도메인 추가
alsgud8311 Nov 27, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
129 changes: 108 additions & 21 deletions .github/workflows/deploy-dev.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,34 +5,121 @@ on:
branches: [development]

jobs:
deploy:
name: Deploy to EC2
build-and-push:
name: Build and Push to Docker Hub
runs-on: ubuntu-latest

steps:
- name: Checkout source code
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Docker metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ${{secrets.DOCKER_USERNAME}}/kokomen-client
tags: |
type=raw,value=latest
type=raw,value=development

- name: Build and push
uses: docker/build-push-action@v5
with:
context: .
push: true
file: ./apps/client/Dockerfile
tags: ${{ steps.meta.outputs.tags }}
cache-from: type=registry,ref=${{ secrets.DOCKER_USERNAME }}/kokomen-client:buildcache
cache-to: type=registry,ref=${{ secrets.DOCKER_USERNAME }}/kokomen-client:buildcache,mode=max
build-args: |
NEXT_PUBLIC_POSTHOG_KEY=${{ secrets.NEXT_PUBLIC_POSTHOG_KEY }}
NEXT_PUBLIC_POSTHOG_HOST=${{ secrets.NEXT_PUBLIC_POSTHOG_HOST }}
SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }}
NEXT_PUBLIC_CDN_BASE_URL=${{ secrets.DEV_CDN_BASE_URL }}
NEXT_PUBLIC_GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID_DEV }}
NODE_ENV=production
NEXT_PUBLIC_BASE_URL=https://dev.kokomen.kr
NEXT_PUBLIC_API_BASE_URL=https://api-dev.kokomen.kr/api/v1
NEXT_PUBLIC_V2_API_BASE_URL=https://api-dev.kokomen.kr/api/v2
NEXT_PUBLIC_NOTIFICATION_API_BASE_URL=https://notification-api-dev.kokomen.kr/api/v1
NEXT_PUBLIC_V3_API_BASE_URL=https://api-dev.kokomen.kr/api/v3
NEXT_PUBLIC_GRAPHQL_URL=https://api-dev.kokomen.kr/api/v3/graphql
- name: Build summary
run: |
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
echo "✅ Docker image built and pushed successfully!"
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
echo ""
echo "🏷️ Tags:"
echo "${{ steps.meta.outputs.tags }}" | tr ',' '\n'
echo ""
echo "📦 Image: ${{ secrets.DOCKER_USERNAME }}/kokomen-client"
echo "🔀 Branch: ${{ github.ref_name }}"
echo "📝 Commit: ${{ github.sha }}"
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"

- name: Decode EC2 private key
deploy-to-ec2:
name: Deploy to EC2
needs: build-and-push
runs-on: [self-hosted, org, dev, new]
steps:
- name: Checkout source code
uses: actions/checkout@v4
- name: create .env file
run: |
echo "NEXT_PUBLIC_POSTHOG_KEY=${{ secrets.NEXT_PUBLIC_POSTHOG_KEY }}" > .env
echo "NEXT_PUBLIC_POSTHOG_HOST=${{ secrets.NEXT_PUBLIC_POSTHOG_HOST }}" >> .env
echo "SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }}" >> .env
echo "NEXT_PUBLIC_CDN_BASE_URL=${{ secrets.DEV_CDN_BASE_URL }}" >> .env
echo "NEXT_PUBLIC_GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID_DEV }}" >> .env
echo "NODE_ENV=production" >> .env
echo "NEXT_PUBLIC_BASE_URL=https://dev.kokomen.kr" >> .env
echo "NEXT_PUBLIC_API_BASE_URL=https://api-dev.kokomen.kr/api/v1" >> .env
echo "NEXT_PUBLIC_V2_API_BASE_URL=https://api-dev.kokomen.kr/api/v2" >> .env
echo "NEXT_PUBLIC_NOTIFICATION_API_BASE_URL=https://notification-api-dev.kokomen.kr/api/v1" >> .env
echo "NEXT_PUBLIC_V3_API_BASE_URL=https://api-dev.kokomen.kr/api/v3" >> .env
echo "NEXT_PUBLIC_GRAPHQL_URL=https://api-dev.kokomen.kr/api/v3/graphql" >> .env

# Security: Restrict .env permissions (readable only by owner)
chmod 600 .env

echo "✅ .env file created with secure permissions (600)"

- name: login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}

- name: Pull Docker image
run: |
docker pull ${{ secrets.DOCKER_USERNAME }}/kokomen-client:development
echo "✅ Docker image pulled successfully!"
- name: Stop and remove existing container
run: |
echo "Stopping existing containers..."
docker stop kokomen-client || true
docker rm kokomen-client || true
echo "✅ Old container removed"
continue-on-error: true
- name: Clean up previous stack
run: |
echo "${{ secrets.EC2_SSH_KEY }}" | base64 --decode > private_key.pem
chmod 600 private_key.pem
docker compose --env-file .env -f ./docker/client/compose.dev.yaml down --remove-orphans || true
docker system prune -af --volumes || true

- name: Copy project to EC2
- name: Run Docker Compose
run: |
rsync -az --delete -e "ssh -i private_key.pem -o StrictHostKeyChecking=no" ./ ${{ secrets.EC2_USER }}@${{ secrets.EC2_HOST }}:/home/${{ secrets.EC2_USER }}/kokomen
docker compose --env-file .env -f ./docker/client/compose.dev.yaml up -d --pull always
env:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}

- name: Run Docker Compose on EC2
- name: Deployment summary
run: |
ssh -i private_key.pem -o StrictHostKeyChecking=no ${{ secrets.EC2_USER }}@${{ secrets.EC2_HOST }} << EOF
export NEXT_PUBLIC_POSTHOG_KEY=${{ secrets.NEXT_PUBLIC_POSTHOG_KEY }}
export NEXT_PUBLIC_POSTHOG_HOST=${{ secrets.NEXT_PUBLIC_POSTHOG_HOST }}
export SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }}
export DEV_CDN_BASE_URL=${{ secrets.DEV_CDN_BASE_URL }}
export GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID_DEV }}

cd kokomen
docker system prune -f
docker compose -f compose.dev.yaml down || true
docker compose -f compose.dev.yaml up -d --build
EOF
echo "🚀 Deployment completed"
docker compose --env-file .env -f ./docker/client/compose.dev.yaml ps
10 changes: 5 additions & 5 deletions .github/workflows/deploy-nest-dev.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ on:
jobs:
build-and-deploy:
name: Build and Deploy to EC2
runs-on: [self-hosted, nest-dev]
runs-on: [self-hosted, org, dev, new]

steps:
- name: Checkout source code
Expand All @@ -32,8 +32,8 @@ jobs:
run: |
cd /home/ubuntu
sudo chmod 666 /var/run/docker.sock
cd /home/ubuntu/actions-runner/_work/kokomen-client/kokomen-client
cd /home/ubuntu/org-dev-runner/_work/kokomen-client/kokomen-client
yarn types:build
docker system prune -f
docker compose -f ./compose.server.dev.yaml down || true
docker compose -f ./compose.server.dev.yaml up -d --build
docker system prune -a
docker compose -f ./docker/server/compose.dev.yaml down || true
docker compose -f ./docker/server/compose.dev.yaml up -d --build
4 changes: 2 additions & 2 deletions .github/workflows/deploy-nest-prod.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,5 +39,5 @@ jobs:
cd /home/ubuntu/actions-runner/_work/kokomen-client/kokomen-client
yarn types:build
docker system prune -f
docker compose -f ./compose.server.prod.yaml down || true
docker compose -f ./compose.server.prod.yaml up -d --build
docker compose -f ./docker/server/compose.prod.yaml down || true
docker compose -f ./docker/server/compose.prod.yaml up -d --build
129 changes: 110 additions & 19 deletions .github/workflows/deploy.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,34 +1,125 @@
name: Deployment (Prod)
name: Deployment (Dev)

on:
push:
branches: [main]


jobs:
deploy:
name: Deploy to EC2
runs-on: [self-hosted, client-prod-a]
build-and-push:
name: Build and Push to Docker Hub
runs-on: ubuntu-latest

steps:
- name: Checkout source code
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Docker metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ${{secrets.DOCKER_USERNAME}}/kokomen-client-prod
tags: |
type=raw,value=latest
type=raw,value=production

- name: Build and push
uses: docker/build-push-action@v5
with:
context: .
push: true
file: ./apps/client/Dockerfile
tags: ${{ steps.meta.outputs.tags }}
cache-from: type=registry,ref=${{ secrets.DOCKER_USERNAME }}/kokomen-client-prod:buildcache
cache-to: type=registry,ref=${{ secrets.DOCKER_USERNAME }}/kokomen-client-prod:buildcache,mode=max
build-args: |
NEXT_PUBLIC_POSTHOG_KEY=${{ secrets.NEXT_PUBLIC_POSTHOG_KEY }}
NEXT_PUBLIC_POSTHOG_HOST=${{ secrets.NEXT_PUBLIC_POSTHOG_HOST }}
SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }}
NEXT_PUBLIC_CDN_BASE_URL=${{ secrets.PROD_CDN_BASE_URL }}
NEXT_PUBLIC_GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID_PROD }}
NODE_ENV=production
NEXT_PUBLIC_BASE_URL=https://kokomen.kr
NEXT_PUBLIC_API_BASE_URL=https://api.kokomen.kr/api/v1
NEXT_PUBLIC_V2_API_BASE_URL=https://api.kokomen.kr/api/v2
NEXT_PUBLIC_NOTIFICATION_API_BASE_URL=https://notification-api.kokomen.kr/api/v1
NEXT_PUBLIC_V3_API_BASE_URL=https://api.kokomen.kr/api/v3
NEXT_PUBLIC_GRAPHQL_URL=https://api.kokomen.kr/api/v3/graphql
- name: Build summary
run: |
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
echo "✅ Docker image built and pushed successfully!"
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
echo ""
echo "🏷️ Tags:"
echo "${{ steps.meta.outputs.tags }}" | tr ',' '\n'
echo ""
echo "📦 Image: ${{ secrets.DOCKER_USERNAME }}/kokomen-client-prod"
echo "🔀 Branch: ${{ github.ref_name }}"
echo "📝 Commit: ${{ github.sha }}"
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"

deploy-to-ec2:
name: Deploy to EC2
needs: build-and-push
runs-on: [self-hosted, client-prod]
steps:
- name: Checkout source code
uses: actions/checkout@v3
- name: install dependencies
uses: actions/checkout@v4
- name: create .env file
run: |
corepack enable
yarn set version berry
yarn install
echo "NEXT_PUBLIC_POSTHOG_KEY=${{ secrets.NEXT_PUBLIC_POSTHOG_KEY }}" > .env
echo "NEXT_PUBLIC_POSTHOG_HOST=${{ secrets.NEXT_PUBLIC_POSTHOG_HOST }}" >> .env
echo "SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }}" >> .env
echo "NEXT_PUBLIC_CDN_BASE_URL=${{ secrets.PROD_CDN_BASE_URL }}" >> .env
echo "NEXT_PUBLIC_GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID_PROD }}" >> .env
echo "NODE_ENV=production" >> .env
echo "NEXT_PUBLIC_BASE_URL=https://kokomen.kr" >> .env
echo "NEXT_PUBLIC_API_BASE_URL=https://api.kokomen.kr/api/v1" >> .env
echo "NEXT_PUBLIC_V2_API_BASE_URL=https://api.kokomen.kr/api/v2" >> .env
echo "NEXT_PUBLIC_NOTIFICATION_API_BASE_URL=https://notification-api.kokomen.kr/api/v1" >> .env
echo "NEXT_PUBLIC_V3_API_BASE_URL=https://api.kokomen.kr/api/v3" >> .env
echo "NEXT_PUBLIC_GRAPHQL_URL=https://api.kokomen.kr/api/v3/graphql" >> .env

# Security: Restrict .env permissions (readable only by owner)
chmod 600 .env

echo "✅ .env file created with secure permissions (600)"

- name: login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}

- name: Pull Docker image
run: |
docker pull ${{ secrets.DOCKER_USERNAME }}/kokomen-client-prod:production
echo "✅ Docker image pulled successfully!"
- name: Stop and remove existing container
run: |
echo "Stopping existing containers..."
docker stop kokomen-client || true
docker rm kokomen-client || true
echo "✅ Old container removed"
continue-on-error: true
- name: Clean up previous stack
run: |
docker compose --env-file .env -f ./docker/client/compose.yaml down --remove-orphans || true
docker system prune -af --volumes || true

- name: Run Docker Compose
run: |
docker compose --env-file .env -f ./docker/client/compose.yaml up -d --pull always
env:
NEXT_PUBLIC_POSTHOG_KEY: ${{ secrets.NEXT_PUBLIC_POSTHOG_KEY }}
NEXT_PUBLIC_POSTHOG_HOST: ${{ secrets.NEXT_PUBLIC_POSTHOG_HOST }}
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
PROD_CDN_BASE_URL: ${{ secrets.PROD_CDN_BASE_URL }}
GOOGLE_CLIENT_ID: ${{ secrets.GOOGLE_CLIENT_ID_PROD }}
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}

- name: Deployment summary
run: |
yarn types:build
docker system prune -f
docker compose -f compose.yaml down || true
docker compose -f compose.yaml up -d --build
echo "🚀 Deployment completed"
docker compose --env-file .env -f ./docker/client/compose.yaml ps
1 change: 0 additions & 1 deletion .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
.pnp.*
.yarn/*
!.yarn/patches
!.yarn/plugins
Expand Down
Loading
Loading