2025-11-30 home

2025-12-27 19:07:28 +00:00 · 2025-11-30 22:36:40 +09:00 · 2025-11-30 22:36:40 +09:00 · 36351a0106
commit 36351a0106
parent b76c0b6671
2 changed files with 101 additions and 3 deletions
--- a/.github/workflows/ci-petclinic.yml
+++ b/.github/workflows/ci-petclinic.yml
@ -0,0 +1,98 @@
+name: CI - Petclinic EKS
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+
+# 공통 ENV (필요에 따라 GitHub Variables 대신 여기서 관리 가능)
+env:
+  AWS_REGION: ${{ vars.AWS_REGION || 'ap-northeast-2' }}
+  ECR_REPOSITORY: ${{ vars.ECR_REPOSITORY || 'eks/petclinic' }}
+
+jobs:
+  # 1) Maven 빌드 + 테스트
+  build-test:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up JDK
+        uses: actions/setup-java@v4
+        with:
+          distribution: 'temurin'
+          java-version: '21'
+          cache: 'maven'
+
+      - name: Maven build & test
+        run: |
+          if [ -x "./mvnw" ]; then
+            ./mvnw -B clean test package
+          else
+            mvn -B clean test package
+          fi
+
+      - name: Archive built JAR (optional)
+        uses: actions/upload-artifact@v4
+        with:
+          name: petclinic-jar
+          path: target/*.jar
+
+  # 2) Docker 이미지 빌드 + ECR Push
+  build-and-push-image:
+    needs: build-test
+    runs-on: ubuntu-latest
+
+    # GitHub OIDC로 AWS Role Assume 하려면 필수
+    permissions:
+      id-token: write
+      contents: read
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Configure AWS credentials (OIDC / Assume Role)
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
+          aws-region: ${{ env.AWS_REGION }}
+
+      - name: Login to Amazon ECR
+        id: ecr-login
+        uses: aws-actions/amazon-ecr-login@v2
+
+      - name: Set image tag
+        id: vars
+        run: |
+          SHORT_SHA=${GITHUB_SHA::7}
+          echo "IMAGE_TAG=${SHORT_SHA}" >> $GITHUB_ENV
+          echo "IMAGE_TAG=${SHORT_SHA}"
+
+      - name: Build Docker image
+        run: |
+          ECR_REGISTRY=${{ steps.ecr-login.outputs.registry }}
+          IMAGE_URI="$ECR_REGISTRY/${{ env.ECR_REPOSITORY }}:${IMAGE_TAG}"
+
+          echo "Building image: $IMAGE_URI"
+          # Dockerfile이 repo 루트에 있다고 가정, 위치 다르면 -f 경로 지정
+          docker build -t "$IMAGE_URI" .
+
+      - name: Push Docker image
+        run: |
+          ECR_REGISTRY=${{ steps.ecr-login.outputs.registry }}
+          IMAGE_URI="$ECR_REGISTRY/${{ env.ECR_REPOSITORY }}:${IMAGE_TAG}"
+
+          docker push "$IMAGE_URI"
+
+      - name: Tag image as latest (only on main)
+        if: github.ref == 'refs/heads/main'
+        run: |
+          ECR_REGISTRY=${{ steps.ecr-login.outputs.registry }}
+          IMAGE_BASE="$ECR_REGISTRY/${{ env.ECR_REPOSITORY }}"
+
+          docker tag "${IMAGE_BASE}:${IMAGE_TAG}" "${IMAGE_BASE}:latest"
+          docker push "${IMAGE_BASE}:latest"
--- a/pom.xml
+++ b/pom.xml
@ -18,8 +18,8 @@
  <properties>

    <!-- Generic properties -->
-    <java.version>25</java.version>
-    <maven.compiler.release>17</maven.compiler.release>
+    <java.version>21</java.version>
+    <maven.compiler.release>21</maven.compiler.release>
    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
    <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
    <!-- Important for reproducible builds. Update using e.g. ./mvnw versions:set -DnewVersion=... -->
@ -31,7 +31,7 @@
    <webjars-font-awesome.version>4.7.0</webjars-font-awesome.version>

    <checkstyle.version>11.1.0</checkstyle.version>
-    <error-prone.version>2.42.0</error-prone.version>
+    <error-prone.version>2.45.0</error-prone.version>
    <jacoco.version>0.8.13</jacoco.version>
    <libsass.version>0.3.4</libsass.version>
    <lifecycle-mapping>1.0.0</lifecycle-mapping>