From f1b36333973fe948c3c579ebd4e81aff610588e3 Mon Sep 17 00:00:00 2001 From: vanillaturtlechips <2220110150@office.kopo.ac.kr> Date: Sun, 9 Nov 2025 10:42:31 +0900 Subject: [PATCH 01/11] Feat:Upload Trivy and Semgrep SARIF reports to S3 --- .github/workflows/ci-cd.yml | 13 +--- .../presentation/controller/FeController.java | 2 +- fe/src/main/resources/templates/security.html | 75 +++++++++++++++++++ 3 files changed, 79 insertions(+), 11 deletions(-) create mode 100644 fe/src/main/resources/templates/security.html diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index 6dcba84..d276be9 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -256,7 +256,7 @@ jobs: echo "๐Ÿ”„ Pulling latest code..." git fetch origin - git reset --hard $GITHUB_SHA + git reset --hard origin/main # ์Šค์™‘ ์ฒดํฌ (๊ฐ„์†Œํ™”) if ! sudo swapon --show | grep -q "/swapfile" && [ ! -f /swapfile ]; then @@ -287,15 +287,8 @@ jobs: done wait - echo "๐Ÿ›‘ Stopping and removing old services..." - docker-compose stop $SERVICES || true - docker-compose rm -f $SERVICES || true - - echo "๐Ÿš€ Creating new services..." - docker-compose up -d --no-deps $SERVICES - - echo "๐Ÿ“Š Ensuring monitoring services are running..." - docker-compose up -d prometheus grafana + echo "๐Ÿ”„ Recreating services..." + docker-compose up -d --no-deps --force-recreate $SERVICES echo "โณ Waiting 15s..." sleep 15 diff --git a/fe/src/main/java/softbank/hackathon/fe/presentation/controller/FeController.java b/fe/src/main/java/softbank/hackathon/fe/presentation/controller/FeController.java index d72ae32..f32a0a1 100644 --- a/fe/src/main/java/softbank/hackathon/fe/presentation/controller/FeController.java +++ b/fe/src/main/java/softbank/hackathon/fe/presentation/controller/FeController.java @@ -54,4 +54,4 @@ public String products(Model model) { model.addAttribute("title", "Raspberry - ์ œํ’ˆ"); return "products"; } -} +} \ No newline at end of file diff --git a/fe/src/main/resources/templates/security.html b/fe/src/main/resources/templates/security.html new file mode 100644 index 0000000..ee6a4fb --- /dev/null +++ b/fe/src/main/resources/templates/security.html @@ -0,0 +1,75 @@ + + + + + ๋ณด์•ˆ ๋ฆฌํฌํŠธ + + + + + + + + +
+

๋ณด์•ˆ ๋ถ„์„ ๋ฆฌํฌํŠธ

+

์ปค๋ฐ‹:

+

← ํ™ˆ์œผ๋กœ ๋Œ์•„๊ฐ€๊ธฐ

+
+ +
+

๋ณด์•ˆ ๋ฆฌํฌํŠธ๋ฅผ ๋ถˆ๋Ÿฌ์˜ค๋Š” ์ค‘...

+
+ + + + \ No newline at end of file From f6d026cced9752f80d474124fb493aceda0e0836 Mon Sep 17 00:00:00 2001 From: vanillaturtlechips <2220110150@office.kopo.ac.kr> Date: Sun, 9 Nov 2025 10:53:24 +0900 Subject: [PATCH 02/11] fix:ci-cd.yml file --- .github/workflows/ci-cd.yml | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index d276be9..6c654e9 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -217,7 +217,7 @@ jobs: name: Deploy to EC2 needs: [build-jars, docker-build-scan-push] runs-on: ubuntu-latest - if: (github.ref == 'refs/heads/main' || github.event_name == 'workflow_dispatch') && needs.build-jars.outputs.has-changes == 'true' + if: (github.ref == 'refs/heads/main' || github.event_name == 'workflow_dispatch' || startsWith(github.ref, 'refs/heads/feat/')) && needs.build-jars.outputs.has-changes == 'true' # โฌ…๏ธ ํ…Œ์ŠคํŠธ๋ฅผ ์œ„ํ•ด feat/ ๋ธŒ๋žœ์น˜๋„ ํ—ˆ์šฉ (์„ ํƒ ์‚ฌํ•ญ) steps: - name: Checkout repository uses: actions/checkout@v4 @@ -256,7 +256,7 @@ jobs: echo "๐Ÿ”„ Pulling latest code..." git fetch origin - git reset --hard origin/main + git reset --hard $GITHUB_SHA # โฌ…๏ธ 1. 'origin/main'์ด ์•„๋‹Œ ํ˜„์žฌ ์ปค๋ฐ‹(SHA)์„ ์ฒดํฌ์•„์›ƒํ•˜๋„๋ก ์ˆ˜์ • # ์Šค์™‘ ์ฒดํฌ (๊ฐ„์†Œํ™”) if ! sudo swapon --show | grep -q "/swapfile" && [ ! -f /swapfile ]; then @@ -287,8 +287,15 @@ jobs: done wait - echo "๐Ÿ”„ Recreating services..." - docker-compose up -d --no-deps --force-recreate $SERVICES + echo "๐Ÿ›‘ Stopping and removing old services..." # โฌ…๏ธ 2. ๊ธฐ์กด ์ปจํ…Œ์ด๋„ˆ ์ค‘์ง€ + docker-compose stop $SERVICES || true # โฌ…๏ธ 3. ๊ธฐ์กด ์ปจํ…Œ์ด๋„ˆ ์‚ญ์ œ + docker-compose rm -f $SERVICES || true # โฌ…๏ธ 4. + + echo "๐Ÿš€ Creating new services..." # โฌ…๏ธ 5. ์ƒˆ ์ปจํ…Œ์ด๋„ˆ ์ƒ์„ฑ + docker-compose up -d --no-deps $SERVICES # โฌ…๏ธ 6. --force-recreate ํ”Œ๋ž˜๊ทธ ์ œ๊ฑฐ + + echo "๐Ÿ“Š Ensuring monitoring services are running..." # โฌ…๏ธ 7. ๋ชจ๋‹ˆํ„ฐ๋ง ์„œ๋น„์Šค ์‹คํ–‰ + docker-compose up -d prometheus grafana # โฌ…๏ธ 8. echo "โณ Waiting 15s..." sleep 15 @@ -307,7 +314,7 @@ jobs: --parameters "commands=[\"echo $ENCODED_SCRIPT | base64 -d > /tmp/deploy.sh && chmod +x /tmp/deploy.sh && DOCKERHUB_PASSWORD='${{ secrets.DOCKERHUB_PASSWORD }}' DOCKERHUB_USERNAME='${{ secrets.DOCKERHUB_USERNAME }}' GITHUB_SHA='${{ github.sha }}' CHANGED_SERVICES='$SERVICES' bash /tmp/deploy.sh\"]" \ --timeout-seconds 300 \ --output text \ - --query 'Command.CommandId') + --query 'Command.Id') echo "command_id=$COMMAND_ID" >> $GITHUB_OUTPUT echo "โœ… SSM Command ID: $COMMAND_ID" @@ -376,7 +383,7 @@ jobs: --parameters "commands=[\"echo $ENCODED_SCRIPT | base64 -d | bash\"]" \ --timeout-seconds 120 \ --output text \ - --query 'Command.CommandId') + --query 'Command.Id') sleep 8 From c28f8fa40b66851b0b4f31ebaac02968e50393d4 Mon Sep 17 00:00:00 2001 From: vanillaturtlechips <2220110150@office.kopo.ac.kr> Date: Sun, 9 Nov 2025 11:03:52 +0900 Subject: [PATCH 03/11] fix:VERIFY_CMD query --- .github/workflows/ci-cd.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index 6c654e9..b9572f6 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -383,7 +383,7 @@ jobs: --parameters "commands=[\"echo $ENCODED_SCRIPT | base64 -d | bash\"]" \ --timeout-seconds 120 \ --output text \ - --query 'Command.Id') + --query 'Command.CommandId') sleep 8 From bfbda45a89cb8d8579802968122b0173080293c8 Mon Sep 17 00:00:00 2001 From: vanillaturtlechips <2220110150@office.kopo.ac.kr> Date: Sun, 9 Nov 2025 11:16:57 +0900 Subject: [PATCH 04/11] fix:trivy-scan --- .github/workflows/ci-cd.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index b9572f6..01b6330 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -196,7 +196,7 @@ jobs: # Trivy ์Šค์บ” (๋ฐฑ๊ทธ๋ผ์šด๋“œ, ๋ธ”๋กœํ‚น ์—†์Œ) - name: Run Trivy scan uses: aquasecurity/trivy-action@master - continue-on-error: true + continue-on-error: false with: image-ref: ${{ env.DOCKER_REGISTRY }}/${{ matrix.service }}:${{ env.IMAGE_TAG }} format: 'sarif' From 3d67c23365952b9c0a29ff340b6572f263a6a59c Mon Sep 17 00:00:00 2001 From: vanillaturtlechips <2220110150@office.kopo.ac.kr> Date: Sun, 9 Nov 2025 11:24:42 +0900 Subject: [PATCH 05/11] fix:feat-git-sha-cache --- .github/workflows/ci-cd.yml | 45 ++++++++++++++++++++++--------------- 1 file changed, 27 insertions(+), 18 deletions(-) diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index 01b6330..76d4d06 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -15,7 +15,6 @@ env: IMAGE_TAG: ${{ github.sha }} jobs: - # ๋ณ€๊ฒฝ๋œ ์„œ๋น„์Šค ๊ฐ์ง€ + ๋นŒ๋“œ๋ฅผ ํ•œ ๋ฒˆ์— build-jars: name: Build All JARs runs-on: ubuntu-latest @@ -141,7 +140,6 @@ jobs: user/build/libs/*.jar retention-days: 1 - # 5๊ฐœ ์„œ๋น„์Šค ์™„์ „ ๋ณ‘๋ ฌ ๋นŒ๋“œ docker-build-scan-push: name: Docker Build & Push needs: build-jars @@ -170,11 +168,10 @@ jobs: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_PASSWORD }} - # ์ตœ์ ํ™”๋œ Dockerfile ์‚ฌ์šฉ (JAR ํŒŒ์ผ ์ง์ ‘ ๋ณต์‚ฌ) - name: Create optimized Dockerfile run: | cat > ${{ matrix.service }}/Dockerfile.fast << 'EOF' - FROM eclipse-temurin:17-jre-focal + FROM ghcr.io/eclipse-temurin/jre:17-focal WORKDIR /app COPY ${{ matrix.service }}/build/libs/*.jar app.jar EXPOSE 8080 @@ -190,10 +187,13 @@ jobs: tags: | ${{ env.DOCKER_REGISTRY }}/${{ matrix.service }}:${{ env.IMAGE_TAG }} ${{ env.DOCKER_REGISTRY }}/${{ matrix.service }}:latest - cache-from: type=registry,ref=${{ env.DOCKER_REGISTRY }}/${{ matrix.service }}:buildcache - cache-to: type=registry,ref=${{ env.DOCKER_REGISTRY }}/${{ matrix.service }}:buildcache,mode=max + cache-from: | + type=registry,ref=${{ env.DOCKER_REGISTRY }}/${{ matrix.service }}:buildcache + type=gha + cache-to: | + type=registry,ref=${{ env.DOCKER_REGISTRY }}/${{ matrix.service }}:buildcache,mode=max + type=gha,mode=max - # Trivy ์Šค์บ” (๋ฐฑ๊ทธ๋ผ์šด๋“œ, ๋ธ”๋กœํ‚น ์—†์Œ) - name: Run Trivy scan uses: aquasecurity/trivy-action@master continue-on-error: false @@ -212,12 +212,20 @@ jobs: sarif_file: 'trivy-results-${{ matrix.service }}.sarif' category: 'trivy-${{ matrix.service }}' - # ๋ฐฐํฌ + - name: Upload Trivy results to S3 + if: always() + run: | + aws s3 cp ./trivy-results-${{ matrix.service }}.sarif s3://kwa06001-sarif-reports/sarif/${{ env.IMAGE_TAG }}/trivy-${{ matrix.service }}.sarif + env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + AWS_REGION: ${{ secrets.AWS_REGION }} + deploy-to-ec2: name: Deploy to EC2 needs: [build-jars, docker-build-scan-push] runs-on: ubuntu-latest - if: (github.ref == 'refs/heads/main' || github.event_name == 'workflow_dispatch' || startsWith(github.ref, 'refs/heads/feat/')) && needs.build-jars.outputs.has-changes == 'true' # โฌ…๏ธ ํ…Œ์ŠคํŠธ๋ฅผ ์œ„ํ•ด feat/ ๋ธŒ๋žœ์น˜๋„ ํ—ˆ์šฉ (์„ ํƒ ์‚ฌํ•ญ) + if: (github.ref == 'refs/heads/main' || github.event_name == 'workflow_dispatch' || startsWith(github.ref, 'refs/heads/feat/')) && needs.build-jars.outputs.has-changes == 'true' steps: - name: Checkout repository uses: actions/checkout@v4 @@ -256,7 +264,7 @@ jobs: echo "๐Ÿ”„ Pulling latest code..." git fetch origin - git reset --hard $GITHUB_SHA # โฌ…๏ธ 1. 'origin/main'์ด ์•„๋‹Œ ํ˜„์žฌ ์ปค๋ฐ‹(SHA)์„ ์ฒดํฌ์•„์›ƒํ•˜๋„๋ก ์ˆ˜์ • + git reset --hard $GITHUB_SHA # ์Šค์™‘ ์ฒดํฌ (๊ฐ„์†Œํ™”) if ! sudo swapon --show | grep -q "/swapfile" && [ ! -f /swapfile ]; then @@ -287,15 +295,15 @@ jobs: done wait - echo "๐Ÿ›‘ Stopping and removing old services..." # โฌ…๏ธ 2. ๊ธฐ์กด ์ปจํ…Œ์ด๋„ˆ ์ค‘์ง€ - docker-compose stop $SERVICES || true # โฌ…๏ธ 3. ๊ธฐ์กด ์ปจํ…Œ์ด๋„ˆ ์‚ญ์ œ - docker-compose rm -f $SERVICES || true # โฌ…๏ธ 4. + echo "๐Ÿ›‘ Stopping and removing old services..." + docker-compose stop $SERVICES || true + docker-compose rm -f $SERVICES || true - echo "๐Ÿš€ Creating new services..." # โฌ…๏ธ 5. ์ƒˆ ์ปจํ…Œ์ด๋„ˆ ์ƒ์„ฑ - docker-compose up -d --no-deps $SERVICES # โฌ…๏ธ 6. --force-recreate ํ”Œ๋ž˜๊ทธ ์ œ๊ฑฐ + echo "๐Ÿš€ Creating new services..." + docker-compose up -d --no-deps $SERVICES - echo "๐Ÿ“Š Ensuring monitoring services are running..." # โฌ…๏ธ 7. ๋ชจ๋‹ˆํ„ฐ๋ง ์„œ๋น„์Šค ์‹คํ–‰ - docker-compose up -d prometheus grafana # โฌ…๏ธ 8. + echo "๐Ÿ“Š Ensuring monitoring services are running..." + docker-compose up -d prometheus grafana echo "โณ Waiting 15s..." sleep 15 @@ -314,7 +322,7 @@ jobs: --parameters "commands=[\"echo $ENCODED_SCRIPT | base64 -d > /tmp/deploy.sh && chmod +x /tmp/deploy.sh && DOCKERHUB_PASSWORD='${{ secrets.DOCKERHUB_PASSWORD }}' DOCKERHUB_USERNAME='${{ secrets.DOCKERHUB_USERNAME }}' GITHUB_SHA='${{ github.sha }}' CHANGED_SERVICES='$SERVICES' bash /tmp/deploy.sh\"]" \ --timeout-seconds 300 \ --output text \ - --query 'Command.Id') + --query 'Command.CommandId') echo "command_id=$COMMAND_ID" >> $GITHUB_OUTPUT echo "โœ… SSM Command ID: $COMMAND_ID" @@ -400,6 +408,7 @@ jobs: echo "โœ… Deployment successful!" echo "๐Ÿ”– Image tag: ${{ github.sha }}" echo "๐Ÿ“ฆ Services: ${{ steps.services.outputs.list }}" + echo "๐Ÿ›ก๏ธ ๋ณด์•ˆ ๋ฆฌํฌํŠธ: http://:8080/security/${{ github.sha }}" else echo "โŒ Deployment failed!" exit 1 From c8a05c84da3424578a468f2c4f1b417097f7d97d Mon Sep 17 00:00:00 2001 From: vanillaturtlechips <2220110150@office.kopo.ac.kr> Date: Sun, 9 Nov 2025 11:31:15 +0900 Subject: [PATCH 06/11] fix:Login to GitHub Container Registry --- .github/workflows/ci-cd.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index 76d4d06..13613a7 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -168,6 +168,13 @@ jobs: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_PASSWORD }} + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Create optimized Dockerfile run: | cat > ${{ matrix.service }}/Dockerfile.fast << 'EOF' From 63ee340aa68d77b648ab914ec1c247e8707f7077 Mon Sep 17 00:00:00 2001 From: vanillaturtlechips <2220110150@office.kopo.ac.kr> Date: Sun, 9 Nov 2025 11:37:08 +0900 Subject: [PATCH 07/11] fix:creat optimized --- .github/workflows/ci-cd.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index 13613a7..58fd4ed 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -178,7 +178,7 @@ jobs: - name: Create optimized Dockerfile run: | cat > ${{ matrix.service }}/Dockerfile.fast << 'EOF' - FROM ghcr.io/eclipse-temurin/jre:17-focal + FROM ghcr.io/eclipse-temurin/jre:17-jre WORKDIR /app COPY ${{ matrix.service }}/build/libs/*.jar app.jar EXPOSE 8080 From 0fd6fd85888f671ecad381f01e0cbbbed54d36b5 Mon Sep 17 00:00:00 2001 From: vanillaturtlechips <2220110150@office.kopo.ac.kr> Date: Sun, 9 Nov 2025 11:43:52 +0900 Subject: [PATCH 08/11] fix:Remove security dashboard feature and S3 logic --- .github/workflows/ci-cd.yml | 21 +----- fe/src/main/resources/templates/security.html | 75 ------------------- 2 files changed, 2 insertions(+), 94 deletions(-) delete mode 100644 fe/src/main/resources/templates/security.html diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index 58fd4ed..2bd53f9 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -168,17 +168,10 @@ jobs: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_PASSWORD }} - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Create optimized Dockerfile run: | cat > ${{ matrix.service }}/Dockerfile.fast << 'EOF' - FROM ghcr.io/eclipse-temurin/jre:17-jre + FROM eclipse-temurin:17-jre-focal WORKDIR /app COPY ${{ matrix.service }}/build/libs/*.jar app.jar EXPOSE 8080 @@ -203,7 +196,7 @@ jobs: - name: Run Trivy scan uses: aquasecurity/trivy-action@master - continue-on-error: false + continue-on-error: true with: image-ref: ${{ env.DOCKER_REGISTRY }}/${{ matrix.service }}:${{ env.IMAGE_TAG }} format: 'sarif' @@ -219,15 +212,6 @@ jobs: sarif_file: 'trivy-results-${{ matrix.service }}.sarif' category: 'trivy-${{ matrix.service }}' - - name: Upload Trivy results to S3 - if: always() - run: | - aws s3 cp ./trivy-results-${{ matrix.service }}.sarif s3://kwa06001-sarif-reports/sarif/${{ env.IMAGE_TAG }}/trivy-${{ matrix.service }}.sarif - env: - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - AWS_REGION: ${{ secrets.AWS_REGION }} - deploy-to-ec2: name: Deploy to EC2 needs: [build-jars, docker-build-scan-push] @@ -415,7 +399,6 @@ jobs: echo "โœ… Deployment successful!" echo "๐Ÿ”– Image tag: ${{ github.sha }}" echo "๐Ÿ“ฆ Services: ${{ steps.services.outputs.list }}" - echo "๐Ÿ›ก๏ธ ๋ณด์•ˆ ๋ฆฌํฌํŠธ: http://:8080/security/${{ github.sha }}" else echo "โŒ Deployment failed!" exit 1 diff --git a/fe/src/main/resources/templates/security.html b/fe/src/main/resources/templates/security.html deleted file mode 100644 index ee6a4fb..0000000 --- a/fe/src/main/resources/templates/security.html +++ /dev/null @@ -1,75 +0,0 @@ - - - - - ๋ณด์•ˆ ๋ฆฌํฌํŠธ - - - - - - - - -
-

๋ณด์•ˆ ๋ถ„์„ ๋ฆฌํฌํŠธ

-

์ปค๋ฐ‹:

-

← ํ™ˆ์œผ๋กœ ๋Œ์•„๊ฐ€๊ธฐ

-
- -
-

๋ณด์•ˆ ๋ฆฌํฌํŠธ๋ฅผ ๋ถˆ๋Ÿฌ์˜ค๋Š” ์ค‘...

-
- - - - \ No newline at end of file From e32238ba965bbe02a61e09277a95f6ce3e6f45e3 Mon Sep 17 00:00:00 2001 From: vanillaturtlechips <2220110150@office.kopo.ac.kr> Date: Sun, 9 Nov 2025 11:47:25 +0900 Subject: [PATCH 09/11] fix:Remove security dashboard feature and S3 logic --- .github/workflows/ci-cd.yml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index 2bd53f9..6a8c0e6 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -167,11 +167,18 @@ jobs: with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_PASSWORD }} + + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} - name: Create optimized Dockerfile run: | cat > ${{ matrix.service }}/Dockerfile.fast << 'EOF' - FROM eclipse-temurin:17-jre-focal + FROM ghcr.io/eclipse-temurin/jre:17-jre WORKDIR /app COPY ${{ matrix.service }}/build/libs/*.jar app.jar EXPOSE 8080 From c268d1ef555348a2d0e6b0c94f26b93b55c7bd5b Mon Sep 17 00:00:00 2001 From: vanillaturtlechips <2220110150@office.kopo.ac.kr> Date: Sun, 9 Nov 2025 11:52:25 +0900 Subject: [PATCH 10/11] revert: Revert all S3/GHCR changes, stabilize deploy script --- .github/workflows/ci-cd.yml | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index 6a8c0e6..2bd53f9 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -167,18 +167,11 @@ jobs: with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_PASSWORD }} - - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - name: Create optimized Dockerfile run: | cat > ${{ matrix.service }}/Dockerfile.fast << 'EOF' - FROM ghcr.io/eclipse-temurin/jre:17-jre + FROM eclipse-temurin:17-jre-focal WORKDIR /app COPY ${{ matrix.service }}/build/libs/*.jar app.jar EXPOSE 8080 From 86ca448e5aac17e751aa0b93df0fc1cb4f7e62f5 Mon Sep 17 00:00:00 2001 From: vanillaturtlechips <2220110150@office.kopo.ac.kr> Date: Sun, 9 Nov 2025 12:01:51 +0900 Subject: [PATCH 11/11] fix:dockethub --- .github/workflows/ci-cd.yml | 6 +++--- docker-compose.yml | 10 +++++----- start-microservices.sh | 10 +++++----- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index 2bd53f9..b295284 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -11,7 +11,7 @@ permissions: security-events: write env: - DOCKER_REGISTRY: kwa06001 + DOCKER_REGISTRY: softbank2025 IMAGE_TAG: ${{ github.sha }} jobs: @@ -275,14 +275,14 @@ jobs: cp docker-compose.yml docker-compose.yml.backup for service in $SERVICES; do - sed -i "s|image: kwa06001/${service}:.*|image: kwa06001/${service}:${IMAGE_TAG}|g" docker-compose.yml + sed -i "s|image: softbank2025/${service}:.*|image: softbank2025/${service}:${IMAGE_TAG}|g" docker-compose.yml done sed -i '/build:/,+2d' docker-compose.yml echo "๐Ÿ“ฅ Pulling images (parallel)..." for service in $SERVICES; do - docker pull kwa06001/${service}:${IMAGE_TAG} & + docker pull softbank2025/${service}:${IMAGE_TAG} & done wait diff --git a/docker-compose.yml b/docker-compose.yml index d0462e9..235d3e5 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,6 @@ services: server: - image: kwa06001/server:latest + image: softbank2025/server:latest build: context: . dockerfile: ./server/Dockerfile @@ -17,7 +17,7 @@ services: - eureka.server.enable-self-preservation=false gateway: - image: kwa06001/gateway:latest + image: softbank2025/gateway:latest build: context: . dockerfile: ./gateway/Dockerfile @@ -33,7 +33,7 @@ services: restart: unless-stopped fe: - image: kwa06001/fe:latest + image: softbank2025/fe:latest build: context: . dockerfile: ./fe/Dockerfile @@ -49,7 +49,7 @@ services: restart: unless-stopped deploy: - image: kwa06001/deploy:latest + image: softbank2025/deploy:latest build: context: . dockerfile: ./deploy/Dockerfile @@ -65,7 +65,7 @@ services: restart: unless-stopped user: - image: kwa06001/user:latest + image: softbank2025/user:latest build: context: . dockerfile: ./user/Dockerfile diff --git a/start-microservices.sh b/start-microservices.sh index 1babc85..f3cd22a 100644 --- a/start-microservices.sh +++ b/start-microservices.sh @@ -15,11 +15,11 @@ if [ $? -ne 0 ]; then fi echo "2. Docker ์ด๋ฏธ์ง€ ์ƒ์„ฑ ์ค‘..." -docker build -t kwa06001/server ./server -docker build -t kwa06001/gateway ./gateway -docker build -t kwa06001/fe ./fe -docker build -t kwa06001/deploy ./deploy -docker build -t kwa06001/user ./user +docker build -t softbank2025/server ./server +docker build -t softbank2025/gateway ./gateway +docker build -t softbank2025/fe ./fe +docker build -t softbank2025/deploy ./deploy +docker build -t softbank2025/user ./user echo "3. ๊ธฐ์กด ์ปจํ…Œ์ด๋„ˆ ์ •๋ฆฌ ์ค‘..." docker-compose down