fix: redis에 accesstoken 검증 로직 추가 #10
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Security Service | |
| on: | |
| push: | |
| branches: | |
| - main | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{github.repository}} | |
| jobs: | |
| tagging: | |
| #이 tagging 일은 우분투안에서 동작하며 표출되는 이름은 태깅 | |
| name: 태깅 | |
| runs-on: ubuntu-latest | |
| #꺼내서 보내줄 값 | |
| outputs: | |
| tag_name: ${{steps.tag.version.outputs.new_tag}} | |
| permissions: | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: tag_version and tagging | |
| id: tag_version | |
| uses: mathieudutour/github-tag-action@v6.2 | |
| with: | |
| github_token: ${{secrets.GITHUB_TOKEN}} | |
| - name: releasing | |
| uses: ncipollo/release-action@v1 | |
| #전 단계에 out풋 값을 그대로 가져오고 태그를 달아주는 | |
| with: | |
| #버전들이 이미 위에 단계에세 만들어졌으니 끝나고 나면 만들어지는 outputs에서 tag를 꺼냄 | |
| #새롭게 계산된 태그값이 들어가게 된다 | |
| tag: ${{steps.tag_version.outputs.new_tag}} | |
| name: ${{steps.tag_version.outputs.new_tag}} | |
| body: ${{steps.tag_version.outputs.changelog}} | |
| build-image: | |
| name: 도커 이미지 빌드 | |
| runs-on: ubuntu-latest | |
| needs: tagging # 이 작업을 필요로 한다 | |
| permissions: | |
| contents: read | |
| packages: write | |
| attestations: write | |
| id-token: write | |
| steps: | |
| - name: Check out Repository | |
| uses: actions/checkout@v4 | |
| - name: setting for development | |
| run: echo "${{secrets.DEV_YML}}" > src/main/resourcres/application-dev.yml | |
| - name: sign in github container registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{env.REGISTRY}} | |
| username: ${{github.actor}} | |
| password: ${{secrets.GITHUB_TOKEN}} | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{env.REGISTRY}}/${{env.IMAGE_NAME}} | |
| tags: | | |
| type=sha | |
| type=raw, value=${{needs.tagging.outputs.tag.name}} | |
| type=raw, value=latest | |
| #배포 될때마다 테그가 붙게 되는데 제일 최신의 값은 latest가 붙음 (sha는 그냥 식별자) | |
| - name: Build and push image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . #루트 디렉토리에서 도커 파일 가져옴 | |
| push: true | |
| tags: ${{steps.meta.outputs.tags}} | |
| labels: ${{steps.meta.outputs.labels}} | |