Release

.github/workflows/_deploy-native.yml

@@ -3,17 +3,19 @@ name: deploy-native-template
 on:
   workflow_call:
     inputs:
-      ecr_repository:
+      ocir_repository:
         required: true
         type: string
       dockerfile:
         required: true
         type: string
         description: 'Dockerfile path (e.g., api/Dockerfile-native)'
     secrets:
-      AWS_ACCESS_KEY_ID:
+      OCI_AUTH_TOKEN:
         required: true
-      AWS_SECRET_ACCESS_KEY:
+      DEPLOYER_APP_ID:
+        required: true
+      DEPLOYER_APP_PRIVATE_KEY:
         required: true
 
 jobs:
@@ -24,43 +26,27 @@ jobs:
     env:
       IMAGE_TAG: ${{ github.run_number }}
       BUILD_NUMBER: ${{ github.run_number }}
-      ECR_REGISTRY: 405906814034.dkr.ecr.ap-northeast-2.amazonaws.com
-      ECR_REPOSITORY: ${{ inputs.ecr_repository }}
+      OCIR_REGISTRY: yny.ocir.io
+      OCIR_NAMESPACE: ax1dvc8vmenm
+      OCIR_REPOSITORY: ${{ inputs.ocir_repository }}
 
     steps:
       - name: Checkout
         uses: actions/checkout@v4
 
-      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v4
-        with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          aws-region: ap-northeast-2
-
-      - name: Login to ECR
-        id: login-ecr
-        uses: aws-actions/amazon-ecr-login@v2
+      - name: Login to OCIR
+        run: echo "${{ secrets.OCI_AUTH_TOKEN }}" | docker login $OCIR_REGISTRY -u ax1dvc8vmenm/members/snutt-deployer --password-stdin
 
-      - name: Get and save Auth Token for CodeArtifact
-        id: get-save-codeartifact-auth-token
-        run: |
-          aws codeartifact get-authorization-token \
-            --domain wafflestudio \
-            --domain-owner 405906814034 \
-            --query authorizationToken \
-            --region ap-northeast-1 \
-            --output text > .codeartifact_token
-
-      - name: Docker build, tag, and push image to ECR
+      - name: Docker build, tag, and push image to OCIR
         id: build-push-image
         run: |
+          echo "${{ github.token }}" > .github_token
           docker build \
-            --secret id=codeartifact_token,src=./.codeartifact_token \
+            --secret id=github_token,src=./.github_token \
             -f ${{ inputs.dockerfile }} \
-            -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG \
+            -t $OCIR_REGISTRY/$OCIR_NAMESPACE/$OCIR_REPOSITORY:$IMAGE_TAG \
             . \
             --platform linux/arm64
-          docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
-          echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT
-
+          rm -f .github_token
+          docker push $OCIR_REGISTRY/$OCIR_NAMESPACE/$OCIR_REPOSITORY:$IMAGE_TAG
+          echo "image=$OCIR_REGISTRY/$OCIR_NAMESPACE/$OCIR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT

.github/workflows/_deploy.yml

@@ -3,17 +3,19 @@ name: deploy-template
 on:
   workflow_call:
     inputs:
-      ecr_repository:
+      ocir_repository:
         required: true
         type: string
       dockerfile:
         required: true
         type: string
         description: 'Dockerfile path (e.g., api/Dockerfile)'
     secrets:
-      AWS_ACCESS_KEY_ID:
+      OCI_AUTH_TOKEN:
         required: true
-      AWS_SECRET_ACCESS_KEY:
+      DEPLOYER_APP_ID:
+        required: true
+      DEPLOYER_APP_PRIVATE_KEY:
         required: true
 
 jobs:
@@ -24,42 +26,27 @@ jobs:
     env:
       IMAGE_TAG: ${{ github.run_number }}
       BUILD_NUMBER: ${{ github.run_number }}
-      ECR_REGISTRY: 405906814034.dkr.ecr.ap-northeast-2.amazonaws.com
-      ECR_REPOSITORY: ${{ inputs.ecr_repository }}
+      OCIR_REGISTRY: yny.ocir.io
+      OCIR_NAMESPACE: ax1dvc8vmenm
+      OCIR_REPOSITORY: ${{ inputs.ocir_repository }}
 
     steps:
       - name: Checkout
         uses: actions/checkout@v4
 
-      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v4
-        with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          aws-region: ap-northeast-2
-
-      - name: Login to ECR
-        id: login-ecr
-        uses: aws-actions/amazon-ecr-login@v2
-
-      - name: Get and save Auth Token for CodeArtifact
-        id: get-save-codeartifact-auth-token
-        run: |
-          aws codeartifact get-authorization-token \
-            --domain wafflestudio \
-            --domain-owner 405906814034 \
-            --query authorizationToken \
-            --region ap-northeast-1 \
-            --output text > .codeartifact_token
+      - name: Login to OCIR
+        run: echo "${{ secrets.OCI_AUTH_TOKEN }}" | docker login $OCIR_REGISTRY -u ax1dvc8vmenm/members/snutt-deployer --password-stdin
 
-      - name: Docker build, tag, and push image to ECR
+      - name: Docker build, tag, and push image to OCIR
         id: build-push-image
         run: |
+          echo "${{ github.token }}" > .github_token
           docker build \
-            --secret id=codeartifact_token,src=./.codeartifact_token \
+            --secret id=github_token,src=./.github_token \
             -f ${{ inputs.dockerfile }} \
-            -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG \
+            -t $OCIR_REGISTRY/$OCIR_NAMESPACE/$OCIR_REPOSITORY:$IMAGE_TAG \
             . \
             --platform linux/arm64
-          docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
-          echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT
+          rm -f .github_token
+          docker push $OCIR_REGISTRY/$OCIR_NAMESPACE/$OCIR_REPOSITORY:$IMAGE_TAG
+          echo "image=$OCIR_REGISTRY/$OCIR_NAMESPACE/$OCIR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT

.github/workflows/ci.yml

@@ -14,19 +14,14 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4
 
-      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v4
-        with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          aws-region: ap-northeast-2
-
       - name: Set up JDK 25
         uses: actions/setup-java@v4
         with:
           java-version: '25'
           distribution: 'temurin'
 
       - name: Run Tests
+        env:
+          GITHUB_TOKEN: ${{ github.token }}
         run: |
           ./gradlew clean test -x processAot -x processTestAot

.github/workflows/deploy-api-dev-native.yml

@@ -8,8 +8,9 @@ jobs:
   deploy:
     uses: ./.github/workflows/_deploy-native.yml
     with:
-      ecr_repository: snutt-dev/snutt-timetable
+      ocir_repository: snutt-dev/snutt-timetable
       dockerfile: api/Dockerfile-native
     secrets:
-      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+      OCI_AUTH_TOKEN: ${{ secrets.OCI_AUTH_TOKEN }}
+      DEPLOYER_APP_ID: ${{ secrets.DEPLOYER_APP_ID }}
+      DEPLOYER_APP_PRIVATE_KEY: ${{ secrets.DEPLOYER_APP_PRIVATE_KEY }}

.github/workflows/deploy-api-dev.yml

@@ -8,8 +8,9 @@ jobs:
   deploy:
     uses: ./.github/workflows/_deploy.yml
     with:
-      ecr_repository: snutt-dev/snutt-timetable
+      ocir_repository: snutt-dev/snutt-timetable
       dockerfile: api/Dockerfile
     secrets:
-      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+      OCI_AUTH_TOKEN: ${{ secrets.OCI_AUTH_TOKEN }}
+      DEPLOYER_APP_ID: ${{ secrets.DEPLOYER_APP_ID }}
+      DEPLOYER_APP_PRIVATE_KEY: ${{ secrets.DEPLOYER_APP_PRIVATE_KEY }}

.github/workflows/deploy-api-prod-native.yml

@@ -8,11 +8,12 @@ jobs:
   deploy:
     uses: ./.github/workflows/_deploy-native.yml
     with:
-      ecr_repository: snutt-prod/snutt-timetable
+      ocir_repository: snutt-prod/snutt-timetable
       dockerfile: api/Dockerfile-native
     secrets:
-      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+      OCI_AUTH_TOKEN: ${{ secrets.OCI_AUTH_TOKEN }}
+      DEPLOYER_APP_ID: ${{ secrets.DEPLOYER_APP_ID }}
+      DEPLOYER_APP_PRIVATE_KEY: ${{ secrets.DEPLOYER_APP_PRIVATE_KEY }}
 
   notify:
     needs: deploy

.github/workflows/deploy-api-prod.yml

@@ -8,11 +8,12 @@ jobs:
   deploy:
     uses: ./.github/workflows/_deploy.yml
     with:
-      ecr_repository: snutt-prod/snutt-timetable
+      ocir_repository: snutt-prod/snutt-timetable
       dockerfile: api/Dockerfile
     secrets:
-      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+      OCI_AUTH_TOKEN: ${{ secrets.OCI_AUTH_TOKEN }}
+      DEPLOYER_APP_ID: ${{ secrets.DEPLOYER_APP_ID }}
+      DEPLOYER_APP_PRIVATE_KEY: ${{ secrets.DEPLOYER_APP_PRIVATE_KEY }}
 
   notify:
     needs: deploy

.github/workflows/deploy-batch-dev-native.yml

@@ -8,8 +8,9 @@ jobs:
   deploy:
     uses: ./.github/workflows/_deploy-native.yml
     with:
-      ecr_repository: snutt-dev/snutt-timetable-batch
+      ocir_repository: snutt-dev/snutt-timetable-batch
       dockerfile: batch/Dockerfile-native
     secrets:
-      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+      OCI_AUTH_TOKEN: ${{ secrets.OCI_AUTH_TOKEN }}
+      DEPLOYER_APP_ID: ${{ secrets.DEPLOYER_APP_ID }}
+      DEPLOYER_APP_PRIVATE_KEY: ${{ secrets.DEPLOYER_APP_PRIVATE_KEY }}

.github/workflows/deploy-batch-dev.yml

@@ -8,8 +8,9 @@ jobs:
   deploy:
     uses: ./.github/workflows/_deploy.yml
     with:
-      ecr_repository: snutt-dev/snutt-timetable-batch
+      ocir_repository: snutt-dev/snutt-timetable-batch
       dockerfile: batch/Dockerfile
     secrets:
-      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+      OCI_AUTH_TOKEN: ${{ secrets.OCI_AUTH_TOKEN }}
+      DEPLOYER_APP_ID: ${{ secrets.DEPLOYER_APP_ID }}
+      DEPLOYER_APP_PRIVATE_KEY: ${{ secrets.DEPLOYER_APP_PRIVATE_KEY }}

.github/workflows/deploy-batch-prod-native.yml

@@ -8,8 +8,9 @@ jobs:
   deploy:
     uses: ./.github/workflows/_deploy-native.yml
     with:
-      ecr_repository: snutt-prod/snutt-timetable-batch
+      ocir_repository: snutt-prod/snutt-timetable-batch
       dockerfile: batch/Dockerfile-native
     secrets:
-      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+      OCI_AUTH_TOKEN: ${{ secrets.OCI_AUTH_TOKEN }}
+      DEPLOYER_APP_ID: ${{ secrets.DEPLOYER_APP_ID }}
+      DEPLOYER_APP_PRIVATE_KEY: ${{ secrets.DEPLOYER_APP_PRIVATE_KEY }}

.github/workflows/deploy-batch-prod.yml

@@ -8,8 +8,9 @@ jobs:
   deploy:
     uses: ./.github/workflows/_deploy.yml
     with:
-      ecr_repository: snutt-prod/snutt-timetable-batch
+      ocir_repository: snutt-prod/snutt-timetable-batch
       dockerfile: batch/Dockerfile
     secrets:
-      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+      OCI_AUTH_TOKEN: ${{ secrets.OCI_AUTH_TOKEN }}
+      DEPLOYER_APP_ID: ${{ secrets.DEPLOYER_APP_ID }}
+      DEPLOYER_APP_PRIVATE_KEY: ${{ secrets.DEPLOYER_APP_PRIVATE_KEY }}

.github/workflows/deploy-manual-native.yml

@@ -3,8 +3,8 @@ name: Deploy Manual Native
 on:
   workflow_dispatch:
     inputs:
-      ecr_repository:
-        description: 'ECR 리포지토리 (예: snutt-dev/snutt-timetable)'
+      ocir_repository:
+        description: 'OCIR 리포지토리 (예: snutt-dev/snutt-timetable)'
         required: true
         type: string
       dockerfile:
@@ -16,9 +16,9 @@ jobs:
   deploy:
     uses: ./.github/workflows/_deploy-native.yml
     with:
-      ecr_repository: ${{ inputs.ecr_repository }}
+      ocir_repository: ${{ inputs.ocir_repository }}
       dockerfile: ${{ inputs.dockerfile }}
     secrets:
-      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-
+      OCI_AUTH_TOKEN: ${{ secrets.OCI_AUTH_TOKEN }}
+      DEPLOYER_APP_ID: ${{ secrets.DEPLOYER_APP_ID }}
+      DEPLOYER_APP_PRIVATE_KEY: ${{ secrets.DEPLOYER_APP_PRIVATE_KEY }}

.github/workflows/deploy-manual.yml

@@ -3,8 +3,8 @@ name: Deploy Manual
 on:
   workflow_dispatch:
     inputs:
-      ecr_repository:
-        description: 'ECR 리포지토리 (예: snutt-dev/snutt-timetable)'
+      ocir_repository:
+        description: 'OCIR 리포지토리 (예: snutt-dev/snutt-timetable)'
         required: true
         type: string
       dockerfile:
@@ -16,8 +16,9 @@ jobs:
   deploy:
     uses: ./.github/workflows/_deploy.yml
     with:
-      ecr_repository: ${{ inputs.ecr_repository }}
+      ocir_repository: ${{ inputs.ocir_repository }}
       dockerfile: ${{ inputs.dockerfile }}
     secrets:
-      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+      OCI_AUTH_TOKEN: ${{ secrets.OCI_AUTH_TOKEN }}
+      DEPLOYER_APP_ID: ${{ secrets.DEPLOYER_APP_ID }}
+      DEPLOYER_APP_PRIVATE_KEY: ${{ secrets.DEPLOYER_APP_PRIVATE_KEY }}

api/Dockerfile

@@ -2,6 +2,6 @@ FROM ghcr.io/graalvm/jdk-community:25
 WORKDIR /app
 COPY . /app
 RUN microdnf install -y findutils --nodocs
-RUN --mount=type=secret,id=codeartifact_token ./gradlew :api:bootJar -PcodeArtifactAuthToken=$(cat /run/secrets/codeartifact_token)
+RUN --mount=type=secret,id=github_token GITHUB_TOKEN=$(cat /run/secrets/github_token) ./gradlew :api:bootJar
 EXPOSE 8080
 ENTRYPOINT java $JAVA_OPTS -jar api/build/libs/snutt-api.jar

api/Dockerfile-native

@@ -2,7 +2,7 @@
 FROM container-registry.oracle.com/graalvm/native-image:25 AS builder
 WORKDIR /app
 COPY . /app
-RUN --mount=type=secret,id=codeartifact_token ./gradlew :api:nativeCompile -PcodeArtifactAuthToken=$(cat /run/secrets/codeartifact_token)
+RUN --mount=type=secret,id=github_token GITHUB_TOKEN=$(cat /run/secrets/github_token) ./gradlew :api:nativeCompile
 
 # Runtime stage
 FROM docker.io/debian:stable-slim

api/build.gradle.kts

@@ -10,7 +10,7 @@ dependencies {
     implementation("io.jsonwebtoken:jjwt-api:0.13.0")
     implementation("io.jsonwebtoken:jjwt-impl:0.13.0")
     implementation("io.jsonwebtoken:jjwt-jackson:0.13.0")
-    implementation("org.springdoc:springdoc-openapi-starter-webflux-ui:3.0.0")
+    implementation("org.springdoc:springdoc-openapi-starter-webflux-ui:3.0.2")
     runtimeOnly("jakarta.xml.bind:jakarta.xml.bind-api:4.0.2")
 
     testImplementation(testFixtures(project(":core")))

api/src/main/kotlin/config/SwaggerConfig.kt

@@ -6,8 +6,10 @@ import io.swagger.v3.oas.annotations.servers.Server
 import io.swagger.v3.oas.models.security.SecurityRequirement
 import io.swagger.v3.oas.models.security.SecurityScheme
 import org.springdoc.core.customizers.OpenApiCustomizer
+import org.springframework.aot.hint.annotation.RegisterReflectionForBinding
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
+import tools.jackson.core.JsonParser
 
 @OpenAPIDefinition(
     servers = [Server(url = "/", description = "Local")],
@@ -18,6 +20,7 @@ import org.springframework.context.annotation.Configuration
         ),
 )
 @Configuration
+@RegisterReflectionForBinding(JsonParser.NumberType::class)
 class SwaggerConfig {
     @Bean
     fun openApiCustomizer() =

api/src/main/kotlin/controller/AdminController.kt

@@ -101,7 +101,11 @@ class AdminController(
     @PostMapping("/popups")
     suspend fun postPopup(
         @RequestBody body: PostPopupRequest,
-    ): PopupResponse = popupService.postPopup(body).let(::PopupResponse)
+    ): PopupResponse {
+        val popup = popupService.postPopup(body)
+        val imageUri = storageService.getFileUri(popup.imageOriginUri)
+        return PopupResponse(popup, imageUri)
+    }
 
     @DeleteMapping("/popups/{id}")
     suspend fun deletePopup(