re-fix #118
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # .github/workflows/ci.yaml | |
| name: CI | |
| on: | |
| pull_request: | |
| push: | |
| branches: | |
| - "feature/**" | |
| - "main" # main도 트리거에 포함 (latest 태그/푸시용) | |
| jobs: | |
| # ------------------------------------------------------------ | |
| # 1) Compose로 빌드/실행 후 스모크 테스트 (PR, feature/**, main 모두) | |
| # ------------------------------------------------------------ | |
| smoke: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: docker/setup-buildx-action@v3 | |
| # 1) Build & Run (포트 8080 → 컨테이너 80) | |
| - name: Compose up (build & run) | |
| run: | | |
| docker compose -f mjsec-frontend/docker-compose.ci.yml up -d | |
| docker compose -f mjsec-frontend/docker-compose.ci.yml ps | |
| # 2) 수동 재시도 루프(최대 60초)로 HTTP 200 확인 | |
| - name: Smoke test (HTTP 200) | |
| run: | | |
| # 최대 30회 × 2초 = 60초 동안 HEAD 200 을 기다립니다. | |
| for i in {1..30}; do | |
| if curl -fs --head http://localhost:8080 >/dev/null ; then | |
| echo "✅ app responded (try $i)"; exit 0 | |
| fi | |
| echo "⌛ waiting... ($i/30)"; sleep 2 | |
| done | |
| echo "❌ app did not respond in time"; exit 1 | |
| # 3) 항상 정리 | |
| - name: Tear down | |
| if: always() | |
| run: docker compose -f mjsec-frontend/docker-compose.ci.yml down -v | |
| # ------------------------------------------------------------ | |
| # 2) Build & Push (GHCR) — 홍보용 웹사이트(app)만 빌드/푸시 | |
| # - push 이벤트에서만 실행 | |
| # - feature/** 또는 main 브랜치에서만 실행 | |
| # - latest 태그는 main에서만 달림 | |
| # ------------------------------------------------------------ | |
| build-and-push: | |
| needs: smoke | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| if: github.event_name == 'push' && (startsWith(github.ref, 'refs/heads/feature/') || github.ref == 'refs/heads/main') | |
| outputs: | |
| ghcr-tags: ${{ steps.meta_app.outputs.tags }} | |
| ghcr-digest: ${{ steps.build_app.outputs.digest }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: docker/setup-buildx-action@v3 | |
| # ----- GHCR (메인 app) ----- | |
| - name: Login to ghcr.io | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract image metadata (app → GHCR) | |
| id: meta_app | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ghcr.io/${{ github.repository }} | |
| tags: | | |
| type=ref,event=branch | |
| type=sha,prefix=sha- | |
| type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }} | |
| - name: Build & push app image (GHCR) | |
| id: build_app | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: ./mjsec-frontend | |
| file: ./mjsec-frontend/Dockerfile | |
| push: true | |
| tags: ${{ steps.meta_app.outputs.tags }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max |