java
CHAPTER 89 / 99
읽기 약 2분
FUNCTION
CI/CD: GitHub Actions + Docker
핵심 개념
GitHub Actions·Docker 빌드·AWS/GCP 배포 — PR 머지 → 자동 배포.
본문
Dockerfile
# Multi-stage 빌드
FROM gradle:8.5-jdk21 AS builder
WORKDIR /app
COPY build.gradle settings.gradle ./
COPY src ./src
RUN gradle bootJar --no-daemon
FROM eclipse-temurin:21-jre-alpine
WORKDIR /app
# 보안 — 비루트 사용자
RUN addgroup -g 1000 spring && adduser -D -G spring -u 1000 spring
USER spring
COPY --from=builder /app/build/libs/*.jar app.jar
EXPOSE 8080
# 헬스체크
HEALTHCHECK --interval=30s --timeout=3s --start-period=60s \
CMD wget --quiet --tries=1 --spider http://localhost:8080/actuator/health/liveness || exit 1
ENTRYPOINT ["java", "-XX:MaxRAMPercentage=75.0", "-jar", "app.jar"]docker-compose.yml — 로컬 개발
version: '3.8'
services:
app:
build: .
ports:
- "8080:8080"
environment:
SPRING_PROFILES_ACTIVE: dev
DB_URL: jdbc:postgresql://postgres:5432/dev
DB_USERNAME: dev
DB_PASSWORD: dev
depends_on:
postgres:
condition: service_healthy
redis:
condition: service_started
postgres:
image: postgres:16-alpine
environment:
POSTGRES_DB: dev
POSTGRES_USER: dev
POSTGRES_PASSWORD: dev
healthcheck:
test: ["CMD", "pg_isready", "-U", "dev"]
redis:
image: redis:7-alpineGitHub Actions — 빌드·테스트·배포
# .github/workflows/deploy.yml
name: Deploy
on:
push:
branches: [main]
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v4
with:
java-version: '21'
distribution: 'temurin'
- name: Cache Gradle
uses: actions/cache@v4
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: gradle-${{ hashFiles('**/build.gradle*') }}
- name: Test
run: ./gradlew test jacocoTestReport
- name: Upload coverage
uses: codecov/codecov-action@v4
build-and-deploy:
needs: test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Configure AWS
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ap-northeast-2
- name: Login to ECR
id: ecr
uses: aws-actions/amazon-ecr-login@v2
- name: Build and push
uses: docker/build-push-action@v5
with:
push: true
tags: |
${{ steps.ecr.outputs.registry }}/ohs-backend:${{ github.sha }}
${{ steps.ecr.outputs.registry }}/ohs-backend:latest
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Deploy to ECS
run: |
aws ecs update-service \
--cluster ohs-prod \
--service ohs-backend \
--force-new-deployment
- name: Notify Slack
if: always()
uses: 8398a7/action-slack@v3
with:
status: ${{ job.status }}
webhook_url: ${{ secrets.SLACK_WEBHOOK }}Blue-Green 또는 Canary 배포
# AWS CodeDeploy 설정
{
"applicationName": "ohs-backend",
"deploymentGroupName": "production",
"deploymentConfig": "CodeDeployDefault.ECSCanary10Percent5Minutes",
# 10% 트래픽 5분 → 100%
}다음 모듈
CH.21~30 "마이크로서비스 입문" — Gateway·Eureka·Kafka·SAGA·K8s.
AI 프롬프트
🤖 AI에게 잘 물어보는 법 — 모델·전략별 프롬프트
Claude
무료: Sonnet 4.6 / Pro $20/mo: Opus 4.6
내 Spring 코드의 CI/CD 부분을 분석해서 배포 안정성·롤백 전략와 개선 우선순위를 알려줘.
ChatGPT
무료: GPT-5.5 / Plus $20/mo: GPT-5.5 Pro
CI/CD vs 다른 패턴 비교를 실전 사례 5개로 보여주고 GitHub Actions vs Jenkins를 알려줘.
Gemini
무료: 2.5 Flash / Pro $19.99/mo: 3.1 Pro
내 코드베이스 전체를 분석해서 CI/CD 관련 CI 누락·flaky 위치를 보고해줘.
Grok
무료: Grok 4.1 / SuperGrok $30/mo
2026년 한국 기업의 CI/CD 채택률과 한국 IT CI/CD 트렌드를 솔직히 알려줘.
⭐ 이것만 기억하세요
CI/CD: GitHub Actions + Docker는 이 3가지만 확실히 잡으세요
1.Multi-stage Dockerfile + 비루트 사용자 + 헬스체크 = 프로덕션 표준
2.GitHub Actions로 빌드·테스트·ECR 푸시·ECS 배포 자동화
3.다음 모듈(CH.21~30)에서 마이크로서비스 — Gateway/Eureka/Kafka/SAGA/K8s
공유하기
진행도 89 / 99