🌏 Deploy - CICD Pipeline 구축 #21

dongkyeomjang · 2024-11-18T16:29:26Z

Related issue 🛠

closed #20

어떤 변경사항이 있었나요?

🐞 BugFix Something isn't working
💻 CrossBrowsing Browser compatibility
🌏 Deploy Deploy
🎨 Design Markup & styling
📃 Docs Documentation writing and editing (README.md, etc.)
✨ Feature Feature
🔨 Refactor Code refactoring
⚙️ Setting Development environment setup
✅ Test Test related (storybook, jest, etc.)

CheckPoint ✅

PR이 다음 요구 사항을 충족하는지 확인하세요.

PR 컨벤션에 맞게 작성했습니다. (필수)
Docker Container 환경으로 변경 사항에 대한 테스트를 했습니다.(버그 수정/기능에 대한 테스트). (필수)
Feature의 경우, API 문서 업데이트를 완료했습니다. (선택)
BugFix의 경우, 버그의 원인을 파악하였습니다. (선택)

Work Description ✏️

add dev-cicd.yml

Uncompleted Tasks 😅

N/A

To Reviewers 📢

Summary by CodeRabbit

New Features
- Introduced a GitHub Actions workflow for Continuous Integration and Continuous Deployment of the web application.
Bug Fixes
- Enhanced the .gitignore file to track the gradle-wrapper.jar and ignore specific IntelliJ IDEA and macOS files, improving project cleanliness.

coderabbitai · 2024-11-18T16:29:34Z

Walkthrough

A new GitHub Actions workflow file named dev-cicd.yml has been added to automate Continuous Integration (CI) and Continuous Deployment (CD) processes for a web application. This workflow is triggered on pull requests to the dev branch and includes steps for building the project and deploying it via Docker upon merging. Additionally, the .gitignore file has been updated to track specific Gradle wrapper files and to refine the list of ignored files, particularly related to IntelliJ IDEA and macOS.

Changes

File Path	Change Summary
.github/workflows/dev-cicd.yml	Introduced a new CI/CD workflow for the web application, including build and deployment steps.
.gitignore	Added exceptions for `gradle-wrapper.jar`, included IntelliJ IDEA plugin files, and macOS `.icloud` files.

Assessment against linked issues

Objective	Addressed	Explanation
CICD Pipeline 구축 (#20)	✅

🐰 In the meadow, we leap and play,
With CI/CD, we pave the way.
Gradle builds with a joyful cheer,
Deploying apps, we hold so dear.
IntelliJ's clutter, now out of sight,
Hop along, everything feels right! 🌼

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

Review comments: Directly reply to a review comment made by CodeRabbit. Example:
- I pushed a fix in commit <commit_id>, please review it.
- Generate unit testing code for this file.
- Open a follow-up GitHub issue for this discussion.
Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
- @coderabbitai generate unit testing code for this file.
- @coderabbitai modularize this function.
PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
- @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
- @coderabbitai read src/utils.ts and generate unit testing code.
- @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
- @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

@coderabbitai pause to pause the reviews on a PR.
@coderabbitai resume to resume the paused reviews.
@coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
@coderabbitai full review to do a full review from scratch and review all the files again.
@coderabbitai summary to regenerate the summary of the PR.
@coderabbitai resolve resolve all the CodeRabbit review comments.
@coderabbitai configuration to show the current CodeRabbit configuration for the repository.
@coderabbitai help to get help.

Other keywords and placeholders

Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (`.coderabbit.yaml`)

You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
Please see the configuration documentation for more information.
If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

Visit our Documentation for detailed information on how to use CodeRabbit.
Join our Discord Community to get help, request features, and share feedback.
Follow us on X/Twitter for updates and announcements.

coderabbitai

Actionable comments posted: 4

🧹 Outside diff range and nitpick comments (4)

.github/workflows/dev-cicd.yml (3)
3-9: Consider adding more PR event types for comprehensive coverage

The current configuration might miss important PR events. Consider adding these event types:

reopened: For handling reopened PRs

ready_for_review: For PRs coming out of draft state
 on:
   pull_request:
     branches: [ "dev" ]
     types:
       - opened
       - synchronize
       - closed
+      - reopened
+      - ready_for_review
1-93: Add security scanning step to the pipeline

Consider adding a security scanning step to identify vulnerabilities early in the pipeline.

Add this step before the Docker build:
- name: Run Trivy vulnerability scanner
  uses: aquasecurity/trivy-action@master
  with:
    image-ref: '${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKERHUB_REPONAME }}'
    format: 'table'
    exit-code: '1'
    ignore-unfixed: true
    vuln-type: 'os,library'
    severity: 'CRITICAL,HIGH'
🧰 Tools

🪛 yamllint

[error] 93-93: no new line character at the end of file

(new-line-at-end-of-file)

93-93: Add newline at end of file

Add a newline character at the end of the file to comply with YAML best practices and improve compatibility.
 docker run -d -p 8080:8080 --name api-server --network ${{secrets.DOCKER_NETWORKNAME}} ${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.DOCKERHUB_REPONAME }}
+
🧰 Tools

🪛 yamllint

[error] 93-93: no new line character at the end of file

(new-line-at-end-of-file)
.gitignore (1)
208-209: LGTM! Essential change for CI/CD pipeline.

The explicit inclusion of gradle-wrapper.jar is crucial for the CI/CD pipeline implementation. This ensures that:

Builds are reproducible across different environments

CI/CD workflows can execute Gradle tasks without requiring Gradle to be pre-installed

All developers and CI systems use the same Gradle version

This follows Gradle's best practices for version control.

For team members: The Gradle wrapper should always be committed to version control. If you need to update the wrapper version in the future, use:
./gradlew wrapper --gradle-version=<version>

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between db3916c and c950ce3.

⛔ Files ignored due to path filters (1)

gradle/wrapper/gradle-wrapper.jar is excluded by !**/*.jar

📒 Files selected for processing (2)

.github/workflows/dev-cicd.yml (1 hunks)
.gitignore (1 hunks)

🧰 Additional context used

🪛 yamllint