[HOTFIX] 서버 이전을 하며 workflow 및 터널링 방식 변경 (#41)

Honghyeonji · web-flow · commit 1bc761c3e353 · 2025-03-14T18:55:23.000+09:00
* 🙀 chore: workflow ssh key로 셋팅하여 테스트

* 🔨 refactor: mongodb ssh터널링 연결할 때 password방식에서 pem 방식으로 변경

* 🙀 chore: check branch workflow hotfix 브랜치 양식 추가

* 🙀 chore: check branch 목록 추가 (chore_yymmdd)

* 🙀 chore: main 및 dev workflow 스크립트 수정
diff --git a/.github/workflows/boolock-dev-cicd.yml b/.github/workflows/boolock-dev-cicd.yml
@@ -2,7 +2,10 @@ name: dev ci/cd action
 
 on:
   push:
-    branches: ['main']
+    branches: ['dev']
+  pull_request:
+    branches: ['dev']
+  workflow_dispatch:
 
 jobs:
   build:
@@ -74,26 +77,30 @@ jobs:
             DOCKERHUB_USERNAME=${{ secrets.DOCKERHUB_USERNAME }}
             TYPE=test
 
-  deploy:
-    if: github.event_name == 'push'
-    needs: build
-    runs-on: ubuntu-latest
-    steps:
-      - name: Deploy with docker
-        uses: appleboy/ssh-action@v0.1.6
-        with:
-          host: ${{ secrets.TEST_SSH_HOST }}
-          username: ${{ secrets.TEST_SSH_USER }}
-          password: ${{ secrets.TEST_SSH_PASSWORD }}
-          port: ${{ secrets.TEST_SSH_PORT }}
-          script: |
-            cd boolock/refactor-web31-BooLock
-            git fetch origin
-            git checkout dev
-            git pull origin dev
+  ## [NOTICE] 지금처럼 4대의 서버 유지가 어려워, main 서버 두개만 유지시킬 예정입니다.
+  ## 당분간은 빌드 체크만 수행하도록 합니다.
+  ## 리팩토링 작업 중 서버에 올려 실수행 과정을 체크할 필요가 있을 시 따로 말해주세요.
+
+  # deploy:
+  #   if: github.event_name == 'push'
+  #   needs: build
+  #   runs-on: ubuntu-latest
+  #   steps:
+  #     - name: Deploy with docker
+  #       uses: appleboy/ssh-action@v0.1.6
+  #       with:
+  #         host: ${{ secrets.TEST_SSH_HOST }}
+  #         username: ${{ secrets.TEST_SSH_USER }}
+  #         key: ${{ secrets.TEST_SSH_KEY }}
+  #         port: ${{ secrets.TEST_SSH_PORT }}
+  #         script: |
+  #           cd boolock/refactor-web31-BooLock
+  #           git fetch origin
+  #           git checkout hotfix_250308
+  #           git pull origin hotfix_250308
 
-            echo "DOCKERHUB_USERNAME=${{ secrets.DOCKERHUB_USERNAME }}" > .env
-            echo "${{ secrets.DOCKERHUB_ACCESS_TOKEN }}" | docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin
+  #           echo "DOCKERHUB_USERNAME=${{ secrets.DOCKERHUB_USERNAME }}" > .env
+  #           echo "${{ secrets.DOCKERHUB_ACCESS_TOKEN }}" | docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin
 
-            sudo docker compose -f docker-compose.test.yml pull
-            sudo docker compose -f docker-compose.test.yml up -d --force-recreate --remove-orphans
+  #           sudo docker compose -f docker-compose.yml pull
+  #           sudo docker compose -f docker-compose.yml up -d --force-recreate --remove-orphans
diff --git a/.github/workflows/boolock-main-cicd.yml b/.github/workflows/boolock-main-cicd.yml
@@ -85,25 +85,21 @@ jobs:
     needs: build
     runs-on: ubuntu-latest
     steps:
-      - name: Login to Docker Hub
-        run: |
-          echo "${{ secrets.DOCKERHUB_ACCESS_TOKEN }}" | docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin
-
       - name: Deploy with docker
         uses: appleboy/ssh-action@v0.1.6
         with:
           host: ${{ secrets.SSH_HOST }}
           username: ${{ secrets.SSH_USER }}
-          password: ${{ secrets.SSH_PASSWORD }}
+          key: ${{ secrets.SSH_KEY }}
           port: ${{ secrets.SSH_PORT }}
           script: |
             cd boolock/refactor-web31-BooLock
             git fetch origin
-            git checkout main
-            git pull origin main
+            git checkout hotfix_250308
+            git pull origin hotfix_250308
 
             echo "DOCKERHUB_USERNAME=${{ secrets.DOCKERHUB_USERNAME }}" > .env
             echo "${{ secrets.DOCKERHUB_ACCESS_TOKEN }}" | docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin
 
-            sudo docker compose pull
-            sudo docker compose up -d --force-recreate --remove-orphans
+            sudo docker compose -f docker-compose.yml pull
+            sudo docker compose -f docker-compose.yml up -d --force-recreate --remove-orphans
diff --git a/.github/workflows/check-branch.yml b/.github/workflows/check-branch.yml
@@ -16,8 +16,8 @@ jobs:
           branch_name=$(jq -r .pull_request.head.ref "$GITHUB_EVENT_PATH")
           echo "Source Branch: $branch_name"
 
-          if [[ ! $branch_name =~ ^(feat/[0-9]+|bug/[0-9]+|refactor/[0-9]+|hotfix_[0-9]{4}|chore_[0-9]{4}|gh-pages)$ ]]; then
-            echo "Error: Branch name must follow the pattern 'feat/[number]', 'bug/[number]', 'hotfix_mmdd', 'chore_mmdd', or 'gh-pages'."
+          if [[ ! $branch_name =~ ^(feat/[0-9]+|bug/[0-9]+|refactor/[0-9]+|hotfix_[0-9]{4}|hotfix_[0-9]{6}|chore_[0-9]{4}|chore_[0-9]{6}|gh-pages)$ ]]; then
+            echo "Error: Branch name must follow the pattern 'feat/[number]', 'bug/[number]', 'hotfix_mmdd', 'hotfix_yymmdd', 'chore_mmdd', 'chore_yymmdd' or 'gh-pages'."
             exit 1
           fi
 
diff --git a/.gitignore b/.gitignore
@@ -43,4 +43,6 @@ swagger-output.json
 # Ignore Storybook build folder
 storybook-static/
 
-ssl/
+ssl/
+
+*.pem
diff --git a/apps/server/src/config/dbConnection.ts b/apps/server/src/config/dbConnection.ts
@@ -1,6 +1,7 @@
 import mongoose from 'mongoose';
 import 'dotenv/config';
 import { createTunnel } from 'tunnel-ssh';
+import fs from 'fs';
 
 const setDbConnection = async () => {
   const isLocal = process.env.IS_LOCAL === 'true';
@@ -14,7 +15,7 @@ const setDbConnection = async () => {
       host: process.env.SSH_HOST,
       port: process.env.SSH_PORT,
       username: process.env.SSH_USER,
-      password: process.env.SSH_PASSWORD,
+      privateKey: fs.readFileSync('./pem/boolock-public-key.pem'),
     };
 
     const serverOptions = {
