Merge pull request #15 from ktb3-team4/feat/clay/image

kimseonj · web-flow · commit 412eee959dda · 2025-12-13T23:34:00.000+09:00
Feat/clay/image
diff --git a/.github/workflows/cicd.yaml b/.github/workflows/cicd.yaml
@@ -16,6 +16,28 @@ env:
   IMAGE_TAG: latest
 
 jobs:
+  discover-servers:
+    runs-on: ubuntu-latest
+    outputs:
+      matrix: ${{ steps.set-matrix.outputs.matrix }}
+    steps:
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ${{ secrets.AWS_REGION }}
+
+      - name: Get frontend servers from AWS
+        id: set-matrix
+        run: |
+          SERVERS=$(aws ec2 describe-instances \
+            --filters "Name=tag:role,Values=frontend" "Name=instance-state-name,Values=running" \
+            --query 'Reservations[*].Instances[*].[PublicIpAddress]' \
+            --output json | jq -c 'flatten | map(select(. != null))')
+          echo "Discovered servers: $SERVERS"
+          echo "matrix={\"server\":$SERVERS}" >> $GITHUB_OUTPUT
+
   build-and-push:
     runs-on: ubuntu-latest
     steps:
@@ -33,17 +55,18 @@ jobs:
             --build-arg NEXT_PUBLIC_API_URL=${{ secrets.NEXT_PUBLIC_API_URL }} \
             --build-arg NEXT_PUBLIC_SOCKET_URL=${{ secrets.NEXT_PUBLIC_SOCKET_URL }} \
             --build-arg NEXT_PUBLIC_AWS_REGION=${{ secrets.AWS_REGION }} \
-            --build-arg NEXT_PUBLIC_AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} \
-            --build-arg NEXT_PUBLIC_AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} \
-            --build-arg NEXT_PUBLIC_AWS_S3_BUCKET=${{ secrets.AWS_S3_BUCKET }} \
+            --build-arg NEXT_PUBLIC_BUCKET=${{ secrets.NEXT_PUBLIC_BUCKET }} \
             --build-arg NEXT_PUBLIC_CLOUDFRONT_DOMAIN=${{ secrets.CLOUDFRONT_DOMAIN }} \
             -t $IMAGE_NAME:$IMAGE_TAG .
           docker push $IMAGE_NAME:$IMAGE_TAG
 
   deploy:
-    needs: build-and-push
+    needs: [build-and-push, discover-servers]
     runs-on: ubuntu-latest
     if: github.event_name == 'push'
+    strategy:
+      matrix: ${{ fromJson(needs.discover-servers.outputs.matrix) }}
+      fail-fast: false  # 한 서버 실패해도 다른 서버 계속 배포
     steps:
       - name: Set up SSH
         uses: webfactory/ssh-agent@v0.9.0
@@ -53,16 +76,28 @@ jobs:
       - name: Add known_hosts
         run: |
           mkdir -p ~/.ssh
-          ssh-keyscan -H ${{ secrets.SERVER_HOST }} >> ~/.ssh/known_hosts
+          ssh-keyscan -H ${{ matrix.server }} >> ~/.ssh/known_hosts
+
+      - name: Deploy to EC2 (${{ matrix.server }})
 
-      - name: Deploy to EC2
         run: |
-          ssh ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_HOST }} 'bash -s' <<EOF
+          ssh ${{ secrets.SERVER_USER }}@${{ matrix.server }} 'bash -s' <<EOF
           set -e
           DOCKER_USERNAME=${{ secrets.DOCKER_USERNAME }}
           DOCKER_TOKEN=${{ secrets.DOCKER_TOKEN }}
           IMAGE_NAME=\$DOCKER_USERNAME/front:latest
-          
+
+          echo ">>> Create .test file with environment variables"
+          cat > /home/${{ secrets.SERVER_USER }}/app/.test <<ENVFILE
+          NEXT_PUBLIC_API_URL=${{ secrets.NEXT_PUBLIC_API_URL }}
+          NEXT_PUBLIC_SOCKET_URL=${{ secrets.NEXT_PUBLIC_SOCKET_URL }}
+          NEXT_PUBLIC_AWS_REGION=${{ secrets.AWS_REGION }}
+          NEXT_PUBLIC_ACCESSKEY=${{ secrets.AWS_ACCESS_KEY_ID }}
+          NEXT_PUBLIC_SECRETKEY=${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          NEXT_PUBLIC_BUCKET=${{ secrets.NEXT_PUBLIC_BUCKET }}
+          NEXT_PUBLIC_CLOUDFRONT_DOMAIN=${{ secrets.CLOUDFRONT_DOMAIN }}
+          ENVFILE
+
           echo ">>> Docker Hub login"
           echo "\$DOCKER_TOKEN" | docker login -u "\$DOCKER_USERNAME" --password-stdin
           
@@ -74,10 +109,10 @@ jobs:
           cd /home/${{ secrets.SERVER_USER }}/app
           
           echo ">>> docker compose down (if exists)"
-          docker compose down || true
-          
+          docker compose -f /home/${{ secrets.SERVER_USER }}/app/docker-compose.yml down || true
+
           echo ">>> docker compose up -d"
-          docker compose up -d
-          
+          docker compose -f /home/${{ secrets.SERVER_USER }}/app/docker-compose.yml up -d
+
           echo ">>> Deployed!"
           EOF
diff --git a/services/fileService.js b/services/fileService.js
@@ -1,11 +1,12 @@
-import { S3Client, PutObjectCommand } from "@aws-sdk/client-s3";
 import axiosInstance from "./axios";
 import { Toast } from "../components/Toast";
 
 const CLOUDFRONT_DOMAIN = process.env.NEXT_PUBLIC_CLOUDFRONT_DOMAIN;
 
 const S3_CONFIG = {
   region: process.env.NEXT_PUBLIC_AWS_REGION,
+  bucket: process.env.NEXT_PUBLIC_BUCKET,
+
   credentials: {
     accessKeyId: process.env.NEXT_PUBLIC_AWS_ACCESS_KEY_ID,
     secretAccessKey: process.env.NEXT_PUBLIC_AWS_SECRET_ACCESS_KEY,
@@ -15,7 +16,6 @@ const S3_CONFIG = {
 
 class FileService {
   constructor() {
-    this._s3Client = null;
     this.bucket = S3_CONFIG.bucket;
     this.uploadLimit = 50 * 1024 * 1024; // 50MB
 
@@ -35,19 +35,6 @@ class FileService {
     };
   }
 
-  // S3 클라이언트 지연 초기화
-  get s3Client() {
-    if (!this._s3Client && S3_CONFIG.region) {
-      this._s3Client = new S3Client({
-        region: S3_CONFIG.region,
-        credentials: S3_CONFIG.credentials,
-        requestChecksumCalculation: "WHEN_REQUIRED",
-        responseChecksumValidation: "WHEN_REQUIRED",
-      });
-    }
-    return this._s3Client;
-  }
-
   // 파일 유효성 검사
   async validateFile(file) {
     if (!file) {
@@ -81,15 +68,8 @@ class FileService {
     return { success: true };
   }
 
-  // S3 직접 업로드
+  // S3 직접 업로드 (퍼블릭 버킷 - 인증 불필요)
   async uploadFile(file, onProgress) {
-    if (!this.s3Client) {
-      return {
-        success: false,
-        message: "S3 클라이언트가 초기화되지 않았습니다.",
-      };
-    }
-
     const validationResult = await this.validateFile(file);
     if (!validationResult.success) {
       return validationResult;
@@ -100,16 +80,25 @@ class FileService {
       const safeFileName = file.name.replace(/[^a-zA-Z0-9.-]/g, "_");
       const key = `images/${timestamp}_${safeFileName}`;
 
-      const command = new PutObjectCommand({
-        Bucket: this.bucket,
-        Key: key,
-        Body: file,
-        ContentType: file.type,
-      });
+      // S3 직접 업로드 (AWS SDK 없이 fetch 사용)
+      const region = S3_CONFIG.region;
+      const bucket = this.bucket;
+      const s3Url = `https://${bucket}.s3.${region}.amazonaws.com/${key}`;
 
-      // 진행률 시뮬레이션 (AWS SDK v3 기본 미지원)
       if (onProgress) onProgress(10);
-      await this.s3Client.send(command);
+
+      const response = await fetch(s3Url, {
+        method: 'PUT',
+        body: file,
+        headers: {
+          'Content-Type': file.type,
+        },
+      });
+
+      if (!response.ok) {
+        throw new Error(`S3 업로드 실패: ${response.status} ${response.statusText}`);
+      }
+
       if (onProgress) onProgress(100);
 
       // CloudFront URL 생성
