infra: Github Actions Docker Compose CD 파이프 라인 구축

[dev-ant]

📋 상세 설명

• Github Actions Docker Compose CD 파이프 라인 구축

📊 체크리스트

• PR 제목이 형식에 맞나요 e.g. feat: PR을 등록한다
• 코드가 테스트 되었나요
• 문서는 업데이트 되었나요
• 불필요한 코드를 제거했나요
• 이슈와 라벨이 등록되었나요

📆 마감일

Close #3

[Copilot]

Pull Request Overview

This PR establishes a GitHub Actions CD pipeline using Docker Compose for automated deployment. The setup includes containerization of a Spring Boot application and automated deployment to a remote server.

• Docker containerization setup with Dockerfile and compose configuration
• GitHub Actions workflow for automated build, test, and deployment
• Docker image management with automated push to Docker Hub and remote server deployment

Reviewed Changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 5 comments.

File	Description
docker-compose-dev.yaml	Defines Spring application service with health checks, logging, and networking configuration
Dockerfile	Creates containerized Spring Boot application using OpenJDK 21
.github/workflows/push-cd-dev.yml	Implements CD pipeline with build, Docker operations, and remote deployment
.dockerignore	Excludes unnecessary files from Docker build context for optimized image creation

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[Copilot]

This workflow is named 'CD for Dev Push' but is triggered on pull_request events, not push events. CD (Continuous Deployment) should typically run on push to deploy changes, not on pull requests which are usually for CI (Continuous Integration).

Suggested change

	push:
	branches: [ dev, main ]

[Copilot]

Docker credentials are exposed in the workflow logs. Consider using the official docker/login-action@v3 which handles credentials more securely.

Suggested change

	run: echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKER_USERNAME }}
	password: ${{ secrets.DOCKER_PASSWORD }}

[Copilot]

Writing environment variables directly to a file on the remote server exposes sensitive data in workflow logs and command history. Consider using a more secure method to transfer environment variables.

Suggested change

	- name: Write .env file locally
	run: |
	echo "${{ secrets.ENV_FILE }}" > .env
	shell: bash
	- name: Copy .env file to server
	run: |
	scp -i ~/.ssh/my-key.pem -o StrictHostKeyChecking=no .env ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_HOST }}:/home/${{ secrets.SERVER_USER }}/app/.env
	- name: Deploy and Restart Container
	run: |
	ssh -i ~/.ssh/my-key.pem ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_HOST }} << 'EOF'
	mkdir -p /home/${{ secrets.SERVER_USER }}/app
	cd /home/${{ secrets.SERVER_USER }}/app

[Copilot]

The health check assumes curl is available in the container, but the Dockerfile uses openjdk:21-jdk-slim which doesn't include curl by default. This will cause health checks to fail.

Suggested change

	test: ["CMD", "curl", "-f", "http://localhost:${SERVER_PORT}/actuator/health"]
	test: ["CMD-SHELL", "command -v curl >/dev/null 2>&1 && curl -f http://localhost:${SERVER_PORT}/actuator/health || exit 1"]

[Copilot]

The .gradle/ directory is listed twice (lines 30 and 32), which is redundant.

Suggested change

.gradle/