diff --git a/.github/workflows/ai-workflow.yml b/.github/workflows/ai-workflow.yml index 129dc3d..bf52718 100644 --- a/.github/workflows/ai-workflow.yml +++ b/.github/workflows/ai-workflow.yml @@ -5,10 +5,11 @@ name: CI/CD for AI Service on: push: branches: [ "release/1.0.0" ] - paths: - - 'msa-ai-service/**' -# 워크플로우 전체에서 사용할 환경 변수 + + + + env: AWS_REGION: ap-northeast-2 SERVICE_DIR: msa-ai-service @@ -17,7 +18,8 @@ env: ECS_TASK_DEFINITION_FAMILY: ai-service-td CONTAINER_NAME: msa-ai-service -# GitHub Actions Runner에 부여할 권한 (AWS OIDC 인증용) + +# GitHub Actions Runner에 부여할 권한 permissions: id-token: write contents: read @@ -67,11 +69,20 @@ jobs: echo "file=task-definition.json" >> $GITHUB_OUTPUT + - name: Clean task definition for old SDK + id: clean-task-def + run: | + # jq를 사용해 다운로드한 파일에서 enableFaultInjection 키를 삭제합니다. + jq 'del(.enableFaultInjection)' ${{ steps.download-task-def.outputs.file }} > cleaned-task-def.json + echo "file=cleaned-task-def.json" >> $GITHUB_OUTPUT + + - name: Render Amazon ECS task definition id: render-task-def uses: aws-actions/amazon-ecs-render-task-definition@v1 with: - task-definition: ${{ steps.download-task-def.outputs.file }} + task-definition: ${{ steps.clean-task-def.outputs.file }} + container-name: ${{ env.CONTAINER_NAME }} image: ${{ steps.build-image.outputs.image }} @@ -83,3 +94,4 @@ jobs: service: ${{ env.ECR_REPOSITORY }} cluster: ${{ env.ECS_CLUSTER_NAME }} wait-for-service-stability: true + diff --git a/msa-ai-service/task-definition.json b/msa-ai-service/task-definition.json new file mode 100644 index 0000000..4ad9960 --- /dev/null +++ b/msa-ai-service/task-definition.json @@ -0,0 +1,96 @@ +{ + "taskDefinitionArn": "arn:aws:ecs:ap-northeast-2:490913547024:task-definition/ai-service-td:1", + "containerDefinitions": [ + { + "name": "msa-ai-service", + "image": "", + "cpu": 0, + "portMappings": [ + { + "name": "msa-ai-service-8080-tcp", + "containerPort": 8080, + "hostPort": 8080, + "protocol": "tcp", + "appProtocol": "http" + } + + ], + "essential": true, + "environment": [ + { + "name": "SPRING_PROFILES_ACTIVE", + "value": "dev" + } + ], + "environmentFiles": [], + "mountPoints": [], + "volumesFrom": [], + "ulimits": [], + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs/ai-service-td", + "awslogs-create-group": "true", + "awslogs-region": "ap-northeast-2", + "awslogs-stream-prefix": "ecs" + }, + "secretOptions": [] + }, + "systemControls": [] + } + ], + "family": "ai-service-td", + "taskRoleArn": "arn:aws:iam::490913547024:role/ecs-task-role-store-service", + "executionRoleArn": "arn:aws:iam::490913547024:role/ecsTaskExecutionRole", + "networkMode": "awsvpc", + "revision": 1, + "volumes": [], + "status": "ACTIVE", + "requiresAttributes": [ + { + "name": "com.amazonaws.ecs.capability.logging-driver.awslogs" + }, + { + "name": "ecs.capability.execution-role-awslogs" + }, + { + "name": "com.amazonaws.ecs.capability.ecr-auth" + }, + { + "name": "com.amazonaws.ecs.capability.docker-remote-api.1.19" + }, + { + "name": "com.amazonaws.ecs.capability.task-iam-role" + }, + { + "name": "ecs.capability.execution-role-ecr-pull" + }, + { + "name": "com.amazonaws.ecs.capability.docker-remote-api.1.18" + }, + { + "name": "ecs.capability.task-eni" + }, + { + "name": "com.amazonaws.ecs.capability.docker-remote-api.1.29" + } + ], + "placementConstraints": [], + "compatibilities": [ + "EC2", + "FARGATE" + ], + "requiresCompatibilities": [ + "FARGATE" + ], + "cpu": "1024", + "memory": "2048", + "runtimePlatform": { + "cpuArchitecture": "X86_64", + "operatingSystemFamily": "LINUX" + }, + "registeredAt": "2025-08-20T06:33:30.113Z", + "registeredBy": "arn:aws:iam::490913547024:user/user1", + + "tags": [] +} \ No newline at end of file