Merge pull request 'gitea-action-runner test' (#8) from feature/git-action3 into master

Reviewed-on: #8
Reviewed-by: saydev <gomdobi@sayinfo.co.kr>

.mvn/settings.xml

@@ -0,0 +1,10 @@
+<settings>
+    <mirrors>
+        <mirror>
+            <id>sayinfo-nexus</id>
+            <name>Sayinfo Nexus</name>
+            <url>https://nexus.sayinfo.co.kr/repository/maven-public/</url>
+            <mirrorOf>*</mirrorOf>
+        </mirror>
+    </mirrors>
+</settings>

Dockerfile

@@ -0,0 +1,38 @@
+# 1단계: OTEL Java 에이전트 다운로드
+FROM alpine:3.20 AS otel
+ARG OTEL_VERSION=2.21.0
+
+RUN apk add --no-cache curl && \
+    curl -fL \
+      https://github.com/open-telemetry/opentelemetry-java-instrumentation/releases/download/v${OTEL_VERSION}/opentelemetry-javaagent.jar \
+      -o /opentelemetry-javaagent.jar
+
+# 2단계: Tomcat 이미지 (Java 8 기준, Java 17 쓸 거면 jdk17-temurin 그대로 사용)
+FROM tomcat:9.0-jdk8-temurin
+
+ENV TZ=Asia/Seoul \
+    OTEL_SERVICE_NAME=helpdesk_service \
+    OTEL_EXPORTER_OTLP_ENDPOINT=http://192.168.100.203:4317 \
+    OTEL_EXPORTER_OTLP_PROTOCOL=grpc \
+    OTEL_RESOURCE_ATTRIBUTES="deployment.environment=prod" \
+    JAVA_TOOL_OPTIONS="-javaagent:/opt/opentelemetry-javaagent.jar"
+
+# 타임존 설정
+RUN ln -sf /usr/share/zoneinfo/Asia/Seoul /etc/localtime
+
+# OTEL 에이전트 복사
+COPY --from=otel /opentelemetry-javaagent.jar /opt/opentelemetry-javaagent.jar
+# OTEL 1000:1000 으로 구동 가능 하도록 처리
+RUN chown 1000:1000 /opt/opentelemetry-javaagent.jar
+
+# 🔽 기본 웹앱 정리
+RUN rm -rf /usr/local/tomcat/webapps/*
+
+# Maven 빌드된 WAR 복사
+# Maven 빌드 결과 파일명에 맞게 수정
+COPY target/sayit-helpdesk.war /usr/local/tomcat/webapps/ROOT.war
+# TOMCAT 구동전 톰캣은 1000:1000 으로 구동 할 수 있도록 조정
+RUN chown -R 1000:1000 /usr/local/tomcat/
+
+EXPOSE 8080
+CMD ["catalina.sh","run"]

Jenkinsfile

@@ -0,0 +1,132 @@
+// Jenkinsfile — Kaniko build + K8s deploy (latest only)
+def L      = 'kaniko-and-deploy'
+def REG    = 'harbor.sayinfo.co.kr'
+def IMAGE  = 'sayit-helpdesk/helpdesk-service'   // Harbor 프로젝트/레포 이름에 맞게 유지 또는 수정
+def APP_NS = 'sayit-helpdesk'                   // 실제 K8s 네임스페이스와 일치해야 함
+def DEPLOY = 'sayit-helpdesk-service'           // 실제 Deployment 이름과 일치해야 함
+
+podTemplate(
+  label: L,
+  yaml: """
+apiVersion: v1
+kind: Pod
+spec:
+  serviceAccountName: default
+  securityContext:
+    fsGroup: 1001
+    fsGroupChangePolicy: OnRootMismatch
+  hostAliases:
+    - ip: "192.168.0.210"
+      hostnames:
+        - "harbor.sayinfo.co.kr"
+        - "nexus.sayinfo.co.kr"
+  containers:
+    - name: maven
+      image: maven:3.9.9-eclipse-temurin-8
+      command: ["/bin/sh","-lc"]
+      args: ["sleep 99d"]
+      tty: true
+      volumeMounts:
+        - name: workspace-volume
+          mountPath: /home/jenkins/agent
+        - name: maven-cache
+          mountPath: /root/.m2
+    - name: kaniko
+      image: gcr.io/kaniko-project/executor:debug
+      command: ["/busybox/sh","-c"]
+      args: ["sleep 99d"]
+      tty: true
+      volumeMounts:
+        - name: kaniko-auth
+          mountPath: /kaniko/.docker
+        - name: workspace-volume
+          mountPath: /home/jenkins/agent
+    - name: kubectl
+      image: bitnamilegacy/kubectl:latest
+      command: ["/bin/sh","-lc"]
+      args: ["sleep 99d"]
+      securityContext:
+        runAsUser: 0
+        runAsGroup: 0
+      tty: true
+      volumeMounts:
+        - name: workspace-volume
+          mountPath: /home/jenkins/agent
+  volumes:
+    - name: kaniko-auth
+      projected:
+        sources:
+          - secret:
+              name: regcred-sayit-helpdesk
+              items:
+                - key: .dockerconfigjson
+                  path: config.json
+    - name: workspace-volume
+      emptyDir: {}
+    - name: maven-cache
+      persistentVolumeClaim:
+        claimName: maven-repo-pvc
+"""
+) {
+  node(L) {
+    timestamps {
+      stage('Checkout') {
+        checkout scm
+      }
+
+      stage('Maven Build') {
+        container('maven') {
+          sh '''
+            set -eux
+            cd "${WORKSPACE}"
+            mvn -B -q -e -T 1C -s .mvn/settings.xml clean package -DskipTests
+          '''
+        }
+      }
+
+      stage('Preflight (Kaniko)') {
+        container('kaniko') {
+          sh '''
+            set -eux
+            cd "${WORKSPACE}"
+            test -f /kaniko/.docker/config.json
+            nslookup harbor.sayinfo.co.kr || true
+            grep harbor /etc/hosts || true
+          '''
+        }
+      }
+
+      stage('Build & Push (Kaniko)') {
+        container('kaniko') {
+          sh """
+            set -eux
+            cd "\${WORKSPACE}"
+            /kaniko/executor \\
+              --context=. \\
+              --dockerfile=Dockerfile \\
+              --destination=${REG}/${IMAGE}:latest \\
+              --snapshot-mode=redo \\
+              --skip-tls-verify \\
+              --cache=true \\
+              --cache-repo=${REG}/sayit-helpdesk/build-cache
+          """
+        }
+      }
+
+       stage('Deploy to Kubernetes') {
+        container('kubectl') {
+          sh """
+            set -eux
+            kubectl -n ${APP_NS} set image deploy/${DEPLOY} ${DEPLOY}=${REG}/${IMAGE}:latest
+            kubectl -n ${APP_NS} rollout restart deploy/${DEPLOY}
+            kubectl -n ${APP_NS} rollout status deploy/${DEPLOY} --timeout=300s
+
+            kubectl -n ${APP_NS} get deploy ${DEPLOY} -o wide
+            kubectl -n ${APP_NS} get pods -l app=${DEPLOY} -o wide
+            kubectl -n ${APP_NS} get pod -l app=${DEPLOY} -o jsonpath='{.items[*].spec.containers[*].image}'; echo
+          """
+        }
+      }
+    }
+  }
+}