빌더 피드 QA 수정 및 댓글 기능 추가 #784
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # CI: PR에서 품질 체크(린트/타입/빌드/스토리북/보안) | |
| name: CI | |
| # 트리거: develop/main 대상으로 열리는 PR에서 실행 | |
| on: | |
| pull_request: | |
| branches: | |
| - develop | |
| - main | |
| - sprint2 | |
| jobs: | |
| # ESLint로 코드 스타일/버그 패턴 검사(경고를 실패로 취급) | |
| # 실패 시: yarn lint:fix | |
| lint: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "20" | |
| cache: "yarn" | |
| - name: Install dependencies | |
| run: yarn install --frozen-lockfile | |
| - name: Lint | |
| run: yarn lint | |
| # TypeScript 컴파일러로 타입 체크(빌드 없이 타입만 검증) | |
| typecheck: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "20" | |
| cache: "yarn" | |
| - name: Install dependencies | |
| run: yarn install --frozen-lockfile | |
| - name: Type Check | |
| run: yarn typecheck | |
| # Prettier로 코드 포맷 검사(형식 불일치 시 실패) | |
| # 실패 시: yarn prettier:fix | |
| prettier: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "20" | |
| cache: "yarn" | |
| - name: Install dependencies | |
| run: yarn install --frozen-lockfile | |
| - name: Prettier Check | |
| run: yarn prettier | |
| # Next.js 프로덕션 빌드(정적 분석 및 페이지 최적화 포함) | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "20" | |
| cache: "yarn" | |
| - name: Install dependencies | |
| run: yarn install --frozen-lockfile | |
| - name: Build | |
| run: yarn build | |
| # Storybook 정적 빌드(UI 카탈로그가 깨지지 않는지 확인) | |
| storybook: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "20" | |
| cache: "yarn" | |
| - name: Install dependencies | |
| run: yarn install --frozen-lockfile | |
| - name: Build Storybook | |
| run: yarn build-storybook | |
| # Playwright E2E: 스테이징 환경 대상 실행 | |
| # E2E_AUTH_JSON secret 설정 시 @auth 태그 포함 전체 스위트 실행 | |
| # secret 누락/만료 시 비인증 테스트만 실행 (fallback) | |
| # 갱신 절차: yarn e2e:save-auth → GitHub Secret E2E_AUTH_JSON 업데이트 | |
| e2e: | |
| runs-on: ubuntu-latest | |
| env: | |
| E2E_AUTH_JSON: ${{ secrets.E2E_AUTH_JSON }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "20" | |
| cache: "yarn" | |
| - name: Install dependencies | |
| run: yarn install --frozen-lockfile | |
| - name: Install Playwright browsers | |
| run: npx playwright install --with-deps chromium | |
| - name: Write auth session | |
| if: env.E2E_AUTH_JSON != '' | |
| run: | | |
| mkdir -p e2e/fixtures | |
| printf '%s' "$E2E_AUTH_JSON" > e2e/fixtures/auth.json | |
| node -e "JSON.parse(require('fs').readFileSync('e2e/fixtures/auth.json','utf8'))" \ | |
| || { echo "::error::E2E_AUTH_JSON is not valid JSON"; exit 1; } | |
| - name: Check auth session expiry | |
| if: env.E2E_AUTH_JSON != '' | |
| run: | | |
| node -e " | |
| const fs = require('fs'); | |
| const a = JSON.parse(fs.readFileSync('e2e/fixtures/auth.json','utf8')); | |
| const refreshTokens = (a.cookies || []).filter( | |
| c => c.name === 'refresh_token' && c.domain.includes('zeroone.it.kr') && c.expires && c.expires > 0 | |
| ); | |
| if (refreshTokens.length === 0) { | |
| console.log('::warning::No refresh_token cookie found for zeroone.it.kr — falling back to non-auth suite.'); | |
| fs.appendFileSync(process.env.GITHUB_ENV, 'AUTH_EXPIRED=true\n'); | |
| process.exit(0); | |
| } | |
| const minExp = Math.min(...refreshTokens.map(c => c.expires)); | |
| const now = Date.now(); | |
| if (minExp * 1000 < now) { | |
| console.log('::warning::refresh_token is expired — falling back to non-auth suite. Re-run yarn e2e:save-auth and update E2E_AUTH_JSON secret.'); | |
| fs.appendFileSync(process.env.GITHUB_ENV, 'AUTH_EXPIRED=true\n'); | |
| process.exit(0); | |
| } | |
| const sevenDays = 7 * 86400 * 1000; | |
| if (minExp * 1000 < now + sevenDays) { | |
| console.log('::warning::refresh_token expires within 7 days. Re-run yarn e2e:save-auth and update E2E_AUTH_JSON secret.'); | |
| } | |
| " | |
| - name: Warn when auth secret missing | |
| if: env.E2E_AUTH_JSON == '' | |
| run: echo "::warning::E2E_AUTH_JSON not set — skipping @auth tests" | |
| - name: Run E2E tests (full suite, with auth) | |
| if: env.E2E_AUTH_JSON != '' && env.AUTH_EXPIRED != 'true' | |
| run: yarn e2e | |
| env: | |
| E2E_BASE_URL: https://test.zeroone.it.kr | |
| - name: Run E2E tests (non-auth only) | |
| if: env.E2E_AUTH_JSON == '' || env.AUTH_EXPIRED == 'true' | |
| run: yarn e2e --grep-invert @auth | |
| env: | |
| E2E_BASE_URL: https://test.zeroone.it.kr | |
| - name: Upload Playwright report | |
| if: ${{ !cancelled() }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: playwright-report | |
| path: playwright-report/ | |
| retention-days: 7 | |
| # 보안 감사: 고위험 이상의 취약점 리포트(현재는 비차단) | |
| # 실패로 처리하려면 '|| true'를 제거하세요. | |
| security: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "20" | |
| cache: "yarn" | |
| - name: Install dependencies | |
| run: yarn install --frozen-lockfile | |
| - name: Security Audit | |
| run: yarn audit --level high || true |