[RELEASE] v2.2.2 GitHub Actions Gradle 중복 빌드 제거#367
Conversation
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…-build fix: GitHub Actions Gradle 중복 빌드 제거
Summary of ChangesHello, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request optimizes the CI/CD and local development workflow by shifting the responsibility of building the application JAR from the Docker container to the host environment. By removing the multi-stage build in the Dockerfile and updating the build configuration, the process avoids redundant Gradle builds, leading to faster deployment and container image creation. Highlights
New Features🧠 You can now enable Memory (public preview) to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console. Ignored Files
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize the Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counterproductive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here. The build was slow and took its time, With Gradle running in its prime. We moved the task outside the gate, Now Docker starts at faster rate. Footnotes
|
There was a problem hiding this comment.
Code Review
이번 풀 리퀘스트는 Docker 빌드 과정을 멀티 스테이지 빌드에서 로컬에서 빌드된 JAR 파일을 직접 복사하는 단일 스테이지 방식으로 단순화하고, .dockerignore 및 build.gradle 설정을 조정하였습니다. 이에 대한 피드백으로, 컨테이너 보안 강화를 위해 Dockerfile에서 root 권한 대신 비특권(non-root) 사용자를 생성하여 애플리케이션을 실행하도록 변경할 것과, .dockerignore에서 모든 하위 디렉토리의 .DS_Store 파일을 재귀적으로 제외할 수 있도록 **/.DS_Store 패턴을 사용할 것을 제안합니다.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
| FROM --platform=linux/amd64 eclipse-temurin:17-jre-alpine | ||
| WORKDIR /app | ||
|
|
||
| # 빌드 단계에서 생성된 JAR 파일 복사 (파일명이 프로젝트에 따라 달라질 수 있으므로 와일드카드 사용) | ||
| COPY --from=builder /home/gradle/project/build/libs/*.jar app.jar | ||
| COPY build/libs/eat-ssu.jar app.jar | ||
|
|
||
| # 컨테이너에서 사용할 포트 (필요 시 변경) | ||
| EXPOSE 9000 | ||
|
|
||
| # 애플리케이션 실행 | ||
| ENTRYPOINT ["java", "-jar", "app.jar"] |
There was a problem hiding this comment.
현재 Dockerfile은 root 권한으로 애플리케이션을 실행하도록 설정되어 있습니다. 컨테이너 내에서 root 권한으로 프로세스를 실행하는 것은 보안상 위험할 수 있으므로, 별도의 비특권(non-root) 사용자를 생성하여 실행하는 것을 권장합니다. eclipse-temurin:17-jre-alpine 이미지에서는 spring 사용자와 그룹을 생성하고, 해당 사용자로 애플리케이션을 실행하도록 설정을 변경할 수 있습니다.
FROM --platform=linux/amd64 eclipse-temurin:17-jre-alpine
WORKDIR /app
RUN addgroup -S spring && adduser -S spring -G spring
COPY --chown=spring:spring build/libs/eat-ssu.jar app.jar
USER spring:spring
EXPOSE 9000
ENTRYPOINT ["java", "-jar", "app.jar"]
| .gradle/ | ||
| .idea/ | ||
| .DS_Store | ||
| */.DS_Store |
#️⃣ Issue Number
📝 요약(Summary)
💬 공유사항 to 리뷰어
✅ PR Checklist
PR이 다음 요구 사항을 충족하는지 확인하세요.