From 4e674b2bc9b033507ed340ad83febaf7e35f5cfd Mon Sep 17 00:00:00 2001 From: kjh2064 Date: Sat, 4 Jul 2026 20:37:49 +0900 Subject: [PATCH] ci: validate public and admin page bodies --- .gitea/workflows/deploy.yml | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index 5cff172..c829767 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -370,7 +370,11 @@ jobs: check_public() { local url="$1" local allow_redirect="${2:-0}" + local must_contain="${3:-}" + local must_not_contain="${4:-}" local status + local body + body=$(curl -fsSL --max-time 15 "$url" 2>/dev/null || true) status=$(curl -s -o /dev/null -w '%{http_code}' --max-time 15 "$url" || echo "000") if [ "$allow_redirect" = "1" ]; then if ! printf '%s' "$status" | grep -Eq '^(200|301|302|303|307|308)$'; then @@ -381,6 +385,14 @@ jobs: echo " ✗ $url → HTTP $status" >&2 return 1 fi + if [ -n "$must_contain" ] && ! printf '%s' "$body" | grep -q "$must_contain"; then + echo " ✗ $url → body missing required marker: $must_contain" >&2 + return 1 + fi + if [ -n "$must_not_contain" ] && printf '%s' "$body" | grep -q "$must_not_contain"; then + echo " ✗ $url → body contains forbidden marker: $must_not_contain" >&2 + return 1 + fi echo " ✓ $url → HTTP $status" return 0 } @@ -388,9 +400,9 @@ jobs: echo "--- 실제 공개 도메인 종단 간 검증 (Nginx/Cloudflare 경유, 최대 3회 재시도) ---" PUBLIC_OK=false for i in 1 2 3; do - if check_public "https://www.taxbaik.com/" 1 \ - && check_public "https://www.taxbaik.com/taxbaik/" 1 \ - && check_public "https://www.taxbaik.com/taxbaik/admin/login"; then + if check_public "https://www.taxbaik.com/" 1 "백원숙 세무회계" "관리자" \ + && check_public "https://www.taxbaik.com/taxbaik/" 1 "백원숙 세무회계" "관리자" \ + && check_public "https://www.taxbaik.com/taxbaik/admin/login" 0 "TaxBaik Admin" ""; then PUBLIC_OK=true break fi @@ -400,7 +412,7 @@ jobs: if [ "$PUBLIC_OK" != "true" ]; then echo "❌ FATAL: 실제 공개 도메인 검증 실패. Nginx가 죽은 포트를 가리키거나 잘못된 파일을 수정했을 가능성이 높다." >&2 - echo " 확인: sites-enabled/의 실제 파일에서 location / 와 location /taxbaik 모두 127.0.0.1:5001을 가리키는지 점검" >&2 + echo " 확인: sites-enabled/의 실제 파일에서 location / 은 public 홈을, /taxbaik/admin 은 관리자 앱을 가리키는지 점검" >&2 exit 1 fi echo "✓ 실제 공개 도메인 전체 정상"