infra: 도커 컴포즈 및 운영서버 CICD 구축

[dev-ant]

📋 상세 설명

• 운영 환경 전용 docker-compose-prod.yaml 추가, 헬스 체크 및 리소스 제한 설정 포함
• 운영 서버 배포 시 SSH 포트 지정 가능하도록 개선, 테스트 완료 후 dev 트리거 제거 예정 (완료)
• 기존 docker-compose 파일 개선
  • java opt, docker resource, health 등 변동이 적은 설정 값 ENV_FILE에서 docker-compose 파일로 기본값 보장
  • 보안상 민감한 정보 제거

📊 체크리스트

• PR 제목이 형식에 맞나요 e.g. feat: PR을 등록한다
• 코드가 테스트 되었나요
• 문서는 업데이트 되었나요
• 불필요한 코드를 제거했나요
• 이슈와 라벨이 등록되었나요

📆 마감일

Close #84

[github-actions]

✅ 테스트 결과 for PR

Build: success

🧪 테스트 실행 with Gradle
📈 Coverage: -0.00%

📁 테스트 결과
📁 커버리지 보고서 (HTML)

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

[Copilot]

Pull request overview

This PR modifies the production CI/CD workflow for testing purposes and adds a new docker-compose-prod.yaml configuration file. The changes are explicitly marked as temporary (with Korean comments indicating "테스트 이후에 dev 지울 것" - "remove dev after testing") to test the production pipeline deployment flow.

Changes:

• Added docker-compose-prod.yaml with production-specific service configurations including autoheal, health checks, and resource limits
• Modified push-cd-prod.yml workflow to trigger on 'dev' branch pushes and pull requests (temporary for testing)
• Added SSH port parameter to production server deployment command

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 4 comments.

File	Description
docker-compose-prod.yaml	New production Docker Compose configuration with spring-app and autoheal services, including comprehensive JVM tuning, health checks, and resource limits
.github/workflows/push-cd-prod.yml	Modified workflow triggers to include dev branch and pull requests for testing purposes; added SSH port parameter for production server connection

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The Docker image is being built and tagged in the docker-compose file, but this approach can lead to unexpected behavior in production deployments. In a CD pipeline, the image should already be built and pushed to a registry during the CI phase. The docker-compose file should only pull and run the pre-built image, not build it. Consider removing the 'build' section and only keeping the 'image' reference to pull from the registry.

Suggested change

	build:
	context: .
	dockerfile: Dockerfile

[Copilot]

This workflow is designed for production deployments but now triggers on 'dev' branch pushes and pull requests. This is a significant security and operational risk as it could deploy untested code to production. Production CD workflows should only trigger on the main/master branch and should not trigger on pull requests. The temporary test configuration should be removed before merging, or a separate workflow should be created for testing purposes.

Suggested change

	branches: [ main, dev ] # Only main branch, 테스트 이후에 dev 지울 것
	pull_request:
	branches: [ dev, main ] # 테스트 이후에 지울 것
	types: [ opened, synchronize, reopened ]
	branches: [ main ]