snorose · Yeon-chae · Jun 9, 2026 · Jun 9, 2026 · Jun 9, 2026 · Jun 9, 2026
diff --git a/.github/workflows/deploy-lambda.yaml b/.github/workflows/deploy-lambda.yaml
@@ -4,72 +4,129 @@ on:
   push:
     branches: [ "develop", "main" ]
 
+  workflow_dispatch:
+    inputs:
+      target_env:
+        description: "Manual deployment target"
+        required: true
+        type: choice
+        options:
+          - staging
+
 # OIDC 인증을 위한 권한 설정
 permissions:
-  id-token: write 
+  id-token: write
   contents: read
 
 jobs:
+  resolve:
+    name: Resolve deployment target
+    runs-on: ubuntu-latest
+
+    outputs:
+      env_type: ${{ steps.resolve.outputs.env_type }}
+      github_environment: ${{ steps.resolve.outputs.github_environment }}
+
+    steps:
+      - name: Resolve target environment
+        id: resolve
+        shell: bash
+        run: |
+          if [[ "${GITHUB_EVENT_NAME}" == "workflow_dispatch" ]]; then
+            ENV_TYPE="${{ github.event.inputs.target_env }}"
+
+            if [[ "$ENV_TYPE" != "staging" ]]; then
+              echo "Only staging manual deployment is allowed."
+              exit 1
+            fi
+
+            GITHUB_ENVIRONMENT="STAGING"
+          else
+            case "${GITHUB_REF_NAME}" in
+              develop)
+                ENV_TYPE="dev"
+                GITHUB_ENVIRONMENT="DEV"
+                ;;
+              main)
+                ENV_TYPE="prod"
+                GITHUB_ENVIRONMENT="PROD"
+                ;;
+              *)
+                echo "Unsupported branch for push deployment: ${GITHUB_REF_NAME}"
+                exit 1
+                ;;
+            esac
+          fi
+
+          echo "env_type=$ENV_TYPE" >> "$GITHUB_OUTPUT"
+          echo "github_environment=$GITHUB_ENVIRONMENT" >> "$GITHUB_OUTPUT"
+
+          echo "--- Event: ${GITHUB_EVENT_NAME}"
+          echo "--- Branch: ${GITHUB_REF_NAME}"
+          echo "--- Env type: $ENV_TYPE"
+          echo "--- GitHub environment: $GITHUB_ENVIRONMENT"
+
   deploy:
     name: Build, Push to ECR, and Deploy to Lambda
+    needs: resolve
     runs-on: ubuntu-latest
 
     # 브랜치에 따라 사용할 환경 선택
-    environment: ${{ github.ref == 'refs/heads/main' && 'PROD' || 'DEV' }}
+    environment: ${{ needs.resolve.outputs.github_environment }}
 
     steps:
-    - name: Checkout code
-      uses: actions/checkout@v4
-
-    # AWS 자격 증명 설정
-    - name: Configure AWS credentials
-      uses: aws-actions/configure-aws-credentials@v4
-      with:
-        role-to-assume: ${{ vars.AWS_ROLE_ARN }} 
-        aws-region: ${{ vars.AWS_REGION }}
-
-    # Amazon ECR 로그인
-    - name: Login to Amazon ECR
-      id: login-ecr
-      uses: aws-actions/amazon-ecr-login@v2
-
-    # Docker 이미지 빌드 및 푸시
-    - name: Build, tag, and push image to Amazon ECR
-      id: build-image
-      env:
-        ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
-        ECR_REPOSITORY: ${{ vars.ECR_REPOSITORY_NAME }}
-        IMAGE_TAG: ${{ github.sha }}
-      run: |
-        docker build --provenance=false -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -t $ECR_REGISTRY/$ECR_REPOSITORY:latest -f Dockerfile .
-
-        docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
-        docker push $ECR_REGISTRY/$ECR_REPOSITORY:latest
-
-        echo "image_uri=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT
-
-    # Lambda 함수 업데이트
-    - name: Deploy new image to AWS Lambda
-      run: |
-        aws lambda update-function-code \
-          --function-name ${{ vars.LAMBDA_FUNCTION_NAME }} \
-          --image-uri ${{ steps.build-image.outputs.image_uri }}
-
-    # 코드 업데이트가 완료될 때까지 대기
-    - name: Wait for Lambda function update to complete
-      run: |
-        aws lambda wait function-updated \
-          --function-name ${{ vars.LAMBDA_FUNCTION_NAME }}
-
-    # Lambda 환경 변수 설정
-    - name: Update Lambda Environment Variables
-      run: |
-        aws lambda update-function-configuration \
-          --function-name ${{ vars.LAMBDA_FUNCTION_NAME }} \
-          --environment "Variables={ \
-            REGION_NAME=${{ vars.AWS_REGION }}, \
-            LAMBDA_FUNCTION_NAME=${{ vars.LAMBDA_FUNCTION_NAME }}, \
-            ECR_REPOSITORY_NAME=${{ vars.ECR_REPOSITORY_NAME }}, \
-            BUCKET_NAME=${{ vars.BUCKET_NAME }}, \
-            THUMBNAIL_BUCKET=${{ vars.THUMBNAIL_BUCKET }} \
-          }"
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      # AWS 자격 증명 설정
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: ${{ vars.AWS_ROLE_ARN }}
+          aws-region: ${{ vars.AWS_REGION }}
+
+      # Amazon ECR 로그인
+      - name: Login to Amazon ECR
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v2
+
+      # Docker 이미지 빌드 및 푸시
+      - name: Build, tag, and push image to Amazon ECR
+        id: build-image
+        env:
+          ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
+          ECR_REPOSITORY: ${{ vars.ECR_REPOSITORY_NAME }}
+          IMAGE_TAG: ${{ github.sha }}
+        run: |
+          docker build --provenance=false -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -t $ECR_REGISTRY/$ECR_REPOSITORY:latest -f Dockerfile .
+          
+          docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
+          docker push $ECR_REGISTRY/$ECR_REPOSITORY:latest
+          
+          echo "image_uri=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> "$GITHUB_OUTPUT"
+
+      # Lambda 함수 업데이트
+      - name: Deploy new image to AWS Lambda
+        run: |
+          aws lambda update-function-code \
+            --function-name "${{ vars.LAMBDA_FUNCTION_NAME }}" \
+            --image-uri "${{ steps.build-image.outputs.image_uri }}"
+
+      # 코드 업데이트가 완료될 때까지 대기
+      - name: Wait for Lambda function update to complete
+        run: |
+          aws lambda wait function-updated \
+            --function-name ${{ vars.LAMBDA_FUNCTION_NAME }}
+
+      # Lambda 환경 변수 설정
+      - name: Update Lambda Environment Variables
+        run: |
+          aws lambda update-function-configuration \
+            --function-name "${{ vars.LAMBDA_FUNCTION_NAME }}" \
+            --environment "Variables={ \
+              REGION_NAME=${{ vars.AWS_REGION }}, \
+              LAMBDA_FUNCTION_NAME=${{ vars.LAMBDA_FUNCTION_NAME }}, \
+              ECR_REPOSITORY_NAME=${{ vars.ECR_REPOSITORY_NAME }}, \
+              BUCKET_NAME=${{ vars.BUCKET_NAME }}, \
+              THUMBNAIL_BUCKET=${{ vars.THUMBNAIL_BUCKET }} \
+            }"