-
Notifications
You must be signed in to change notification settings - Fork 16
/
Copy pathdocker-compose.dev.yml
117 lines (108 loc) · 2.9 KB
/
docker-compose.dev.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
version: "3.7"
x-default-variables: &default-variables
LOG_LEVEL: ${LOG_LEVEL-INFO}
LOG_FORMAT: ${LOG_FORMAT-json}
MANIFEST_PATH: ${MANIFEST_PATH-/manifests}
TEST_DATA: ${TEST_DATA-}
HTTP_PORT: ${HTTP_PORT-8080}
HTTP_HOST: ${HTTP_HOST-0.0.0.0}
HEALTH_PORT: ${HEALTH_PORT-8081}
DB_TLS_SSLMODE: ${DB_TLS_SSLMODE-disable}
DB_TLS_CERT: ${DB_TLS_CERT-}
DB_TLS_KEY: ${DB_TLS_KEY-}
DB_TLS_CA: ${DB_TLS_CA-}
DB_HOST: ${DB_HOST-postgres}
DB_USER: ${DB_USER-postgres}
DB_PASSWORD: ${DB_PASSWORD-postgres}
DB_PORT: ${DB_PORT-}
DB_DATABASE: ${DB_DATABASE-}
DB_POOLSIZE: ${DB_POOLSIZE-}
DB_POOL_TIMEOUT: ${DB_POOL_TIMEOUT-}
x-container-common: &container-common
image: golang:1.16-buster
entrypoint: /bin/main
services:
migration:
<<: *container-common
environment:
<<: *default-variables
networks:
- qkm
command: migrate up
restart: "on-failure"
volumes:
- ./build/bin/key-manager:/bin/main:ro
- ./deps/migrations:/migrations:ro
- ./deps/config/certificates:/certificates
- ./deps/config/ca:/ca:ro
key-manager:
<<: *container-common
environment:
<<: *default-variables
AUTH_OIDC_AUDIENCE: ${AUTH_OIDC_AUDIENCE-}
AUTH_OIDC_ISSUER_URL: ${AUTH_OIDC_ISSUER_URL-}
AUTH_OIDC_PERMISSIONS_CLAIMS: ${AUTH_OIDC_PERMISSIONS_CLAIMS-}
AUTH_OIDC_CUSTOM_CLAIMS: ${AUTH_OIDC_CUSTOM_CLAIMS-}
HTTPS_ENABLED: ${HTTPS_ENABLED-}
HTTPS_SERVER_KEY: ${HTTPS_SERVER_KEY-}
HTTPS_SERVER_CERT: ${HTTPS_SERVER_CERT-}
AUTH_TLS_CA: ${AUTH_TLS_CA-}
AUTH_API_KEY_FILE: ${AUTH_API_KEY_FILE-}
ports:
- 8080:8080
- 8081:8081
- 8443:8443
# - 2345:2345
depends_on:
- migration
networks:
- quorum
- besu
- hashicorp
- qkm
command: run
restart: "on-failure"
volumes:
- ./build/bin/key-manager:/bin/main:ro
- ./deps/config/manifests:/manifests:ro
- ./deps/config/certificates:/certificates:ro
- ./deps/config/ca:/ca:ro
- ./deps/config/apikey:/apikey:ro
- ./deps/config/oidc:/oidc:ro
- hashicorp-token:/vault/token:ro
# - /usr/local/bin/dlv:/usr/local/bin/dlv
# entrypoint:
# - sh
# - -c
# - |
# dlv --listen=:2345 --headless=true --api-version=2 --accept-multiclient exec /bin/main run
sync:
<<: *container-common
networks:
- hashicorp
- qkm
environment:
<<: *default-variables
SYNC_STORE_NAME: ${SYNC_STORE_NAME-}
volumes:
- ./build/bin/key-manager:/bin/main:ro
- ./deps/config/manifests:/manifests:ro
- hashicorp-token:/vault/token:ro
command: sync ${SYNC_STORE_TYPE-secrets}
networks:
quorum:
external:
name: quorum
besu:
external:
name: besu
hashicorp:
external:
name: hashicorp
qkm:
external:
name: deps_qkm
volumes:
hashicorp-token:
external:
name: hashicorp-token