-
Notifications
You must be signed in to change notification settings - Fork 0
/
compose.labs.yaml
84 lines (79 loc) · 2.44 KB
/
compose.labs.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
name: chainloop-lab
include:
- ./compose.common.yml
- ./keyfactor.yml
services:
# OIDC provider for labs
dex:
volumes:
- "./container-configs:/wd"
image: docker.io/bitnami/dex:2
working_dir: /wd/dex
command: "serve config.labs.yaml"
ports:
- "0.0.0.0:5556:5556/tcp"
# The control plane is the main service
control-plane:
image: ghcr.io/chainloop-dev/chainloop/control-plane:latest
environment:
CP_DB_HOST: postgresql
CP_DEX_DOMAIN: http://dex:5556/dex
CP_VAULT_ADDRESS: http://vault:8200
CP_FILE_CA_CERT_PATH: /devkeys/ca.pub
CP_FILE_CA_KEY_PATH: /devkeys/ca.pem
CP_CAS_KEY_PATH: /devkeys/cas.pem
CP_DEV_USER: john@chainloop.local
CP_CAS_ADDRESS: cas:9001
CP_CAS_DOWNLOAD_URL: http://cas:8001/download
volumes:
# main configuration
- ./container-configs/configs:/data/conf
# development keys
- ./container-configs/devkeys:/devkeys
# Certs for trusting private pki
- ./container-configs/chainloop/certs/ca-certificates.crt:/etc/ssl/certs/ca-certificates.crt
ports:
- 9000:9000
- 8000:8000
depends_on:
dex:
condition: service_started
vault:
condition: service_started
db-init:
condition: service_completed_successfully
# CAS backend for artifact storage
cas:
image: ghcr.io/chainloop-dev/chainloop/artifact-cas:latest
volumes:
# main configuration
- ./container-configs/configs-cas:/data/conf
# development keys
- ./container-configs/devkeys:/devkeys
# Certs for trusting private pki
- ./container-configs/chainloop/certs/ca-certificates.crt:/etc/ssl/certs/ca-certificates.crt
environment:
CAS_VAULT_ADDRESS: http://vault:8200
CAS_PUBLIC_KEY_PATH: /devkeys/cas.pub
ports:
- 9001:9001
- 8001:8001
depends_on:
vault:
condition: service_healthy
# Ensures DB has the proper schema
db-init:
image: ghcr.io/chainloop-dev/chainloop/control-plane-migrations:latest
depends_on:
postgresql:
condition: service_healthy
command: "migrate apply --url postgres://postgres:@postgresql:5432/controlplane?sslmode=disable --dir file:///migrations"
# Optional Minio S3 backend. Run it with `--profile optional`
minio:
image: quay.io/minio/minio
ports:
- 9002:9000
- 9003:9001
command: server /data --console-address ":9001"
profiles:
- optional