-
Notifications
You must be signed in to change notification settings - Fork 6
/
docker-compose.yaml
135 lines (129 loc) · 3.59 KB
/
docker-compose.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
services:
traefik:
image: "traefik:2.9"
container_name: traefik
profiles: ["dev", "test"]
ports:
- "80:80"
- "443:443"
- "8089:8080"
volumes:
- ./local/traefik/traefik.yaml:/etc/traefik/traefik.yaml
- ./local/traefik/certs:/certs/
- /var/run/docker.sock:/var/run/docker.sock
healthcheck:
test:
- CMD
- traefik
- healthcheck
interval: 10s
timeout: 5s
retries: 3
# An instance of JIMM used in integration tests, pulled from a tag.
jimm-test:
extends:
file: docker-compose.common.yaml
service: jimm-base
image: ghcr.io/canonical/jimm:${JIMM_VERSION:-latest}
profiles: ["test"]
container_name: jimm-test
ports:
- 17070:80
entrypoint:
- bash
- -c
- >-
apt update && apt install curl -y
&& /usr/local/bin/jimmsrv
# An instance of JIMM used for dev, built from source with hot-reloading.
jimm-dev:
extends:
file: docker-compose.common.yaml
service: jimm-base
image: cosmtrek/air:latest
profiles: ["dev"]
# working_dir value has to be the same of mapped volume
hostname: jimm.localhost
working_dir: /jimm
container_name: jimm
entrypoint:
- bash
- -c
- >-
go install github.com/go-delve/delve/cmd/dlv@latest
&& air
ports:
- 17070:80
- 2345:2345
volumes:
- ./:/jimm/
db:
image: postgres
container_name: postgres
restart: on-failure
ports:
- 5432:5432
environment:
POSTGRES_DB: jimm
POSTGRES_USER: jimm
POSTGRES_PASSWORD: jimm
# Since it's mainly used for testing purposes, it's okay to set fsync=off for
# improved performance.
command: -c fsync=off -c full_page_writes=off
healthcheck:
test: [ "CMD-SHELL", "pg_isready -U jimm" ]
interval: 5s
timeout: 5s
retries: 5
vault:
build:
context: ./local/vault/
dockerfile: Dockerfile
container_name: vault
ports:
- 8200:8200
environment:
VAULT_ADDR: "http://localhost:8200"
VAULT_DEV_LISTEN_ADDRESS: "0.0.0.0:8200"
VAULT_DEV_ROOT_TOKEN_ID: "root"
cap_add:
- IPC_LOCK
openfga:
build:
context: ./local/openfga/
dockerfile: Dockerfile
container_name: openfga
environment:
OPENFGA_AUTHN_METHOD: "preshared"
OPENFGA_AUTHN_PRESHARED_KEYS: "jimm"
OPENFGA_DATASTORE_ENGINE: "postgres"
OPENFGA_DATASTORE_URI: "postgresql://jimm:jimm@db/jimm?sslmode=disable"
volumes:
- ./openfga/authorisation_model.json:/app/authorisation_model.json
ports:
- 8080:8080
- 3000:3000
depends_on:
db:
condition: service_healthy
keycloak:
image: docker.io/bitnami/keycloak:23
container_name: keycloak
hostname: keycloak.localhost
environment:
KEYCLOAK_HTTP_PORT: 8082
KEYCLOAK_ENABLE_HEALTH_ENDPOINTS: true
KEYCLOAK_CREATE_ADMIN_USER: true
KEYCLOAK_ADMIN_USER: jimm
KEYCLOAK_ADMIN_PASSWORD: jimm
KEYCLOAK_DATABASE_VENDOR: dev-file
KEYCLOAK_EXTRA_ARGS: "-Dkeycloak.migration.action=import -Dkeycloak.migration.provider=singleFile -Dkeycloak.migration.file=/bitnami/keycloak/data/import/realm.json -Dkeycloak.migration.replace-placeholders=true -Dkeycloak.profile.feature.upload_scripts=enabled"
volumes:
- ./local/keycloak/jimm-realm.json:/bitnami/keycloak/data/import/realm.json:ro
ports:
- "8082:8082"
healthcheck:
test: [ "CMD", "curl", "http://localhost:8082/health/ready" ]
interval: 5s
timeout: 10s
retries: 30