-
Notifications
You must be signed in to change notification settings - Fork 33
/
Copy pathcompose.labs.yml
77 lines (72 loc) · 2.03 KB
/
compose.labs.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
name: chainloop-lab
include:
- ./compose.common.yml
services:
# OIDC provider for labs
dex:
volumes:
- ".:/wd"
image: docker.io/bitnami/dex:2
working_dir: /wd/dex
command: "serve config.labs.yaml"
ports:
- "0.0.0.0:5556:5556/tcp"
# The control plane is the main service
control-plane:
image: ghcr.io/chainloop-dev/chainloop/control-plane:latest
environment:
CP_DB_HOST: postgresql
CP_DEX_DOMAIN: http://dex:5556/dex
CP_VAULT_ADDRESS: http://vault:8200
CP_FILE_CA_CERT_PATH: /devkeys/ca.pub
CP_FILE_CA_KEY_PATH: /devkeys/ca.pem
CP_CAS_KEY_PATH: /devkeys/cas.pem
CP_DEV_USER: [email protected]
volumes:
# main configuration
- ../app/controlplane/configs:/data/conf
# development keys
- ../devel/devkeys:/devkeys
ports:
- 9000:9000
- 8000:8000
depends_on:
dex:
condition: service_started
vault:
condition: service_started
db-init:
condition: service_completed_successfully
# CAS backend for artifact storage
cas:
image: ghcr.io/chainloop-dev/chainloop/artifact-cas:latest
volumes:
# main configuration
- ../app/artifact-cas/configs:/data/conf
# development keys
- ../devel/devkeys:/devkeys
environment:
CAS_VAULT_ADDRESS: http://vault:8200
CAS_PUBLIC_KEY_PATH: /devkeys/cas.pem
ports:
- 9001:9001
- 8001:8001
depends_on:
vault:
condition: service_healthy
# Ensures DB has the proper schema
db-init:
image: ghcr.io/chainloop-dev/chainloop/control-plane-migrations:latest
depends_on:
postgresql:
condition: service_healthy
command: "migrate apply --url postgres://postgres:@postgresql:5432/controlplane?sslmode=disable --dir file:///migrations"
# Optional Minio S3 backend. Run it with `--profile optional`
minio:
image: quay.io/minio/minio
ports:
- 9002:9000
- 9003:9001
command: server /data --console-address ":9001"
profiles:
- optional