civiform/docker-compose.yml at main · civiform-github-automation/civiform · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
# Use postgres/example user/password credentials
services:
  localstack:
    image: localstack/localstack:4.7.0@sha256:12253acd9676770e9bd31cbfcf17c5ca6fd7fb5c0c62f3c46dd701f20304260c
    profiles: ['aws', 'emulator']
    expose:
      - '4566'
    environment:
      - SERVICES=s3,ses
    links:
      # Once a file is uploaded to localstack, localstack redirects back to CiviForm.
      # It does this by mapping any 'localhost' domain to the 'civiform' domain (see
      # localstack/localstack.nginx.conf). So, we need the localstack service to be
      # aware of the civiform service to do that redirect correctly.
      - 'civiform:civiform-service'
    networks:
      default:
        aliases:
          # We use hosted-style for s3 bucket urls. Which matches production.
          # https://docs.localstack.cloud/user-guide/aws/s3/
          # So we need to add host mapping for test bucket civiform-local-s3
          # and civiform-local-s3-public
          - civiform-local-s3.s3.localhost.localstack.cloud
          - civiform-local-s3-public.s3.localhost.localstack.cloud
          - localhost.localstack.cloud

  azurite:
    image: mcr.microsoft.com/azure-storage/azurite@sha256:647c63a91102a9d8e8000aab803436e1fc85fbb285e7ce830a82ee5d6661cf37
    profiles: ['azure', 'emulator']
    expose:
      - '10000'

  # The dev oidc server needs to be visible to the Civiform server and web browsers
  # on the same host:port. Developers need to add a localhost IP alias for this
  # container name in their /etc/hosts file for the web brower to load the auth url.
  # EG: 127.0.0.1 dev-oidc
  dev-oidc:
    image: civiform-oidc-provider
    restart: always
    expose:
      - 3390
    environment:
      # Use an explicit port to not conflict with other test instances.
      - OIDC_PORT=3390

  mock-web-services:
    image: civiform-mock-web-services

  db:
    image: postgres:16.10@sha256:66a5efb5677ffac1037774a0e141fd3a4c035c9c0c0e624c9cc980dfa10f45e5
    restart: always
    expose:
      - '5432'
    environment:
      POSTGRES_PASSWORD: example
    volumes:
      - ./init_postgres.sql:/docker-entrypoint-initdb.d/init_postgres.sql

  civiform:
    image: civiform-dev
    links:
      - 'db:database'
      - 'dev-oidc'
      - 'mock-web-services'
    expose:
      - '9000'
      - '8457'
    environment:
      - AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID:-test}
      - AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY:-test}
      - AWS_SESSION_TOKEN=${AWS_SESSION_TOKEN:-test}
      - AWS_REGION
      - SENDER_EMAIL_ADDRESS
      - EMAIL_PROVIDER
      - AWS_S3_BUCKET_NAME
      - AWS_S3_PUBLIC_BUCKET_NAME
      - AZURE_CLIENT_ID=${AZURE_CLIENT_ID:-test}
      - AZURE_LOCAL_CONNECTION_STRING
      - AZURE_STORAGE_ACCOUNT_NAME
      - AZURE_STORAGE_ACCOUNT_CONTAINER_NAME
      - CIVIFORM_TIME_ZONE_ID
      - STORAGE_SERVICE_NAME
      - LOGIN_RADIUS_API_KEY
      - LOGIN_RADIUS_METADATA_URI
      - LOGIN_RADIUS_SAML_APP_NAME
      - LOGIN_RADIUS_PRIVATE_KEY_PASS
      - LOGIN_RADIUS_KEYSTORE_PASS
      - LOGIN_RADIUS_KEYSTORE_NAME
      - CIVIFORM_APPLICANT_IDP=generic-oidc
      - CIVIFORM_ADMIN_IDP=adfs
      # Hard coded in test-support/test_oidc_provider.js
      - IDCS_CLIENT_ID=idcs-fake-oidc-client
      - IDCS_SECRET=idcs-fake-oidc-secret
      - IDCS_DISCOVERY_URI=http://dev-oidc:3390/.well-known/openid-configuration
      - IDCS_REGISTER_URI
      - APPLICANT_REGISTER_URI
      - ADFS_CLIENT_ID
      - ADFS_SECRET
      - ADMIN_OIDC_PROVIDER_NAME
      - ADMIN_OIDC_CLIENT_ID
      - ADMIN_OIDC_CLIENT_SECRET
      - ADMIN_OIDC_DISCOVERY_URI
      - ADMIN_OIDC_RESPONSE_MODE
      - ADMIN_OIDC_RESPONSE_TYPE
      - ADMIN_OIDC_ADDITIONAL_SCOPES
      - APPLICANT_OIDC_POST_LOGOUT_REDIRECT_PARAM
      - APPLICANT_OIDC_LOGOUT_CLIENT_PARAM=client_id
      - APPLICANT_OIDC_OVERRIDE_LOGOUT_URL
      - APPLICANT_OIDC_PROVIDER_NAME
      - APPLICANT_OIDC_CLIENT_ID=generic-fake-oidc-client
      - APPLICANT_OIDC_CLIENT_SECRET=bar
      - APPLICANT_OIDC_DISCOVERY_URI=http://dev-oidc:3390/.well-known/openid-configuration
      - APPLICANT_OIDC_RESPONSE_MODE
      - APPLICANT_OIDC_RESPONSE_TYPE
      - APPLICANT_OIDC_ADDITIONAL_SCOPES
      - APPLICANT_OIDC_LOCALE_ATTRIBUTE
      - APPLICANT_OIDC_EMAIL_ATTRIBUTE
      - APPLICANT_OIDC_FIRST_NAME_ATTRIBUTE
      - APPLICANT_OIDC_MIDDLE_NAME_ATTRIBUTE
      - APPLICANT_OIDC_LAST_NAME_ATTRIBUTE
      - LOGIN_GOV_CLIENT_ID
      - LOGIN_GOV_DISCOVERY_URI
      - LOGIN_GOV_ADDITIONAL_SCOPES
      - LOGIN_GOV_ACR_VALUE
      - CF_OPTIONAL_QUESTIONS
      - CIVIC_ENTITY_SMALL_LOGO_URL
      - WHITELABEL_CIVIC_ENTITY_SHORT_NAME
      - WHITELABEL_CIVIC_ENTITY_FULL_NAME
      - FAVICON_URL
      - DISABLE_ERRORPRONE=${DISABLE_ERRORPRONE:-false}
    entrypoint: /bin/bash