forked from zama-ai/kms
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdocker-compose-core-base.yml
More file actions
72 lines (65 loc) · 2.23 KB
/
docker-compose-core-base.yml
File metadata and controls
72 lines (65 loc) · 2.23 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
name: zama-core-base
# A docker compose file to be able to debug the kms
# The images take a bit of time to build
# TODO: handle networking stuff
# TODO: create a overload version of this docker compose to use only ghcr main images
# TODO: create a overload version of this docker compose to use only ghcr released images
# TODO: add minio to simulate s3 + some config file for the endpoint
services:
# S3 mock
dev-s3-mock:
image: quay.io/minio/minio
ports:
- "9021:9021"
- "9000:9000"
- "9001:9001"
entrypoint: >
minio server /data --console-address ":9001" --ftp "address=:8021"
environment:
MINIO_ROOT_USER: ${MINIO_ROOT_USER}
MINIO_ROOT_PASSWORD: ${MINIO_ROOT_PASSWORD}
healthcheck:
test: ["CMD", "mc", "ready", "local"]
interval: 1s
timeout: 10s
retries: 20
volumes:
- minio_data:/data
# Minio client to create access keys
dev-s3-mock-setup:
image: quay.io/minio/mc
environment:
MINIO_ROOT_USER: ${MINIO_ROOT_USER}
MINIO_ROOT_PASSWORD: ${MINIO_ROOT_PASSWORD}
MINIO_ENDPOINT: "http://dev-s3-mock:9000"
entrypoint: >
/bin/sh -c "
sleep 1 &&
/usr/bin/mc alias set myminio $$MINIO_ENDPOINT ${MINIO_ROOT_USER} ${MINIO_ROOT_PASSWORD} &&
ACCESS_KEY=$$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1) &&
SECRET_KEY=$$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 40 | head -n 1) &&
/usr/bin/mc admin user add myminio $$ACCESS_KEY $$SECRET_KEY &&
/usr/bin/mc admin policy attach myminio readwrite --user $$ACCESS_KEY &&
echo '$$ACCESS_KEY' &&
echo '$$SECRET_KEY' &&
echo $$ACCESS_KEY > /minio_secrets/access_key &&
echo $$SECRET_KEY > /minio_secrets/secret_key &&
cat /minio_secrets/access_key &&
cat /minio_secrets/secret_key &&
mc mb --with-lock --ignore-existing myminio/kms &&
mc anonymous set public myminio/kms &&
echo 'S3 mock setup complete' &&
exit 0
"
volumes:
- minio_secrets:/minio_secrets
depends_on:
dev-s3-mock:
condition: service_healthy
volumes:
minio_data:
minio_secrets:
validator_secrets:
secrets:
BLOCKCHAIN_ACTIONS_TOKEN:
environment: "BLOCKCHAIN_ACTIONS_TOKEN"