69595bd645
Minor fix to add the an entrypoint for the composer container to override the default entrypoint in the `Dockerfile-ubi`
181 lines
5.2 KiB
YAML
181 lines
5.2 KiB
YAML
version: '2.4'
|
|
services:
|
|
composer:
|
|
image: local/osbuild-composer
|
|
build:
|
|
context: ../../osbuild-composer
|
|
dockerfile: ./distribution/Dockerfile-ubi
|
|
entrypoint:
|
|
[
|
|
"python3",
|
|
"/opt/entrypoint.py",
|
|
"--remote-worker-api",
|
|
"--composer-api"
|
|
]
|
|
volumes:
|
|
- ${COMPOSER_CONFIG_DIR}/osbuild-composer.toml:/etc/osbuild-composer/osbuild-composer.toml:z
|
|
- ${COMPOSER_CONFIG_DIR}/acl.yml:/etc/osbuild-composer/acl.yml:z
|
|
- ${CERT_DIR}/ca-crt.pem:/etc/osbuild-composer/ca-crt.pem:z
|
|
- ${CERT_DIR}/composer-crt.pem:/etc/osbuild-composer/composer-crt.pem:z
|
|
- ${CERT_DIR}/composer-key.pem:/etc/osbuild-composer/composer-key.pem:z
|
|
ports:
|
|
- 8080:8700
|
|
networks:
|
|
net:
|
|
ipv4_address: 172.31.0.10
|
|
worker:
|
|
image: local/osbuild-worker
|
|
build:
|
|
context: ../../osbuild-composer
|
|
dockerfile: ./distribution/Dockerfile-worker
|
|
# override the entrypoint to specify composer hostname and port
|
|
entrypoint: [ "/usr/libexec/osbuild-composer/osbuild-worker", "composer:8700" ]
|
|
volumes:
|
|
- ${CERT_DIR}/ca-crt.pem:/etc/osbuild-composer/ca-crt.pem:z
|
|
- ${WORKER_CONFIG_DIR}/osbuild-worker.toml:/etc/osbuild-worker/osbuild-worker.toml:z
|
|
- ${WORKER_CONFIG_DIR}/secret:/etc/osbuild-worker/secret:z
|
|
environment:
|
|
- CACHE_DIRECTORY=/var/cache/osbuild-composer
|
|
privileged: true
|
|
cap_add:
|
|
- MKNOD
|
|
- SYS_ADMIN
|
|
- NET_ADMIN
|
|
networks:
|
|
net:
|
|
ipv4_address: 172.31.0.20
|
|
depends_on:
|
|
- "composer"
|
|
restart: on-failure
|
|
postgres:
|
|
image: docker.io/postgres:10.5
|
|
healthcheck:
|
|
test: [ "CMD", "pg_isready", "-U", "postgres", "-d", "postgres" ]
|
|
interval: 2s
|
|
timeout: 2s
|
|
retries: 10
|
|
environment:
|
|
- POSTGRES_USER=postgres
|
|
- POSTGRES_PASSWORD=postgres
|
|
volumes:
|
|
- ../../image-builder/internal/db/migrations/:/docker-entrypoint-initdb.d/:Z
|
|
networks:
|
|
net:
|
|
ipv4_address: 172.31.0.30
|
|
backend:
|
|
image: local/image-builder
|
|
build:
|
|
context: ../../image-builder
|
|
dockerfile: ./distribution/Dockerfile-ubi
|
|
healthcheck:
|
|
test: [ "CMD", "curl", "localhost:8086/status" ]
|
|
interval: 2s
|
|
timeout: 2s
|
|
retries: 10
|
|
volumes:
|
|
- ./config/backend/quotas.json:/config/quotas.json:z
|
|
- ${CERT_DIR}/ca-crt.pem:/etc/image-builder/ca-crt.pem:z
|
|
- ${CERT_DIR}/client-crt.pem:/etc/image-builder/client-crt.pem:z
|
|
- ${CERT_DIR}/client-key.pem:/etc/image-builder/client-key.pem:z
|
|
environment:
|
|
- LISTEN_ADDRESS=backend:8086
|
|
- LOG_LEVEL=DEBUG
|
|
- ALLOWED_ORG_IDS=*
|
|
- PGHOST=postgres
|
|
- PGPORT=5432
|
|
- PGDATABASE=postgres
|
|
- PGUSER=postgres
|
|
- PGPASSWORD=postgres
|
|
- COMPOSER_URL=https://composer:8080
|
|
- COMPOSER_TOKEN_URL=http://fauxauth:8888/token?refresh_token=42
|
|
- COMPOSER_CLIENT_SECRET=${COMPOSER_CLIENT_SECRET}
|
|
- COMPOSER_CLIENT_ID=${COMPOSER_CLIENT_ID}
|
|
- COMPOSER_CA_PATH=/etc/image-builder/ca-crt.pem
|
|
- DISTRIBUTIONS_DIR=/app/distributions
|
|
- QUOTA_FILE=/config/quotas.json
|
|
networks:
|
|
net:
|
|
ipv4_address: 172.31.0.40
|
|
depends_on:
|
|
- "composer"
|
|
- "postgres"
|
|
restart: on-failure
|
|
frontend:
|
|
image: local/image-builder-frontend
|
|
build:
|
|
context: ../../image-builder-frontend
|
|
dockerfile: ./distribution/Dockerfile
|
|
environment:
|
|
- HOST=frontend
|
|
networks:
|
|
net:
|
|
ipv4_address: 172.31.0.50
|
|
insightsproxy:
|
|
image: redhatinsights/insights-proxy:latest
|
|
security_opt:
|
|
- label=disable
|
|
environment:
|
|
- CUSTOM_CONF=true
|
|
volumes:
|
|
- ${SPANDX_CONFIG}:/config/spandx.config.js:Z
|
|
extra_hosts:
|
|
- "prod.foo.redhat.com:127.0.0.1"
|
|
- "qa.foo.redhat.com:127.0.0.1"
|
|
- "ci.foo.redhat.com:127.0.0.1"
|
|
- "stage.foo.redhat.com:127.0.0.1"
|
|
networks:
|
|
net:
|
|
ipv4_address: 172.31.0.60
|
|
ports:
|
|
- 1337:1337
|
|
depends_on:
|
|
- "backend"
|
|
- "frontend"
|
|
prometheus:
|
|
profiles: ["metrics"]
|
|
image: prom/prometheus:latest
|
|
ports:
|
|
- "9000:9090"
|
|
volumes:
|
|
- ./config/prometheus:/config
|
|
- ${CERT_DIR}/ca-crt.pem:/etc/image-builder/ca-crt.pem:z
|
|
- ${CERT_DIR}/client-crt.pem:/etc/image-builder/client-crt.pem:z
|
|
- ${CERT_DIR}/client-key.pem:/etc/image-builder/client-key.pem:z
|
|
restart: unless-stopped
|
|
networks:
|
|
net:
|
|
ipv4_address: 172.31.0.70
|
|
command:
|
|
- "--config.file=/config/prometheus.yml"
|
|
grafana:
|
|
profiles: ["metrics"]
|
|
image: grafana/grafana:latest
|
|
ports:
|
|
- "3000:3000"
|
|
volumes:
|
|
- ./config/grafana:/etc/grafana/provisioning/
|
|
restart: unless-stopped
|
|
networks:
|
|
net:
|
|
ipv4_address: 172.31.0.80
|
|
environment:
|
|
- GF_SECURITY_ADMIN_PASSWORD=foobar
|
|
fauxauth:
|
|
image: local/osbuild-fauxauth
|
|
build:
|
|
context: ../../osbuild-composer
|
|
dockerfile: ./distribution/Dockerfile-fauxauth
|
|
entrypoint: [ "/opt/fauxauth.py", "-a", "0.0.0.0", "-p", "8888" ]
|
|
volumes:
|
|
- ${CERT_DIR}/:/etc/osbuild-composer/:z
|
|
ports:
|
|
- "8888:8888"
|
|
networks:
|
|
net:
|
|
ipv4_address: 172.31.0.90
|
|
networks:
|
|
net:
|
|
ipam:
|
|
driver: default
|
|
config:
|
|
- subnet: 172.31.0.0/16
|