-
Notifications
You must be signed in to change notification settings - Fork 1
/
docker-compose.backend.yml
183 lines (175 loc) · 5.99 KB
/
docker-compose.backend.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
---
version: '3.7'
services:
db:
ports:
- 5437:5432
image: postgres:16.3
command:
- 'postgres'
- '-c'
- 'log_statement=all'
- '-c'
- 'max_connections=25'
# Sets the Write-Ahead Log (WAL) level to logical allowing replication and change data capture (CDC)
- '-c'
- 'wal_level=logical'
# Sets the maximum number of concurrent WAL sender processes. A WAL sender is used by a replica to send WAL
# records to the master. This value should be at least 2 to allow for replication and change data capture (CDC).
- '-c'
- 'max_wal_senders=2'
# Sets the maximum number of replication slots that can be used. A replication slot is used by a replica to keep
# track of the changes that have been made to the database. This value should be at least 2 to allow for
# replication and change data capture (CDC).
- '-c'
- 'max_replication_slots=2'
environment:
- POSTGRES_PASSWORD=mysecretpassword
db_migrate:
volumes:
- ./migrations:/flyway/sql
image: mint-db-migrate:latest
build:
context: .
dockerfile: Dockerfile.db_migrations
environment:
- FLYWAY_USER=postgres
- FLYWAY_PASSWORD=mysecretpassword
- FLYWAY_URL=jdbc:postgresql://db/postgres
- FLYWAY_PLACEHOLDERS_APP_USER_PASSWORD=supersecretapp
depends_on:
- db
mint:
build:
context: .
dockerfile: Dockerfile
target: dev
image: mint-backend:latest
volumes:
# Volume mounting the entire './' directory is dangerous, as it mounts OS-specific folders (and things like .git)
# So instead, only volume mount things we need!
#
# Note, however, that MOST of the files that we care about are copied in the Dockerfile for us, we only really need to copy over the things that
# we want to be able to change on the fly in local developmement, like our ./pkg/ directory & Air configs.
# This means that editing things like your go.mod/go.sum and ./cmd/ directory WILL require a rebuild of the image, and won't hot reload with Air.
- ./pkg/:/mint/pkg/
- ./cmd/:/mint/cmd/ # Go build uses ./cmd as well
- ./.air.conf:/mint/.air.conf
- ./.airDebug.conf:/mint/.airDebug.conf
- ./.airDebugWait.conf:/mint/.airDebugWait.conf
- /mint/tmp/air/ # This should match .air.conf's tmp_dir. Note that this isn't a volume mount to a local file/folder, but just an empty volume for Air to use.
# The only reason we need to mount Cypress here is because the `flagdata.json` (used when FLAG_SOURCE=FILE) happens to live in the ./cypress/ directory.
# This is not ideal (perhaps it should be in the root directory?), but for now we just volume mount cypress as a workaround.
# NOTE: This is only really the case if you set FLAG_SOURCE=FILE locally, or (more importantly) in ./github/workflows/run_tests.yml
- ./cypress/:/mint/cypress/
- ./mappings/:/mint/mappings/
entrypoint: air ${AIR_CONFIG}
ports:
- 8085:8080
- 2350:2350
environment:
- CEDAR_API_KEY
- CEDAR_API_URL
- OKTA_API_URL
- OKTA_API_TOKEN
- HTTP_PROXY
- HTTPS_PROXY
- APP_ENV
- APPLICATION_VERSION
- APPLICATION_DATETIME
- APPLICATION_TS
- CLIENT_PROTOCOL
- CLIENT_DOMAIN
- CLIENT_PORT
- CLIENT_HOSTNAME
- CLIENT_ADDRESS
- API_PORT
- OKTA_CLIENT_ID
- OKTA_ISSUER
- EMAIL_HOST
- EMAIL_PORT
- MINT_TEAM_EMAIL
- DEV_TEAM_EMAIL
- DATE_CHANGED_RECIPIENT_EMAILS
- EMAIL_SENDER
- EMAIL_ENABLED
- GRT_EMAIL
- ACCESSIBILITY_TEAM_EMAIL
- AWS_REGION
- AWS_S3_FILE_UPLOAD_BUCKET
- AWS_S3_ECHIMP_BUCKET
- AWS_ECHIMP_CR_FILE_NAME
- AWS_ECHIMP_TDL_FILE_NAME
# - AWS_ACCESS_KEY_ID
# - AWS_SECRET_ACCESS_KEY
- PGHOST=db # We need to override this to point to the docker-compose service name, rather than `localhost`
- PGPORT=5432 # We also need to override this, as docker-compose networking uses the container port, not the host port
- PGDATABASE
- PGUSER
- PGPASS
- PGPASSWORD
- PGSSLMODE
- DB_MAX_CONNECTIONS
- FLAG_SOURCE
- FLAGDATA_FILE
- LD_SDK_KEY
- LD_TIMEOUT_SECONDS
- LD_ENV_USER
- LAMBDA_FUNCTION_PRINCE
- LAMBDA_ENDPOINT
- MINIO_ACCESS_KEY
- MINIO_SECRET_KEY
- MINIO_ADDRESS=http://minio:9005 # We need to override this, as docker-compose networking uses the container name and port
- SERVER_CERT
- SERVER_KEY
- USE_TLS
- FAKTORY_URL
- FAKTORY_PROCESS_JOBS
- FAKTORY_CONNECTIONS
- LOCAL_AUTH_ENABLED
- TAG_POC_EMAILS_ENABLED
depends_on:
db_migrate:
condition: service_completed_successfully # Only start if migrations completed successfully
minio:
restart: always
image: minio/minio:latest
entrypoint: minio server /data --console-address ":9966" --address ":9005"
ports:
- '9005:9005'
- '9966:9966'
volumes:
- ./tmp/minio:/data
minio_mc:
image: minio/mc:latest
volumes:
- ./minio_config.json:/root/.mc/config.json
depends_on:
- minio
entrypoint: >
/bin/sh -c "
/usr/bin/mc rb --force s3local/mint-app-file-uploads/;
/usr/bin/mc mb --quiet s3local/mint-app-file-uploads/;
/usr/bin/mc policy set public s3local/mint-app-file-uploads;
/usr/bin/mc rb --force s3local/mint-app-echimp-uploads/;
/usr/bin/mc mb --quiet s3local/mint-app-echimp-uploads/;
/usr/bin/mc policy set public s3local/mint-app-echimp-uploads;
"
email:
image: dockage/mailcatcher:0.8.2
ports:
- "1085:1080"
- "1030:1025"
faktory:
image: docker.contribsys.com/contribsys/faktory-ent:latest
ports:
- "7419:7419"
- "7420:7420"
volumes:
- faktory:/var/lib/faktory
- type: bind
source: ./.faktory/conf.d
target: /root/.faktory/conf.d
restart: always
volumes:
faktory: