diff --git a/compose-builder/add-security.yml b/compose-builder/add-security.yml index 743ffc85..9797c969 100644 --- a/compose-builder/add-security.yml +++ b/compose-builder/add-security.yml @@ -121,7 +121,8 @@ services: VAULT_ADDR: http://edgex-vault:8200 VAULT_CONFIG_DIR: /vault/config VAULT_UI: "true" - VAULT_LOCAL_CONFIG: > + SKIP_SETCAP: "true" + VAULT_LOCAL_CONFIG: | backend "file" { path = "/vault/file" } diff --git a/docker-compose-arm64.yml b/docker-compose-arm64.yml index 662b3488..57ee8139 100644 --- a/docker-compose-arm64.yml +++ b/docker-compose-arm64.yml @@ -1304,6 +1304,7 @@ services: - /edgex-init/vault_wait_install.sh environment: PROXY_SETUP_HOST: edgex-security-proxy-setup + SKIP_SETCAP: "true" STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" STAGEGATE_DATABASE_HOST: edgex-redis @@ -1322,7 +1323,8 @@ services: VAULT_LOCAL_CONFIG: | backend "file" { path = "/vault/file" - } disable_mlock = true + } + disable_mlock = true VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/docker-compose-with-app-sample-arm64.yml b/docker-compose-with-app-sample-arm64.yml index cf14ab9e..8d54341c 100644 --- a/docker-compose-with-app-sample-arm64.yml +++ b/docker-compose-with-app-sample-arm64.yml @@ -1381,6 +1381,7 @@ services: - /edgex-init/vault_wait_install.sh environment: PROXY_SETUP_HOST: edgex-security-proxy-setup + SKIP_SETCAP: "true" STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" STAGEGATE_DATABASE_HOST: edgex-redis @@ -1399,7 +1400,8 @@ services: VAULT_LOCAL_CONFIG: | backend "file" { path = "/vault/file" - } disable_mlock = true + } + disable_mlock = true VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/docker-compose-with-app-sample.yml b/docker-compose-with-app-sample.yml index 0211bafb..6aaafca8 100644 --- a/docker-compose-with-app-sample.yml +++ b/docker-compose-with-app-sample.yml @@ -1381,6 +1381,7 @@ services: - /edgex-init/vault_wait_install.sh environment: PROXY_SETUP_HOST: edgex-security-proxy-setup + SKIP_SETCAP: "true" STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" STAGEGATE_DATABASE_HOST: edgex-redis @@ -1399,7 +1400,8 @@ services: VAULT_LOCAL_CONFIG: | backend "file" { path = "/vault/file" - } disable_mlock = true + } + disable_mlock = true VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/docker-compose-zero-trust-arm64.yml b/docker-compose-zero-trust-arm64.yml index 329c6a75..c3b69113 100644 --- a/docker-compose-zero-trust-arm64.yml +++ b/docker-compose-zero-trust-arm64.yml @@ -1135,6 +1135,7 @@ services: - /edgex-init/vault_wait_install.sh environment: PROXY_SETUP_HOST: edgex-security-proxy-setup + SKIP_SETCAP: "true" STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" STAGEGATE_DATABASE_HOST: edgex-redis @@ -1153,7 +1154,8 @@ services: VAULT_LOCAL_CONFIG: | backend "file" { path = "/vault/file" - } disable_mlock = true + } + disable_mlock = true VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/docker-compose-zero-trust.yml b/docker-compose-zero-trust.yml index aff5e1c0..a047894d 100644 --- a/docker-compose-zero-trust.yml +++ b/docker-compose-zero-trust.yml @@ -1135,6 +1135,7 @@ services: - /edgex-init/vault_wait_install.sh environment: PROXY_SETUP_HOST: edgex-security-proxy-setup + SKIP_SETCAP: "true" STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" STAGEGATE_DATABASE_HOST: edgex-redis @@ -1153,7 +1154,8 @@ services: VAULT_LOCAL_CONFIG: | backend "file" { path = "/vault/file" - } disable_mlock = true + } + disable_mlock = true VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/docker-compose.yml b/docker-compose.yml index 05a4425c..4b418660 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1304,6 +1304,7 @@ services: - /edgex-init/vault_wait_install.sh environment: PROXY_SETUP_HOST: edgex-security-proxy-setup + SKIP_SETCAP: "true" STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" STAGEGATE_DATABASE_HOST: edgex-redis @@ -1322,7 +1323,8 @@ services: VAULT_LOCAL_CONFIG: | backend "file" { path = "/vault/file" - } disable_mlock = true + } + disable_mlock = true VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/taf/docker-compose-taf-arm64.yml b/taf/docker-compose-taf-arm64.yml index 01bfcb92..d004ce4e 100644 --- a/taf/docker-compose-taf-arm64.yml +++ b/taf/docker-compose-taf-arm64.yml @@ -2342,6 +2342,7 @@ services: - /edgex-init/vault_wait_install.sh environment: PROXY_SETUP_HOST: edgex-security-proxy-setup + SKIP_SETCAP: "true" STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" STAGEGATE_DATABASE_HOST: edgex-redis @@ -2360,7 +2361,8 @@ services: VAULT_LOCAL_CONFIG: | backend "file" { path = "/vault/file" - } disable_mlock = true + } + disable_mlock = true VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/taf/docker-compose-taf-keeper-arm64.yml b/taf/docker-compose-taf-keeper-arm64.yml index 84917ba8..b633d689 100644 --- a/taf/docker-compose-taf-keeper-arm64.yml +++ b/taf/docker-compose-taf-keeper-arm64.yml @@ -2261,6 +2261,7 @@ services: - /edgex-init/vault_wait_install.sh environment: PROXY_SETUP_HOST: edgex-security-proxy-setup + SKIP_SETCAP: "true" STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" STAGEGATE_DATABASE_HOST: edgex-redis @@ -2279,7 +2280,8 @@ services: VAULT_LOCAL_CONFIG: | backend "file" { path = "/vault/file" - } disable_mlock = true + } + disable_mlock = true VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/taf/docker-compose-taf-keeper.yml b/taf/docker-compose-taf-keeper.yml index 44465e32..a0a0ec7d 100644 --- a/taf/docker-compose-taf-keeper.yml +++ b/taf/docker-compose-taf-keeper.yml @@ -2261,6 +2261,7 @@ services: - /edgex-init/vault_wait_install.sh environment: PROXY_SETUP_HOST: edgex-security-proxy-setup + SKIP_SETCAP: "true" STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" STAGEGATE_DATABASE_HOST: edgex-redis @@ -2279,7 +2280,8 @@ services: VAULT_LOCAL_CONFIG: | backend "file" { path = "/vault/file" - } disable_mlock = true + } + disable_mlock = true VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/taf/docker-compose-taf-mqtt-bus-arm64.yml b/taf/docker-compose-taf-mqtt-bus-arm64.yml index 7acd5f65..0746f02f 100644 --- a/taf/docker-compose-taf-mqtt-bus-arm64.yml +++ b/taf/docker-compose-taf-mqtt-bus-arm64.yml @@ -2407,6 +2407,7 @@ services: - /edgex-init/vault_wait_install.sh environment: PROXY_SETUP_HOST: edgex-security-proxy-setup + SKIP_SETCAP: "true" STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" STAGEGATE_DATABASE_HOST: edgex-redis @@ -2425,7 +2426,8 @@ services: VAULT_LOCAL_CONFIG: | backend "file" { path = "/vault/file" - } disable_mlock = true + } + disable_mlock = true VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/taf/docker-compose-taf-mqtt-bus-keeper-arm64.yml b/taf/docker-compose-taf-mqtt-bus-keeper-arm64.yml index 7f848d3a..6bafcdcb 100644 --- a/taf/docker-compose-taf-mqtt-bus-keeper-arm64.yml +++ b/taf/docker-compose-taf-mqtt-bus-keeper-arm64.yml @@ -2326,6 +2326,7 @@ services: - /edgex-init/vault_wait_install.sh environment: PROXY_SETUP_HOST: edgex-security-proxy-setup + SKIP_SETCAP: "true" STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" STAGEGATE_DATABASE_HOST: edgex-redis @@ -2344,7 +2345,8 @@ services: VAULT_LOCAL_CONFIG: | backend "file" { path = "/vault/file" - } disable_mlock = true + } + disable_mlock = true VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/taf/docker-compose-taf-mqtt-bus-keeper.yml b/taf/docker-compose-taf-mqtt-bus-keeper.yml index fa2e4ab1..5e8fa33b 100644 --- a/taf/docker-compose-taf-mqtt-bus-keeper.yml +++ b/taf/docker-compose-taf-mqtt-bus-keeper.yml @@ -2326,6 +2326,7 @@ services: - /edgex-init/vault_wait_install.sh environment: PROXY_SETUP_HOST: edgex-security-proxy-setup + SKIP_SETCAP: "true" STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" STAGEGATE_DATABASE_HOST: edgex-redis @@ -2344,7 +2345,8 @@ services: VAULT_LOCAL_CONFIG: | backend "file" { path = "/vault/file" - } disable_mlock = true + } + disable_mlock = true VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/taf/docker-compose-taf-mqtt-bus.yml b/taf/docker-compose-taf-mqtt-bus.yml index 45cc9fb4..e455d03e 100644 --- a/taf/docker-compose-taf-mqtt-bus.yml +++ b/taf/docker-compose-taf-mqtt-bus.yml @@ -2407,6 +2407,7 @@ services: - /edgex-init/vault_wait_install.sh environment: PROXY_SETUP_HOST: edgex-security-proxy-setup + SKIP_SETCAP: "true" STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" STAGEGATE_DATABASE_HOST: edgex-redis @@ -2425,7 +2426,8 @@ services: VAULT_LOCAL_CONFIG: | backend "file" { path = "/vault/file" - } disable_mlock = true + } + disable_mlock = true VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/taf/docker-compose-taf-perf-arm64.yml b/taf/docker-compose-taf-perf-arm64.yml index 7af89d52..14860de8 100644 --- a/taf/docker-compose-taf-perf-arm64.yml +++ b/taf/docker-compose-taf-perf-arm64.yml @@ -1694,6 +1694,7 @@ services: - /edgex-init/vault_wait_install.sh environment: PROXY_SETUP_HOST: edgex-security-proxy-setup + SKIP_SETCAP: "true" STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" STAGEGATE_DATABASE_HOST: edgex-redis @@ -1712,7 +1713,8 @@ services: VAULT_LOCAL_CONFIG: | backend "file" { path = "/vault/file" - } disable_mlock = true + } + disable_mlock = true VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/taf/docker-compose-taf-perf.yml b/taf/docker-compose-taf-perf.yml index a3b7c99e..cc11c0d8 100644 --- a/taf/docker-compose-taf-perf.yml +++ b/taf/docker-compose-taf-perf.yml @@ -1694,6 +1694,7 @@ services: - /edgex-init/vault_wait_install.sh environment: PROXY_SETUP_HOST: edgex-security-proxy-setup + SKIP_SETCAP: "true" STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" STAGEGATE_DATABASE_HOST: edgex-redis @@ -1712,7 +1713,8 @@ services: VAULT_LOCAL_CONFIG: | backend "file" { path = "/vault/file" - } disable_mlock = true + } + disable_mlock = true VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14 diff --git a/taf/docker-compose-taf.yml b/taf/docker-compose-taf.yml index 38d94c5a..3644b361 100644 --- a/taf/docker-compose-taf.yml +++ b/taf/docker-compose-taf.yml @@ -2342,6 +2342,7 @@ services: - /edgex-init/vault_wait_install.sh environment: PROXY_SETUP_HOST: edgex-security-proxy-setup + SKIP_SETCAP: "true" STAGEGATE_BOOTSTRAPPER_HOST: edgex-security-bootstrapper STAGEGATE_BOOTSTRAPPER_STARTPORT: "54321" STAGEGATE_DATABASE_HOST: edgex-redis @@ -2360,7 +2361,8 @@ services: VAULT_LOCAL_CONFIG: | backend "file" { path = "/vault/file" - } disable_mlock = true + } + disable_mlock = true VAULT_UI: "true" hostname: edgex-vault image: hashicorp/vault:1.14