1#
2# Copyright 2021 The Sigstore Authors.
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15
16version: '3.4'
17services:
18 mysql:
19 platform: linux/amd64
20 image: gcr.io/trillian-opensource-ci/db_server:v1.4.0
21 environment:
22 - MYSQL_ROOT_PASSWORD=zaphod
23 - MYSQL_DATABASE=test
24 - MYSQL_USER=test
25 - MYSQL_PASSWORD=zaphod
26 restart: always # keep the MySQL server running
27 healthcheck:
28 test: ["CMD", "/etc/init.d/mysql", "status"]
29 interval: 30s
30 timeout: 3s
31 retries: 3
32 start_period: 10s
33 redis-server:
34 image: docker.io/redis:6.2
35 command: [
36 "--bind",
37 "0.0.0.0",
38 "--appendonly",
39 "yes",
40 "--requirepass",
41 "test"
42 ]
43 ports:
44 - "6379:6379"
45 restart: always # keep the redis server running
46 healthcheck:
47 test: ["CMD", "redis-cli", "-a", "test", "ping"]
48 interval: 10s
49 timeout: 3s
50 retries: 3
51 start_period: 5s
52 trillian-log-server:
53 image: ghcr.io/sigstore/scaffolding/trillian_log_server@sha256:beffee16bb07b5cb051dc4e476d3a1063521ed5ae0b670efc7fe6f3507d94d2b # v1.6.0
54 command: [
55 "--quota_system=noop",
56 "--storage_system=mysql",
57 "--mysql_uri=test:zaphod@tcp(mysql:3306)/test",
58 "--rpc_endpoint=0.0.0.0:8090",
59 "--http_endpoint=0.0.0.0:8091",
60 "--alsologtostderr",
61 ]
62 restart: always # retry while mysql is starting up
63 ports:
64 - "8090:8090"
65 - "8091:8091"
66 depends_on:
67 - mysql
68 trillian-log-signer:
69 image: ghcr.io/sigstore/scaffolding/trillian_log_signer@sha256:79d57af375cfa997ed5452cc0c02c0396d909fcc91d11065586f119490aa9214 # v1.6.0
70 command: [
71 "--quota_system=noop",
72 "--storage_system=mysql",
73 "--mysql_uri=test:zaphod@tcp(mysql:3306)/test",
74 "--rpc_endpoint=0.0.0.0:8090",
75 "--http_endpoint=0.0.0.0:8091",
76 "--force_master",
77 "--alsologtostderr",
78 ]
79 restart: always # retry while mysql is starting up
80 ports:
81 - "8092:8091"
82 depends_on:
83 - mysql
84 rekor-server:
85 build:
86 context: .
87 target: "deploy"
88 environment:
89 - TMPDIR=/var/run/attestations # workaround for https://github.com/google/go-cloud/issues/3294
90 command: [
91 "rekor-server",
92 "serve",
93 "--trillian_log_server.address=trillian-log-server",
94 "--trillian_log_server.port=8090",
95 "--redis_server.address=redis-server",
96 "--redis_server.password=test",
97 "--redis_server.port=6379",
98 "--rekor_server.address=0.0.0.0",
99 "--rekor_server.signer=memory",
100 "--enable_attestation_storage",
101 "--attestation_storage_bucket=file:///var/run/attestations",
102 "--enable_stable_checkpoint",
103 "--search_index.storage_provider=mysql",
104 "--search_index.mysql.dsn=test:zaphod@tcp(mysql:3306)/test",
105 # Uncomment this for production logging
106 # "--log_type=prod",
107 ]
108 volumes:
109 - "/var/run/attestations:/var/run/attestations:z"
110 restart: always # keep the server running
111 ports:
112 - "3000:3000"
113 - "2112:2112"
114 depends_on:
115 - mysql
116 - redis-server
117 - trillian-log-server
118 healthcheck:
119 test: ["CMD", "curl", "-f", "http://localhost:3000/ping"]
120 interval: 10s
121 timeout: 3s
122 retries: 3
123 start_period: 5s
View as plain text