blob: 8e1d2dd9f7c03cd489b866f792f9b93aa2724180 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
|
version: '3'
services:
ansible:
build:
context: .
dockerfile: Dockerfile
command: /bin/sleep 1d
environment:
CONJUR_APPLIANCE_URL: http://conjur:3000
CONJUR_ACCOUNT: cucumber
CONJUR_AUTHN_LOGIN: host/ansible/ansible-master
CONJUR_AUTHN_API_KEY: ${ANSIBLE_CONJUR_AUTHN_API_KEY}
CONJUR_CUSTOM_AUTHN_API_KEY: ${CUSTOM_CONJUR_AUTHN_API_KEY}
COMPOSE_PROJECT_NAME: ${COMPOSE_PROJECT_NAME}
# NOTE: Explicitly setting the ANSIBLE_CONFIG envvar avoids Ansible ignoring
# the configuration because it is in a world-writable working directory,
# see https://docs.ansible.com/ansible/latest/reference_appendices/config.html#avoiding-security-risks-with-ansible-cfg-in-the-current-directory.
ANSIBLE_CONFIG: ./ansible.cfg
volumes:
- ../roles/conjur_host_identity:/cyberark/cyberark.conjur.conjur-host-identity/
- .:/cyberark/dev/
- /var/run/docker.sock:/var/run/docker.sock
pg:
image: postgres:9.3
conjur:
image: cyberark/conjur
command: server -a cucumber -p 3000
environment:
CONJUR_APPLIANCE_URL: http://localhost:3000
DATABASE_URL: postgres://postgres@pg/postgres
CONJUR_DATA_KEY: "W0BuL8iTr/7QvtjIluJbrb5LDAnmXzmcpxkqihO3dXA="
networks:
- default
links:
- pg
conjur_cli:
image: cyberark/conjur-cli:5-latest
entrypoint: []
command: sleep infinity
environment:
CONJUR_APPLIANCE_URL: http://conjur:3000
CONJUR_ACCOUNT: cucumber
CONJUR_AUTHN_LOGIN: admin
CONJUR_AUTHN_API_KEY: ${CLI_CONJUR_AUTHN_API_KEY}
volumes:
- ./policy:/policy
networks:
- default
links:
- conjur
test_app_ubuntu:
build: ./test_app_ubuntu
entrypoint: sleep
command: infinity
test_app_centos:
build: ./test_app_centos
entrypoint: sleep
command: infinity
conjur-proxy-nginx:
build:
context: .
dockerfile: Dockerfile_nginx
entrypoint: nginx-debug -g 'daemon off;'
environment:
TERM: xterm
depends_on:
- conjur
- conjur_cli
|
