ecadlabs/signatory

View on GitHub
integration_test/docker-compose.yml

Summary

Maintainability
Test Coverage
version: "3.9"
networks:
  ecadnet: {}

services:

  flextesa:
    container_name: flextesa
    image: oxheadalpha/flextesa:latest
    ports:
      - "20000:20000"
      - "20001:20001"
    networks:
      - ecadnet
    volumes:
      - ./flextesa.sh:/usr/bin/sigybox
    environment:
      - block_time=3
    command: sigybox $PROTOCOL
    healthcheck:
      test: "curl --fail http://localhost:20000/chains/main/blocks/head/header || exit 1"
      interval: 10s
      timeout: 10s
      retries: 20
      start_period: 10s

  flextesanobaking:
    container_name: flextesanobaking
    image: oxheadalpha/flextesa:latest
    ports:
      - "30000:20000"
      - "30001:20001"
    networks:
      - ecadnet
    volumes:
      - ./flextesanobaking.sh:/usr/bin/sigybox
    environment:
      - block_time=3
    command: sigybox $PROTOCOL
    healthcheck:
      test: "curl --fail http://localhost:20000/chains/main/blocks/head/header || exit 1"
      interval: 10s
      timeout: 10s
      retries: 20
      start_period: 10s

  octez:
    container_name: octez
    image: tezos/tezos:$OCTEZ_VERSION
    networks:
      - ecadnet
    entrypoint: tail -f /dev/null
    volumes:
      - ./.tezos-client:/home/tezos/.tezos-client
      - ./contract.event.tz:/home/tezos/contract.event.tz
    depends_on:
      flextesa:
        condition: service_healthy
      signatory:
        condition: service_healthy
    healthcheck:
      test: ["CMD", "octez-client", "list", "known", "addresses"]
      interval: 1s
      timeout: 1s
      retries: 10
      start_period: 1s
    
  signatory:
    container_name: signatory
    image: $IMAGE
    ports:
      - "6732:6732"
      - "9583:9583"
    networks:
      - ecadnet
    volumes:
      - ./.watermarks:/var/lib/signatory
      - ./coverage:/opt/coverage
      - ./hashicerts:/opt/hashicerts
    configs:
      - source: sigy-config
        target: /etc/signatory.yaml
      - source: sigy-secret
        target: /etc/secret.json
      - source: gcp-token
        target: /etc/gcp-token.json
      - source: az-sp-key
        target: /etc/service-principal.key
    environment:
      - GOOGLE_APPLICATION_CREDENTIALS=/etc/gcp-token.json
      - GOCOVERDIR=/opt/coverage
    depends_on:
      speculos:
        condition: service_healthy
    command: serve
    healthcheck:
      test: "curl --fail http://localhost:9583/healthz || exit 1"
      interval: 1s
      timeout: 1s
      retries: 10
      start_period: 1s

  speculos:
    container_name: speculos
    image: stephengaudet/tezoswalletemu:$ARCH
    ports:
      - "9999:9999"
      - "41000:41000"
      - "5001:5001"
    networks:
      - ecadnet
    command: --display headless --vnc-port 41000 --api-port 5001 -m nanos apps/app_s.elf
    healthcheck:
      test: ["CMD","stat","/etc/passwd"]
      interval: 1s
      timeout: 1s
      retries: 10
      start_period: 10s

  hashi:
    container_name: hashi
    image: hashicorp/vault:1.14
    ports:
      - "8200:8200"
    networks:
      - ecadnet
    environment:
      - VAULT_DEV_ROOT_TOKEN_ID=root
      - VAULT_TOKEN=root
      - VAULT_ADDR=https://127.0.0.1:8200
      - VAULT_CACERT=/opt/signatory/certs/vault-ca.pem
    command: server -dev-tls -dev-tls-cert-dir=/opt/signatory/certs
    volumes:
      - ./hashicerts:/opt/signatory/certs
    cap_add:
      - IPC_LOCK      

configs:
  sigy-config:
    file: ./signatory.yaml
  sigy-secret:
    file: ./signatory-local-secret.json
  gcp-token:
    file: ./gcp-token.json
  az-sp-key:
    file: ./service-principal.key