forked from Cillers-com/create-cillers-system
-
Notifications
You must be signed in to change notification settings - Fork 0
/
polytope.yml
326 lines (311 loc) · 9.45 KB
/
polytope.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
templates:
- id: stack
run:
- couchbase
- id: init-cb-cluster
module: init-couchbase-cluster
- id: create-cb-bucket
module: create-couchbase-bucket
run-when:
after: init-cb-cluster
- module: init-couchbase-bucket
run-when:
after: create-cb-bucket
- curity-db
- oauth-agent
- curity
- kong
- web-app
- app-api
- redpanda
- redpanda-console
- kafka-connect
- create-connectors
modules:
- id: app-api
info: The App API
module: polytope/python
args:
id: app-api
image: gcr.io/arched-inkwell-420116/python:3.11.8-slim-bookworm
code:
type: host
path: ./code/app-api
cmd: ./bin/run
restart:
policy: on-failure
services:
- id: "app-api"
ports: [{protocol: http, port: 4000}]
env:
- COUCHBASE_URL: couchbase://couchbase
- COUCHBASE_USERNAME: admin
env:
- name: COUCHBASE_URL
value: couchbase://couchbase
- name: COUCHBASE_USERNAME
value: admin
- name: COUCHBASE_PASSWORD
value: password
- name: HTTP_PORT
value: 4000
- name: HTTP_DEBUG
value: false
- name: HTTP_AUTORELOAD
value: true
- name: HTTP_GRAPHQL_UI
value: false
- name: AUTH_OIDC_AUDIENCE
value: http://localhost/api
- name: AUTH_OIDC_JWK_URL
value: https://curity:8443/oauth/v2/oauth-anonymous/jwks
mounts:
- path: /root/.cache/
source:
type: volume
scope: project
id: dependency-cache
- id: web-app
info: The Web App
module: polytope/node
args:
id: web-app
image: gcr.io/arched-inkwell-420116/node:21.7.0-slim
code:
type: host
path: ./code/web-app
cmd: ./bin/run
env:
- name: PORT
value: 3000
- name: HOST
value: 0.0.0.0
- name: REACT_APP_API_BASE_URL
value: http://localhost:8080/api
- name: REACT_APP_OAUTH_AGENT_BASE_URL
value: http://localhost:8080/oauth-agent
- name: REACT_APP_OIDC_CLIENT_ID
value: spa-client
- name: REACT_APP_OIDC_AUTHORITY
value: https://localhost:8443/oauth/v2/oauth-anonymous
restart:
policy: on-failure
services:
- id: web-app
ports: [{protocol: http, port: 3000}]
mounts:
- path: /root/.cache/
source:
type: volume
scope: project
id: dependency-cache
- path: /root/.npm/
source:
type: volume
scope: project
id: npm-cache
- id: oauth-agent
info: The OAuth Agent
module: polytope/container
args:
id: oauth-agent
image: gcr.io/arched-inkwell-420116/oauthagent:1.0.0
env:
- name: PORT
value: 3001
- name: TRUSTED_WEB_ORIGIN
value: 'http://localhost:8080'
- name: ISSUER
value: 'https://localhost:8443/oauth/v2/oauth-anonymous'
- name: AUTHORIZE_ENDPOINT
value: 'https://localhost:8443/oauth/v2/oauth-authorize'
- name: TOKEN_ENDPOINT
value: 'https://curity:8443/oauth/v2/oauth-token'
- name: USERINFO_ENDPOINT
value: 'https://curity:8443/oauth/v2/oauth-userinfo'
- name: LOGOUT_ENDPOINT
value: 'https://localhost:8443/oauth/v2/oauth-session/logout'
- name: CLIENT_ID
value: 'spa-client'
- name: CLIENT_SECRET
value: 'Password1'
- name: REDIRECT_URI
value: 'http://localhost:8080/auth/callback'
- name: POST_LOGOUT_REDIRECT_URI
value: 'http://localhost:8080/'
- name: SCOPE
value: 'openid profile'
- name: COOKIE_DOMAIN
value: 'localhost'
- name: COOKIE_NAME_PREFIX
value: 'curity'
- name: COOKIE_ENCRYPTION_KEY
value: 'fda91643fce9af565bdc34cd965b48da75d1f5bd8846bf0910dd6d7b10f06dfe'
- name: CORS_ENABLED
value: 'false'
- name: NODE_TLS_REJECT_UNAUTHORIZED
value: '0'
restart:
policy: on-failure
services:
- id: oauth-agent
ports: [{protocol: http, port: 3001}]
- id: kong
module: polytope/kong!simple
args:
image: gcr.io/arched-inkwell-420116/kong:3.6.1
port: 3000
env:
- name: KONG_NGINX_HTTP_LUA_SHARED_DICT
value: 'phantom-token 10m'
plugins:
- name: oauth-proxy
package: kong-oauth-proxy
version: 1.3.0
- name: phantom-token
package: kong-phantom-token
version: 2.0.0
config-file:
type: host
path: ./conf/kong-dev.yml
autoreload: true
services:
- id: kong
ports:
- port: 3000
protocol: http
expose-as: 8080
- id: curity
module: polytope/curity
args:
image: gcr.io/arched-inkwell-420116/idsvr:9.0.1
password: password
# log-level: DEBUG # NOTE: uncomment when developing against curity
license-file:
type: host
path: ./conf/curity-license.json
config-file:
type: host
path: ./conf/curity-config.xml
restart:
policy: always
- id: curity-db
module: polytope/postgres
args:
image: gcr.io/arched-inkwell-420116/postgres:16.2
data-volume:
type: volume
scope: project
id: curity-db-data
service-id: curity-db
env:
- name: POSTGRES_HOST_AUTH_METHOD
value: trust
- name: POSTGRES_DB
value: idsvr
scripts:
- type: host
path: ./conf/curity-db.sql
restart:
policy: on-failure
- id: couchbase
module: polytope/couchbase
args:
image: gcr.io/arched-inkwell-420116/couchbase:enterprise-7.6.1
data-volume:
type: volume
scope: project
id: couchbase-data
- id: init-couchbase-cluster
module: polytope/couchbase!init-cluster
args:
image: gcr.io/arched-inkwell-420116/couchbase:enterprise-7.6.1
cluster: couchbase:8091
username: admin
password: password
retries: 20
- id: create-couchbase-bucket
module: polytope/couchbase!create-bucket
args:
image: gcr.io/arched-inkwell-420116/couchbase:enterprise-7.6.1
cluster: couchbase:8091
username: admin
password: password
name: cillers
retries: 20
- id: init-couchbase-bucket
module: polytope/couchbase!cbq
args:
image: gcr.io/arched-inkwell-420116/couchbase:enterprise-7.6.1
cluster: couchbase
username: admin
password: password
script: |
CREATE COLLECTION cillers._default.products IF NOT EXISTS;
CREATE PRIMARY INDEX IF NOT EXISTS ON cillers;
CREATE PRIMARY INDEX IF NOT EXISTS ON cillers._default.products;
retries: 20
- id: redpanda
info: Runs the Redpanda server in dev mode
module: polytope/redpanda
args:
image: docker.redpanda.com/redpandadata/redpanda:v23.3.11
root-log-level: WARN
data-volume:
id: redpanda-data
type: volume
scope: project
- id: redpanda-console
info: Runs the Redpanda Console service
module: polytope/redpanda!console
args:
image: docker.redpanda.com/redpandadata/console:v2.4.5
container-id: redpanda-console
brokers: [{host: redpanda, port: 9092}]
log-level: info
port: 8079
restart: {max-restarts: null, policy: always}
- id: kafka-connect
info: Runs the Kafka connect service
module: polytope/kafka!connect
args:
image: gcr.io/arched-inkwell-420116/cp-kafka-connect:7.5.1
container-id: kafka-connect-container
connectors:
- couchbase/kafka-connect-couchbase:4.1.13
- confluentinc/kafka-connect-http:1.7.3
brokers: [{host: "redpanda", port: 9092}]
bootstrap-servers: [{host: redpanda, port: 9092}]
group-id: kafka-connect
config-topic: kafka-connect-config
config-replication-factor: 1
offset-topic: kafka-connect-offset
offset-replication-factor: 1
status-topic: kafka-connect-status
status-replication-factor: 1
key-converter: org.apache.kafka.connect.json.JsonConverter
value-converter: org.apache.kafka.connect.json.JsonConverter
root-log-level: WARN
port: 8083
- id: create-connectors
module: polytope/kafka!create-connectors
args:
image: gcr.io/arched-inkwell-420116/curl:latest
host: kafka-connect
connectors:
- name: couchbase-products-sink
config:
name: couchbase-products-sink
connector.class: com.couchbase.connect.kafka.CouchbaseSinkConnector
tasks.max: '2'
topics: products
couchbase.seed.nodes: couchbase
couchbase.bootstrap.timeout: 10s
couchbase.bucket: cillers
couchbase.default.collection: _default.products
couchbase.document.id: ${/id}
couchbase.username: admin
couchbase.password: password
key.converter: org.apache.kafka.connect.storage.StringConverter
value.converter: org.apache.kafka.connect.json.JsonConverter
value.converter.schemas.enable: 'false'