Merge pull request #920 from walt-id/opa-server-deployment

ci/cd : added opa server to docker-compose.yaml
walt-id · Feb 4, 2025 · fb102cc · fb102cc
2 parents a34cdf0 + f13850e
commit fb102cc
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 1 deletion.
diff --git a/docker-compose/.env b/docker-compose/.env
@@ -6,6 +6,7 @@ WEB_PORTAL_PORT=7102
 VC_REPO_PORT=7103
 DEV_WALLET_FRONTEND_PORT=7104
 VAULT_PORT=8200
+OPA_SERVER_PORT=8181
 
 # database
 DB_NAME=waltid
@@ -24,5 +25,5 @@ MSSQL_DB_PORT=1433
 #sqlite | postgres | mssql
 DATABASE_ENGINE=postgres
 VERSION_TAG=0.11.0
-#identity | identity,tse | all
+#identity | identity,tse | identity,opa | all
 COMPOSE_PROFILES=identity
diff --git a/docker-compose/README.md b/docker-compose/README.md
@@ -107,6 +107,7 @@ profiles to start the services for. Currently, the services are available with 2
         - approle - for my-role, where role-id and secret-id will be output in the console<sup>1</sup>
         - userpass - for myuser with mypassword
         - access-token - with dev-only-token
+- opa - for the Open Policy Agent service
 
 Profiles can be combined, e.g. `COMPOSE_PROFILES=identity,tse` - will start the
 waltid-identity services and the vault (also can be done with the `all` profile).
@@ -138,6 +139,7 @@ docker-compose down -v
 - Issuer API: [http://localhost:7002](http://localhost:7002)
 - Verifier API: [http://localhost:7003](http://localhost:7003)
 - Hashicorp vault: [http://localhost:8200](http://localhost:8200)
+- Open Policy Agent: [http://localhost:8181](http://localhost:8181)
 
 ### Apps
 

diff --git a/docker-compose/docker-compose.yaml b/docker-compose/docker-compose.yaml
@@ -56,6 +56,8 @@ services:
       - .env
     volumes:
       - ./verifier-api/config:/waltid-verifier-api/config
+    environment:
+      OPA_SERVER_URL: "http://opa-server:8181"
 
   waltid-demo-wallet:
     image: docker.io/waltid/waltid-demo-wallet:${VERSION_TAG:-latest}
@@ -180,6 +182,18 @@ services:
     volumes:
       - ./vault/init.sh:/vault/scripts/init.sh
 
+  opa-server:
+    image: openpolicyagent/opa:latest
+    container_name: opa-server
+    profiles:
+      - opa
+      - all
+    ports:
+      - "$OPA_SERVER_PORT:8181"
+    command: [ "run", "--server", "--addr", ":8181" ]
+    extra_hosts:
+      - "host.docker.internal:host-gateway"
+
   caddy:
     image: docker.io/caddy:2
     restart: unless-stopped