devops folders consolidate

devops/services/authority/README.md

@@ -1,6 +1,6 @@
 # StellaOps Authority Container Scaffold
 
-This directory provides a distroless Dockerfile and `docker-compose` sample for bootstrapping the Authority service alongside MongoDB (required) and Redis (optional).
+This directory provides a distroless Dockerfile and `docker-compose` sample for bootstrapping the Authority service alongside PostgreSQL (required) and Valkey (cache).
 
 ## Prerequisites
 
@@ -16,14 +16,14 @@ This directory provides a distroless Dockerfile and `docker-compose` sample for
 docker compose -f ops/authority/docker-compose.authority.yaml up --build
 ```
 
-`authority.yaml` is mounted read-only at `/etc/authority.yaml` inside the container. Plugin manifests are mounted to `/app/etc/authority.plugins`. Update the issuer URL plus any Mongo credentials in the compose file or via an `.env`.
+`authority.yaml` is mounted read-only at `/etc/authority.yaml` inside the container. Plugin manifests are mounted to `/app/etc/authority.plugins`. Update the issuer URL plus any PostgreSQL credentials in the compose file or via an `.env`.
 
 To run with pre-built images, replace the `build:` block in the compose file with an `image:` reference.
 
 ## Volumes
 
-- `mongo-data` – persists MongoDB state.
-- `redis-data` – optional Redis persistence (enable the service before use).
+- `postgres-data` – persists PostgreSQL state.
+- `valkey-data` – Valkey cache persistence.
 - `authority-keys` – writable volume for Authority signing keys.
 
 ## Environment overrides
@@ -33,6 +33,9 @@ Key environment variables (mirroring `StellaOpsAuthorityOptions`):
 | Variable | Description |
 | --- | --- |
 | `STELLAOPS_AUTHORITY__ISSUER` | Public issuer URL advertised by Authority |
+| `STELLAOPS_AUTHORITY__STORAGE__DRIVER` | Storage driver (postgres) |
+| `STELLAOPS_AUTHORITY__STORAGE__POSTGRES__CONNECTIONSTRING` | PostgreSQL connection string |
+| `STELLAOPS_AUTHORITY__CACHE__REDIS__CONNECTIONSTRING` | Valkey/Redis cache connection |
 | `STELLAOPS_AUTHORITY__PLUGINDIRECTORIES__0` | Primary plugin binaries directory inside the container |
 | `STELLAOPS_AUTHORITY__PLUGINS__CONFIGURATIONDIRECTORY` | Path to plugin manifest directory |
 

devops/services/authority/docker-compose.authority.yaml

@@ -1,4 +1,13 @@
-version: "3.9"
+# =============================================================================
+# AUTHORITY - LOCAL DEVELOPMENT STACK
+# =============================================================================
+# OAuth2/OIDC identity provider development environment.
+#
+# Usage:
+#   docker compose -f docker-compose.authority.yaml up -d
+#
+# For production, use compose/docker-compose.stella-ops.yml instead.
+# =============================================================================
 
 services:
   authority:
@@ -8,12 +17,19 @@ services:
     image: stellaops-authority:dev
     container_name: stellaops-authority
     depends_on:
-      mongo:
-        condition: service_started
+      postgres:
+        condition: service_healthy
+      valkey:
+        condition: service_healthy
     environment:
       # Override issuer to match your deployment URL.
       STELLAOPS_AUTHORITY__ISSUER: "https://authority.localtest.me"
-      # Point the Authority host at the Mongo instance defined below.
+      # Storage configuration (PostgreSQL)
+      STELLAOPS_AUTHORITY__STORAGE__DRIVER: "postgres"
+      STELLAOPS_AUTHORITY__STORAGE__POSTGRES__CONNECTIONSTRING: "Host=postgres;Port=5432;Database=authority;Username=stellaops;Password=stellaops"
+      # Cache configuration (Valkey)
+      STELLAOPS_AUTHORITY__CACHE__REDIS__CONNECTIONSTRING: "valkey:6379"
+      # Plugin configuration
       STELLAOPS_AUTHORITY__PLUGINDIRECTORIES__0: "/app/plugins"
       STELLAOPS_AUTHORITY__PLUGINS__CONFIGURATIONDIRECTORY: "/app/etc/authority.plugins"
     volumes:
@@ -26,17 +42,22 @@ services:
       - "8080:8080"
     restart: unless-stopped
 
-  mongo:
-    image: mongo:7
-    container_name: stellaops-authority-mongo
-    command: ["mongod", "--bind_ip_all"]
+  postgres:
+    image: postgres:18.1-alpine
+    container_name: stellaops-authority-postgres
     environment:
-      MONGO_INITDB_ROOT_USERNAME: stellaops
-      MONGO_INITDB_ROOT_PASSWORD: stellaops
+      POSTGRES_USER: stellaops
+      POSTGRES_PASSWORD: stellaops
+      POSTGRES_DB: authority
     volumes:
-      - mongo-data:/data/db
+      - postgres-data:/var/lib/postgresql/data
     ports:
-      - "27017:27017"
+      - "5432:5432"
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U stellaops -d authority"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
     restart: unless-stopped
 
   valkey:
@@ -47,13 +68,14 @@ services:
       - valkey-data:/data
     ports:
       - "6379:6379"
+    healthcheck:
+      test: ["CMD", "valkey-cli", "ping"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
     restart: unless-stopped
-    # Uncomment to enable if/when Authority consumes Valkey.
-    # deploy:
-    #   replicas: 0
 
 volumes:
-  mongo-data:
+  postgres-data:
   valkey-data:
   authority-keys:
-