stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

devops folders consolidate

Browse Source
This commit is contained in:
master
2026-01-25 23:27:41 +02:00
parent 6e687b523a
commit a50bbb38ef
334 changed files with 35079 additions and 5569 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
devops/services/sealed-mode-ci/sealed-mode-compose.yml
View File

@@ -1,4 +1,11 @@
version: '3.9'
# =============================================================================
# SEALED MODE CI - AIR-GAPPED TESTING ENVIRONMENT
# =============================================================================
# Sealed/air-gapped CI environment for testing offline functionality.
#
# Usage:
# docker compose -f sealed-mode-compose.yml up -d
# =============================================================================
x-release-labels: &release-labels
com.stellaops.profile: 'sealed-ci'
@@ -9,31 +16,57 @@ networks:
driver: bridge
volumes:
sealed-mongo-data:
sealed-postgres-data:
sealed-valkey-data:
services:
mongo:
image: docker.io/library/mongo@sha256:c258b26dbb7774f97f52aff52231ca5f228273a84329c5f5e451c3739457db49
command: ['mongod', '--bind_ip_all']
postgres:
image: docker.io/library/postgres@sha256:8e97b8526ed19304b144f7478bc9201646acf0723cdc6e4b19bc9eb34879a27e
restart: unless-stopped
environment:
MONGO_INITDB_ROOT_USERNAME: sealedci
MONGO_INITDB_ROOT_PASSWORD: sealedci-secret
POSTGRES_USER: sealedci
POSTGRES_PASSWORD: sealedci-secret
POSTGRES_DB: stellaops
volumes:
- sealed-mongo-data:/data/db
- sealed-postgres-data:/var/lib/postgresql/data
networks:
- sealed-ci
healthcheck:
test: ["CMD-SHELL", "pg_isready -U sealedci -d stellaops"]
interval: 10s
timeout: 5s
retries: 5
labels: *release-labels
valkey:
image: docker.io/valkey/valkey:9.0.1-alpine
restart: unless-stopped
command: ["valkey-server", "--appendonly", "yes"]
volumes:
- sealed-valkey-data:/data
networks:
- sealed-ci
healthcheck:
test: ["CMD", "valkey-cli", "ping"]
interval: 10s
timeout: 5s
retries: 5
labels: *release-labels
authority:
image: registry.stella-ops.org/stellaops/authority@sha256:a8e8faec44a579aa5714e58be835f25575710430b1ad2ccd1282a018cd9ffcdd
depends_on:
- mongo
postgres:
condition: service_healthy
valkey:
condition: service_healthy
restart: unless-stopped
environment:
ASPNETCORE_URLS: http://+:5088
STELLAOPS_AUTHORITY__ISSUER: http://authority.sealed-ci.local
STELLAOPS_AUTHORITY__MONGO__CONNECTIONSTRING: mongodb://sealedci:sealedci-secret@mongo:27017/authority?authSource=admin
STELLAOPS_AUTHORITY__STORAGE__DRIVER: postgres
STELLAOPS_AUTHORITY__STORAGE__POSTGRES__CONNECTIONSTRING: "Host=postgres;Port=5432;Database=authority;Username=sealedci;Password=sealedci-secret"
STELLAOPS_AUTHORITY__CACHE__REDIS__CONNECTIONSTRING: "valkey:6379"
STELLAOPS_AUTHORITY__PLUGINDIRECTORIES__0: /app/plugins
STELLAOPS_AUTHORITY__PLUGINS__CONFIGURATIONDIRECTORY: /app/plugins
STELLAOPS_AUTHORITY__SECURITY__SENDERCONSTRAINTS__DPOP__ENABLED: 'true'
@@ -58,7 +91,9 @@ services:
ASPNETCORE_URLS: http://+:6088
SIGNER__AUTHORITY__BASEURL: http://authority:5088
SIGNER__POE__INTROSPECTURL: http://authority:5088/device-code
SIGNER__STORAGE__MONGO__CONNECTIONSTRING: mongodb://sealedci:sealedci-secret@mongo:27017/signer?authSource=admin
SIGNER__STORAGE__DRIVER: postgres
SIGNER__STORAGE__POSTGRES__CONNECTIONSTRING: "Host=postgres;Port=5432;Database=signer;Username=sealedci;Password=sealedci-secret"
SIGNER__CACHE__REDIS__CONNECTIONSTRING: "valkey:6379"
SIGNER__SEALED__MODE: Enabled
ports:
- '6088:6088'
@@ -74,7 +109,9 @@ services:
environment:
ASPNETCORE_URLS: http://+:7088
ATTESTOR__SIGNER__BASEURL: http://signer:6088
ATTESTOR__MONGO__CONNECTIONSTRING: mongodb://sealedci:sealedci-secret@mongo:27017/attestor?authSource=admin
ATTESTOR__STORAGE__DRIVER: postgres
ATTESTOR__STORAGE__POSTGRES__CONNECTIONSTRING: "Host=postgres;Port=5432;Database=attestor;Username=sealedci;Password=sealedci-secret"
ATTESTOR__CACHE__REDIS__CONNECTIONSTRING: "valkey:6379"
ATTESTOR__SEALED__MODE: Enabled
ports:
- '7088:7088'