Update docker compose

README.md

@@ -201,7 +201,7 @@ The install script will install the package into the running Conjur appliance an
 You can view the contents of this package by running:
 
 ```
-$ docker-compose exec conjur-master-1.mycompany.local ls -a /opt/conjur/possum/
+$ docker compose exec conjur-master-1.mycompany.local ls -a /opt/conjur/possum/
 ```
 
 ## Performance Tests

bin/api

@@ -1,4 +1,4 @@
 #!/bin/bash -e
 
 export VERSION='5.0-stable'
-docker-compose run --no-deps --rm api-client bin/api "$@"
+docker compose run --no-deps --rm api-client bin/api "$@"

bin/cli

@@ -2,7 +2,7 @@
 
 function proxy_command {
   cmd="$@"
-  docker-compose run --rm -w /src/cli --entrypoint /bin/bash client -c "
+  docker compose run --rm -w /src/cli --entrypoint /bin/bash client -c "
     if [ ! -e /root/conjur-demo.pem ]; then
       yes 'yes' | conjur init -u https://conjur-master.mycompany.local -a demo
     fi

bin/dap

@@ -170,7 +170,7 @@ function _run {
   echo "Running Command (on $_node_name): docker exec cyberark-dap $_args"
 
   if [[ $DRY_RUN = false ]]; then
-    docker-compose exec -T $_node_name bash -c "
+    docker compose exec -T $_node_name bash -c "
       $_args
     "
   fi
@@ -180,18 +180,18 @@ function _start_master {
   if [[ $DRY_RUN = false ]]; then
 
     if [[ "$PULL_IMAGES" = "true" ]]; then
-      docker-compose pull
+      docker compose pull
     fi
 
     _set_master_single_node_proxy_config
-    docker-compose up -d --no-deps conjur-master.mycompany.local \
+    docker compose up -d --no-deps conjur-master.mycompany.local \
                                     conjur-master-1.mycompany.local
   fi
 }
 
 function _start_l7_load_balancer {
   if [[ $DRY_RUN = false ]]; then
-    docker-compose up -d --no-deps conjur-follower.mycompany.local
+    docker compose up -d --no-deps conjur-follower.mycompany.local
   fi
 }
 
@@ -210,8 +210,8 @@ function _configure_master {
 function _setup_standby {
   local _standby_number=$1
 
-  docker-compose rm --stop --force "conjur-master-$_standby_number.mycompany.local"
-  docker-compose up --no-deps --detach "conjur-master-$_standby_number.mycompany.local"
+  docker compose rm --stop --force "conjur-master-$_standby_number.mycompany.local"
+  docker compose up --no-deps --detach "conjur-master-$_standby_number.mycompany.local"
 
   # Generate a Seed File
   _run conjur-master-1.mycompany.local \
@@ -229,8 +229,8 @@ function _start_standby_synchronization {
 
 function _setup_follower {
 
-  docker-compose rm --stop --force conjur-follower-1.mycompany.local
-  docker-compose up --no-deps --detach conjur-follower-1.mycompany.local
+  docker compose rm --stop --force conjur-follower-1.mycompany.local
+  docker compose up --no-deps --detach conjur-follower-1.mycompany.local
 
   # Generate Seed file
   _run conjur-master-1.mycompany.local \
@@ -249,7 +249,7 @@ function _setup_follower {
 function _perform_promotion {
   # Stop current master
   if [[ $DRY_RUN = false ]]; then
-    docker-compose stop conjur-master-1.mycompany.local
+    docker compose stop conjur-master-1.mycompany.local
   fi
 
   # Promote Standby to Master
@@ -270,8 +270,8 @@ function _single_master {
 
 function _reload_container {
   name="$1"
-  docker-compose rm --stop --force $name
-  docker-compose up --no-deps --detach $name
+  docker compose rm --stop --force $name
+  docker compose up --no-deps --detach $name
 
 }
 
@@ -293,7 +293,7 @@ function _command {
 
 function _stop {
   echo "stopping...."
-  docker-compose down -v
+  docker compose down -v
   docker network remove dap_net || true
 
   _command rm -rf cli_cache
@@ -391,7 +391,7 @@ function _stop_replication {
 function _stop_and_rename {
   local container_name="$1"
   local rename_to="$2"
-  docker-compose stop $container_name
+  docker compose stop $container_name
   image_id=$(docker ps --all --quiet --filter "name=$container_name")
   docker rename $image_id $rename_to
 }
@@ -408,7 +408,7 @@ function _upgrade_via_backup_restore {
 }
 
 function _stop_and_remove_master {
-  docker-compose rm --stop --force conjur-master-1.mycompany.local
+  docker compose rm --stop --force conjur-master-1.mycompany.local
 }
 
 function _restore_from_backup {

bin/generate-certs

@@ -2,4 +2,4 @@
 
 export VERSION='5.0-stable'
 
-docker-compose run --no-deps --rm certificate-generator "$@"
+docker compose run --no-deps --rm certificate-generator "$@"

ci/assets/Dockerfile.ci

@@ -1,12 +1,12 @@
 FROM ruby:2.7-alpine
 
-RUN apk update && apk add --no-cache docker-cli git libffi-dev build-base bash jq curl
+RUN apk update && apk add --no-cache docker-cli docker-cli-compose git libffi-dev build-base bash jq curl
 
 # Install Docker-Compose
-RUN apk add --no-cache docker-cli python3 py3-pip && \
-    apk add --no-cache --virtual .docker-compose-deps python3-dev libffi-dev openssl-dev gcc libc-dev make && \
-    pip3 install docker-compose && \
-    apk del .docker-compose-deps
+# RUN apk add --no-cache docker-cli python3 py3-pip && \
+#     apk add --no-cache --virtual .docker compose-deps python3-dev libffi-dev openssl-dev gcc libc-dev make && \
+#     pip3 install docker compose && \
+#     apk del .docker compose-deps
 
 RUN mkdir -p /src
 WORKDIR /src

ci/providers/docker_compose.rb

@@ -22,7 +22,7 @@ def initialize(logger:)
 
       def provision_master(version:, with_load_balancer: true)
         system('cp files/haproxy/master/single/haproxy.cfg files/haproxy/master/haproxy.cfg')
-        system({ 'VERSION' => version }, 'docker-compose up -d --no-deps conjur-master.mycompany.local conjur-master-1.mycompany.local')
+        system({ 'VERSION' => version }, 'docker compose up -d --no-deps conjur-master.mycompany.local conjur-master-1.mycompany.local')
         args = [
           'evoke configure master',
           '--accept-eula',
@@ -31,16 +31,16 @@ def provision_master(version:, with_load_balancer: true)
           '--admin-password MySecretP@ss1',
           'demo'
         ].join(' ')
-        system("docker-compose exec conjur-master-1.mycompany.local bash -c '#{args}'")
+        system("docker compose exec conjur-master-1.mycompany.local bash -c '#{args}'")
       end
 
       def provision_follower(version:, with_load_balancer: true)
-        system({ 'VERSION' => version }, 'docker-compose up --no-deps --detach conjur-follower-1.mycompany.local')
-        system('docker-compose exec conjur-master-1.mycompany.local bash -c "evoke seed follower conjur-follower.mycompany.local > /opt/cyberark/dap/seeds/follower-seed.tar"')
-        system('docker-compose exec conjur-follower-1.mycompany.local bash -c "evoke unpack seed /opt/cyberark/dap/seeds/follower-seed.tar && evoke configure follower"')
+        system({ 'VERSION' => version }, 'docker compose up --no-deps --detach conjur-follower-1.mycompany.local')
+        system('docker compose exec conjur-master-1.mycompany.local bash -c "evoke seed follower conjur-follower.mycompany.local > /opt/cyberark/dap/seeds/follower-seed.tar"')
+        system('docker compose exec conjur-follower-1.mycompany.local bash -c "evoke unpack seed /opt/cyberark/dap/seeds/follower-seed.tar && evoke configure follower"')
 
         # Start Load Balancer
-        system('docker-compose up -d --no-deps conjur-follower.mycompany.local')
+        system('docker compose up -d --no-deps conjur-follower.mycompany.local')
       end
 
       def reset_environment
@@ -128,7 +128,7 @@ def current_master
       end
 
       def last_audit_event
-        last_audit = `docker-compose exec #{current_master} bash -c "tail -n 1 /var/log/conjur/audit.json"`
+        last_audit = `docker compose exec #{current_master} bash -c "tail -n 1 /var/log/conjur/audit.json"`
 
         return JSON.parse(last_audit) unless last_audit.nil?
       end

demos/aws-cluster/1_init_cluster

@@ -51,7 +51,7 @@ EOF
 EOF
 
   # Load policy files
-  docker-compose run -T --entrypoint "/bin/bash" cli -c "
+  docker compose run -T --entrypoint "/bin/bash" cli -c "
   yes 'yes' | conjur init -u "https://$LB_DNS" -a "$CONJUR_ACCOUNT" --force=true
   conjur authn login -u "admin" -p "$CONJUR_ADMIN_PASSWORD"
   conjur policy load root /data/policy/conjur.yml

demos/certificate-authority/mutual-tls/0_start

@@ -1,24 +1,24 @@
 #!/bin/bash -eu
 
 echo "Pulling latest images..."
-docker-compose pull > /dev/null 2>&1
-docker-compose build > /dev/null 2>&1
+docker compose pull > /dev/null 2>&1
+docker compose build > /dev/null 2>&1
 
 # Generate Conjur data key if it doesn't exist
 if [ ! -f conjur/data_key ]; then
     echo "Generating Conjur data key..."
-    docker-compose run --no-deps -T --rm conjur data-key generate > conjur/data_key
+    docker compose run --no-deps -T --rm conjur data-key generate > conjur/data_key
 fi
 
 echo "Starting Conjur..."
 export CONJUR_DATA_KEY="$(< conjur/data_key)"
-docker-compose up -d conjur > /dev/null 2>&1
+docker compose up -d conjur > /dev/null 2>&1
 
 # Wait for Conjur to be ready
-docker-compose exec conjur conjurctl wait
+docker compose exec conjur conjurctl wait
 
 # Create cucumber account and admin role
-docker-compose exec -T conjur conjurctl account create cucumber > conjur/admin_info
+docker compose exec -T conjur conjurctl account create cucumber > conjur/admin_info
 
 admin_secret=$(cat conjur/admin_info | sed -n -e 's/^.*API key for admin: //p')
 echo "------------------------------"

demos/certificate-authority/mutual-tls/1_load_policy

@@ -1,8 +1,8 @@
 #!/bin/bash -eu
 
-docker-compose run --rm cli -c "conjur init --force=true -u \$CONJUR_APPLIANCE_URL -a \$CONJUR_ACCOUNT"
-docker-compose run --rm cli -c "conjur authn login -u \$CONJUR_AUTHN_LOGIN"
-host_logins=$(docker-compose run --rm -T cli -c "conjur policy load root /src/cli/mutual_tls.yml")
+docker compose run --rm cli -c "conjur init --force=true -u \$CONJUR_APPLIANCE_URL -a \$CONJUR_ACCOUNT"
+docker compose run --rm cli -c "conjur authn login -u \$CONJUR_AUTHN_LOGIN"
+host_logins=$(docker compose run --rm -T cli -c "conjur policy load root /src/cli/mutual_tls.yml")
 echo "$host_logins" > cli/host_logins
 
 server_password=$(cat cli/host_logins | jq -r '.created_roles | .["cucumber:host:mutual-tls/server"] | .api_key')

demos/certificate-authority/mutual-tls/2_create_ca

@@ -3,10 +3,10 @@
 # Generate root and intermediate CA certificates
 
 if [ ! -d ca/ca ]; then
-  docker-compose run --rm --user $(id -u) ca
+  docker compose run --rm --user $(id -u) ca
 fi
 
-auth_header=$(docker-compose run --rm -T cli -c 'conjur authn authenticate -H') 
+auth_header=$(docker compose run --rm -T cli -c 'conjur authn authenticate -H') 
 
 echo Store the intermediate CA private key in Conjur...
 curl --data-binary "@ca/ca/intermediate.key" \

demos/certificate-authority/mutual-tls/3_create_server_cert

@@ -1,5 +1,5 @@
 #!/bin/bash -eu
 
 rm -rf server/server.crt
-docker-compose run --rm --user $(id -u) server /server/request_certificate
+docker compose run --rm --user $(id -u) server /server/request_certificate
 chmod 444 server/server.crt

demos/certificate-authority/mutual-tls/4_create_client_cert

@@ -1,5 +1,5 @@
 #!/bin/bash -eu
 
 rm -rf client/client.crt
-docker-compose run --rm --user $(id -u) client /client/request_certificate
+docker compose run --rm --user $(id -u) client /client/request_certificate
 chmod 444 client/client.crt

demos/certificate-authority/mutual-tls/5_connect

@@ -12,9 +12,9 @@ while true ; do
 done
 
 echo "Starting server..."
-docker-compose rm -fs server > /dev/null 2>&1
-docker-compose build server > /dev/null 2>&1
-docker-compose up -d server > /dev/null 2>&1
+docker compose rm -fs server > /dev/null 2>&1
+docker compose build server > /dev/null 2>&1
+docker compose up -d server > /dev/null 2>&1
 
 args=""
 
@@ -27,4 +27,4 @@ if [[ $INCLUDE_CLIENT_CERT = true ]]; then
 fi
 
 echo "Connecting client (Certificate Chain=$INCLUDE_CERT_CHAIN, Client Certificate=$INCLUDE_CLIENT_CERT)..."
-docker-compose run --rm client bash -c "curl $args https://server" || true
+docker compose run --rm client bash -c "curl $args https://server" || true

demos/certificate-authority/mutual-tls/6_stop

@@ -1,4 +1,4 @@
 #!/bin/bash -eu
 
-docker-compose down
-docker-compose rm
+docker compose down
+docker compose rm

demos/certificate-authority/mutual-tls/README.md

@@ -17,7 +17,7 @@ other using mutual TLS.
 ### Prerequisites
 
 1. docker
-2. docker-compose
+2. docker compose
 
 ### Getting Started
 

demos/cluster/bin/cli

@@ -17,7 +17,7 @@ exit
 
 function proxy_command {
   cmd="$@"
-  docker-compose run --rm -w /src/cli --entrypoint /bin/bash client -c "
+  docker compose run --rm -w /src/cli --entrypoint /bin/bash client -c "
     if [ ! -e /root/conjur-demo.pem ]; then
       yes 'yes' | conjur init -u https://conjur-master-1.mycompany.local -a demo
     fi