docker-compose.yml

services:
  db:
    image: mariadb:10
    ports:
      - "3306"
    env_file:
      - ./local.env

  app:
    build: ./
    volumes:
      - ./application:/data
      - ./auth.json:/root/.composer/auth.json
    ports:
      - "51140:80"
    mem_limit: 200m
    depends_on:
      - db
    env_file:
      - ./local.env
    environment:
      #            RUN_TASK: cron/all
      EMAILER_CLASS: \Sil\SilIdBroker\Behat\Context\fakes\FakeEmailer
      EMAIL_SIGNATURE: "Dummy Signature for Development\r\rdo not reply to this email"

  appfortests:
    build: ./
    volumes:
      - ./application:/data
      - ./auth.json:/root/.composer/auth.json
    mem_limit: 200m
    ports:
      - "80"
    depends_on:
      - testdb
    environment:
      API_ACCESS_KEYS: api-test-NOTASECRET
      APP_ENV: test
      EMAIL_SERVICE_accessToken: dummy
      EMAIL_SERVICE_assertValidIp: "false"
      EMAIL_SERVICE_baseUrl: dummy
      EMAIL_SIGNATURE: Dummy Signature for Tests
      EMAILER_CLASS: \Sil\SilIdBroker\Behat\Context\fakes\FakeEmailer
      IDP_NAME: test
      MYSQL_ROOT_PASSWORD: r00tp@ss!
      MYSQL_HOST: testdb
      MYSQL_DATABASE: appfortests
      MYSQL_USER: appfortests
      MYSQL_PASSWORD: appfortests
      MFA_WEBAUTHN_apiBaseUrl: mfaapi:8080/
      MFA_WEBAUTHN_apiKey: 10345678-1234-1234-1234-123456789012
      MFA_WEBAUTHN_apiSecret: 11345678-1234-1234-1234-12345678
      # the corresponding hash: $2a$10$8Bp9PqqfStjLvh1nQJ67JeY3CO/mEXmF1GKfe8Vk0kue1.i7fa2mC
      MFA_WEBAUTHN_appId: ourApp99
      MFA_WEBAUTHN_rpDisplayName: Our App
      MFA_WEBAUTHN_rpId: http://app99
      SUPPORT_EMAIL: support@example.com

  testdb:
    image: mariadb:10
    ports:
      - "3306"
    environment:
      MYSQL_ROOT_PASSWORD: r00tp@ss!
      MYSQL_DATABASE: appfortests
      MYSQL_USER: appfortests
      MYSQL_PASSWORD: appfortests

  cli:
    image: silintl/php8:8.1
    platform: linux/amd64
    volumes:
      - composer-cache:/composer
      - ./application:/data
      - ./auth.json:/root/.composer/auth.json
    working_dir: /data
    environment:
      COMPOSER_CACHE_DIR: /composer
    env_file:
      - ./local.env
    command: [ "true" ]

  dynamo:
    image: amazon/dynamodb-local
    platform: linux/amd64
    ports:
      - "8000:8000"
    environment:
      AWS_ACCESS_KEY_ID: abc123
      AWS_SECRET_ACCESS_KEY: abc123
      AWS_DEFAULT_REGION: us-east-1
    command: "-jar DynamoDBLocal.jar -sharedDb"

  mfaapi:
    build: ./serverless-mfa-api
    ports:
      - 8080
    volumes:
      - ./serverless-mfa-api/override:/src/override
    environment:
      AWS_ENDPOINT: dynamo:8000
      AWS_DEFAULT_REGION: us-east-1
      AWS_ACCESS_KEY_ID: abc123
      AWS_SECRET_ACCESS_KEY: abc123
      AWS_DISABLE_SSL: "true"
      API_KEY_TABLE: ApiKey
      WEBAUTHN_TABLE: WebAuthn
    depends_on:
      - dynamo
      - dynamorestart
    working_dir: /src
    # Copy files from the override folder to be used for possible troubleshooting (e.g. with extra log statements)
    # (using bash -c to keep the chown command from ignoring the && and throwing an error)
    command: bash -c "cp -R ./override/* ./ && go run ./server/"

  u2fsim:
    build: ./u2f-simulator
    ports:
      - 8080
    volumes:
      - ./u2f-simulator/override:/src/override
    working_dir: /src
    # Copy files from the override folder to be used for possible troubleshooting (e.g. with extra log statements)
    command: bash -c "cp -R ./override/* ./ && go run ./u2fserver/"

  dynamorestart:
    build: ./dynamorestart
    ports:
      - 8080
    volumes:
      - ./dynamorestart/:/dynamo
    environment:
      AWS_ENDPOINT: dynamo:8000
      AWS_DEFAULT_REGION: us-east-1
      AWS_ACCESS_KEY_ID: abc123
      AWS_SECRET_ACCESS_KEY: abc123
      AWS_DISABLE_SSL: "true"
      API_KEY_TABLE: ApiKey
      WEBAUTHN_TABLE: WebAuthn
    depends_on:
      - dynamo
    working_dir: /dynamo
    command: bash -c "pwd && ls -al && php restart.php"

  test:
    image: silintl/php8:8.1
    platform: linux/amd64
    volumes:
      - ./application:/data
      - ./auth.json:/root/.composer/auth.json
    mem_limit: 200m
    working_dir: /data
    depends_on:
      - appfortests
      - mfaapi
      - u2fsim
    environment:
      TEST_SERVER_HOSTNAME: appfortests
      API_ACCESS_KEYS: api-test-NOTASECRET
      API_KEY_TABLE: ApiKey
      APP_ENV: test
      AWS_ENDPOINT: dynamo:8000
      AWS_DEFAULT_REGION: us-east-1
      AWS_ACCESS_KEY_ID: abc123
      AWS_SECRET_ACCESS_KEY: abc123
      EMAILER_CLASS: \Sil\SilIdBroker\Behat\Context\fakes\FakeEmailer
      EMAIL_SERVICE_accessToken: dummy
      EMAIL_SERVICE_assertValidIp: "false"
      EMAIL_SERVICE_baseUrl: dummy
      EMAIL_SIGNATURE: Dummy Signature for Test
      MFA_WEBAUTHN_apiBaseUrl: mfaapi:8080/
      MFA_WEBAUTHN_apiKey: 10345678-1234-1234-1234-123456789012
      MFA_WEBAUTHN_apiSecret: 11345678-1234-1234-1234-12345678
      # the corresponding hash: $2a$10$8Bp9PqqfStjLvh1nQJ67JeY3CO/mEXmF1GKfe8Vk0kue1.i7fa2mC
      MFA_WEBAUTHN_appId: ourApp99
      MFA_WEBAUTHN_rpDisplayName: Our App
      MFA_WEBAUTHN_rpId: http://app99
      HELP_CENTER_URL: https://www.example.com/help
      IDP_DISPLAY_NAME: Test
      IDP_NAME: test
      MYSQL_DATABASE: appfortests
      MYSQL_HOST: testdb
      MYSQL_PASSWORD: appfortests
      MYSQL_USER: appfortests
      PASSWORD_PROFILE_URL: https://www.example.com
      SUPPORT_EMAIL: support@example.com
      HR_NOTIFICATIONS_EMAIL: hr@example.com
      ABANDONED_USER_bestPracticeUrl: http://www.example.com/best-practices.html
      ABANDONED_USER_deactivateInstructionsUrl: http://www.example.com/deactivate-instructions.html
      U2F_SIM_HOST_AND_PORT: u2fsim:8080
    command: ./run-tests.sh
    # running isolated tests
    # docker compose run --rm test vendor/bin/behat --stop-on-failure features/user.feature
    # docker compose run --rm test vendor/bin/behat --stop-on-failure features/user.feature:306

  phpmyadmin:
    image: phpmyadmin:5
    ports:
      - "51141:80"
    depends_on:
      - db
    env_file:
      - ./local.env
    environment:
      PMA_HOST: db
      PMA_USER: user
      PMA_PASSWORD: pass

  phpmyadmintest:
    image: phpmyadmin:5
    ports:
      - "51142:80"
    depends_on:
      - testdb
    env_file:
      - ./local.env
    environment:
      PMA_HOST: testdb
      PMA_USER: appfortests
      PMA_PASSWORD: appfortests

  raml2html:
    image: mattjtodd/raml2html
    platform: linux/amd64
    volumes:
      - ./api.raml:/api.raml
      - ./api.html:/api.html
    # The ENTRYPOINT in the Dockerfile is "raml2html"
    command: -i api.raml -o api.html

networks:
  default:
    driver: bridge
    ipam:
      driver: default
      config:
        - subnet: 10.20.39.0/24
          gateway: 10.20.39.1

volumes:
  composer-cache: