1+ x-react-volumes : &react-volumes
2+ - ./:/opt/app
3+ - /mnt/wslg/.X11-unix:/tmp/.X11-unix
4+ - /opt/app/node_modules
5+
6+ services :
7+ pearl-db :
8+ profiles :
9+ - apis
10+ - all
11+ image : postgres:14.15
12+ environment :
13+ - POSTGRES_USER=${PEARL_DB_USER}
14+ - POSTGRES_PASSWORD=${PEARL_DB_PASSWORD}
15+ - POSTGRES_DB=${PEARL_DB}
16+ command : ['postgres']
17+ healthcheck :
18+ test : ['CMD-SHELL', 'pg_isready -U ${PEARL_DB_USER} -d ${PEARL_DB} -h localhost']
19+ interval : 5s
20+ timeout : 10s
21+ retries : 10
22+ ports :
23+ - ${PEARL_DB_PORT}:5432
24+
25+ questionnaire-db :
26+ profiles :
27+ - apis
28+ - all
29+ image : postgres:15.1
30+ environment :
31+ - POSTGRES_USER=${QUESTIONNAIRE_DB_USER}
32+ - POSTGRES_PASSWORD=${QUESTIONNAIRE_DB_PASSWORD}
33+ - POSTGRES_DB=${QUESTIONNAIRE_DB}
34+ command : ['postgres']
35+ healthcheck :
36+ test :
37+ ['CMD-SHELL', 'pg_isready -U ${QUESTIONNAIRE_DB_USER} -d ${QUESTIONNAIRE_DB} -h localhost']
38+ interval : 5s
39+ timeout : 10s
40+ retries : 10
41+ ports :
42+ - ${QUESTIONNAIRE_DB_PORT}:5432
43+
44+ questionnaire-api :
45+ profiles :
46+ - apis
47+ - all
48+ image : inseefr/queen-back-office:5.3.0-rc
49+ depends_on :
50+ questionnaire-db :
51+ condition : service_healthy
52+ environment :
53+ - SPRING_DATASOURCE_URL=jdbc:postgresql://questionnaire-db:5432/${QUESTIONNAIRE_DB}
54+ - SPRING_DATASOURCE_USERNAME=${QUESTIONNAIRE_DB_USER}
55+ - SPRING_DATASOURCE_PASSWORD=${QUESTIONNAIRE_DB_PASSWORD}
56+ - SPRING_DATASOURCE_DRIVERCLASSNAME=org.postgresql.Driver
57+ - APPLICATION_TEMPFOLDER=/tmp
58+ - APPLICATION_CORSORIGINS=http://localhost:3000,http://localhost:5001
59+ - APPLICATION_ROLES_INTERVIEWER=${INTERVIEWER_ROLE}
60+ - APPLICATION_ROLES_REVIEWER=${INTERNAL_USER_ROLE}
61+ - APPLICATION_ROLES_ADMIN=${ADMIN_ROLE}
62+ - APPLICATION_ROLES_WEBCLIENT=${WEBCLIENT_ROLE}
63+ - FEATURE_OIDC_ENABLED=true
64+ - FEATURE_OIDC_REALM=${AUTH_REALM}
65+ - FEATURE_OIDC_CLIENTID=${AUTH_CLIENT_ID}
66+ - FEATURE_OIDC_AUTHSERVERHOST=${AUTH_SERVER_URL}
67+ - FEATURE_OIDC_AUTHSERVERURL=${AUTH_SERVER_URL}
68+ - FEATURE_OIDC_ROLECLAIM=${JWT_ROLE_CLAIM}
69+ - FEATURE_OIDC_PRINCIPALATTRIBUTE=preferred_username
70+ - SPRINGDOC_SWAGGERUI_OAUTH_ADDITIONALQUERYSTRINGPARAMS_KC_IDP_HINT=${IDP_HINT}
71+ # issuer-uri is used to auto discover keycloak configuration endpoints and to validate the iss in the token (spring boot check that issuer-uri and iss are identical)
72+ # When using jwk-set-uri, issuer-uri is not used anymore to auto discover configuration.
73+ # That's what we want here. By authenticating with swagger, host machine is used and the iss generated in the token is equals to issuer-uri
74+ - spring.security.oauth2.resourceserver.jwt.issuer-uri=${AUTH_SERVER_URL}/realms/${AUTH_REALM}
75+ - spring.security.oauth2.resourceserver.jwt.jwk-set-uri=http://keycloak:8080/realms/${AUTH_REALM}/protocol/openid-connect/certs
76+ - FEATURE_PILOTAGE_ENABLED=true
77+ - FEATURE_PILOTAGE_URL=http://pearl-api:8080
78+ - FEATURE_SWAGGER_ENABLED=true
79+ - FEATURE_COMMENTS_ENABLED=true
80+ - FEATURE_CACHE_ENABLED=true
81+ - FEATURE_INTERVIEWERMODE_ENABLED=true
82+ - SPRING_LIQUIBASE_ENABLED=true
83+ - SPRING_LIQUIBASE_CONTEXTS=demo
84+ - SPRING_LIQUIBASE_CHANGELOG=classpath:db/integration-demo.xml
85+ ports :
86+ - ${QUESTIONNAIRE_API_PORT}:8080
87+
88+ keycloak :
89+ profiles :
90+ - keycloak
91+ - all
92+ image : quay.io/keycloak/keycloak:24.0
93+ environment :
94+ KEYCLOAK_ADMIN : administrator
95+ KEYCLOAK_ADMIN_PASSWORD : administrator
96+ KC_HEALTH_ENABLED : ' true'
97+ KC_LOG_LEVEL : info
98+ command : ['start-dev', '--import-realm']
99+ ports :
100+ - ' ${KEYCLOAK_PORT}:8080'
101+ volumes :
102+ - ./container/keycloak/realms:/opt/keycloak/data/import
103+
104+ pearl-api :
105+ profiles :
106+ - apis
107+ - all
108+ image : inseefr/pearl-jam-back-office:5.9.0-rc
109+ depends_on :
110+ pearl-db :
111+ condition : service_healthy
112+ environment :
113+ - SPRING_DATASOURCE_DRIVERCLASSNAME=org.postgresql.Driver
114+ - SPRING_DATASOURCE_URL=jdbc:postgresql://pearl-db:5432/${PEARL_DB}
115+ - SPRING_DATASOURCE_USERNAME=${PEARL_DB_USER}
116+ - SPRING_DATASOURCE_PASSWORD=${PEARL_DB_PASSWORD}
117+ - SPRINGDOC_SWAGGER_UI_OAUTH_ADDITIONALQUERYSTRINGPARAMS_KC_IDP_HINT=${IDP_HINT}
118+ # issuer-uri is used to auto discover keycloak configuration endpoints and to validate the iss in the token (spring boot check that issuer-uri and iss are identical)
119+ # When using jwk-set-uri, issuer-uri is not used anymore to auto discover configuration.
120+ # That's what we want here. By authenticating with swagger, host machine is used and the iss generated in the token is equals to issuer-uri
121+ - spring.security.oauth2.resourceserver.jwt.issuer-uri=${AUTH_SERVER_URL}/realms/${AUTH_REALM}
122+ - spring.security.oauth2.resourceserver.jwt.jwk-set-uri=http://keycloak:8080/realms/${AUTH_REALM}/protocol/openid-connect/certs
123+ - APPLICATION_HOST=http://localhost:${PEARL_API_PORT}
124+ - APPLICATION_ROLES_INTERVIEWER=${INTERVIEWER_ROLE}
125+ - APPLICATION_ROLES_LOCAL_USER=${INTERNAL_USER_ROLE}
126+ - APPLICATION_ROLES_NATIONAL_USER=${INTERNAL_USER_ROLE}
127+ - APPLICATION_ROLES_ADMIN=${ADMIN_ROLE}
128+ - APPLICATION_ROLES_WEBCLIENT=${WEBCLIENT_ROLE}
129+ - application.corsOrigins=http://localhost:3000
130+ - FEATURE_OIDC_ENABLED=true
131+ - FEATURE_OIDC_REALM=${AUTH_REALM}
132+ - FEATURE_OIDC_CLIENTID=${AUTH_CLIENT_ID}
133+ - FEATURE_OIDC_AUTHSERVERHOST=${AUTH_SERVER_URL}
134+ - FEATURE_OIDC_AUTHSERVERURL=${AUTH_SERVER_URL}
135+ - FEATURE_OIDC_PRINCIPALATTRIBUTE=preferred_username
136+ - FEATURE_MAILSERVICE_ENABLED=false
137+ - FEATURE_SWAGGER_ENABLED=true
138+ - LOGGING_FILE_ENABLED=false
139+ - SPRINGDOC_SWAGGER_UI_OAUTH_CLIENT_ID=${AUTH_CLIENT_ID}
140+ - SPRING_LIQUIBASE_ENABLED=true
141+ - SPRING_LIQUIBASE_CONTEXTS=demo
142+ - SPRING_LIQUIBASE_CHANGELOG=classpath:db/integration-demo.xml
143+ ports :
144+ - ${PEARL_API_PORT}:8080
0 commit comments