TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-11 20:47:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix compose

Browse Source
This commit is contained in:
Elio Bischof
2025-07-20 23:37:05 +02:00
parent 1a4cae88b7
commit 2858c2b721
3 changed files with 100 additions and 92 deletions
Download Patch File Download Diff File Expand all files Collapse all files

145
.devcontainer/docker-compose.yml
View File

@@ -1,4 +1,3 @@
version: '3.8'
services: services:
devcontainer: devcontainer:
@@ -12,54 +11,85 @@ services:
ZITADEL_EXTERNALSECURE: false ZITADEL_EXTERNALSECURE: false
db: db:
image: postgres:latest image: postgres:17.0-alpine3.19
restart: unless-stopped restart: unless-stopped
volumes: volumes:
- postgres-data:/var/lib/postgresql/data - postgres-data:/var/lib/postgresql/data
environment: environment:
PGUSER: postgres PGUSER: postgres
POSTGRES_PASSWORD: postgres POSTGRES_PASSWORD: postgres
healthcheck:
test: ["CMD-SHELL", "pg_isready"]
interval: "10s"
timeout: "30s"
retries: 5
start_period: "20s"
ports:
- "5432:5432"
mock-zitadel: mock-zitadel:
build: build:
context: apps/login/packages/integration/core-mock context: ../apps/login/packages/integration/core-mock
container_name: mock-zitadel container_name: mock-zitadel
ports: ports:
- 22220:22220 - 22220:22220
- 22222:22222 - 22222:22222
zitadel:
image: "${ZITADEL_TAG:-ghcr.io/zitadel/zitadel:v4.0.0-rc.2}"
container_name: zitadel
command: 'start-from-init --masterkey "MasterkeyNeedsToHave32Characters" --config /zitadel.yaml --steps /zitadel.yaml'
ports:
- 8080:8080
- 3000:3000
- 8000:8000
- 8001:8001
- 8003:8003
- 8004:8004
volumes:
- ../apps/login/packages/acceptance/pat:/pat:delegated
- ../apps/login/packages/acceptance/zitadel.yaml:/zitadel.yaml:cached
healthcheck:
test:
- CMD
- /app/zitadel
- ready
- --config
- /zitadel.yaml
depends_on:
db:
condition: "service_healthy"
configure-login: configure-login:
container_name: configure-login container_name: configure-login
restart: no restart: no
build: build:
context: apps/login/packages/acceptance/setup" context: ../apps/login/packages/acceptance/setup
dockerfile: apps/login/packages/acceptance/go-command.Dockerfile dockerfile: ../go-command.Dockerfile
entrypoint: "./setup.sh" entrypoint: "./setup.sh"
network_mode: service:zitadel
environment: environment:
PAT_FILE: /pat/zitadel-admin-sa.pat PAT_FILE: /pat/zitadel-admin-sa.pat
ZITADEL_API_INTERNAL_URL: http://zitadel:8080 ZITADEL_API_URL: http://localhost:8080
WRITE_ENVIRONMENT_FILE: /login-env/.env.test.local WRITE_ENVIRONMENT_FILE: /login-env/.env.test.local
SINK_EMAIL_INTERNAL_URL: http://sink:3333/email SINK_EMAIL_INTERNAL_URL: http://sink:3333/email
SINK_SMS_INTERNAL_URL: http://sink:3333/sms SINK_SMS_INTERNAL_URL: http://sink:3333/sms
SINK_NOTIFICATION_URL: http://localhost:3333/notification SINK_NOTIFICATION_URL: http://localhost:3333/notification
LOGIN_BASE_URL: https://127.0.0.1.sslip.io/ui/v2/login/ LOGIN_BASE_URL: http://localhost:3000/ui/v2/login/
ZITADEL_API_URL: https://127.0.0.1.sslip.io ZITADEL_API_DOMAIN: localhost
ZITADEL_API_DOMAIN: 127.0.0.1.sslip.io ZITADEL_ADMIN_USER: zitadel-admin@zitadel.localhost
ZITADEL_ADMIN_USER: zitadel-admin@zitadel.127.0.0.1.sslip.io
volumes: volumes:
- ./pat:/pat # Read the PAT file from zitadels setup - ../apps/login/packages/acceptance/pat:/pat:cached # Read the PAT file from zitadels setup
- ../login:/login-env # Write the environment variables file for the login - ../apps/login/apps/login:/login-env:delegated # Write the environment variables file for the login
depends_on: depends_on:
traefik: zitadel:
condition: "service_healthy" condition: "service_healthy"
wait-for-zitadel:
condition: "service_completed_successfully"
mock-notifications: mock-notifications:
container_name: mock-notifications container_name: mock-notifications
build: build:
context: apps/login/packages/acceptance/sink" context: ../apps/login/packages/acceptance/sink
dockerfile: apps/login/packages/acceptance/go-command.Dockerfile dockerfile: ../go-command.Dockerfile
args: args:
- LOGIN_TEST_ACCEPTANCE_GOLANG_TAG=${LOGIN_TEST_ACCEPTANCE_GOLANG_TAG:-golang:1.24-alpine} - LOGIN_TEST_ACCEPTANCE_GOLANG_TAG=${LOGIN_TEST_ACCEPTANCE_GOLANG_TAG:-golang:1.24-alpine}
environment: environment:
@@ -82,95 +112,86 @@ services:
mock-oidcrp: mock-oidcrp:
container_name: mock-oidcrp container_name: mock-oidcrp
build: build:
context: apps/login/packages/acceptance/oidcrp" context: ../apps/login/packages/acceptance/oidcrp
dockerfile: apps/login/packages/acceptance/go-command.Dockerfile dockerfile: ../go-command.Dockerfile
args: args:
- LOGIN_TEST_ACCEPTANCE_GOLANG_TAG=${LOGIN_TEST_ACCEPTANCE_GOLANG_TAG:-golang:1.24-alpine} - LOGIN_TEST_ACCEPTANCE_GOLANG_TAG=${LOGIN_TEST_ACCEPTANCE_GOLANG_TAG:-golang:1.24-alpine}
network_mode: service:zitadel
environment: environment:
API_URL: 'http://traefik' API_URL: 'http://localhost:8080'
API_DOMAIN: 'traefik' API_DOMAIN: 'localhost'
PAT_FILE: '/pat/zitadel-admin-sa.pat' PAT_FILE: '/pat/zitadel-admin-sa.pat'
LOGIN_URL: 'https://traefik/ui/v2/login' LOGIN_URL: 'http://localhost:3000/ui/v2/login'
ISSUER: 'https://traefik' ISSUER: 'http://localhost:8000'
HOST: 'traefik' HOST: 'localhost'
PORT: '8000' PORT: '8000'
SCOPES: 'openid profile email' SCOPES: 'openid profile email'
ports:
- "8000:8000"
volumes: volumes:
- "./pat:/pat" - ../apps/login/packages/acceptance/pat:/pat:cached
depends_on: depends_on:
configure-login: configure-login:
condition: "service_completed_successfully" condition: "service_completed_successfully"
mock-oidcop: mock-oidcop:
image: ${LOGIN_TEST_ACCEPTANCE_OIDCOP_TAG:-login-test-acceptance-oidcop:local}
container_name: mock-oidcop container_name: mock-oidcop
build: build:
context: apps/login/packages/acceptance/idp/oidc" context: ../apps/login/packages/acceptance/idp/oidc
dockerfile: apps/login/packages/acceptance/go-command.Dockerfile dockerfile: ../../go-command.Dockerfile
args: args:
- LOGIN_TEST_ACCEPTANCE_GOLANG_TAG=${LOGIN_TEST_ACCEPTANCE_GOLANG_TAG:-golang:1.24-alpine} - LOGIN_TEST_ACCEPTANCE_GOLANG_TAG=${LOGIN_TEST_ACCEPTANCE_GOLANG_TAG:-golang:1.24-alpine}
network_mode: service:zitadel
environment: environment:
API_URL: 'http://traefik' API_URL: 'http://localhost:8080'
API_DOMAIN: 'traefik' API_DOMAIN: 'localhost'
PAT_FILE: '/pat/zitadel-admin-sa.pat' PAT_FILE: '/pat/zitadel-admin-sa.pat'
SCHEMA: 'https' SCHEMA: 'http'
HOST: 'traefik' HOST: 'localhost'
PORT: "8004" PORT: "8004"
ports:
- 8004:8004
volumes: volumes:
- "./pat:/pat" - "../apps/login/packages/acceptance/pat:/pat:cached"
depends_on: depends_on:
configure-login: configure-login:
condition: "service_completed_successfully" condition: "service_completed_successfully"
mock-samlsp: mock-samlsp:
user: "${UID:-1000}:${GID:-1000}" container_name: mock-samlsp
image: "${LOGIN_TEST_ACCEPTANCE_SAMLSP_TAG:-login-test-acceptance-samlsp:local}"
container_name: acceptance-samlsp
build: build:
context: apps/login/packages/acceptance/samlsp" context: ../apps/login/packages/acceptance/samlsp
dockerfile: apps/login/packages/acceptance/go-command.Dockerfile dockerfile: ../go-command.Dockerfile
args: args:
- LOGIN_TEST_ACCEPTANCE_GOLANG_TAG=${LOGIN_TEST_ACCEPTANCE_GOLANG_TAG:-golang:1.24-alpine} - LOGIN_TEST_ACCEPTANCE_GOLANG_TAG=${LOGIN_TEST_ACCEPTANCE_GOLANG_TAG:-golang:1.24-alpine}
network_mode: service:zitadel
environment: environment:
API_URL: 'http://traefik' API_URL: 'http://localhost:8080'
API_DOMAIN: 'traefik' API_DOMAIN: 'localhost'
PAT_FILE: '/pat/zitadel-admin-sa.pat' PAT_FILE: '/pat/zitadel-admin-sa.pat'
LOGIN_URL: 'https://traefik/ui/v2/login' LOGIN_URL: 'http://localhost:3000/ui/v2/login'
IDP_URL: 'http://zitadel:8080/saml/v2/metadata' IDP_URL: 'http://localhost:8080/saml/v2/metadata'
HOST: 'https://traefik' HOST: 'http://localhost:8001'
PORT: '8001' PORT: '8001'
ports:
- 8001:8001
volumes: volumes:
- "./pat:/pat" - "../apps/login/packages/acceptance/pat:/pat:cached"
depends_on: depends_on:
configure-login: configure-login:
condition: "service_completed_successfully" condition: "service_completed_successfully"
mock-samlidp: mock-samlidp:
user: "${UID:-1000}:${GID:-1000}" container_name: mock-samlidp
image: "${LOGIN_TEST_ACCEPTANCE_SAMLIDP_TAG:-login-test-acceptance-samlidp:local}"
container_name: acceptance-samlidp
build: build:
context: apps/login/packages/acceptance/idp/saml" context: ../apps/login/packages/acceptance/idp/saml
dockerfile: apps/login/packages/acceptance/go-command.Dockerfile dockerfile: ../../go-command.Dockerfile
args: args:
- LOGIN_TEST_ACCEPTANCE_GOLANG_TAG=${LOGIN_TEST_ACCEPTANCE_GOLANG_TAG:-golang:1.24-alpine} - LOGIN_TEST_ACCEPTANCE_GOLANG_TAG=${LOGIN_TEST_ACCEPTANCE_GOLANG_TAG:-golang:1.24-alpine}
network_mode: service:zitadel
environment: environment:
API_URL: 'http://traefik:8080' API_URL: 'http://localhost:8080'
API_DOMAIN: 'traefik' API_DOMAIN: 'localhost'
PAT_FILE: '/pat/zitadel-admin-sa.pat' PAT_FILE: '/pat/zitadel-admin-sa.pat'
SCHEMA: 'https' SCHEMA: 'http'
HOST: 'traefik' HOST: 'localhost'
PORT: "8003" PORT: "8003"
ports:
- 8003:8003
volumes: volumes:
- "./pat:/pat" - "../apps/login/packages/acceptance/pat:/pat"
depends_on: depends_on:
configure-login: configure-login:
condition: "service_completed_successfully" condition: "service_completed_successfully"

37
apps/login/packages/acceptance/zitadel.yaml
View File

@@ -1,6 +1,4 @@
ExternalDomain: 127.0.0.1.sslip.io ExternalSecure: false
ExternalSecure: true
ExternalPort: 443
TLS.Enabled: false TLS.Enabled: false
FirstInstance: FirstInstance:
@@ -17,8 +15,12 @@ FirstInstance:
Machine: Machine:
Username: zitadel-admin-sa Username: zitadel-admin-sa
Name: Admin Name: Admin
Pat: Pat.ExpirationDate: 2099-01-01T00:00:00Z
ExpirationDate: 2099-01-01T00:00:00Z LoginClient:
Machine:
Username: login-client-sa
Name: Login Client
Pat.ExpirationDate: 2099-01-01T00:00:00Z
DefaultInstance: DefaultInstance:
LoginPolicy: LoginPolicy:
@@ -47,37 +49,16 @@ DefaultInstance:
HelpLink: "https://zitadel.com/docs" HelpLink: "https://zitadel.com/docs"
SupportEmail: "support@zitadel.com" SupportEmail: "support@zitadel.com"
DocsLink: "https://zitadel.com/docs" DocsLink: "https://zitadel.com/docs"
Features:
LoginV2:
Required: true
OIDC:
DefaultLoginURLV2: "/ui/v2/login/login?authRequest="
SAML:
DefaultLoginURLV2: "/ui/v2/login/login?authRequest="
Database: Database:
EventPushConnRatio: 0.2 # 4 EventPushConnRatio: 0.2 # 4
ProjectionSpoolerConnRatio: 0.3 # 6 ProjectionSpoolerConnRatio: 0.3 # 6
postgres: postgres:
Host: db Host: db
Port: 5432
Database: zitadel
MaxOpenConns: 20 MaxOpenConns: 20
MaxIdleConns: 20 MaxIdleConns: 20
MaxConnLifetime: 1h MaxConnLifetime: 1h
MaxConnIdleTime: 5m MaxConnIdleTime: 5m
User: User.Password: zitadel
Username: zitadel
SSL:
Mode: disable
Admin:
Username: zitadel
SSL:
Mode: disable
Logstore: Logstore.Access.Stdout.Enabled: true
Access:
Stdout:
Enabled: true

10
apps/login/packages/integration/core-mock/Dockerfile
View File

@@ -1,9 +1,15 @@
FROM golang:1.20.5-alpine3.18 FROM bufbuild/buf:1.54.0 AS proto-files
RUN buf export https://github.com/envoyproxy/protoc-gen-validate.git --path validate --output /proto-files && \
buf export https://github.com/grpc-ecosystem/grpc-gateway.git --path protoc-gen-openapiv2 --output /proto-files && \
buf export https://github.com/googleapis/googleapis.git --path protos/zitadelgoogle/api/annotations.proto --path google/api/http.proto --path google/api/field_behavior.proto --output /proto-files && \
buf export https://github.com/zitadel/zitadel.git --path ./proto/zitadel --output /proto-files
FROM golang:1.20.5-alpine3.18 AS mock-zitadel
RUN go install github.com/eliobischof/grpc-mock/cmd/grpc-mock@01b09f60db1b501178af59bed03b2c22661df48c RUN go install github.com/eliobischof/grpc-mock/cmd/grpc-mock@01b09f60db1b501178af59bed03b2c22661df48c
COPY mocked-services.cfg . COPY mocked-services.cfg .
COPY initial-stubs initial-stubs COPY initial-stubs initial-stubs
COPY --from=protos . . COPY --from=proto-files /proto-files/ ./
ENTRYPOINT [ "sh", "-c", "grpc-mock -v 1 -proto $(tr '\n' ',' < ./mocked-services.cfg) -stub-dir ./initial-stubs -mock-addr :22222" ] ENTRYPOINT [ "sh", "-c", "grpc-mock -v 1 -proto $(tr '\n' ',' < ./mocked-services.cfg) -stub-dir ./initial-stubs -mock-addr :22222" ]