spiff-arena/spiffworkflow-backend/docker-compose.yml

102 lines
4.3 KiB
YAML

# Why we are running with network_mode: host
# Wow this has been awful. We run three things in docker: mysql, keycloak, and the backend server.
# The backend-server needs to talk to the other two.
#
# In order to talk to keycloak, it needs to go through localhost so that it can communicate with
# keycloak using the same url as the frontend so that tokens can be properly validated.
# If the domains are different, keycloak invalidates the token. There may be a way to change
# this but I didn't find it.
#
# In order for the backend server to talk to the mysql server, they need to be on the same network.
# I tried splitting it out where the mysql runs on a custom network and the backend runs on both
# the custom network AND with localhost. Nothing I tried worked and googling didn't help. They
# only ever mentioned one thing or using host.docker.internal which would cause the domains to
# be different.
#
# So instead we are running with both the mysql server and the backend server in host netowrk mode.
# There may be a better way to do this but if it works, then it works.
version: "3.8"
services:
db:
container_name: db
image: mysql:8.0.29
platform: linux/amd64
cap_add:
- SYS_NICE
restart: "${SPIFFWORKFLOW_BACKEND_DATABASE_DOCKER_RESTART_POLICY:-no}"
environment:
- MYSQL_DATABASE=${SPIFFWORKFLOW_BACKEND_DATABASE_NAME:-spiffworkflow_backend_development}
- MYSQL_ROOT_PASSWORD=${SPIFFWORKFLOW_BACKEND_MYSQL_ROOT_DATABASE:-my-secret-pw}
- MYSQL_TCP_PORT=7003
network_mode: host
ports:
- "7003"
volumes:
- spiffworkflow_backend:/var/lib/mysql
healthcheck:
test: mysql --user=root --password=${SPIFFWORKFLOW_BACKEND_MYSQL_ROOT_DATABASE:-my-secret-pw} -e 'select 1' ${SPIFFWORKFLOW_BACKEND_DATABASE_NAME:-spiffworkflow_backend_development}
interval: 10s
timeout: 5s
retries: 10
spiffworkflow-backend: &spiffworkflow-backend
container_name: spiffworkflow-backend
profiles:
- run
depends_on:
db:
condition: service_healthy
build:
context: .
environment:
- FLASK_DEBUG=0
- FLASK_SESSION_SECRET_KEY=${FLASK_SESSION_SECRET_KEY:-e7711a3ba96c46c68e084a86952de16f}
- SPIFFWORKFLOW_BACKEND_APPLICATION_ROOT=/
- SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR=/app/process_models
- SPIFFWORKFLOW_BACKEND_DATABASE_URI=mysql+mysqldb://root:${SPIFFWORKFLOW_BACKEND_MYSQL_ROOT_DATABASE:-my-secret-pw}@127.0.0.1:7003/${SPIFFWORKFLOW_BACKEND_DATABASE_NAME:-spiffworkflow_backend_development}
- SPIFFWORKFLOW_BACKEND_ENV=${SPIFFWORKFLOW_BACKEND_ENV:-local_development}
- SPIFFWORKFLOW_BACKEND_LOAD_FIXTURE_DATA=${SPIFFWORKFLOW_BACKEND_LOAD_FIXTURE_DATA:-false}
- SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL=${SPIFFWORKFLOW_BACKEND_OPEN_ID_SERVER_URL:-http://localhost:7002/realms/spiffworkflow}
- SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME=${SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME:-acceptance_tests.yml}
- SPIFFWORKFLOW_BACKEND_PORT=7000
- SPIFFWORKFLOW_BACKEND_RUN_BACKGROUND_SCHEDULER=true
- SPIFFWORKFLOW_BACKEND_URL_FOR_FRONTEND=${SPIFFWORKFLOW_BACKEND_URL_FOR_FRONTEND:-http://localhost:7001}
- SPIFFWORKFLOW_BACKEND_UPGRADE_DB=true
- SPIFFWORKFLOW_BACKEND_URL=${SPIFFWORKFLOW_BACKEND_URL:-http://localhost:7000}
ports:
- "7000:7000"
network_mode: host
volumes:
- ${SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR:-../../sample-process-models}:/app/process_models
- ./log:/app/log
healthcheck:
test: curl localhost:7000/v1.0/status --fail
interval: 10s
timeout: 5s
retries: 20
spiffworkflow-backend-local-debug:
<<: *spiffworkflow-backend
container_name: spiffworkflow-backend-local-debug
profiles:
- debug
volumes:
- ${SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR:-../../sample-process-models}:/app/process_models
- ./:/app
command: /app/bin/boot_in_docker_debug_mode
# the docs say we can disable healthchecks with disable: true
# but it returns a bad exit code so setup one that doesn't matter
# since there is nothing to healthcheck in this case
# https://docs.docker.com/compose/compose-file/compose-file-v3/#healthcheck
healthcheck:
test: cat /etc/hosts
interval: 10s
timeout: 5s
retries: 20
volumes:
spiffworkflow_backend:
driver: local