-
Notifications
You must be signed in to change notification settings - Fork 5
/
docker-compose.yml
78 lines (76 loc) · 1.84 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
---
version: '3.2'
secrets:
cyhy_read_creds:
file: ./secrets/cyhy_read_creds.yml
scan_read_creds:
file: ./secrets/scan_read_creds.yml
scan_write_creds:
file: ./secrets/scan_write_creds.yml
aws_config:
file: ./secrets/aws_config
services:
gather:
depends_on:
- redis
image: 'cisagov/gatherer:1.5.18'
secrets:
- source: cyhy_read_creds
target: database_creds.yml
volumes:
- ./output:/home/cisa/shared
pshtt_report:
depends_on:
- redis
image: 'cisagov/pshtt_reporter:1.2.17'
secrets:
- source: scan_read_creds
target: scan_read_creds.yml
volumes:
- ./output:/home/cisa/shared
redis:
image: 'redis:alpine'
# ports:
# - host_ip: 127.0.0.1
# mode: host
# protocol: tcp
# # Note that we expose redis on a non-standard port to avoid
# # conflict with the Admiral:
# # https://github.com/cisagov/ansible-role-admiral
# published: 6378
# target: 6379
save:
depends_on:
- redis
image: 'cisagov/saver:1.3.7'
secrets:
- source: scan_write_creds
target: scan_write_creds.yml
volumes:
- ./output:/home/cisa/shared
scan:
depends_on:
- redis
environment:
- AWS_CONFIG_FILE=/run/secrets/aws_config
- AWS_PROFILE=lambda
image: 'cisagov/scanner:1.3.7'
secrets:
- source: aws_config
target: aws_config
volumes:
- ./output:/home/cisa/shared
trustymail_report:
depends_on:
- redis
environment:
- AWS_CONFIG_FILE=/run/secrets/aws_config
- AWS_PROFILE=elasticsearch
image: 'cisagov/trustymail_reporter:1.5.6'
secrets:
- source: scan_read_creds
target: scan_read_creds.yml
- source: aws_config
target: aws_config
volumes:
- ./output:/home/cisa/shared