From 71f0cad1b7c1590ec8d6e67f01ab1dddd8617507 Mon Sep 17 00:00:00 2001
From: Marco Pas <marco.pas@philips.com>
Date: Tue, 29 Sep 2020 13:51:06 +0200
Subject: [PATCH] Add separate sandbox for testing delegation keys

---
 docker-compose.sandbox.yml | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/docker-compose.sandbox.yml b/docker-compose.sandbox.yml
index 7517aa4edc..bba50a85cf 100644
--- a/docker-compose.sandbox.yml
+++ b/docker-compose.sandbox.yml
@@ -81,6 +81,31 @@ services:
         update-ca-certificates &&
         dockerd-entrypoint.sh --insecure-registry registry:5000'
 
+  # This sandbox can be used for testing delegation keys;
+  # There is no mount to the shared docker trust folder!
+  # So if you want to pull push etc, you need to export delegation keys from the sandbox
+  # to this sandbox and load them with docker trust key load.
+  sandbox-2:
+    image: notary:sandbox-dev
+    build:
+      context: .
+      dockerfile: sandbox.Dockerfile
+    networks:
+      - sig
+    volumes:
+      - go_modules:/go/pkg/mod
+    depends_on:
+      - server
+    privileged: true
+    environment:
+      DOCKER_CONTENT_TRUST: "1"
+      DOCKER_CONTENT_TRUST_SERVER: https://notary-server:4443
+    entrypoint: /usr/bin/env sh
+    command: |-
+      -c 'cp ~/.notary/certs/root-ca.crt /usr/local/share/ca-certificates/root-ca.crt &&
+        update-ca-certificates &&
+        dockerd-entrypoint.sh --insecure-registry registry:5000'
+        
 volumes:
   go_modules:
   dct_data: