-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.yml
82 lines (76 loc) · 2.55 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
---
services:
s3-antivirus:
image: 311462405659.dkr.ecr.eu-west-1.amazonaws.com/s3-antivirus:latest
build:
dockerfile: docker/opg-s3-antivirus/Dockerfile
environment:
AWS_REGION: eu-west-1
AWS_S3_ENDPOINT: http://localstack:4566
AWS_ACCESS_KEY_ID: localstack
AWS_SECRET_ACCESS_KEY: localstack
ANTIVIRUS_TAG_KEY: virus-scan-status
ANTIVIRUS_TAG_VALUE_PASS: ok
ANTIVIRUS_TAG_VALUE_FAIL: infected
ANTIVIRUS_DEFINITIONS_BUCKET: virus-definitions
volumes:
- ".aws-lambda-rie:/aws-lambda"
entrypoint: /aws-lambda/aws-lambda-rie /var/task/main
s3-antivirus-update:
image: 311462405659.dkr.ecr.eu-west-1.amazonaws.com/s3-antivirus-update:latest
build:
dockerfile: docker/opg-s3-antivirus-update/Dockerfile
environment:
AWS_REGION: eu-west-1
AWS_S3_ENDPOINT: http://localstack:4566
AWS_ACCESS_KEY_ID: localstack
AWS_SECRET_ACCESS_KEY: localstack
ANTIVIRUS_DEFINITIONS_BUCKET: virus-definitions
volumes:
- ".aws-lambda-rie:/aws-lambda"
entrypoint: /aws-lambda/aws-lambda-rie /var/task/main
localstack:
image: localstack/localstack:3.4
depends_on: [ s3-antivirus, s3-antivirus-update ]
volumes:
- "./scripts/localstack/init:/etc/localstack/init/ready.d"
- "./scripts/localstack/wait:/scripts/wait"
- "/var/run/docker.sock:/var/run/docker.sock"
- "./scripts/localstack/lambda-src:/lambda"
environment:
AWS_DEFAULT_REGION: eu-west-1
healthcheck:
test: [ "CMD-SHELL", "curl http://localhost:4566 || exit 1" ]
interval: 15s
timeout: 10s
retries: 3
start_period: 30s
go-lint:
image: golangci/golangci-lint:v1.59.0
working_dir: /go/src/app
volumes:
- ./:/go/src/app
- ./.cache/golangci-lint/v1.53.3:/root/.cache
command: golangci-lint run -v --timeout 5m
go-sec:
image: securego/gosec
working_dir: /app
volumes:
- .:/app
command: -no-fail -fmt sarif -out test-results/go-sec.sarif -exclude-dir=.gocache /app/...
test-runner:
image: s3-antivirius-test-runner:latest
build:
context: docker/test-runner/
command: gotestsum --junitfile test-results/unit-tests.xml -- ./... -coverprofile=test-results/test-coverage.txt
working_dir: /go/src/app
volumes:
- ./:/go/src/app
- ./.gocache:/go/pkg/mod
trivy:
image: aquasec/trivy:latest
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./.trivy-cache:/root/.cache
- ./test-results:/test-results
- ./.trivyignore:/.trivyignore