Skip to content
Permalink
main
Switch branches/tags
Go to file
 
 
Cannot retrieve contributors at this time
version: '3'
volumes:
packages:
sponsorlogos:
vault:
services:
vault:
# NOTE: intentionally an older version, for consistency with cabotage
image: vault:1.3.4
restart: on-failure
entrypoint: /bin/sh
command: ["/etc/vault/entry.sh"]
environment:
VAULT_DEV_LISTEN_ADDRESS: 0.0.0.0:8200
VAULT_DEV_ROOT_TOKEN_ID: "an insecure vault access token"
ports:
- "8200:8200"
cap_add:
- IPC_LOCK
volumes:
- vault:/vault/file
- ./dev/vault:/etc/vault
db:
image: postgres:10.1
ports:
# 5432 may already in use by another PostgreSQL on host
- "5433:5432"
redis:
image: redis:4.0
localstack:
image: localstack/localstack:0.8.7
environment:
SERVICES: "sqs"
HOSTNAME: "localstack"
HOSTNAME_EXTERNAL: "localstack"
DEFAULT_REGION: "us-east-2"
ports:
- "4576:4576"
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:6.8.7
environment:
- xpack.security.enabled=false
ulimits:
nofile:
soft: 65536
hard: 65536
camo:
image: pypa/warehouse-camo:latest
ports:
- "9000:9000"
environment:
CAMO_KEY: "insecurecamokey"
PORT: 9000
web:
build:
context: .
args:
DEVEL: "yes"
IPYTHON: "no"
command: gunicorn --reload -b 0.0.0.0:8000 warehouse.wsgi:application
env_file: dev/environment
volumes:
# We specify all of these directories instead of just . because we want to
# avoid having ./node_modules from the host OS being shared with the docker
# container, and since there's no way to exclude a directory, the only way
# to make this work is to share multiple, smaller directories. These cover
# the important things that we want to share, but changes to requirements
# or any file not in these directories will require a rebuild.
# The :z option fixes permission issues with SELinux by setting a
# permissive security context.
- ./dev:/opt/warehouse/src/dev:z
- ./docs:/opt/warehouse/src/docs:z
- ./warehouse:/opt/warehouse/src/warehouse:z
- ./tests:/opt/warehouse/src/tests:z
- ./htmlcov:/opt/warehouse/src/htmlcov:z
- .coveragerc:/opt/warehouse/src/.coveragerc:z
- packages:/var/opt/warehouse/packages
- sponsorlogos:/var/opt/warehouse/sponsorlogos
- ./bin:/opt/warehouse/src/bin:z
ports:
- "80:8000"
files:
build:
context: .
working_dir: /var/opt/warehouse
command: python -m http.server 9001
volumes:
- packages:/var/opt/warehouse/packages
- sponsorlogos:/var/opt/warehouse/sponsorlogos
ports:
- "9001:9001"
worker:
build:
context: .
args:
DEVEL: "yes"
command: hupper -m celery -A warehouse worker -B -S redbeat.RedBeatScheduler -l info
volumes:
- ./warehouse:/opt/warehouse/src/warehouse:z
env_file: dev/environment
environment:
C_FORCE_ROOT: "1"
FILES_BACKEND: "warehouse.packaging.services.LocalFileStorage path=/var/opt/warehouse/packages/ url=http://files:9001/packages/{path}"
static:
build:
context: .
dockerfile: Dockerfile.static
command: bash -c "node --trace-warnings `which gulp` watch"
volumes:
- ./warehouse:/opt/warehouse/src/warehouse:z
- ./Gulpfile.babel.js:/opt/warehouse/src/Gulpfile.babel.js:z
- ./.babelrc:/opt/warehouse/src/.babelrc:z
- ./.sass-lint.yml:/opt/warehouse/src/.sass-lint.yml:z
- ./tests/frontend:/opt/warehouse/src/tests/frontend:z
- ./bin:/opt/warehouse/src/bin:z
maildev:
image: maildev/maildev
ports:
- "1080:80"
notdatadog:
build:
context: .
command: python /opt/warehouse/dev/notdatadog.py 0.0.0.0:8125
ports:
- "8125:8125/udp"
volumes:
- ./dev/notdatadog.py:/opt/warehouse/dev/notdatadog.py
notgithub:
image: ewjoachim/notgithub-token-scanning
environment:
NOTGITHUB_DEFAULT_URL: "http://web:8000/_/github/disclose-token"
ports:
- "8964:8000"