diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index afe4b702609..f2b7e8d2af3 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -11,6 +11,7 @@ variables: IDP_CI_SHA: 'sha256:5c4953f8efba18b7a6d6a9a961cb77ba7143059cbb2176499432b4275fbe67db' PKI_IMAGE_TAG: 'main' DASHBOARD_IMAGE_TAG: 'main' + APPLICATION_MANIFEST: dockerfiles/application.yaml default: image: '${ECR_REGISTRY}/idp/ci@${IDP_CI_SHA}' @@ -433,129 +434,18 @@ trigger_devops: - export SANITIZED_BRANCH_NAME=$(echo "$CI_COMMIT_REF_NAME" | tr '/' '-' | tr -c '[:alnum:]-_' '-' | sed 's/-*$//') - echo "${CI_COMMIT_REF_NAME}" - echo "${SANITIZED_BRANCH_NAME}" - - |- - export IDP_CONFIG=$(cat <- - helm upgrade --install --namespace review-apps - --debug - --set global.labels.branch="${SANITIZED_BRANCH_NAME}" - --set env="reviewapps-$CI_ENVIRONMENT_SLUG" - --set idp.image.repository="${ECR_REGISTRY}/identity-idp/review" - --set idp.image.tag="${CI_COMMIT_SHA}" - --set worker.image.repository="${ECR_REGISTRY}/identity-idp/review" - --set worker.image.tag="${CI_COMMIT_SHA}" - --set pivcac.image.repository="${ECR_REGISTRY}/identity-pivcac/review" - --set pivcac.image.tag="${PKI_IMAGE_TAG}" - --set pivcac.image.pullPolicy="Always" - --set dashboard.image.repository="${ECR_REGISTRY}/identity-dashboard/review" - --set dashboard.image.tag="${DASHBOARD_IMAGE_TAG}" - --set dashboard.image.pullPolicy="Always" - --set-json dashboard.config="$DASHBOARD_CONFIG" - --set-json dashboard.enabled=true - --set-json idp.config="$IDP_CONFIG" - --set-json worker.config="$WORKER_CONFIG" - --set-json pivcac.config="$PIVCAC_CONFIG" - --set-json idp.ingress.hosts="[{\"host\": \"$CI_ENVIRONMENT_SLUG.reviewapps.identitysandbox.gov\", \"paths\": [{\"path\": \"/\", \"pathType\": \"Prefix\"}]}]" - --set-json pivcac.ingress.hosts="[{\"host\": \"$CI_ENVIRONMENT_SLUG.pivcac.reviewapps.identitysandbox.gov\", \"paths\": [{\"path\": \"/\", \"pathType\": \"Prefix\"}]}]" - --set-json dashboard.ingress.hosts="[{\"host\": \"$CI_ENVIRONMENT_SLUG-dashboard.reviewapps.identitysandbox.gov\", \"paths\": [{\"path\": \"/\", \"pathType\": \"Prefix\"}]}]" - $CI_ENVIRONMENT_SLUG ./identity-idp-helm-chart + #TODO put in kustomize based deploy + # Dynamically populate review environment settings + - sed -i "s|{{ENVIRONMENT}}|${CI_ENVIRONMENT_SLUG}|g" ${APPLICATION_MANIFEST} + - sed -i "s|{{SANITIZED_BRANCH_NAME}}|${SANITIZED_BRANCH_NAME}|g" ${APPLICATION_MANIFEST} + - sed -i "s|{{IDP_CONTAINER_TAG}}|${CI_COMMIT_SHA}|g" ${APPLICATION_MANIFEST} + - sed -i "s|{{DASHBOARD_CONTAINER_TAG}}|${DASHBOARD_IMAGE_TAG}|g" ${APPLICATION_MANIFEST} + - sed -i "s|{{PIVCAC_CONTAINER_TAG}}|${PKI_IMAGE_TAG}|g" ${APPLICATION_MANIFEST} + - sed -i "s|{{ECR_REGISTRY}}|${ECR_REGISTRY}|g" ${APPLICATION_MANIFEST} + - cat ${APPLICATION_MANIFEST} + # Apply our ArgoCD Application + - kubectl apply -f ${APPLICATION_MANIFEST} -n argocd + - echo "View your applications deployment progress at https://argocd.reviewapp.identitysandbox.gov/applications/argocd/${CI_ENVIRONMENT_SLUG}?view=tree&resource=" - echo "DNS may take a while to propagate, so be patient if it doesn't show up right away" - echo "To access the rails console, first run 'aws-vault exec sandbox-power -- aws eks update-kubeconfig --name reviewapp'" - echo "Then run aws-vault exec sandbox-power -- kubectl exec -it service/$CI_ENVIRONMENT_SLUG-login-chart-idp -n review-apps -- /app/bin/rails console" @@ -589,7 +479,7 @@ stop-review-app: script: - export CONTEXT=$(kubectl config get-contexts | grep reviewapp | awk '{print $1}' | head -1) - kubectl config use-context "$CONTEXT" - - helm uninstall --namespace review-apps $CI_ENVIRONMENT_SLUG + - kubectl delete application $CI_ENVIRONMENT_SLUG -n argocd stage: review image: name: dtzar/helm-kubectl:latest diff --git a/dockerfiles/application.yaml b/dockerfiles/application.yaml new file mode 100644 index 00000000000..96599270750 --- /dev/null +++ b/dockerfiles/application.yaml @@ -0,0 +1,565 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: {{ENVIRONMENT}} + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + source: + repoURL: 'git@gitlab.login.gov:lg-public/identity-eks-control.git' + targetRevision: main + path: cluster-reviewapp/envs/reviewapps + kustomize: + namePrefix: "{{ENVIRONMENT}}-" + commonLabels: + env: {{ENVIRONMENT}} + branch: {{SANITIZED_BRANCH_NAME}} + # ArgoCD does not support patchesStrategicMerge + patches: + # Patch ConfigMap for IDP + - target: + kind: ConfigMap + name: idp-config + patch: |- + - op: add + path: /data/ASSET_HOST + value: "https://{{ENVIRONMENT}}.reviewapps.identitysandbox.gov" + - op: add + path: /data/DASHBOARD_URL + value: "https://{{ENVIRONMENT}}-dashboard.reviewapps.identitysandbox.gov" + - op: add + path: /data/DOMAIN_NAME + value: "{{ENVIRONMENT}}.reviewapps.identitysandbox.gov" + - op: add + path: /data/KUBERNETES_REVIEW_APP + value: "true" + - op: add + path: /data/POSTGRES_HOST + value: "{{ENVIRONMENT}}-idp-pg.review-apps" + - op: add + path: /data/POSTGRES_NAME + value: "idp" + - op: add + path: /data/POSTGRES_SSLMODE + value: "prefer" + - op: add + path: /data/LOGIN_ENV + value: "{{ENVIRONMENT}}" + - op: add + path: /data/LOGIN_HOST_ROLE + value: "idp" + - op: add + path: /data/LOGIN_SKIP_REMOTE_CONFIG + value: "true" + - op: add + path: /data/PIV_CAC_SERVICE_URL + value: "https://{{ENVIRONMENT}}.pivcac.reviewapps.identitysandbox.gov/" + - op: add + path: /data/PIV_CAC_VERIFY_TOKEN_URL + value: "https://{{ENVIRONMENT}}.pivcac.reviewapps.identitysandbox.gov/" + - op: add + path: /data/NEW_RELIC_LOG + value: "stdout" + - op: add + path: /data/PIDFILE + value: "/dev/null" + - op: add + path: /data/ENABLE_BOOTSNAP + value: "false" + - op: add + path: /data/BOOTSNAP_READONLY + value: "true" + - op: add + path: /data/REDIS_URL + value: "redis://{{ENVIRONMENT}}-redis.review-apps:6379" + - op: add + path: /data/REDIS_THROTTLE_URL + value: "redis://{{ENVIRONMENT}}-redis.review-apps:6379/1" + - op: add + path: /data/REDIS_IRS_ATTEMPTS_API_URL + value: "redis://{{ENVIRONMENT}}-redis.review-apps:6379/2" + - target: + kind: ConfigMap + name: idp-config-dbsetup + patch: |- + - op: add + path: /data/ASSET_HOST + value: "https://{{ENVIRONMENT}}.reviewapps.identitysandbox.gov" + - op: add + path: /data/DASHBOARD_URL + value: "https://{{ENVIRONMENT}}-dashboard.reviewapps.identitysandbox.gov" + - op: add + path: /data/DOMAIN_NAME + value: "{{ENVIRONMENT}}.reviewapps.identitysandbox.gov" + - op: add + path: /data/KUBERNETES_REVIEW_APP + value: "true" + - op: add + path: /data/POSTGRES_HOST + value: "{{ENVIRONMENT}}-idp-pg.review-apps" + - op: add + path: /data/POSTGRES_NAME + value: "idp" + - op: add + path: /data/POSTGRES_SSLMODE + value: "prefer" + - op: add + path: /data/LOGIN_ENV + value: "{{ENVIRONMENT}}" + - op: add + path: /data/LOGIN_HOST_ROLE + value: "idp" + - op: add + path: /data/LOGIN_SKIP_REMOTE_CONFIG + value: "true" + - op: add + path: /data/PIV_CAC_SERVICE_URL + value: "https://{{ENVIRONMENT}}.pivcac.reviewapps.identitysandbox.gov/" + - op: add + path: /data/PIV_CAC_VERIFY_TOKEN_URL + value: "https://{{ENVIRONMENT}}.pivcac.reviewapps.identitysandbox.gov/" + - op: add + path: /data/NEW_RELIC_LOG + value: "stdout" + - op: add + path: /data/PIDFILE + value: "/dev/null" + - op: add + path: /data/ENABLE_BOOTSNAP + value: "false" + - op: add + path: /data/BOOTSNAP_READONLY + value: "true" + - op: add + path: /data/REDIS_URL + value: "redis://{{ENVIRONMENT}}-redis.review-apps:6379" + - op: add + path: /data/REDIS_THROTTLE_URL + value: "redis://{{ENVIRONMENT}}-redis.review-apps:6379/1" + - op: add + path: /data/REDIS_IRS_ATTEMPTS_API_URL + value: "redis://{{ENVIRONMENT}}-redis.review-apps:6379/2" + # Patch ConfigMap for Worker + - target: + kind: ConfigMap + name: worker-config + patch: |- + - op: add + path: /data/DASHBOARD_URL + value: "https://{{ENVIRONMENT}}-dashboard.reviewapps.identitysandbox.gov" + - op: add + path: /data/KUBERNETES_REVIEW_APP + value: "true" + - op: add + path: /data/POSTGRES_SSLMODE + value: "prefer" + - op: add + path: /data/POSTGRES_NAME + value: "idp" + - op: add + path: /data/POSTGRES_HOST + value: "{{ENVIRONMENT}}-idp-pg.review-apps" + - op: add + path: /data/LOGIN_ENV + value: "{{ENVIRONMENT}}" + - op: add + path: /data/LOGIN_HOST_ROLE + value: "worker" + - op: add + path: /data/LOGIN_SKIP_REMOTE_CONFIG + value: "true" + - op: add + path: /data/PIV_CAC_SERVICE_URL + value: "https://{{ENVIRONMENT}}.pivcac.reviewapps.identitysandbox.gov/" + - op: add + path: /data/PIV_CAC_VERIFY_TOKEN_URL + value: "https://{{ENVIRONMENT}}.pivcac.reviewapps.identitysandbox.gov/" + - op: add + path: /data/DOMAIN_NAME + value: "{{ENVIRONMENT}}.reviewapps.identitysandbox.gov" + - target: + kind: ConfigMap + name: worker-config-dbsetup + patch: |- + - op: add + path: /data/DASHBOARD_URL + value: "https://{{ENVIRONMENT}}-dashboard.reviewapps.identitysandbox.gov" + - op: add + path: /data/KUBERNETES_REVIEW_APP + value: "true" + - op: add + path: /data/POSTGRES_SSLMODE + value: "prefer" + - op: add + path: /data/POSTGRES_NAME + value: "idp" + - op: add + path: /data/POSTGRES_HOST + value: "{{ENVIRONMENT}}-idp-pg.review-apps" + - op: add + path: /data/LOGIN_ENV + value: "{{ENVIRONMENT}}" + - op: add + path: /data/LOGIN_HOST_ROLE + value: "worker" + - op: add + path: /data/LOGIN_SKIP_REMOTE_CONFIG + value: "true" + - op: add + path: /data/PIV_CAC_SERVICE_URL + value: "https://{{ENVIRONMENT}}.pivcac.reviewapps.identitysandbox.gov/" + - op: add + path: /data/PIV_CAC_VERIFY_TOKEN_URL + value: "https://{{ENVIRONMENT}}.pivcac.reviewapps.identitysandbox.gov/" + - op: add + path: /data/DOMAIN_NAME + value: "{{ENVIRONMENT}}.reviewapps.identitysandbox.gov" + # Patch ConfigMap for PIVCAC + - target: + kind: ConfigMap + name: pivcac-config + patch: |- + - op: add + path: /data/KUBERNETES_REVIEW_APP + value: "true" + - op: add + path: /data/CLIENT_CERT_S3_BUCKET + value: "login-gov-pivcac-public-cert-reviewapps.894947205914-us-west-2" + - op: add + path: /data/POSTGRES_NAME + value: "identity_pki_production" + - op: add + path: /data/POSTGRES_SSLMODE + value: "prefer" + - op: add + path: /data/POSTGRES_HOST + value: "{{ENVIRONMENT}}-pivcac-pg.review-apps" + - op: add + path: /data/PIDFILE + value: "/dev/null" + - op: add + path: /data/IDP_HOST + value: "{{ENVIRONMENT}}.reviewapps.identitysandbox.gov" + - op: add + path: /data/DOMAIN_NAME + value: "{{ENVIRONMENT}}.pivcac.reviewapps.identitysandbox.gov" + - target: + kind: ConfigMap + name: pivcac-config-dbsetup + patch: |- + - op: add + path: /data/KUBERNETES_REVIEW_APP + value: "true" + - op: add + path: /data/CLIENT_CERT_S3_BUCKET + value: "login-gov-pivcac-public-cert-reviewapps.894947205914-us-west-2" + - op: add + path: /data/POSTGRES_NAME + value: "identity_pki_production" + - op: add + path: /data/POSTGRES_SSLMODE + value: "prefer" + - op: add + path: /data/POSTGRES_HOST + value: "{{ENVIRONMENT}}-pivcac-pg.review-apps" + - op: add + path: /data/PIDFILE + value: "/dev/null" + - op: add + path: /data/IDP_HOST + value: "{{ENVIRONMENT}}.reviewapps.identitysandbox.gov" + - op: add + path: /data/DOMAIN_NAME + value: "{{ENVIRONMENT}}.pivcac.reviewapps.identitysandbox.gov" + # Patch ConfigMap for Dashboard + - target: + kind: ConfigMap + name: dashboard-config + patch: |- + - op: add + path: /data/KUBERNETES_REVIEW_APP + value: "true" + - op: add + path: /data/POSTGRES_NAME + value: "dashboard" + - op: add + path: /data/POSTGRES_HOST + value: "{{ENVIRONMENT}}-dashboard-pg.review-apps" + - op: add + path: /data/POSTGRES_SSLMODE + value: "prefer" + - op: add + path: /data/NEW_RELIC_ENABLED + value: "false" + - op: add + path: /data/SAML_SP_ISSUER + value: "https://{{ENVIRONMENT}}-dashboard.reviewapps.identitysandbox.gov" + - op: add + path: /data/IDP_URL + value: "https://{{ENVIRONMENT}}.reviewapps.identitysandbox.gov" + - op: add + path: /data/IDP_SP_URL + value: "https://{{ENVIRONMENT}}.reviewapps.identitysandbox.gov" + - op: add + path: /data/POST_LOGOUT_URL + value: "https://{{ENVIRONMENT}}-dashboard.reviewapps.identitysandbox.gov" + - op: add + path: /data/DOMAIN_NAME + value: "https://{{ENVIRONMENT}}-dashboard.reviewapps.identitysandbox.gov" + - target: + kind: ConfigMap + name: dashboard-config-dbsetup + patch: |- + - op: add + path: /data/KUBERNETES_REVIEW_APP + value: "true" + - op: add + path: /data/POSTGRES_NAME + value: "dashboard" + - op: add + path: /data/POSTGRES_HOST + value: "{{ENVIRONMENT}}-dashboard-pg.review-apps" + - op: add + path: /data/POSTGRES_SSLMODE + value: "prefer" + - op: add + path: /data/NEW_RELIC_ENABLED + value: "false" + - op: add + path: /data/SAML_SP_ISSUER + value: "https://{{ENVIRONMENT}}-dashboard.reviewapps.identitysandbox.gov" + - op: add + path: /data/IDP_URL + value: "https://{{ENVIRONMENT}}.reviewapps.identitysandbox.gov" + - op: add + path: /data/IDP_SP_URL + value: "https://{{ENVIRONMENT}}.reviewapps.identitysandbox.gov" + - op: add + path: /data/POST_LOGOUT_URL + value: "https://{{ENVIRONMENT}}-dashboard.reviewapps.identitysandbox.gov" + - op: add + path: /data/DOMAIN_NAME + value: "https://{{ENVIRONMENT}}-dashboard.reviewapps.identitysandbox.gov" + # Patch ConfigMap for Dashboard service_providers.yml + - target: + kind: ConfigMap + name: service-providers-yml + patch: |- + - op: replace + path: /data/service_providers.yml + value: | + production: + 'urn:gov:gsa:openidconnect.profiles:sp:sso:gsa:dashboard': + friendly_name: 'Dashboard' + agency: 'GSA' + agency_id: 2 + logo: '18f.svg' + certs: + - 'identity_dashboard_cert' + return_to_sp_url: 'https://dashboard.{{ENVIRONMENT}}.identitysandbox.gov/' + redirect_uris: + - 'https://dashboard.{{ENVIRONMENT}}.identitysandbox.gov/auth/logindotgov/callback' + - 'https://dashboard.{{ENVIRONMENT}}.identitysandbox.gov' + push_notification_url: 'https://dashboard.{{ENVIRONMENT}}.identitysandbox.gov/api/security_events' + # Patch idp database setup jobs + - target: + kind: Job + name: create-database + patch: |- + - op: replace + path: /spec/template/spec/containers/0/image + value: {{ECR_REGISTRY}}/identity-idp/review:{{IDP_CONTAINER_TAG}} + - op: replace + path: /spec/template/spec/containers/0/imagePullPolicy + value: Always + - target: + kind: Job + name: migrate-database + patch: |- + - op: replace + path: /spec/template/spec/containers/0/image + value: {{ECR_REGISTRY}}/identity-idp/review:{{IDP_CONTAINER_TAG}} + - op: replace + path: /spec/template/spec/containers/0/imagePullPolicy + value: Always + - target: + kind: Job + name: seed-database + patch: |- + - op: replace + path: /spec/template/spec/containers/0/image + value: {{ECR_REGISTRY}}/identity-idp/review:{{IDP_CONTAINER_TAG}} + - op: replace + path: /spec/template/spec/containers/0/imagePullPolicy + value: Always + # Patch dashboard database setup jobs + - target: + kind: Job + name: create-dashboard-database + patch: |- + - op: replace + path: /spec/template/spec/containers/0/image + value: {{ECR_REGISTRY}}/identity-dashboard/review:{{DASHBOARD_CONTAINER_TAG}} + - op: replace + path: /spec/template/spec/containers/0/imagePullPolicy + value: Always + - target: + kind: Job + name: migrate-dashboard-database + patch: |- + - op: replace + path: /spec/template/spec/containers/0/image + value: {{ECR_REGISTRY}}/identity-dashboard/review:{{DASHBOARD_CONTAINER_TAG}} + - op: replace + path: /spec/template/spec/containers/0/imagePullPolicy + value: Always + - target: + kind: Job + name: seed-dashboard-database + patch: |- + - op: replace + path: /spec/template/spec/containers/0/image + value: {{ECR_REGISTRY}}/identity-dashboard/review:{{DASHBOARD_CONTAINER_TAG}} + - op: replace + path: /spec/template/spec/containers/0/imagePullPolicy + value: Always + # Patch pivcac database jobs/update crl CronJob + - target: + kind: Job + name: create-pivcac-database + patch: |- + - op: replace + path: /spec/template/spec/containers/0/image + value: {{ECR_REGISTRY}}/identity-pivcac/pivcac:{{PIVCAC_CONTAINER_TAG}} + - op: replace + path: /spec/template/spec/containers/0/imagePullPolicy + value: Always + - target: + kind: Job + name: migrate-pivcac-database + patch: |- + - op: replace + path: /spec/template/spec/containers/0/image + value: {{ECR_REGISTRY}}/identity-pivcac/pivcac:{{PIVCAC_CONTAINER_TAG}} + - op: replace + path: /spec/template/spec/containers/0/imagePullPolicy + value: Always + - target: + kind: CronJob + name: update-pivcac-crls + patch: |- + - op: replace + path: /spec/jobTemplate/spec/template/spec/containers/0/image + value: {{ECR_REGISTRY}}/identity-pivcac/pivcac:{{PIVCAC_CONTAINER_TAG}} + - op: replace + path: /spec/jobTemplate/spec/template/spec/containers/0/imagePullPolicy + value: Always + # Patch IDP image + - target: + kind: Rollout + name: idp-rollout + patch: |- + - op: replace + path: /spec/template/spec/containers/0/image + value: {{ECR_REGISTRY}}/identity-idp/review:{{IDP_CONTAINER_TAG}} + - op: replace + path: /spec/template/spec/containers/0/imagePullPolicy + value: Always + # Patch Worker Image + - target: + kind: Deployment + name: worker + patch: |- + - op: replace + path: /spec/template/spec/containers/0/image + value: {{ECR_REGISTRY}}/identity-idp/review:{{IDP_CONTAINER_TAG}} + - op: replace + path: /spec/template/spec/containers/0/imagePullPolicy + value: Always + # Patch PIVCAC Image + - target: + kind: Deployment + name: pivcac + patch: |- + - op: replace + path: /spec/template/spec/containers/0/image + value: {{ECR_REGISTRY}}/identity-pivcac/pivcac:{{PIVCAC_CONTAINER_TAG}} + - op: replace + path: /spec/template/spec/containers/1/image + value: {{ECR_REGISTRY}}/identity-pivcac/nginx:{{PIVCAC_CONTAINER_TAG}} + - op: replace + path: /spec/template/spec/containers/0/imagePullPolicy + value: Always + - op: replace + path: /spec/template/spec/containers/1/imagePullPolicy + value: Always + # Patch Dashboard Image + - target: + kind: Deployment + name: dashboard + patch: |- + - op: replace + path: /spec/template/spec/containers/0/image + value: {{ECR_REGISTRY}}/identity-dashboard/review:{{DASHBOARD_CONTAINER_TAG}} + - op: replace + path: /spec/template/spec/initContainers/0/image + value: {{ECR_REGISTRY}}/identity-dashboard/review:{{DASHBOARD_CONTAINER_TAG}} + - op: replace + path: /spec/template/spec/containers/0/imagePullPolicy + value: Always + - op: replace + path: /spec/template/spec/initContainers/0/imagePullPolicy + value: Always + # Patch in lower pod number in IDP HPA + - target: + kind: HorizontalPodAutoscaler + name: idp + patch: |- + - op: replace + path: /spec/minReplicas + value: 1 + - op: replace + path: /spec/maxReplicas + value: 2 + # Patch ingress names + - target: + kind: Ingress + name: idp + patch: |- + - op: replace + path: /metadata/annotations/alb.ingress.kubernetes.io~1group.name + value: review-app + - op: replace + path: /spec/rules/0/host + value: {{ENVIRONMENT}}.reviewapps.identitysandbox.gov + - op: replace + path: /spec/rules/0/http/paths/0/backend/service/port/name + value: https + - target: + kind: Ingress + name: dashboard + patch: |- + - op: replace + path: /metadata/annotations/alb.ingress.kubernetes.io~1group.name + value: review-app-dashboard + - op: replace + path: /spec/rules/0/host + value: {{ENVIRONMENT}}-dashboard.reviewapps.identitysandbox.gov + - target: + kind: Ingress + name: pivcac + patch: |- + - op: replace + path: /spec/rules/0/host + value: {{ENVIRONMENT}}.pivcac.reviewapps.identitysandbox.gov + + destination: + server: 'https://kubernetes.default.svc' + namespace: review-apps + syncPolicy: + automated: + prune: true + selfHeal: true + syncOptions: + - CreateNamespace=true \ No newline at end of file diff --git a/dockerfiles/idp_review_app.Dockerfile b/dockerfiles/idp_review_app.Dockerfile index ba8b4cbbb3c..7c8947dc82d 100644 --- a/dockerfiles/idp_review_app.Dockerfile +++ b/dockerfiles/idp_review_app.Dockerfile @@ -22,6 +22,7 @@ ENV POSTGRES_WORKER_NAME idp-worker-jobs ENV POSTGRES_WORKER_HOST postgres-worker ENV POSTGRES_WORKER_USERNAME postgres ENV POSTGRES_WORKER_PASSWORD postgres +ENV REDIS_IRS_ATTEMPTS_API_URL redis://redis:6379/2 ENV REDIS_THROTTLE_URL redis://redis:6379/1 ENV REDIS_URL redis://redis:6379 ENV ASSET_HOST http://localhost:3000