Add docker start script

Author: b-long

.env-docker

@@ -2,5 +2,5 @@ OPENTDF_PLATFORM_HOST="localhost"
 OPENTDF_PLATFORM_PORT=8080
 OPENTDF_PLATFORM_URL="http://localhost:8080"
 
-KEYCLOAK_URL="https://localhost:8443/auth"
-OIDC_OP_TOKEN_ENDPOINT="https://localhost:8443/auth/realms/opentdf/protocol/openid-connect/token"
+KEYCLOAK_URL="http://localhost:8888/auth"
+OIDC_OP_TOKEN_ENDPOINT="http://localhost:8888/auth/realms/opentdf/protocol/openid-connect/token"

.github/start_opentdf_docker.sh

@@ -0,0 +1,59 @@
+#!/usr/bin/env bash
+
+set -euo pipefail
+
+if ! [ -d platform ]; then
+  # Sparse clone opentdf/platform
+  git clone https://github.com/opentdf/platform.git
+fi
+cd platform
+git checkout DSPX-1539-keytoolnomore
+
+yq -i '.realms[0].clients[0].client.directAccessGrantsEnabled = true | .realms[0].clients[0].client.serviceAccountsEnabled = true' service/cmd/keycloak_data.yaml
+
+yq -i '.realms[0].clients[1].client.directAccessGrantsEnabled = true | .realms[0].clients[0].client.serviceAccountsEnabled = true' service/cmd/keycloak_data.yaml
+
+yq -i '.realms[0].clients[4].client.directAccessGrantsEnabled = true | .realms[0].clients[0].client.serviceAccountsEnabled = true' service/cmd/keycloak_data.yaml
+
+
+if ! [ -d ./keys ]; then
+  go mod download
+
+  go mod verify
+
+  .github/scripts/init-temp-keys.sh
+  cp opentdf-example.yaml opentdf.yaml
+
+  # Edit 'opentdf.yaml' for our use case
+  yq -i 'del(.db)' opentdf.yaml
+  yq -i '.services.entityresolution.url = "http://localhost:8888/auth"' opentdf.yaml
+  yq -i '.server.auth.issuer = "http://localhost:8888/auth/realms/opentdf"' opentdf.yaml
+  yq -i '
+.server.cryptoProvider = {
+  "type": "standard",
+  "standard": {
+    "keys": [
+      {
+        "kid": "r1",
+        "alg": "rsa:2048",
+        "private": "kas-private.pem",
+        "cert": "kas-cert.pem"
+      },
+      {
+        "kid": "e1",
+        "alg": "ec:secp256r1",
+        "private": "kas-ec-private.pem",
+        "cert": "kas-ec-cert.pem"
+      }
+    ]
+  }
+}
+' opentdf.yaml
+  chmod -R 777 ./keys
+fi
+
+docker compose up -d --wait --wait-timeout 360
+
+go run ./service provision keycloak
+
+go run ./service provision fixtures

.gitignore

@@ -1,6 +1,8 @@
 # Created by https://www.toptal.com/developers/gitignore/api/python
 # Edit at https://www.toptal.com/developers/gitignore?templates=python
 
+platform/
+
 ### Python ###
 # Byte-compiled / optimized / DLL files
 __pycache__/