Add initial dev container code

Signed-off-by: Nicole Renée Hubbard <[email protected]>
infratographer · Jan 19, 2023 · 6473181 · 6473181
1 parent 959e939
commit 6473181
Show file tree

Hide file tree

Showing 3 changed files with 141 additions and 0 deletions.
diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile
@@ -0,0 +1,24 @@
+# [Choice] Go version (use -bullseye variants on local arm64/Apple Silicon): 1, 1.18, 1.17, 1-bullseye, 1.18-bullseye, 1.17-bullseye, 1-buster, 1.18-buster, 1.17-buster
+ARG VARIANT=1-bullseye
+FROM mcr.microsoft.com/vscode/devcontainers/go:0-${VARIANT}
+
+# [Choice] Node.js version: none, lts/*, 16, 14, 12, 10
+ARG NODE_VERSION="none"
+RUN if [ "${NODE_VERSION}" != "none" ]; then su vscode -c "umask 0002 && . /usr/local/share/nvm/nvm.sh && nvm install ${NODE_VERSION} 2>&1"; fi
+
+# [Optional] Uncomment this section to install additional OS packages.
+# RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
+#     && apt-get -y install --no-install-recommends <your-package-list-here>
+
+# Install cockroachdb so we have the client
+RUN curl https://binaries.cockroachdb.com/cockroach-v22.1.8.linux-amd64.tgz | tar -xz \
+    && sudo cp -i cockroach-v22.1.8.linux-amd64/cockroach /usr/local/bin/ \
+    && rm -rf cockroach-v*
+
+# [Optional] Uncomment the next lines to use go get to install anything else you need
+# USER vscode
+# RUN go get -x <your-dependency-or-tool>
+# USER root
+
+# [Optional] Uncomment this line to install global node packages.
+# RUN su vscode -c "source /usr/local/share/nvm/nvm.sh && npm install -g <your-package-here>" 2>&1
diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
@@ -0,0 +1,30 @@
+# spicedb container config
+SPICEDB_GRPC_PRESHARED_KEY=infradev
+SPICEDB_DATASTORE_CONN_URI=postgresql://root:@crdb:26257/spicedb?sslmode=disable
+SPICEDB_DATASTORE_ENGINE=cockroachdb
+SPICEDB_LOG_LEVEL=info
+SPICEDB_LOG_FORMAT=console
+SPICEDB_OTEL_PROVIDER=jaeger
+SPICEDB_OTEL_INSECURE=true
+SPICEDB_OTEL_ENDPOINT=http://app:14268/api/traces
+
+# zed CLI tool config
+ZED_ENDPOINT=spicedb:50051
+ZED_INSECURE=true
+ZED_TOKEN=infradev
+
+IDENTITYAPI_TRACING_ENABLED=true
+IDENTITYAPI_TRACING_PROVIDER=jaeger
+IDENTITYAPI_TRACING_JAEGER_ENDPOINT=http://localhost:14268/api/traces
+IDENTITYAPI_CRDB_URI="postgresql://root@crdb:26257/identityapi_dev?sslmode=disable"
+
+PERMISSIONAPI_TRACING_ENABLED=true
+PERMISSIONAPI_TRACING_PROVIDER=jaeger
+PERMISSIONAPI_TRACING_JAEGER_ENDPOINT=http://localhost:14268/api/traces
+PERMISSIONAPI_SPICEDB_ENDPOINT=spicedb:50051
+PERMISSIONAPI_SPICEDB_KEY=$SPICEDB_GRPC_PRESHARED_KEY
+PERMISSIONAPI_SPICEDB_INSECURE=true
+
+# cockroachdb container config
+COCKROACH_INSECURE=true
+COCKROACH_HOST=crdb:26257
diff --git a/.devcontainer/docker-compose.yml b/.devcontainer/docker-compose.yml
@@ -0,0 +1,87 @@
+version: '3.8'
+
+networks:
+  infradev:
+
+volumes:
+  crdb:
+    null
+
+services:
+  app:
+    build:
+      context: .
+      dockerfile: Dockerfile
+      args:
+        VARIANT: 1.19-bullseye
+        NODE_VERSION: "none"
+    command: sleep infinity
+    env_file:
+      - .env
+    volumes:
+      - ..:/workspace:cached
+    networks:
+      - infradev
+    # Use "forwardPorts" in **devcontainer.json** to forward a port locally.
+    # (Adding the "ports" property to this file will not forward from a Codespace.)
+
+
+  # Environment setup
+  create_databases:
+    image: cockroachdb/cockroach:latest-v22.1
+    restart: on-failure:5
+    command: "sql --insecure -e 'CREATE DATABASE IF NOT EXISTS spicedb;'"
+    env_file:
+      - .env
+    depends_on:
+      - crdb
+    networks:
+      - infradev
+
+  migrate_spicedb:
+    image: authzed/spicedb:v1.13.0
+    command: migrate head
+    restart: on-failure:5
+    env_file:
+      - .env
+    depends_on:
+      - "create_databases"
+    networks:
+      - infradev
+
+  # Required services (databases, etc)
+  crdb:
+    image: cockroachdb/cockroach:latest-v22.1
+    command: start-single-node --insecure
+    restart: unless-stopped
+    volumes:
+      - crdb:/cockroach/cockroach-data
+    env_file:
+      - .env
+    healthcheck:
+      test: "curl --fail http://localhost:8080/health?ready=1 || exit 1"
+      interval: "2s"
+      retries: 3
+      start_period: "15s"
+      timeout: "5s"
+    networks:
+      - infradev
+
+  spicedb:
+    image: authzed/spicedb:v1.13.0
+    command: serve
+    restart: unless-stopped
+    env_file:
+      - .env
+    depends_on:
+      - migrate_spicedb
+    networks:
+      - infradev
+
+  nats:
+    image: 'nats:2'
+    network_mode: service:app
+
+  jaeger:
+    image: jaegertracing/all-in-one:1.38.0
+    network_mode: service:app