Merge branch '9-vault-hashicorp' into 'main'

Add vault and infohub services to the local environment

Closes #9

See merge request !16

.gitignore

+.DS_Store
 .idea/
 volumes/
+vault/vault-cluster-vault+.json
\ No newline at end of file

docker-compose.yml

@@ -14,6 +14,7 @@ services:
       - "8081:8080"
     depends_on:
       - mongo
+      - cache
 
   task:
     container_name: task
@@ -28,6 +29,7 @@ services:
       - "8082:8080"
     depends_on:
       - mongo
+      - cache
 
   cache:
     container_name: cache
@@ -43,6 +45,21 @@ services:
     depends_on:
       - redis
 
+  infohub:
+    container_name: infohub
+    build:
+      context: $GOPATH/src/code.vereign.com/gaiax/tsa/infohub
+      dockerfile: deployment/compose/Dockerfile
+    volumes:
+      - "$GOPATH/src/code.vereign.com/gaiax/tsa/infohub:/go/src/code.vereign.com/gaiax/tsa/infohub"
+    env_file:
+      - ./env/infohub.env
+    ports:
+      - "8084:8080"
+    depends_on:
+      - mongo
+      - vault
+
   didresolver:
     image: universalresolver/uni-resolver-web:latest
     ports:
@@ -83,3 +100,20 @@ services:
       start_period: 30s
     restart: on-failure
     command: "--bind_ip_all --replSet rs0"
+
+  vault:
+    hostname: vault
+    container_name: vault
+    image: vault:1.10.3
+    environment:
+      VAULT_ADDR: ":8200"
+      VAULT_API_ADDR: "http://0.0.0.0:8200"
+      VAULT_DEV_ROOT_TOKEN_ID: root
+    ports:
+      - "8200:8200"
+    volumes:
+      - ./volumes/vault/file:/vault/file:rw
+      - ./vault:/vault/config:rw
+    cap_add:
+      - IPC_LOCK
+    entrypoint: vault server -config=/vault/config/config.json

env/infohub.env

+LOG_LEVEL="debug"
+HTTP_HOST=""
+HTTP_PORT="8080"
+HTTP_IDLE_TIMEOUT="120s"
+HTTP_READ_TIMEOUT="10s"
+HTTP_WRITE_TIMEOUT="10s"
+CACHE_ADDR="http://cache:8080"
+POLICY_ADDR="http://policy:8080"
+MONGO_ADDR="mongodb://mongo:27017/infohub?replicaSet=rs0&authSource=admin"
+MONGO_USER="root"
+MONGO_PASS="root"
+VAULT_ADDR="http://vault:8200"
+VAULT_TOKEN="hvs.SaCAgNfJk91T1Qikb3XxH3ve"
+VAULT_KEYNAME="signkey1"
+CRED_ISSUER_NAME="ocm-123"
+CRED_KEYNAME="signkey1"
\ No newline at end of file

env/policy.env

@@ -10,4 +10,5 @@ MONGO_PASS="root"
 MONGO_DBNAME="policy"
 MONGO_COLLECTION="policies"
 CACHE_ADDR="http://cache:8080"
+TASK_ADDR="http://task:8080"
 DID_RESOLVER_ADDR="http://didresolver:8080"

mongo/docker-entrypoint-initdb.d/mongo-init.js

@@ -17,6 +17,22 @@ db.policies.insertMany(
 
             taskID := "0123456789abcdef"
             `
+        },
+        {
+            filename: "example_2.0.rego",
+            name: "example",
+            group: "example",
+            version: "2.0",
+            locked: false,
+            lastUpdate: new Date(),
+            rego: `package example.example
+		
+            allow {
+                1 == 2
+            }
+            
+            result := input
+            `
         }
     ]
 );
@@ -47,3 +63,18 @@ db.taskTemplates.insertMany(
         }
     ]
 );
+
+db = db.getSiblingDB('infohub');
+db.createCollection('exports');
+db.exports.insertMany(
+    [
+        {
+            "exportName":"testexport",
+            "contexts":["https://www.w3.org/2018/credentials/examples/v1"],
+            "policies":{
+                "example/example/1.0":{},
+                "example/example/2.0":{"hello":"world"}
+            }
+        }
+    ]
+);

setup.sh

@@ -39,6 +39,7 @@ function getServices() {
 
   local services=(
     "cache"
+    "infohub"
     "policy"
     "task"
   )

vault/config.json

+{
+  "backend": {"file": {"path": "/vault/file"}},
+  "listener": {"tcp": {"address": "0.0.0.0:8200", "tls_disable": 1}},
+  "default_lease_ttl": "168h",
+  "max_lease_ttl": "0h",
+  "ui": true
+}