Initall build kratos images

29b070d1 · Mart van Santen · b8d6e31a · 29b070d1 · 29b070d1 · 29b070d1
Commit 29b070d1 authored 3 years ago by Mart van Santen
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -41,6 +41,19 @@ login_provider:
      - login_provider/**/*
      - .gitlab-ci.yml

+# Build kratos image
+  stage: build
+  needs: []
+  variables:
+    KANIKO_CONTEXT: "kratos"
+    KANIKO_BUILD_IMAGENAME: $CI_JOB_NAME
+  extends: .kaniko_build
+  only:
+    changes:
+      - kratos/**/*
+      - .gitlab-ci.yml
+
+
 integration_test_app:
  stage: build-test-images
  variables:

--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -88,3 +88,35 @@ services:
      - "13337:13337"
    command: flask run --port 13337
    restart: unless-stopped
+  kratos-migrate:                                                                
+    build: ./kratos                                                              
+    command: -c /etc/config/kratos/kratos.yml migrate sql -e --yes               
+    environment:                                                                 
+      - DSN=postgres://kratos:secret@kratos-db:5433/kratos?sslmode=disable       
+    restart: on-failure                                                          
+  kratos:                                                                        
+    build: ./kratos                                                              
+    depends_on:                                                                  
+      - kratos-db                                                                
+      - kratos-migrate                                                           
+      - mailslurper                                                              
+    ports:                                                                       
+      - "4433:4433" # public                                                     
+      - "4434:4434" # admin                                                      
+    restart: unless-stopped                                                      
+    environment:                                                                 
+      - LOG_LEVEL=trace                                                          
+      - DSN=postgres://kratos:secret@kratos-db:5433/kratos?sslmode=disable       
+    command: serve -c /etc/config/kratos/kratos.yml --dev --watch-courier        
+  kratos-db:                                                                     
+    image: postgres:13                                                           
+    environment:                                                                 
+      - POSTGRES_USER=kratos                                                     
+      - POSTGRES_DB=kratos                                                       
+      - POSTGRES_PASSWORD=secret                                                 
+    ports:                                                                       
+      - "5433:5433"                                                              
+    volumes:                                                                     
+      - .local/kratos/psql:/var/lib/postgresql/data                              
+    # change port via command https://github.com/docker-library/postgres/issues/196
+    command: -p 5433
--- a/kratos/Dockerfile
+++ b/kratos/Dockerfile
+FROM oryd/kratos:v0.7.6-alpha.1-sqlite
+
+ENV DSN=sqlite:///var/lib/sqlite/db.sqlite?_fk=true&mode=rwc
+
+COPY identity.schema.json /etc/config/kratos/identity.schema.json
+COPY kratos.yml /etc/config/kratos/kratos.yml
--- a/kratos/identity.schema.json
+++ b/kratos/identity.schema.json
+{
+  "$id": "https://schemas.ory.sh/presets/kratos/quickstart/email-password/identity.schema.json",
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "title": "Person",
+  "type": "object",
+  "properties": {
+    "traits": {
+      "type": "object",
+      "properties": {
+        "username": {
+          "type": "string",
+          "title": "Username",
+          "minLength": 1,
+          "ory.sh/kratos": {
+            "credentials": {
+              "password": {
+                "identifier": true
+              }
+            }
+          }
+        },
+        "email": {
+          "type": "string",
+          "format": "email",
+          "title": "E-Mail",
+          "minLength": 3,
+          "ory.sh/kratos": {
+            "verification": {
+              "via": "email"
+            },
+            "recovery": {
+              "via": "email"
+            }
+          }
+        },
+        "name": {
+          "type": "object",
+          "properties": {
+            "first": {
+              "type": "string",
+              "title": "First name"
+            },
+            "last": {
+              "type": "string",
+              "title": "Last name"
+            }
+          }
+        }
+      },
+      "required": ["email", "username"],
+      "additionalProperties": false
+    }
+  }
+}
--- a/kratos/kratos.yml
+++ b/kratos/kratos.yml
+version: v0.7.6-alpha.1
+
+dsn: memory
+
+serve:
+  public:
+    base_url: http://127.0.0.1:4433/
+    cors:
+      enabled: true
+  admin:
+    base_url: http://127.0.0.1:4434/
+
+selfservice:
+  default_browser_return_url: http://127.0.0.1:5000/settings
+  whitelisted_return_urls:
+    - http://127.0.0.1:4455
+    - http://127.0.0.1:5000
+    - http://127.0.0.1:5000/login
+    - http://127.0.0.1:5000/recover
+    - http://127.0.0.1:5000/settings
+
+  methods:
+    password:
+      enabled: true
+    link:
+      enabled: true
+
+  flows:
+    error:
+      ui_url: http://127.0.0.1:4455/error
+
+    settings:
+      ui_url: http://127.0.0.1:5000/settings
+      privileged_session_max_age: 15m
+
+    recovery:
+      enabled: true
+      ui_url: http://127.0.0.1:5000/recover
+
+    verification:
+      enabled: true
+      ui_url: http://127.0.0.1:4455/verify
+      after:
+        default_browser_return_url: http://127.0.0.1:4455/
+
+    logout:
+      after:
+        default_browser_return_url: http://127.0.0.1:4455/auth/login
+
+    login:
+      ui_url: http://127.0.0.1:5000/auth
+      lifespan: 10m
+
+    registration:
+      lifespan: 10m
+      ui_url: http://127.0.0.1:4455/auth/registration
+      # after:
+      #   password:
+      #     hooks:
+      #       -
+      #         hook: session
+
+log:
+  level: debug
+  format: text
+  leak_sensitive_values: true
+
+secrets:
+  cookie:
+    - PLEASE-CHANGE-ME-I-AM-VERY-INSECURE
+
+identity:
+  default_schema_url: file:///etc/config/kratos/identity.schema.json
+
+courier:
+  smtp:
+    connection_uri: smtps://test:test@mailslurper:1025/?skip_ssl_verify=true&legacy_ssl=true
+
+hashers:
+  argon2:
+    parallelism: 1
+    memory: 128MB
+    iterations: 2
+    salt_length: 16
+    key_length: 16