diff --git a/busservice/busservice.go b/busservice/busservice.go index 6a99500..d676d7e 100644 --- a/busservice/busservice.go +++ b/busservice/busservice.go @@ -17,11 +17,12 @@ type busService struct { apiURL string apiKey string catalystBus *bus.Bus + network string } -func New(apiURL, apikey string, catalystBus *bus.Bus, db *database.Database) error { +func New(apiURL, apikey, network string, catalystBus *bus.Bus, db *database.Database) error { - h := &busService{db: db, apiURL: apiURL, apiKey: apikey, catalystBus: catalystBus} + h := &busService{db: db, apiURL: apiURL, apiKey: apikey, network: network, catalystBus: catalystBus} if err := catalystBus.SubscribeRequest(h.logRequest); err != nil { return err diff --git a/busservice/docker.go b/busservice/docker.go index e4ac35f..420b443 100644 --- a/busservice/docker.go +++ b/busservice/docker.go @@ -17,7 +17,7 @@ import ( "github.com/SecurityBrewery/catalyst/database" ) -func createContainer(ctx context.Context, image, script, data string) (string, string, error) { +func createContainer(ctx context.Context, image, script, data, network string) (string, string, error) { cli, err := client.NewClientWithOpts(client.FromEnv) if err != nil { return "", "", err @@ -29,10 +29,16 @@ func createContainer(ctx context.Context, image, script, data string) (string, s } config := &container.Config{ - Image: image, Cmd: []string{"/script", data}, WorkingDir: "/home", - AttachStderr: true, AttachStdout: true, + Image: image, + Cmd: []string{"/script", data}, + WorkingDir: "/home", + AttachStderr: true, + AttachStdout: true, } - resp, err := cli.ContainerCreate(ctx, config, nil, nil, "") + hostConfig := &container.HostConfig{ + NetworkMode: container.NetworkMode(network), + } + resp, err := cli.ContainerCreate(ctx, config, hostConfig, nil, "") if err != nil { return "", logs, err } diff --git a/busservice/job.go b/busservice/job.go index 0636de2..9b3d98d 100644 --- a/busservice/job.go +++ b/busservice/job.go @@ -41,7 +41,7 @@ func (h *busService) handleJob(automationMsg *bus.JobMsg) { scriptMessage, _ := json.Marshal(automationMsg.Message) - containerID, logs, err := createContainer(ctx, automation.Image, automation.Script, string(scriptMessage)) + containerID, logs, err := createContainer(ctx, automation.Image, automation.Script, string(scriptMessage), h.network) if err != nil { log.Println(err) return diff --git a/cmd/cmd.go b/cmd/cmd.go index 1b10ee4..d0f0db6 100644 --- a/cmd/cmd.go +++ b/cmd/cmd.go @@ -21,6 +21,7 @@ type CLI struct { Secret string `env:"SECRET" required:"" help:"A random secret value (can be created with 'openssl rand -hex 32')"` ExternalAddress string `env:"EXTERNAL_ADDRESS" required:""` CatalystAddress string `env:"CATALYST_ADDRESS" default:"http://catalyst:8000"` + Network string `env:"CATALYST_NETWORK" default:"catalyst"` OIDCIssuer string `env:"OIDC_ISSUER" required:""` OIDCClientID string `env:"OIDC_CLIENT_ID" default:"catalyst"` @@ -82,6 +83,7 @@ func MapConfig(cli CLI) (*catalyst.Config, error) { scopes := unique(append([]string{oidc.ScopeOpenID, "profile", "email"}, cli.OIDCScopes...)) config := &catalyst.Config{ IndexPath: cli.IndexPath, + Network: cli.Network, DB: &database.Config{Host: cli.ArangoDBHost, User: cli.ArangoDBUser, Password: cli.ArangoDBPassword}, Storage: &storage.Config{Host: cli.S3Host, User: cli.S3User, Password: cli.S3Password}, Secret: []byte(cli.Secret), diff --git a/dev/docker-compose.yml b/dev/docker-compose.yml index 48a5bd3..9dc46f7 100644 --- a/dev/docker-compose.yml +++ b/dev/docker-compose.yml @@ -5,17 +5,20 @@ services: volumes: - ./nginx.conf:/etc/nginx/nginx.conf:ro ports: [ "80:80", "8529:8529", "9000:9000", "9001:9001", "9002:9002", "9003:9003" ] + networks: [ catalyst ] arangodb: image: arangodb/arangodb:3.8.1 environment: ARANGO_ROOT_PASSWORD: foobar + networks: [ catalyst ] emitter: image: emitter/server environment: - EMITTER_LICENSE=PfA8ID8izeSlDUlNZgNXo77DQV9QzlNtxTk64WreCXKfDZsREAVXUXwh20UKOZdkALbLTmOytO_iC6mc_twKAQ:3 # A9RysEsPJni8RaHeg_K0FKXQNfBrUyw- + networks: [ catalyst ] minio: image: minio/minio:RELEASE.2021-12-10T23-03-39Z @@ -23,6 +26,7 @@ services: MINIO_ROOT_USER: minio MINIO_ROOT_PASSWORD: minio123 command: server /data -console-address ":9003" + networks: [ catalyst ] postgres: image: postgres:13 @@ -30,6 +34,7 @@ services: POSTGRES_DB: keycloak POSTGRES_USER: keycloak POSTGRES_PASSWORD: password + networks: [ catalyst ] keycloak: image: quay.io/keycloak/keycloak:14.0.0 @@ -47,3 +52,8 @@ services: volumes: - ./keycloak/realm.json:/tmp/realm.json depends_on: [ postgres ] + networks: [ catalyst ] + +networks: + catalyst: + name: catalyst diff --git a/server.go b/server.go index 559019b..0736b99 100644 --- a/server.go +++ b/server.go @@ -34,6 +34,7 @@ type Config struct { Auth *AuthConfig ExternalAddress string InitialAPIKey string + Network string } type Server struct { @@ -74,7 +75,7 @@ func New(hooks *hooks.Hooks, config *Config) (*Server, error) { return nil, err } - err = busservice.New(config.Bus.APIUrl, config.InitialAPIKey, catalystBus, catalystDatabase) + err = busservice.New(config.Bus.APIUrl, config.InitialAPIKey, config.Network, catalystBus, catalystDatabase) if err != nil { return nil, err } diff --git a/test/test.go b/test/test.go index 873695e..2d86a41 100644 --- a/test/test.go +++ b/test/test.go @@ -35,6 +35,7 @@ func Config(ctx context.Context) (*catalyst.Config, error) { config := &catalyst.Config{ InitialAPIKey: "test", IndexPath: "index.bleve", + Network: "catalyst", DB: &database.Config{ Host: "http://localhost:8529", User: "root",