Set network (#31)

* Set network for automation docker container
2025-12-06 23:32:47 +01:00 · 2022-02-13 20:44:16 +01:00
parent 2d817318f2
commit 599b9d3c6e
7 changed files with 29 additions and 8 deletions
--- a/busservice/busservice.go
+++ b/busservice/busservice.go
@@ -17,11 +17,12 @@ type busService struct {
 	apiURL      string
 	apiKey      string
 	catalystBus *bus.Bus
+	network     string
 }

-func New(apiURL, apikey string, catalystBus *bus.Bus, db *database.Database) error {
+func New(apiURL, apikey, network string, catalystBus *bus.Bus, db *database.Database) error {

-	h := &busService{db: db, apiURL: apiURL, apiKey: apikey, catalystBus: catalystBus}
+	h := &busService{db: db, apiURL: apiURL, apiKey: apikey, network: network, catalystBus: catalystBus}

 	if err := catalystBus.SubscribeRequest(h.logRequest); err != nil {
 		return err
--- a/busservice/docker.go
+++ b/busservice/docker.go
@@ -17,7 +17,7 @@ import (
 	"github.com/SecurityBrewery/catalyst/database"
 )

-func createContainer(ctx context.Context, image, script, data string) (string, string, error) {
+func createContainer(ctx context.Context, image, script, data, network string) (string, string, error) {
 	cli, err := client.NewClientWithOpts(client.FromEnv)
 	if err != nil {
 		return "", "", err
@@ -29,10 +29,16 @@ func createContainer(ctx context.Context, image, script, data string) (string, s
 	}

 	config := &container.Config{
-		Image: image, Cmd: []string{"/script", data}, WorkingDir: "/home",
-		AttachStderr: true, AttachStdout: true,
+		Image:        image,
+		Cmd:          []string{"/script", data},
+		WorkingDir:   "/home",
+		AttachStderr: true,
+		AttachStdout: true,
 	}
-	resp, err := cli.ContainerCreate(ctx, config, nil, nil, "")
+	hostConfig := &container.HostConfig{
+		NetworkMode: container.NetworkMode(network),
+	}
+	resp, err := cli.ContainerCreate(ctx, config, hostConfig, nil, "")
 	if err != nil {
 		return "", logs, err
 	}
--- a/busservice/job.go
+++ b/busservice/job.go
@@ -41,7 +41,7 @@ func (h *busService) handleJob(automationMsg *bus.JobMsg) {

 	scriptMessage, _ := json.Marshal(automationMsg.Message)

-	containerID, logs, err := createContainer(ctx, automation.Image, automation.Script, string(scriptMessage))
+	containerID, logs, err := createContainer(ctx, automation.Image, automation.Script, string(scriptMessage), h.network)
 	if err != nil {
 		log.Println(err)
 		return
--- a/cmd/cmd.go
+++ b/cmd/cmd.go
@@ -21,6 +21,7 @@ type CLI struct {
 	Secret          string `env:"SECRET"           required:""  help:"A random secret value (can be created with 'openssl rand -hex 32')"`
 	ExternalAddress string `env:"EXTERNAL_ADDRESS" required:""`
 	CatalystAddress string `env:"CATALYST_ADDRESS" default:"http://catalyst:8000"`
+	Network         string `env:"CATALYST_NETWORK" default:"catalyst"`

 	OIDCIssuer        string   `env:"OIDC_ISSUER"         required:""`
 	OIDCClientID      string   `env:"OIDC_CLIENT_ID"      default:"catalyst"`
@@ -82,6 +83,7 @@ func MapConfig(cli CLI) (*catalyst.Config, error) {
 	scopes := unique(append([]string{oidc.ScopeOpenID, "profile", "email"}, cli.OIDCScopes...))
 	config := &catalyst.Config{
 		IndexPath:       cli.IndexPath,
+		Network:         cli.Network,
 		DB:              &database.Config{Host: cli.ArangoDBHost, User: cli.ArangoDBUser, Password: cli.ArangoDBPassword},
 		Storage:         &storage.Config{Host: cli.S3Host, User: cli.S3User, Password: cli.S3Password},
 		Secret:          []byte(cli.Secret),
--- a/dev/docker-compose.yml
+++ b/dev/docker-compose.yml
@@ -5,17 +5,20 @@ services:
    volumes:
      - ./nginx.conf:/etc/nginx/nginx.conf:ro
    ports: [ "80:80", "8529:8529", "9000:9000", "9001:9001", "9002:9002", "9003:9003" ]
+    networks: [ catalyst ]

  arangodb:
    image: arangodb/arangodb:3.8.1
    environment:
      ARANGO_ROOT_PASSWORD: foobar
+    networks: [ catalyst ]

  emitter:
    image: emitter/server
    environment:
      - EMITTER_LICENSE=PfA8ID8izeSlDUlNZgNXo77DQV9QzlNtxTk64WreCXKfDZsREAVXUXwh20UKOZdkALbLTmOytO_iC6mc_twKAQ:3
      # A9RysEsPJni8RaHeg_K0FKXQNfBrUyw-
+    networks: [ catalyst ]

  minio:
    image: minio/minio:RELEASE.2021-12-10T23-03-39Z
@@ -23,6 +26,7 @@ services:
      MINIO_ROOT_USER: minio
      MINIO_ROOT_PASSWORD: minio123
    command: server /data -console-address ":9003"
+    networks: [ catalyst ]

  postgres:
    image: postgres:13
@@ -30,6 +34,7 @@ services:
      POSTGRES_DB: keycloak
      POSTGRES_USER: keycloak
      POSTGRES_PASSWORD: password
+    networks: [ catalyst ]

  keycloak:
    image: quay.io/keycloak/keycloak:14.0.0
@@ -47,3 +52,8 @@ services:
    volumes:
      - ./keycloak/realm.json:/tmp/realm.json
    depends_on: [ postgres ]
+    networks: [ catalyst ]
+
+networks:
+  catalyst:
+    name: catalyst
--- a/server.go
+++ b/server.go
@@ -34,6 +34,7 @@ type Config struct {
 	Auth            *AuthConfig
 	ExternalAddress string
 	InitialAPIKey   string
+	Network         string
 }

 type Server struct {
@@ -74,7 +75,7 @@ func New(hooks *hooks.Hooks, config *Config) (*Server, error) {
 		return nil, err
 	}

-	err = busservice.New(config.Bus.APIUrl, config.InitialAPIKey, catalystBus, catalystDatabase)
+	err = busservice.New(config.Bus.APIUrl, config.InitialAPIKey, config.Network, catalystBus, catalystDatabase)
 	if err != nil {
 		return nil, err
 	}
--- a/test/test.go
+++ b/test/test.go
@@ -35,6 +35,7 @@ func Config(ctx context.Context) (*catalyst.Config, error) {
 	config := &catalyst.Config{
 		InitialAPIKey: "test",
 		IndexPath:     "index.bleve",
+		Network:       "catalyst",
 		DB: &database.Config{
 			Host:     "http://localhost:8529",
 			User:     "root",