- Build
docker build . --target permify-runner -t permify-api -f permify/Dockerfile
... hidden bigger context .....
server: | |
rate_limit: 100 | |
http: | |
enabled: true | |
port: 3476 | |
tls: | |
enabled: false | |
grpc: | |
enabled: true | |
port: 3478 | |
tls: | |
enabled: false | |
logger: | |
level: debug | |
service: | |
circuit_breaker: false | |
watch: | |
enabled: false | |
schema: | |
cache: | |
number_of_counters: 1_000 | |
max_cost: 10MiB | |
permission: | |
bulk_limit: 100 | |
concurrency_limit: 100 | |
cache: | |
number_of_counters: 10_000 | |
max_cost: 10MiB | |
database: | |
engine: postgres | |
auto_migrate: true | |
max_open_connections: 20 | |
max_idle_connections: 1 | |
max_connection_lifetime: 300s | |
max_connection_idle_time: 60s | |
garbage_collection: | |
enabled: true | |
interval: 200h | |
window: 200h | |
timeout: 5m |
FROM cgr.dev/chainguard/bash:latest as permify-runner | |
WORKDIR /app | |
COPY --from=ghcr.io/grpc-ecosystem/grpc-health-probe:v0.4.25 /ko-app/grpc-health-probe /usr/local/bin/grpc_health_probe | |
COPY --from=ghcr.io/permify/permify:v0.9.0 /usr/local/bin/permify /usr/local/bin/permify | |
COPY --from=cgr.dev/chainguard/curl /usr/bin/curl /usr/bin/curl | |
COPY apps/permify/configs configs | |
COPY apps/permify/scripts scripts | |
RUN chmod +x scripts/startup.sh | |
ENTRYPOINT ["sh", "-c", "scripts/startup.sh"] |
#! /bin/bash | |
# Exit immediately if a command exits with a non-zero status | |
set -e | |
if [ -z "$PERMIFY_DATABASE_URI" ]; then | |
printf "\n[APP_NAME=$APP_NAME][APP_ENV=$APP_ENV] PERMIFY_DATABASE_URI - Creating the value: postgresql://xxxxxx:xxxxxxx@${DB_HOST}:${DB_PORT}/${DB_NAME}?schema=public" | |
PERMIFY_DATABASE_URI="postgresql://${DB_ADMIN_USERNAME}:${DB_ADMIN_PASSWORD}@${DB_HOST}:${DB_PORT}/${DB_NAME}?schema=public" | |
export PERMIFY_DATABASE_URI | |
else | |
printf "\n[APP_NAME=$APP_NAME][APP_ENV=$APP_ENV] PERMIFY_DATABASE_URI - Is ready" | |
fi | |
permify serve --config /app/configs/config.yaml |
services: | |
db: | |
container_name: db | |
image: postgres:15.4-bookworm | |
restart: "always" | |
healthcheck: | |
test: ["CMD-SHELL", "pg_isready -U postgres"] | |
interval: 30s | |
timeout: 60s | |
retries: 5 | |
start_period: 80s | |
ports: | |
- 5432:5432 | |
networks: | |
- quest_network | |
environment: | |
POSTGRES_PASSWORD: Password | |
POSTGRES_DB: permify_1 | |
adminer: | |
container_name: adminer | |
image: adminer:4.8.1 | |
restart: "always" | |
ports: | |
- 8080:8080 | |
networks: | |
- quest_network | |
permify-api: | |
container_name: permify-api | |
depends_on: | |
db: | |
condition: service_healthy | |
build: | |
target: permify-runner | |
context: . | |
dockerfile: ./apps/permify/Dockerfile | |
healthcheck: | |
test: ["CMD", "curl", "-f", "http://localhost:3478/healthz"] | |
interval: 1m | |
retries: 10 | |
start_period: 60s | |
restart: "always" | |
ports: | |
- 3476:3476 | |
- 3478:3478 | |
networks: | |
- quest_network | |
environment: | |
PERMIFY_DATABASE_URI: postgresql://postgres:Password@db:5432/permify_1 | |
volumes: | |
networks: | |
quest_network: | |
external: true |