combine actions-services and docker-compose config

.github/workflows/test-and-publish.yml

@@ -10,14 +10,16 @@ jobs:
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
+      - name: Create env files
+        run: cp local.env.dist local.env && cp local.broker.env.dist local.broker.env
       - name: test
-        run: docker compose -f actions-services.yml run test ./run-tests.sh
+        run: docker compose run test ./run-tests.sh
       - name: check hub metadata for tests
-        run: docker compose -f actions-services.yml run ssp-hub.local ./run-metadata-tests.sh
+        run: docker compose run ssp-hub.local ./run-metadata-tests.sh
       - name: check idp metadata for tests
-        run: docker compose -f actions-services.yml run ssp-idp1.local ./run-metadata-tests.sh
+        run: docker compose run ssp-idp1.local ./run-metadata-tests.sh
       - name: check sp metadata for tests
-        run: docker compose -f actions-services.yml run ssp-sp1.local ./run-metadata-tests.sh
+        run: docker compose run ssp-sp1.local ./run-metadata-tests.sh
 
   build-and-publish:
     name: Build and Publish

development/sp-local/config/authsources-pwmanager.php

@@ -12,7 +12,7 @@
 
     'mfa-idp' => [
         'saml:SP',
-        'entityID' => 'http://pwmanager.local:8084',
+        'entityID' => 'http://pwmanager.local',
         'idp' => 'http://ssp-idp1.local:8085',
         'discoURL' => null,
         'NameIDPolicy' => [

docker-compose.yml

@@ -38,15 +38,11 @@ services:
       MYSQL_DATABASE: silauth
       MYSQL_USER: silauth
       MYSQL_PASSWORD: silauth
-      COMPOSER_CACHE_DIR: /composer
       PROFILE_URL_FOR_TESTS: http://pwmanager.local/module.php/core/authenticate.php?as=ssp-hub
       ADMIN_PASS: b
       SECRET_SALT: abc123
       IDP_NAME: x
     volumes:
-      - ./composer.json:/data/composer.json
-      - ./composer.lock:/data/composer.lock
-      - ${COMPOSER_CACHE_DIR}:/composer
       - ./dockerbuild/run-integration-tests.sh:/data/run-integration-tests.sh
       - ./dockerbuild/run-metadata-tests.sh:/data/run-metadata-tests.sh
       - ./dockerbuild/run-tests.sh:/data/run-tests.sh
@@ -77,21 +73,14 @@ services:
       - ./installed-packages.json:/data/installed-packages.json
       - ./development/update-composer-deps.sh:/data/update-composer-deps.sh
       - ./vendor:/data/vendor
-      - ${COMPOSER_CACHE_DIR}:/composer
+      - composer-cache:/composer
     env_file:
       - ./local.env
     environment:
       COMPOSER_CACHE_DIR: /composer
 
   ssp-hub.local:
     build: .
-    depends_on:
-      - ssp-idp1.local
-      - ssp-idp2.local
-      - ssp-idp3.local
-      - ssp-sp1.local
-      - ssp-sp2.local
-      - ssp-sp3.local
     volumes:
       # Utilize custom certs
       - ./development/hub/cert:/data/vendor/simplesamlphp/simplesamlphp/cert
@@ -118,7 +107,7 @@ services:
       - "80:80"
     environment:
       ADMIN_PASS: "abc123"
-      SECRET_SALT: "h57fjemb&dn^nsJFGNjweJ"
+      SECRET_SALT: "not-secret-h57fjemb&dn^nsJFGNjweJ"
       IDP_NAME: "Hub"
       SECURE_COOKIE: "false"
       SHOW_SAML_ERRORS: "true"
@@ -168,16 +157,16 @@ services:
       - "8085:80"
     environment:
       ADMIN_PASS: "a"
-      SECRET_SALT: "h57fjemb&dn^nsJFGNjweJ"
+      SECRET_SALT: "not-secret-h57fjemb&dn^nsJFGNjweJ"
       IDP_NAME: "IDP 1"
       IDP_DOMAIN_NAME: "mfaidp"
       ID_BROKER_ACCESS_TOKEN: "dummy"
       ID_BROKER_ASSERT_VALID_IP: "false"
       ID_BROKER_BASE_URI: "dummy"
       ID_BROKER_TRUSTED_IP_RANGES: "192.168.0.1/8"
-      MFA_SETUP_URL: "http://pwmanager.local:8084/module.php/core/authenticate.php?as=ssp-hub-custom-port"
+      MFA_SETUP_URL: "http://pwmanager.local/module.php/core/authenticate.php?as=ssp-hub-custom-port"
       REMEMBER_ME_SECRET: "12345"
-      PROFILE_URL: "http://pwmanager.local:8084/module.php/core/authenticate.php?as=ssp-hub-custom-port"
+      PROFILE_URL: "http://pwmanager.local/module.php/core/authenticate.php?as=ssp-hub-custom-port"
       PROFILE_URL_FOR_TESTS: "http://pwmanager.local/module.php/core/authenticate.php?as=ssp-hub"
       SECURE_COOKIE: "false"
       SHOW_SAML_ERRORS: "true"
@@ -287,7 +276,7 @@ services:
       ADMIN_EMAIL: "[email protected]"
       ADMIN_PASS: "sp1"
       IDP_NAME: "NA"
-      SECRET_SALT: "h57fjemb&dn^nsJFGNjweJz1"
+      SECRET_SALT: "not-secret-h57fjemb&dn^nsJFGNjweJz1"
       SECURE_COOKIE: "false"
       SHOW_SAML_ERRORS: "true"
       SAML20_IDP_ENABLE: "false"
@@ -352,8 +341,6 @@ services:
 
       # Utilize custom metadata
       - ./development/sp-local/metadata/saml20-idp-remote.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/saml20-idp-remote.php
-    ports:
-      - "8084:80"
     environment:
       ADMIN_EMAIL: "[email protected]"
       ADMIN_PASS: sp1
@@ -366,7 +353,7 @@ services:
 
   # the broker and brokerDb containers are used by the silauth module
   broker:
-    image: silintl/idp-id-broker:develop
+    image: silintl/idp-id-broker:latest
     ports:
       - "80"
     depends_on:
@@ -389,7 +376,7 @@ services:
       SUPPORT_EMAIL: "[email protected]"
       EMAIL_SIGNATURE: "one red pill, please"
       API_ACCESS_KEYS: "test-cli-abc123"
-      APP_ENV: "dev"
+      APP_ENV: "prod"
       RP_ORIGINS: "https://ssp-idp1.local,https://ssp-idp3.local,https://ssp-idp3.local"
       HIBP_CHECK_ON_LOGIN: "false"
       MFA_TOTP_apiBaseUrl: dummy
@@ -462,3 +449,6 @@ networks:
       config:
         - subnet: 10.20.38.0/24
           gateway: 10.20.38.1
+
+volumes:
+  composer-cache: { }

docs/development.md

@@ -2,7 +2,7 @@ Four SPs, a hub (a combined IdP and SP) and three IdPs get spun up by docker com
 * ssp-sp1.local   # to be used with port 8081
 * ssp-sp2.local   # to be used with port 8082
 * ssp-sp3.local   # to be used with port 8083
-* pwmanager.local # to be used with port 8084
+* pwmanager.local
 * ssp-hub.local
 * ssp-idp1.local  # to be used with port 8085
 * ssp-idp2.local  # to be used with port 8086