✨ Change sample in dind (#229)

.gitignore

@@ -193,3 +193,6 @@ conf/sigma-dev.yaml
 pkg/**/*.html
 
 .vscode/
+
+package/
+*.tar.gz

conf/config-compose.yaml

@@ -23,25 +23,22 @@ database:
     dbname: sigma
     sslmode: disable
 
-# deploy available: single, replica
-# replica should use external redis
-deploy: single
-
 redis:
   # redis type available: none, external
   # none: means never use redis
   # external: means use the specific redis instance
-  type: none
-  url: redis://:sigma@localhost:6379/0
+  type: external
+  url: redis://:sigma@redis:6379/0
 
 cache:
   # the cache type available is: redis, inmemory, database
-  type: database
-  ttl: 72h
+  type: redis
   # please attention in multi
+  ttl: 72h
   inmemory:
     size: 10240
   redis:
+    ttl: 72h
   database:
     size: 10240
     threshold: 0.2
@@ -71,31 +68,31 @@ http:
   # this endpoint will be used to generate the token service url in auth middleware,
   # you can leave it blank and it will use http://127.0.0.1:3000 as internal domain by default,
   # because the front page need show this endpoint.
-  endpoint:
+  endpoint: https://sigma.test.io
   # in some cases, daemon may pull image and scan it, but we don't want to pull image from public registry domain,
   # so use this internal domain to pull image from registry.
   # you can leave it blank and it will use http://127.0.0.1:3000 as internal domain by default.
   # in k8s cluster, it will be set to the distribution service which is used to pull image from registry, eg: http://registry.default.svc.cluster.local:3000
   # in docker-compose, it will be set to the registry service which is used to pull image from registry, eg: http://registry:3000
   # if http.tls.enabled is true, internalEndpoint should start with https://
   # eg: http://sigma.test.io, http://sigma.test.io:3000, https://sigma.test.io:30080
-  internalEndpoint:
+  internalEndpoint: https://sigma.test.io
   # eg: http://sigma-distribution:3000
   internalDistributionEndpoint:
   tls:
     enabled: false
-    certificate: ./conf/sigma.test.io.crt
-    key: ./conf/sigma.test.io.key
+    certificate: /etc/sigma/sigma.test.io.crt
+    key: /etc/sigma/sigma.test.io.key
 
 storage:
   rootdirectory: ./storage
-  type: filesystem
+  type: s3
   filesystem:
-    path: /var/lib/sigma/
+    path: /var/lib/sigma/oci/
   s3:
     ak: sigma
     sk: sigma-sigma
-    endpoint: http://127.0.0.1:9000
+    endpoint: http://minio:9000
     region: cn-north-1
     bucket: sigma
     forcePathStyle: true

conf/config-dev.yaml

@@ -23,18 +23,16 @@ database:
     dbname: sigma
     sslmode: disable
 
-# deploy available: single, replica
-# replica should use external redis
-deploy: single
-
 redis:
   # redis type available: none, external
-  type: none
+  # none: means never use redis
+  # external: means use the specific redis instance
+  type: external
   url: redis://:sigma@localhost:6379/0
 
 cache:
   # the cache type available is: redis, inmemory, database
-  type: database
+  type: redis
   ttl: 72h
   # please attention in multi
   inmemory:

conf/config-full.yaml

@@ -29,6 +29,8 @@ deploy: single
 
 redis:
   # redis type available: none, external
+  # none: means never use redis
+  # external: means use the specific redis instance
   type: none
   url: redis://:sigma@localhost:6379/0
 
@@ -111,7 +113,7 @@ daemon:
     # At 02:00 on Saturday
     cron: 0 2 * * 6
   builder:
-    image: sigma-builder:latest
+    image: ghcr.io/go-sigma/sigma-builder:nightly
     type: docker
     docker:
       sock:

docker-compose-dev.yml

@@ -0,0 +1,137 @@
+version: "2"
+services:
+  sigma:
+    container_name: sigma
+    image: ghcr.io/go-sigma/sigma:latest
+    ports:
+      - "3000:3000"
+    command: ["sigma", "server"]
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - ${PWD:-/app}/conf/config-compose.yaml:/etc/sigma/config.yaml
+    restart: always
+    depends_on:
+      mysql:
+        condition: service_healthy
+      redis:
+        condition: service_healthy
+      postgres:
+        condition: service_healthy
+      minio:
+        condition: service_healthy
+    networks:
+      - default
+  mysql:
+    container_name: mysql
+    image: mysql:8.0
+    ports:
+      - "3306:3306"
+    environment:
+      MYSQL_ROOT_PASSWORD: sigma
+      MYSQL_DATABASE: sigma
+      MYSQL_USER: sigma
+      MYSQL_PASSWORD: sigma
+    healthcheck:
+      test:
+        [
+          "CMD",
+          "mysqladmin",
+          "ping",
+          "-h",
+          "localhost",
+          "-u",
+          "sigma",
+          "--password=sigma",
+        ]
+      interval: 10s
+      timeout: 5s
+      retries: 10
+    networks:
+      - default
+  redis:
+    container_name: redis
+    image: redis:7.0-alpine
+    ports:
+      - "6379:6379"
+    command: redis-server --requirepass sigma
+    healthcheck:
+      test: ["CMD", "redis-cli", "-a", "sigma", "ping"]
+      interval: 10s
+      timeout: 5s
+      retries: 10
+    networks:
+      - default
+  minio:
+    container_name: minio
+    image: quay.io/minio/minio:RELEASE.2023-08-04T17-40-21Z
+    ports:
+      - "9000:9000"
+      - "9001:9001"
+    environment:
+      MINIO_ROOT_USER: sigma
+      MINIO_ROOT_PASSWORD: sigma-sigma
+      MINIO_REGION_NAME: cn-north-1
+    entrypoint: ""
+    command: /bin/sh -c 'mkdir -p /data/sigma && minio server /data --console-address ":9001"'
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
+      interval: 10s
+      timeout: 5s
+      retries: 10
+    networks:
+      - default
+  postgres:
+    container_name: postgres
+    image: postgres:15-alpine
+    ports:
+      - "5432:5432"
+    environment:
+      POSTGRES_PASSWORD: sigma
+      POSTGRES_USER: sigma
+      POSTGRES_DB: sigma
+    healthcheck:
+      test: ["CMD", "pg_isready", "-U", "sigma"]
+      interval: 10s
+      timeout: 5s
+      retries: 10
+    networks:
+      - default
+  pma:
+    container_name: pma
+    image: linuxserver/phpmyadmin:5.2.1
+    ports:
+      - "8080:80"
+    environment:
+      PMA_HOST: mysql
+      PMA_PORT: 3306
+      PMA_USER: root
+      PMA_PASSWORD: sigma
+    depends_on:
+      - mysql
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:80"]
+      interval: 10s
+      timeout: 5s
+      retries: 10
+    networks:
+      - default
+  pgadmin:
+    container_name: pgadmin
+    image: dpage/pgadmin4:7.8
+    ports:
+      - "5050:80"
+    environment:
+      PGADMIN_DEFAULT_EMAIL: [email protected]
+      PGADMIN_DEFAULT_PASSWORD: sigma
+    depends_on:
+      - postgres
+    healthcheck:
+      test: ["CMD", "nc", "-vz", "localhost", "80"]
+      interval: 10s
+      timeout: 5s
+      retries: 10
+    networks:
+      - default
+networks:
+  default:
+    name: ${DOCKER_NETWORK:-sigma}

docker-compose.yml

@@ -2,23 +2,23 @@ version: "2"
 services:
   sigma:
     container_name: sigma
-    image: ghcr.io/go-sigma/sigma:latest
+    image: ghcr.io/go-sigma/sigma:nightly-alpine
     ports:
       - "3000:3000"
     command: ["sigma", "server"]
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock
-      - $PWD/conf/config-compose.yaml:/etc/sigma/config.yaml
+      - ${PWD}/conf:/etc/sigma
     restart: always
     depends_on:
       mysql:
         condition: service_healthy
       redis:
         condition: service_healthy
-      postgres:
-        condition: service_healthy
       minio:
         condition: service_healthy
+    networks:
+      - default
   mysql:
     container_name: mysql
     image: mysql:8.0
@@ -29,6 +29,8 @@ services:
       MYSQL_DATABASE: sigma
       MYSQL_USER: sigma
       MYSQL_PASSWORD: sigma
+    volumes:
+      - ${PWD}/storage/mysql:/var/lib/mysql
     healthcheck:
       test:
         [
@@ -44,17 +46,23 @@ services:
       interval: 10s
       timeout: 5s
       retries: 10
+    networks:
+      - default
   redis:
     container_name: redis
     image: redis:7.0-alpine
     ports:
       - "6379:6379"
     command: redis-server --requirepass sigma
+    volumes:
+      - ${PWD}/storage/redis:/data
     healthcheck:
       test: ["CMD", "redis-cli", "-a", "sigma", "ping"]
       interval: 10s
       timeout: 5s
       retries: 10
+    networks:
+      - default
   minio:
     container_name: minio
     image: quay.io/minio/minio:RELEASE.2023-08-04T17-40-21Z
@@ -67,54 +75,15 @@ services:
       MINIO_REGION_NAME: cn-north-1
     entrypoint: ""
     command: /bin/sh -c 'mkdir -p /data/sigma && minio server /data --console-address ":9001"'
+    volumes:
+      - ${PWD}/storage/minio:/data
     healthcheck:
       test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
       interval: 10s
       timeout: 5s
       retries: 10
-  postgres:
-    container_name: postgres
-    image: postgres:15-alpine
-    ports:
-      - "5432:5432"
-    environment:
-      POSTGRES_PASSWORD: sigma
-      POSTGRES_USER: sigma
-      POSTGRES_DB: sigma
-    healthcheck:
-      test: ["CMD", "pg_isready", "-U", "sigma"]
-      interval: 10s
-      timeout: 5s
-      retries: 10
-  pma:
-    container_name: pma
-    image: phpmyadmin/phpmyadmin:5.2.1
-    ports:
-      - "8080:80"
-    environment:
-      PMA_HOST: mysql
-      PMA_PORT: 3306
-      PMA_USER: root
-      PMA_PASSWORD: sigma
-    depends_on:
-      - mysql
-    healthcheck:
-      test: ["CMD", "curl", "-f", "http://localhost:80"]
-      interval: 10s
-      timeout: 5s
-      retries: 10
-  pgadmin:
-    container_name: pgadmin
-    image: dpage/pgadmin4:7.8
-    ports:
-      - "5050:80"
-    environment:
-      PGADMIN_DEFAULT_EMAIL: [email protected]
-      PGADMIN_DEFAULT_PASSWORD: sigma
-    depends_on:
-      - postgres
-    healthcheck:
-      test: ["CMD", "nc", "-vz", "localhost", "80"]
-      interval: 10s
-      timeout: 5s
-      retries: 10
+    networks:
+      - default
+networks:
+  default:
+    name: ${DOCKER_NETWORK:-sigma}