-
Notifications
You must be signed in to change notification settings - Fork 9
/
esop-docker-compose.yml
38 lines (37 loc) · 1.24 KB
/
esop-docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
# esop: encrypted-sql-ops-pg
#
# Use this to run encrypted-sql-ops-pg docker image.
# $ docker-compose -f esop-docker-compose.yml up
version: "3.7"
services:
encrypted_sql_ops_pg:
image: anonify.azurecr.io/encrypted-sql-ops-pg:latest
volumes:
- /var/run/aesmd:/var/run/aesmd
devices:
- "/dev/sgx/enclave"
environment:
RUST_BACKTRACE: 1
RUST_LOG: debug
SPID: ${SPID}
SUB_KEY: ${SUB_KEY}
IAS_URL: "https://api.trustedservices.intel.com/sgx/dev/attestation/v3/report"
KEY_VAULT_ENDPOINT_FOR_STATE_RUNTIME: "key-vault.com:12346" # TODO: Remove
ENCLAVE_PKG_NAME: "encrypted_sql_ops"
REQUEST_RETRIES: "10"
RETRY_DELAY_MILLS: "100"
CMD_DEC_SECRET_DIR: ".anonify/cmd-dec-secret"
IAS_ROOT_CERT_PATH: "config/ias_root_cert.pem"
PJ_ROOT_DIR: "/home/anonify-dev/anonify"
IS_DEBUG: "false"
FIXUID_MODE: verbose
# Add an lookup from the IP Address to FQDN because of the following limitation of rustls
# https://github.com/ctz/rustls/issues/184
# https://github.com/briansmith/webpki/issues/54
stdin_open: true
tty: true
command: |
bash -c '
cd anonify/example/encrypted-sql-ops/pg-extension
cargo pgx run pg13
'