-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathdocker-compose.yml
124 lines (113 loc) · 3.52 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
version: "3.1"
services:
traefik:
image: traefik:1.7.19
restart: always
hostname: traefik
container_name: traefik
depends_on:
- jenkins
- sonarqube
ports:
- "80:80"
- "443:443"
volumes:
- "traefik_tmp:/tmp"
- "${WORKDIR}/acme.json:/acme.json"
- "${WORKDIR}/traefik.toml:/traefik.toml"
- "/var/run/docker.sock:/var/run/docker.sock"
postgres:
image: postgres:10.8
container_name: postgres
environment:
POSTGRES_USER: ${SONARQUBE_JDBC_USER}
POSTGRES_PASSWORD: ${SONARQUBE_JDBC_PASSWORD}
volumes:
- postgres_data:/var/lib/postgresql/data
jenkins:
image: alapshin/jenkins-master:2.361.4-2
restart: always
container_name: jenkins
hostname: jenkins
environment:
# Configure content security policy to fix local reports published
# with HTML Publisher plugin.
# See https://wiki.jenkins.io/display/JENKINS/Configuring+Content+Security+Policy
JAVA_OPTS: >
-Dhudson.model.DirectoryBrowserSupport.CSP="sandbox allow-same-origin;
default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self';"
DOCKER_GROUP: docker
DOCKER_SOCKET: /var/run/docker.sock
JENKINS_USER: jenkins
JENKINS_URL: "https://${JENKINS_HOST}"
SONARQUBE_URL: "https://${SONARQUBE_HOST}"
CASC_JENKINS_CONFIG: /var/jenkins_home/jenkins.yml
# Upgrade installed plugins if image contains newer version
PLUGINS_FORCE_UPGRADE: "true"
TRY_UPGRADE_IF_NO_MARKER: "true"
expose:
- "8080"
labels:
- "traefik.enable=true"
- "traefik.port=8080"
- "traefik.backend=jenkins"
- "traefik.frontend.rule=Host:${JENKINS_HOST}"
secrets:
- source: admin_password
target: ADMIN_PASSWORD
- source: github_token
target: GITHUB_TOKEN
- source: github_username
target: GITHUB_USERNAME
- source: github_password
target: GITHUB_PASSWORD
- source: openssl_password
target: OPENSSL_PASSWORD
- source: sonarqube_token
target: SONARQUBE_TOKEN
volumes:
- "jenkins_home:/var/jenkins_home"
- "/var/run/docker.sock:/var/run/docker.sock"
- "${WORKDIR}/jenkins.yml:/var/jenkins_home/jenkins.yml"
sonarqube:
image: alapshin/sonarqube:6.7.6-2
container_name: sonarqube
depends_on:
- postgres
expose:
- "9000"
environment:
SONARQUBE_JDBC_URL: jdbc:postgresql://postgres:5432/sonar
SONARQUBE_JDBC_USERNAME: ${SONARQUBE_JDBC_USER}
SONARQUBE_JDBC_PASSWORD: ${SONARQUBE_JDBC_PASSWORD}
labels:
- "traefik.enable=true"
- "traefik.port=9000"
- "traefik.backend=sonarqube"
- "traefik.frontend.rule=Host:${SONARQUBE_HOST}"
volumes:
- sonarqube_conf:/opt/sonarqube/conf
- sonarqube_data:/opt/sonarqube/data
- sonarqube_extensions:/opt/sonarqube/extensions
- sonarqube_bundled_plugins:/opt/sonarqube/lib/bundled-plugins
volumes:
traefik_tmp:
jenkins_home:
postgres_data:
sonarqube_conf:
sonarqube_data:
sonarqube_extensions:
sonarqube_bundled_plugins:
secrets:
admin_password:
file: "${WORKDIR}/secrets/admin_password"
github_token:
file: "${WORKDIR}/secrets/github_token"
github_username:
file: "${WORKDIR}/secrets/github_username"
github_password:
file: "${WORKDIR}/secrets/github_password"
openssl_password:
file: "${WORKDIR}/secrets/openssl_password"
sonarqube_token:
file: "${WORKDIR}/secrets/sonarqube_token"