services: test-db: image: postgres:16-alpine environment: POSTGRES_USER: postgres POSTGRES_PASSWORD: test_password POSTGRES_DB: postgres volumes: - ./e2e/db-init/00_run_all.sh:/docker-entrypoint-initdb.d/00_run_all.sh:ro - ./env/db:/docker-entrypoint-initdb.d/sql:ro - ./e2e/db-init/99_test_seed.sql:/opt/test-seed.sql:ro healthcheck: test: ["CMD-SHELL", "pg_isready -U postgres -d postgres"] interval: 5s timeout: 5s retries: 10 start_period: 10s networks: - e2e-net system-under-test: build: context: . dockerfile: Dockerfile depends_on: test-db: condition: service_healthy environment: ASPNETCORE_URLS: http://+:8080 ASPNETCORE_ENVIRONMENT: Development ConnectionStrings__AzaionDb: "Host=test-db;Port=5432;Database=azaion;Username=azaion_reader;Password=test_password" ConnectionStrings__AzaionDbAdmin: "Host=test-db;Port=5432;Database=azaion;Username=azaion_admin;Password=test_password" # AZ-532 — two ES256 keys mounted below; kid-test-a is the active signer, # kid-test-b stays in JWKS to exercise the rotation-overlap test. JwtConfig__KeysFolder: "/etc/jwt-keys" JwtConfig__ActiveKid: "kid-test-a" ResourcesConfig__ResourcesFolder: "Content" ports: - "8080:8080" volumes: - test-resources:/app/Content - ./e2e/test-keys:/etc/jwt-keys:ro healthcheck: test: ["CMD", "curl", "--fail", "--silent", "--show-error", "http://localhost:8080/health/live"] interval: 10s timeout: 5s retries: 8 start_period: 45s networks: - e2e-net e2e-consumer: build: context: ./e2e dockerfile: Dockerfile depends_on: system-under-test: condition: service_healthy environment: # AZ-532 — tests sign tokens with the SAME ES256 keys the SUT uses, so # they need read access to the same fixture directory. JwtKeysFolder: "/etc/jwt-keys" JwtActiveKid: "kid-test-a" volumes: - ./e2e/test-results:/test-results - ./e2e/test-keys:/etc/jwt-keys:ro networks: - e2e-net networks: e2e-net: driver: bridge volumes: test-resources: