version: "2.1" services: ejbca: image: primekey/ejbca-ce:6.15.2.5 hostname: cahostname container_name: aafcert-ejbca ports: - "80:8080" - "443:8443" volumes: - ./compose-resources/ejbca-configuration.sh:/opt/primekey/scripts/ejbca-configuration.sh healthcheck: test: ["CMD-SHELL", "curl -kI https://localhost:8443/ejbca/publicweb/healthcheck/ejbcahealth"] interval: 10s timeout: 3s retries: 15 networks: - certservice aaf-cert-service: image: onap/org.onap.aaf.certservice.aaf-certservice-api:latest volumes: - ./certService/helm/aaf-cert-service/resources/cmpServers.json:/etc/onap/aaf/certservice/cmpServers.json - ./certs/truststore.jks:/etc/onap/aaf/certservice/certs/truststore.jks - ./certs/root.crt:/etc/onap/aaf/certservice/certs/root.crt - ./certs/certServiceServer-keystore.jks:/etc/onap/aaf/certservice/certs/certServiceServer-keystore.jks - ./certs/certServiceServer-keystore.p12:/etc/onap/aaf/certservice/certs/certServiceServer-keystore.p12 container_name: aafcert-service ports: - "8443:8443" depends_on: ejbca: condition: service_healthy healthcheck: test: ["CMD-SHELL", "curl https://localhost:8443/actuator/health --cacert /etc/onap/aaf/certservice/certs/root.crt --cert-type p12 --cert /etc/onap/aaf/certservice/certs/certServiceServer-keystore.p12 --pass secret"] interval: 10s timeout: 3s retries: 15 networks: - certservice networks: certservice: driver: bridge