version: "3.1"

services:
   aca:
      image: ghcr.io/nsacyber/hirs/aca-ci:latest
      container_name: hirs-aca1
      volumes:
         - ../../:/HIRS
      ports:
         - "${HIRS_ACA_PORTAL_PORT}:${HIRS_ACA_PORTAL_CONTAINER_PORT}"
      entrypoint: /bin/bash -c
      command: [tail -f /dev/null;]
      hostname: ${HIRS_ACA_HOSTNAME}
      networks:
         hirs_aca_system_tests:
            ipv4_address: ${HIRS_ACA_PORTAL_IP}
            aliases:
              - ${HIRS_ACA_HOSTNAME}

   tpmprovisioner:
      image: ghcr.io/nsacyber/hirs/tpm2provisioner-ci:latest
      container_name: hirs-provisioner1-tpm2
      depends_on:
         - aca
      volumes:
         - ../../:/HIRS
         - ../system-tests/profiles/laptop/dmi:/sys/class/dmi:ro
      entrypoint: /bin/bash -c
      command: [tail -f /dev/null;]
      devices:
        - "/dev/mem:/dev/mem"
      cap_add:
        - sys_rawio
      networks:
         hirs_aca_system_tests:
            ipv4_address: ${HIRS_ACA_PROVISIONER_TPM2_IP}
      environment:
         - HIRS_ACA_PROVISIONER_TPM2_IP=${HIRS_ACA_PROVISIONER_TPM2_IP}
         - TPM_ENABLED=${TPM_ENABLED}
         - IMA_ENABLED=${IMA_ENABLED}
         - HIRS_ACA_PORTAL_IP=${HIRS_ACA_PORTAL_IP}
         - HIRS_ACA_PORTAL_PORT=${HIRS_ACA_PORTAL_PORT}
         - HIRS_BROKER_PORT=${HIRS_BROKER_PORT}
         - HIRS_ACA_PORTAL_CONTAINER_PORT=${HIRS_ACA_PORTAL_CONTAINER_PORT}
         - HIRS_ACA_HOSTNAME=${HIRS_ACA_HOSTNAME}
         - HIRS_SUBNET=${HIRS_SUBNET}

networks:
   hirs_aca_system_tests:
      driver: bridge
      ipam:
         driver: default
         config:
           - subnet: ${HIRS_SUBNET}