Commit 4c40ac13 authored by Robert Schambach's avatar Robert Schambach
Browse files

Adjust mariadb setup for secure document service

parent ee715399
......@@ -61,7 +61,7 @@ export SCONE_CAS_ADDR=5.0.0.scone-cas.cf
Submit your policies with the help of SCONE CLI:
```bash
docker run -it --rm -e SCONE_CAS_ADDR=$SCONE_CAS_ADDR -e SCONE_LAS_ADDR=172.17.0.1 -e RELEASE_NAME=$RELEASE_NAME --device /dev/isgx -v $PWD:/policies sconecuratedimages/sconecli:alpine3.7-scone5.0.0 bash /policies/upload_policies.sh
docker run -it --rm -e SCONE_CAS_ADDR=$SCONE_CAS_ADDR -e SCONE_LAS_ADDR=172.17.0.1 -e RELEASE_NAME=$RELEASE_NAME --device /dev/isgx -v $PWD:/policies sconecuratedimages/sconecli:alpine3.10-scone5.0.0 bash /policies/upload_policies.sh
```
#### Run MariaDB
......
......@@ -72,11 +72,18 @@ images:
FLUSH PRIVILEGES;
SHOW GRANTS FOR 'scontain'@'%';
GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'scontain';
CREATE DATABASE 'document_db';
CREATE TABLE 'document_db.document'(
record_id INT PRIMARY KEY,
content VARCHAR(1000) NOT NULL
);
CREATE DATABASE document_db;
CREATE TABLE document_db.document(
record_id INT NOT NULL,
content TEXT NOT NULL,
owner VARCHAR(128) NOT NULL,
PRIMARY KEY (record_id, owner)
);
CREATE TABLE document_db.account(
username VARCHAR(128) PRIMARY KEY,
hash BLOB NOT NULL,
salt BLOB NOT NULL
);
- name: db_image
volumes:
......@@ -147,6 +154,8 @@ secrets:
private_key: mariadb-key
issuer: MARIADB_CA_CERT
kind: x509
dns:
- $DB_HOST
- name: MARIADB_CLIENT_KEY
kind: private-key
export:
......
......@@ -24,6 +24,7 @@ services:
environment:
DB_HOST: $DB_HOST
DB_USER: $DB_USER
MC_HOST: $MEMCACHED_HOST
images:
- name: client_image
......
export DB_POLICY_FSPF_KEY=7633b7dd6b3cbf7d67e4ea12cff613ce13d53a862993440db4669c3fa4d74ae1
export DB_POLICY_FSPF_TAG=71e22d4cea5cb4ec9b48748c889d73e8
export DB_POLICY_FSPF_KEY=76f29bc6821a5aa217c3fa51969b26a017cb7e291718b85e97204b81211d1a25
export DB_POLICY_FSPF_TAG=060dd17dcfdc058ef06ec54d701e6444
export CAS_MRENCLAVE="4cd0fe54d3d8d787553b7dac7347012682c402220acd062e4d0da3bbe10a1c2c"
export MRENCLAVE_MYSQLD="ba36c590efff835ffbadd25ecf9489105961c61749790fccdfbbb1d318b3c918"
export MRENCLAVE_MYSQL="72accf0bf85a72af59b17f276b92dc755be184d63c8857286252c3aeb6ed1a10"
export MRENCLAVE_MY_PRINT_DEFAULTS="53dd745358ceb5d53587191bb3025512956088dc6d4e6b7f0fb79448596c6946"
export MRENCLAVE_SIMPLECLIENT_FASTAPISERVER="0e9e559e67ddbdc33ebd693162147136abbdd92ac414de9e15e65996c6f60212"
export CAS_MRENCLAVE="fd7efd68adeb23b5e60bca27f6fb3aec98d7fe1f4dee8fc5cf9e797299e30b02"
export MRENCLAVE_MYSQLD="1bfbc131f7abcb972c5afd27c1e9554f5d6678448c24d478f2b51f1a7a557c92"
export MRENCLAVE_MYSQL="52908b023e66059e30f1ac5e16a91c8acd43027875a2a61113daddfd670b1376"
export MRENCLAVE_MY_PRINT_DEFAULTS="37fb68a5697ea48586d04d74f69a4cd08b152bbaa6597b5a7d92d9ef3a4581e9"
export MRENCLAVE_SIMPLECLIENT_FASTAPISERVER="2808559c02d5611b4fbf76230f5e73ddb48064830a83ffaf22a10695fac60770"
export SIMPLE_CLIENT_CONFIG_ID=database_simpleclient_22135-11202-28626
export DB_CONFIG_ID=database_policy_22135-11202-28626
export SCONE_CAS_ADDR=localhost
export SIMPLE_CLIENT_CONFIG_ID=database_simpleclient_31677-21385-28494
export DB_CONFIG_ID=database_policy_31677-21385-28494
export SCONE_CAS_ADDR=5-0-0.scone-cas.cf
......@@ -18,8 +18,8 @@ function get_mrenclave {
# into the environment).
CAS_IMAGE=${CAS_IMAGE:-"sconecuratedimages/services:cas.preprovisioned-scone5.0.0"}
MARIADB_IMAGE=${BASE_IMAGE:-"sconecuratedimages/apps:mariadb-10.4-alpine-scone5.0.0"}
FASTAPISERVER_IMAGE=${FASTAPISERVER_IMAGE:-"enterjazz/scone-test-images:fast-api-server"}
CLI_IMAGE=${CLI_IMAGE:-"sconecuratedimages/sconecli:alpine3.7-scone5.0.0"}
FASTAPISERVER_IMAGE=${FASTAPISERVER_IMAGE:-"registry.scontain.com:5050/enterjazz/secure-doc-management:fastapi-server"}
CLI_IMAGE=${CLI_IMAGE:-"sconecuratedimages/sconecli:alpine3.10-scone5.0.0"}
echo "Pulling the latest images. Make sure you have access to all of them!"
......
ARG BASE_IMAGE=sconecuratedimages/apps:mariadb-10.4-alpine-scone5.0.0
FROM sconecuratedimages/sconecli:alpine3.7-scone5.0.0 as cli
FROM sconecuratedimages/sconecli:alpine3.10-scone5.0.0 as cli
FROM $BASE_IMAGE as fspf
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment