Merge branch 'feature/docker-compose' into develop

2024-12-04 10:59:20 +03:00 · 2024-12-04 10:59:20 +03:00 · d14fed1384
commit d14fed1384
parent e42d07ad74 74a1d200a1
15 changed files with 302 additions and 96 deletions
--- a/.gitignore
+++ b/.gitignore
@ -67,3 +67,4 @@ npm-debug.log
 *.sublime-workspace
 sync-backend.ps1
 sync-frontend.ps1
+config/kafka_data
--- a/20
+++ b/20
@ -0,0 +1,20 @@
+#Dockerfile for TeamCity build "run in docker"
+
+FROM repo.asd.center.cg:8082/alt/alt-tomcat:c10f1-9.0.59-20240917
+
+USER root
+
+COPY config/tomcat /
+
+RUN cat /etc/tomcat/webbpm.properties >> /etc/tomcat/catalina.properties \
+ && chown root:tomcat /var/lib/tomcat/webapps \
+ && chmod g+rw /var/lib/tomcat/webapps
+
+COPY frontend/target/frontend*.war /var/lib/tomcat/webapps/ROOT.war
+COPY backend/target/ul.war /var/lib/tomcat/webapps/ul.war
+
+USER tomcat
+
+EXPOSE 8080
+
+ENTRYPOINT ["/entrypoint.sh"]
--- a/config/ervu-lkrp-av.env
+++ b/config/ervu-lkrp-av.env
@ -0,0 +1,43 @@
+AV_KAFKA_BOOTSTRAP_SERVERS=local-kafka:9094
+#AV_KAFKA_SECURITY_PROTOCOL=SASL_PLAINTEXT
+AV_KAFKA_SECURITY_PROTOCOL=PLAINTEXT
+#AV_KAFKA_SASL_MECHANISM=SCRAM-SHA-256
+AV_KAFKA_SASL_MECHANISM=PLAIN
+AV_KAFKA_USERNAME=user2
+AV_KAFKA_PASSWORD=Blfi9d2OFG
+AV_KAFKA_GROUP_ID=local-ervu-lkrp-av1
+AV_KAFKA_TOPIC_NAME=file-to-upload
+AV_KAFKA_STATUS_TOPIC_NAME=ervu.lkrp.av-fileupload-status
+AV_KAFKA_LOGIN_MODULE=org.apache.kafka.common.security.plain.PlainLoginModule
+
+ERVU_KAFKA_BOOTSTRAP_SERVERS=local-kafka:9094
+#ERVU_KAFKA_SECURITY_PROTOCOL=SASL_PLAINTEXT
+ERVU_KAFKA_SECURITY_PROTOCOL=PLAINTEXT
+#ERVU_KAFKA_SASL_MECHANISM=SCRAM-SHA-256
+ERVU_KAFKA_SASL_MECHANISM=PLAIN
+ERVU_KAFKA_USERNAME=user2
+ERVU_KAFKA_PASSWORD=Blfi9d2OFG
+ERVU_KAFKA_GROUP_ID=local-ervu-lkrp-av2
+ERVU_KAFKA_ERROR_TOPIC_NAME=ervu.lkrp.download.request
+ERVU_KAFKA_SUCCESS_TOPIC_NAME=ervu.lkrp.download.request
+ERVU_KAFKA_RESPONSE_TOPIC_NAME=ervu.lkrp.download.response
+ERVU_KAFKA_LOGIN_MODULE=org.apache.kafka.common.security.plain.PlainLoginModule
+
+AV_CHECK_ENABLED=true
+AV_REST_ADDRESS=http://10.10.30.120:8085/scans
+AV_FIRST_TIMEOUT_MILLISECONDS=1000
+AV_RETRY_MAX_ATTEMPTS_COUNT=10
+AV_RETRY_DELAY_MILLISECONDS=1000
+
+FILE_SAVING_PATH=/transfer/
+
+S3_ENDPOINT=http://ervu-minio.k8s.micord.ru:31900
+S3_ACCESS_KEY=rlTdTvkmSXu9FsLhfecw
+S3_SECRET_KEY=NUmY0wwRIEyAd98GCKd1cOgJWvLQYAcMMul5Ulu0
+S3_BUCKET_NAME=default-out-bucket
+S3_PATH_STYLE_ACCESS_ENABLED=true
+
+FILE_WEBDAV_UPLOAD_USERNAME=test
+FILE_WEBDAV_UPLOAD_PASSWORD=test
+WEBDAV_USERNAME=test
+WEBDAV_PASSWORD=test
--- a/config/ervu-organization-registry.env
+++ b/config/ervu-organization-registry.env
@ -0,0 +1,35 @@
+PG_HOST=10.10.31.119
+PG_PORT=5432
+PG_DATABASE=ervu_organization_registry
+PG_USER=ervu_organization_registry
+PG_PASSWORD=ervu_organization_registry
+
+KAFKA_HOSTS=local-kafka:9094
+#KAFKA_AUTH_SASL_MODULE=org.apache.kafka.common.security.scram.ScramLoginModule
+KAFKA_AUTH_SASL_MODULE=org.apache.kafka.common.security.plain.PlainLoginModule
+#KAFKA_AUTH_SEC_PROTO=SASL_PLAINTEXT
+KAFKA_AUTH_SEC_PROTO=PLAINTEXT
+#KAFKA_AUTH_SASL_MECH=SCRAM-SHA-256
+KAFKA_AUTH_SASL_MECH=PLAIN
+KAFKA_USER=user2
+KAFKA_PASS=Blfi9d2OFG
+KAFKA_CONSUMER_GROUP_ID=ervu-organization-registry
+
+EXTERNAL_KAFKA_HOSTS=local-kafka:9094
+#EXTERNAL_KAFKA_AUTH_SASL_MODULE=org.apache.kafka.common.security.scram.ScramLoginModule
+EXTERNAL_KAFKA_AUTH_SASL_MODULE=org.apache.kafka.common.security.plain.PlainLoginModule
+#EXTERNAL_KAFKA_AUTH_SEC_PROTO=SASL_PLAINTEXT
+EXTERNAL_KAFKA_AUTH_SEC_PROTO=PLAINTEXT
+#EXTERNAL_KAFKA_AUTH_SASL_MECH=SCRAM-SHA-256
+EXTERNAL_KAFKA_AUTH_SASL_MECH=PLAIN
+EXTERNAL_KAFKA_USER=user2
+EXTERNAL_KAFKA_PASS=Blfi9d2OFG
+EXTERNAL_KAFKA_CONSUMER_GROUP_ID=ervu-organization-registry
+
+WEBDAV_UPLOAD_URL=https://ervu-webdav.k8s.micord.ru/excerpt/
+WEBDAV_UPLOAD_USERNAME=test
+WEBDAV_UPLOAD_PASSWORD=test
+
+AWS_ENDPOINT=http://ervu-minio.k8s.micord.ru:31900
+AWS_ACCESS_KEY_ID=rlTdTvkmSXu9FsLhfecw
+AWS_SECRET_ACCESS_KEY=NUmY0wwRIEyAd98GCKd1cOgJWvLQYAcMMul5Ulu0
--- a/config/ervu-validate-recruits.env
+++ b/config/ervu-validate-recruits.env
@ -0,0 +1,25 @@
+KAFKA_HOSTS=local-kafka:9094
+#KAFKA_AUTH_SASL_MODULE=org.apache.kafka.common.security.scram.ScramLoginModule
+KAFKA_AUTH_SASL_MODULE=org.apache.kafka.common.security.plain.PlainLoginModule
+#KAFKA_AUTH_SEC_PROTO=SASL_PLAINTEXT
+KAFKA_AUTH_SEC_PROTO=PLAINTEXT
+#KAFKA_AUTH_SASL_MECH=SCRAM-SHA-256
+KAFKA_AUTH_SASL_MECH=PLAIN
+KAFKA_USER=user2
+KAFKA_PASS=Blfi9d2OFG
+KAFKA_CONSUMER_GROUP_ID=ervu-validate-recruits
+
+EXTERNAL_KAFKA_HOSTS=local-kafka:9094
+#EXTERNAL_KAFKA_AUTH_SASL_MODULE=org.apache.kafka.common.security.scram.ScramLoginModule
+EXTERNAL_KAFKA_AUTH_SASL_MODULE=org.apache.kafka.common.security.plain.PlainLoginModule
+#EXTERNAL_KAFKA_AUTH_SEC_PROTO=SASL_PLAINTEXT
+EXTERNAL_KAFKA_AUTH_SEC_PROTO=PLAINTEXT
+#EXTERNAL_KAFKA_AUTH_SASL_MECH=SCRAM-SHA-256
+EXTERNAL_KAFKA_AUTH_SASL_MECH=PLAIN
+EXTERNAL_KAFKA_USER=user2
+EXTERNAL_KAFKA_PASS=Blfi9d2OFG
+EXTERNAL_KAFKA_CONSUMER_GROUP_ID=ervu-validate-recruits
+
+AWS_ENDPOINT=http://ervu-minio.k8s.micord.ru:31900
+AWS_ACCESS_KEY_ID=rlTdTvkmSXu9FsLhfecw
+AWS_SECRET_ACCESS_KEY=NUmY0wwRIEyAd98GCKd1cOgJWvLQYAcMMul5Ulu0
--- a/config/fl.txt
+++ b/config/fl.txt
@ -1,24 +0,0 @@
-#!/bin/bash
-set -e
-
-docker-compose -p %image_tag% build --build-arg env="%reverse.dep.*.build_mode%"
-docker-compose -p %image_tag% up -d
-container_id=$(docker-compose -p %image_tag% ps -q webbpm-app)
-addr=%teamcity.agent.hostname%
-port_web=$(docker-compose -p %image_tag% port webbpm-app 8080 | cut -d: -f2)
-port_mgmt=$(docker-compose -p %image_tag% port webbpm-app 9990| cut -d: -f2)
-port_debug=$(docker-compose -p %image_tag% port webbpm-app 8787| cut -d: -f2)
-
-
-echo "Started container $container_id"
-
-echo "Management URL: http://$addr:$port_mgmt/"
-echo "Webapp URL: http://$addr:$port_web/%APP_PATH%"
-echo "Debug URL: $addr:$port_debug"
-
-echo "##teamcity[setParameter name='container_id' value='$container_id']"
-echo "##teamcity[setParameter name='webapp_url' value='http://$addr:$port_web/%APP_PATH%']"
-
-echo "Waiting until the app is deployed..."
-# Wait until the app is deployed
-timeout 600 bash -c "until curl -s -o /dev/null --fail http://${addr}:${port_web}/%APP_PATH%/ ; do sleep 1; done"
--- a/config/kafdrop.env
+++ b/config/kafdrop.env
@ -0,0 +1,2 @@
+KAFKA_BROKERCONNECT=local-kafka:9094
+KAFKA_PROPERTIES=c2VjdXJpdHkucHJvdG9jb2w9UExBSU5URVhUDQpzYXNsLm1lY2hhbmlzbT1QTEFJTg0Kc2FzbC5qYWFzLmNvbmZpZz1vcmcuYXBhY2hlLmthZmthLmNvbW1vbi5zZWN1cml0eS5wbGFpbi5QbGFpbkxvZ2luTW9kdWxlIHJlcXVpcmVkIHVzZXJuYW1lPSd1c2VyMicgcGFzc3dvcmQ9J0JsZmk5ZDJPRkcnOw==
--- a/config/kafka.env
+++ b/config/kafka.env
@ -0,0 +1,23 @@
+KAFKA_CFG_NODE_ID=0
+KAFKA_CFG_PROCESS_ROLES=controller,broker
+KAFKA_CFG_LISTENERS=CLIENT://:9092,INTERNAL://:9094,CONTROLLER://:9093
+KAFKA_CFG_ADVERTISED_LISTENERS=CLIENT://local-kafka:9092,INTERNAL://local-kafka:9094,CONTROLLER://localhost:9093
+KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP=CLIENT:SASL_PLAINTEXT,INTERNAL:PLAINTEXT,CONTROLLER:SASL_PLAINTEXT,
+KAFKA_CFG_CONTROLLER_QUORUM_VOTERS=0@local-kafka:9093
+KAFKA_KRAFT_BOOTSTRAP_SCRAM_USERS=true
+
+# Controller
+KAFKA_CFG_CONTROLLER_LISTENER_NAMES=CONTROLLER
+#KAFKA_CONTROLLER_USER=controller_user
+#KAFKA_CONTROLLER_PASSWORD=Blfi9d2OFG
+KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL=PLAIN
+
+# Client CLIENT
+KAFKA_CLIENT_USERS=user2
+KAFKA_CLIENT_PASSWORDS=Blfi9d2OFG
+KAFKA_CLIENT_LISTENER_NAME=CLIENT
+KAFKA_CFG_SASL_JAAS_CONFIG=org.apache.kafka.common.security.scram.ScramLoginModule required username="user2" password="Blfi9d2OFG";
+
+# Client internal
+KAFKA_INTER_BROKER_LISTENER_NAME=INTERNAL
+KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL=PLAIN
--- a/config/kafka.properties
+++ b/config/kafka.properties
@ -0,0 +1,3 @@
+security.protocol=PLAINTEXT
+sasl.mechanism=PLAIN
+sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required username='user2' password='Blfi9d2OFG';
--- a/config/local.env
+++ b/config/local.env
@ -0,0 +1,69 @@
+TZ=Europe/Moscow
+# App datasource
+DB_APP_USERNAME=ervu_lkrp_ul
+DB_APP_PASSWORD=ervu_lkrp_ul
+DB_APP_HOST=10.10.31.119
+DB_APP_PORT=5432
+DB_APP_NAME=ervu_lkrp_ul
+
+AV_KAFKA_MESSAGE_TOPIC_NAME=file-to-upload
+AV_KAFKA_BOOTSTRAP_SERVERS=http://local-kafka:9094
+#AV_KAFKA_SECURITY_PROTOCOL=SASL_PLAINTEXT
+AV_KAFKA_SECURITY_PROTOCOL=PLAINTEXT
+#AV_KAFKA_SASL_MECHANISM=SCRAM-SHA-256
+AV_KAFKA_SASL_MECHANISM=PLAIN
+AV_KAFKA_USERNAME=user2
+AV_KAFKA_PASSWORD=Blfi9d2OFG
+AV_KAFKA_GROUP_ID=local-ervu-lkrp-ul-backend
+AV_KAFKA_DOWNLOAD_RESPONSE=ervu.lkrp.av-fileupload-status
+
+ESIA_SCOPES=fullname, snils, id_doc, birthdate, usr_org, openid
+ESIA_ORG_SCOPES=org_fullname, org_shortname, org_brhs, org_brhs_ctts, org_brhs_addrs, org_type, org_ogrn, org_inn, org_leg, org_kpp, org_ctts, org_addrs, org_grps, org_emps
+ESIA_ORG_SCOPE_URL=http://esia.gosuslugi.ru/
+ESIA_BASE_URI=https://esia-portal1.test.gosuslugi.ru/
+ESIA_ISSUER_URL=http://esia-portal1.test.gosuslugi.ru/
+#ESIA_CLIENT_ID=MNSV89
+ESIA_CLIENT_ID=MNSV93
+ESIA_REDIRECT_URL=http://localhost:8080/
+ESIA_UPLOAD_DATA_ROLE=MNSV89_UPLOAD_DATA
+#ESIA_CLIENT_CERT_HASH=04508B4B0B58776A954A0E15F574B4E58799D74C61EE020B3330716C203E3BDD
+ESIA_CLIENT_CERT_HASH=CF35A98C48E48665EA73530537BAFBB51F911C434ADC89215C2F86DCD04E28C5
+ESIA_TOKEN_CLEAR_CRON=0 0 */1 * * *
+
+SIGN_URL=https://ervu-sign-dev.k8s.micord.ru/sign
+SIGN_VERIFY_URL=https://ervu-sign-dev.k8s.micord.ru/verify
+
+ERVU_KAFKA_BOOTSTRAP_SERVERS=local-kafka:9094
+ERVU_KAFKA_ORG_REPLY_TOPIC=ervu.organization.response
+ERVU_KAFKA_GROUP_ID=local-ervu-lkrp-ul-backend
+ERVU_KAFKA_ORG_REQUEST_TOPIC=ervu.organization.request
+ERVU_KAFKA_REPLY_TIMEOUT=5
+ERVU_KAFKA_JOURNAL_REQUEST_TOPIC=ervu.organization.journal.request
+ERVU_KAFKA_JOURNAL_REPLY_TOPIC=ervu.organization.journal.response
+#ERVU_KAFKA_SECURITY_PROTOCOL=SASL_PLAINTEXT
+ERVU_KAFKA_SECURITY_PROTOCOL=PLAINTEXT
+#ERVU_KAFKA_SASL_MECHANISM=SCRAM-SHA-256
+ERVU_KAFKA_SASL_MECHANISM=PLAIN
+ERVU_KAFKA_USERNAME=user2
+ERVU_KAFKA_PASSWORD=Blfi9d2OFG
+ERVU_KAFKA_EXCERPT_REPLY_TOPIC=ervu.lkrp.excerpt.response
+ERVU_KAFKA_EXCERPT_REQUEST_TOPIC=ervu.lkrp.excerpt.request
+
+ESNSI_OKOPF_URL=https://esnsi.gosuslugi.ru/rest/ext/v1/classifiers/11465/file?extension=JSON&encoding=UTF_8
+ESNSI_OKOPF_CRON_LOAD=0 0 */1 * * *
+ESNSI_OKOPF_RETRY_MAX_ATTEMPTS_LOAD=3
+ESNSI_OKOPF_RETRY_DELAY_LOAD=1000
+
+ERVU_FILE_UPLOAD_MAX_FILE_SIZE=5242880
+ERVU_FILE_UPLOAD_MAX_REQUEST_SIZE=6291456
+ERVU_FILE_UPLOAD_FILE_SIZE_THRESHOLD=0
+
+COOKIE_PATH=/ul
+
+WEBDAV_CLEANUP_CRON=0 0 0 * * *
+WEBDAV_RETRY_DELAY=500
+FILE_WEBDAV_UPLOAD_URL=https://ervu-webdav.k8s.micord.ru
+FILE_WEBDAV_UPLOAD_USERNAME=test
+FILE_WEBDAV_UPLOAD_PASSWORD=test
+FILE_WEBDAV_LIFETIME_SECONDS=300
+FILE_WEBDAV_EXTENSIONS=csv,xlsx
--- a/config/tomcat/etc/tomcat/conf.d/db.conf
+++ b/config/tomcat/etc/tomcat/conf.d/db.conf
@ -1,8 +1,8 @@
 JDK_JAVA_OPTIONS="$JDK_JAVA_OPTIONS \
- -Ddb.app.host=${DB_APP_HOST:-db} \
- -Ddb.app.port=${DB_APP_PORT:-5432} \
- -Ddb.app.name=${DB_APP_NAME:-app} \
- -Ddb.app.username=${DB_APP_USERNAME:-app_user} \
- -Ddb.app.password=${DB_APP_PASSWORD:-apppassword} \
+ -Ddb.host=${DB_APP_HOST:-db} \
+ -Ddb.port=${DB_APP_PORT:-5432} \
+ -Ddb.name=${DB_APP_NAME:-app} \
+ -Ddb.username=${DB_APP_USERNAME:-app_user} \
+ -Ddb.password=${DB_APP_PASSWORD:-apppassword} \
 "
 export JDK_JAVA_OPTIONS
--- a/config/tomcat/etc/tomcat/context.xml
+++ b/config/tomcat/etc/tomcat/context.xml
@ -31,6 +31,6 @@

    <Resource name="webbpm/AppDS" auth="Container"
          type="javax.sql.DataSource" driverClassName="org.postgresql.Driver"
-          url="jdbc:postgresql://${db.app.host}:${db.app.port}/${db.app.name}"
-          username="${db.app.username}" password="${db.app.password}" maxTotal="20" maxIdle="10" maxWaitMillis="-1"/>
+          url="jdbc:postgresql://${db.host}:${db.port}/${db.name}"
+          username="${db.username}" password="${db.password}" maxTotal="20" maxIdle="10" maxWaitMillis="-1"/>
 </Context>
--- a/config/tomcat/etc/tomcat/tomcat-users.xml
+++ b/config/tomcat/etc/tomcat/tomcat-users.xml
@ -1,39 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one or more
-  contributor license agreements.  See the NOTICE file distributed with
-  this work for additional information regarding copyright ownership.
-  The ASF licenses this file to You under the Apache License, Version 2.0
-  (the "License"); you may not use this file except in compliance with
-  the License.  You may obtain a copy of the License at
-
-      http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing, software
-  distributed under the License is distributed on an "AS IS" BASIS,
-  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  See the License for the specific language governing permissions and
-  limitations under the License.
-->
-<tomcat-users xmlns="http://tomcat.apache.org/xml"
-              xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-              xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
-              version="1.0">
-<!--
-  By default, no user is included in the "manager-gui" role required
-  to operate the "/manager/html" web application.  If you wish to use this app,
-  you must define such a user - the username and password are arbitrary.
-
-  Built-in Tomcat manager roles:
-    - manager-gui    - allows access to the HTML GUI and the status pages
-    - manager-script - allows access to the HTTP API and the status pages
-    - manager-jmx    - allows access to the JMX proxy and the status pages
-    - manager-status - allows access to the status pages only
-
-  The users below are wrapped in a comment and are therefore ignored. If you
-  wish to configure one or more of these users for use with the manager web
-  application, do not forget to remove the <!.. ..> that surrounds them. You
-  will also need to set the passwords to something appropriate.
-->
-  <user username="admin" password="<must-be-changed>" roles="manager-gui"/>
-</tomcat-users>
--- a/config/tomcat/var/lib/tomcat/webapps/manager/META-INF/context.xml
+++ b/config/tomcat/var/lib/tomcat/webapps/manager/META-INF/context.xml
@ -1,26 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one or more
-  contributor license agreements.  See the NOTICE file distributed with
-  this work for additional information regarding copyright ownership.
-  The ASF licenses this file to You under the Apache License, Version 2.0
-  (the "License"); you may not use this file except in compliance with
-  the License.  You may obtain a copy of the License at
-
-      http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing, software
-  distributed under the License is distributed on an "AS IS" BASIS,
-  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  See the License for the specific language governing permissions and
-  limitations under the License.
-->
-<Context antiResourceLocking="false" privileged="true" >
-  <CookieProcessor className="org.apache.tomcat.util.http.Rfc6265CookieProcessor"
-                   sameSiteCookies="strict" />
-<!--
-  <Valve className="org.apache.catalina.valves.RemoteAddrValve"
-         allow="d+\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
-->
-  <Manager sessionAttributeValueClassNameFilter="java\.lang\.(?:Boolean|Integer|Long|Number|String)|org\.apache\.catalina\.filters\.CsrfPreventionFilter\$LruCache(?:\$1)?|java\.util\.(?:Linked)?HashMap"/>
-</Context>
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@ -0,0 +1,74 @@
+services:
+  local-kafka:
+    image: docker.io/bitnami/kafka:3.9.0
+    container_name: kafka
+    ports:
+      - 9092:9092
+      - 9094:9094
+    volumes:
+      - ./config/kafka_data:/bitnami/kafka
+    env_file:
+      - config/kafka.env
+    healthcheck:    
+      test: ["CMD", "kafka-topics.sh", "--list", "--bootstrap-server", "localhost:9094"]
+      interval: 30s
+      timeout: 10s
+      retries: 4
+
+  kafdrop:
+    container_name: kafdrop
+    image: obsidiandynamics/kafdrop
+    restart: "no"
+    ports:
+      - 9000:9000
+    env_file:
+      config/kafdrop.env
+    depends_on:
+      local-kafka:
+        condition: service_healthy
+
+  ervu-validate-recruits:
+    image: registry-dev.pgs.rtlabs.ru/ervu/ervu-validate-recruits:0.0.1-sha51becef5
+    container_name: validate-recruits
+    depends_on:
+      local-kafka:
+        condition: service_healthy
+    env_file:
+      - config/ervu-validate-recruits.env
+
+  ervu-organization-registry:
+    image: registry-dev.pgs.rtlabs.ru/ervu/ervu-organization-registry:0.0.1-sha487d2691
+    container_name: organization-registry
+    depends_on:
+      local-kafka:
+        condition: service_healthy
+    env_file:
+      - config/ervu-organization-registry.env
+
+  lkrp-av:
+    image: registry-dev.pgs.rtlabs.ru/ervu/ervu-lkrp-av:0.0.1-sha071cf588
+    container_name: lkrp-av
+    depends_on:
+      local-kafka:
+        condition: service_healthy
+    env_file:
+      - config/ervu-lkrp-av.env
+
+  lkrp-ul:
+    container_name: lkrp-ul
+    depends_on:
+      local-kafka:
+        condition: service_healthy
+      ervu-validate-recruits:
+        condition: service_started
+      ervu-organization-registry:
+        condition: service_started
+      lkrp-av:
+        condition: service_started
+    build:
+      context: .
+      dockerfile: Dockerfile
+    ports:
+      - 8080:8080
+    env_file:
+      - config/local.env