docker-compose.yml

version: '3.8'

services:
  # Argus Complete 6-Phase Security Scanner
  argus-scanner:
    build:
      context: .
      dockerfile: Dockerfile.complete
    image: argus-scanner:latest
    container_name: argus-scanner
    environment:
      # AI Provider Configuration
      - ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY}
      - OPENAI_API_KEY=${OPENAI_API_KEY:-}
      - OLLAMA_ENDPOINT=${OLLAMA_ENDPOINT:-}

      # Phase Enablement (all 6 phases)
      - ENABLE_REMEDIATION=true
      - ENABLE_THREAT_INTEL=true
      - ENABLE_MULTI_AGENT=true
      - ENABLE_SANDBOX=true
      - ENABLE_SPONTANEOUS_DISCOVERY=true
      - ENABLE_HEURISTICS=true

      # Tool Enablement
      - SEMGREP_ENABLED=true
      - TRIVY_ENABLED=true
      - CHECKOV_ENABLED=true

      # Performance
      - PYTHONUNBUFFERED=1

    volumes:
      # Mount target repository to analyze
      - ${TARGET_REPO:-./target}:/workspace:ro

      # Mount output directory for results
      - ${OUTPUT_DIR:-./output}:/output

      # Cache directory for faster subsequent scans
      - argus-cache:/cache

      # Docker socket for Phase 4 Sandbox Validation
      - /var/run/docker.sock:/var/run/docker.sock

    working_dir: /workspace

    # Network configuration
    networks:
      - argus-network

    # Resource limits
    deploy:
      resources:
        limits:
          cpus: '4.0'
          memory: 8G
        reservations:
          cpus: '2.0'
          memory: 4G

    # Health check
    healthcheck:
      test: ["CMD", "python", "-c", "import scripts.hybrid_analyzer; print('healthy')"]
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 5s

volumes:
  argus-cache:
    name: argus-cache

networks:
  argus-network:
    name: argus-network
    driver: bridge