README.md
Rendering markdown...
services:
# ── PostgreSQL Database (required by LiteLLM's database_url config) ──
litellm-db:
image: postgres:15-alpine
container_name: litellm-db-35030
environment:
POSTGRES_DB: litellm
POSTGRES_USER: litellm
POSTGRES_PASSWORD: litellm123
ports:
- "5432:5432"
healthcheck:
test: ["CMD-SHELL", "pg_isready -U litellm -d litellm"]
interval: 5s
timeout: 3s
retries: 10
# ── Mock OIDC Provider ──────────────────────────────────────────────
oidc-mock:
build: ./oidc-provider
container_name: oidc-mock
ports:
- "8000:8000"
healthcheck:
test: ["CMD-SHELL", "python3 -c \"import urllib.request; exit(0 if urllib.request.urlopen('http://localhost:8000/health').status == 200 else 1)\""]
interval: 5s
timeout: 3s
retries: 10
# ── Vulnerable LiteLLM (v1.82.x — OIDC cache key collision) ────────
litellm-vuln:
build: ./litellm-vuln
container_name: litellm-cve-35030-vuln
ports:
- "4000:4000"
volumes:
- ./litellm_config.yaml:/app/config.yaml
environment:
- LITELLM_MASTER_KEY=sk-litellm-master-key
- DATABASE_URL=postgresql://litellm:litellm123@litellm-db:5432/litellm
depends_on:
oidc-mock:
condition: service_healthy
litellm-db:
condition: service_healthy
restart: unless-stopped
# ── Fixed LiteLLM (v1.83.0+ — sha256 cache key, not token[:20]) ───
litellm-fixed:
build: ./litellm-fixed
container_name: litellm-cve-35030-fixed
ports:
- "4001:4000"
volumes:
- ./litellm_config.yaml:/app/config.yaml
environment:
- LITELLM_MASTER_KEY=sk-litellm-master-key
- DATABASE_URL=postgresql://litellm:litellm123@litellm-db:5432/litellm
profiles:
- fixed
depends_on:
oidc-mock:
condition: service_healthy
litellm-db:
condition: service_healthy
restart: unless-stopped