Hi, I'm evaluating Ory Network and I couldn't find anything about recommended development/testing workflows, so I was hoping to get some help, please. What is the suggested route for local dev and integration testing when using Ory Network, please? From this page https://www.ory.sh/docs/getting-started/local-development is looks like you're suggesting creating projects on Ory Cloud/Network for the purposes of local dev? So projects would be spun up (and torn down at an appropriate point) for each developer and build/test machine? Feels like this could get messy with lots of projects being created and potentially not getting removed sometimes? Is there an elegant way to manage this? I suppose a totally separate Ory Network instance could be used for dev/testing to production to keep things tidy on the production side. I assume the suggestion isn't for a shared dev project on Ory Network as that wouldn't provide the required isolation between different devs' data. Or, is Docker the way to go with local dev? If so, can we replicate the Ory Nework setup with the Docker installation easily? Thanks in advance for any help.

It's what I do

version: '3.6'
services:
  postgresauth:
    image: postgres:14
    restart: always
    command: "-c 'config_file=/etc/postgresql/postgresql.conf'"
    volumes:
      - ./auth_db_data:/var/lib/postgresql/data
      - ./initdb.d:/docker-entrypoint-initdb.d:ro
      - ./pg/postgres.conf:/etc/postgresql/postgresql.conf
    networks:
      - intranet
    env_file:
      - .env
    environment:
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-postgrespassword}
    ports:
      - "5433:5432"
  maildev:
    image: maildev/maildev
    command: '--hide-extensions STARTTLS'
    networks:
      - intranet
    ports:
      - "1025:1025"
      - "1080:1080"
  oathkeeper:
    image: oryd/oathkeeper:latest
    depends_on:
      - kratos
    ports:
      - 4455:4455
      - 4456:4456
    command:
      serve proxy -c "/etc/config/oathkeeper/oathkeeper.yml"
    environment:
      - LOG_LEVEL=debug
      - LOG_LEAK_SENSITIVE_VALUES=true
    restart: on-failure
    networks:
      - intranet
    volumes:
      - ./oathkeeper:/etc/config/oathkeeper
    extra_hosts:
      - "host.docker.internal:host-gateway"
  kratos-migrate:
    image: oryd/kratos:latest
    environment:
      - DSN=${POSTGRES_DSN}
    volumes:
      - type: volume
        source: kratos-sqlite
        target: /var/lib/sqlite
        read_only: false
      - type: bind
        source: ./kratos
        target: /etc/config/kratos
    command: -c /etc/config/kratos/kratos.yml migrate sql -e --yes
    restart: on-failure
    networks:
      - intranet
  kratos:
    depends_on:
      - kratos-migrate
      - postgres
      - graphql-engine
    env_file:
      - .env
    image: oryd/kratos:v0.10.1
    ports:
      - '4433:4433' # public
      - '4434:4434' # admin
    restart: unless-stopped
    environment:
      - DSN=${POSTGRES_DSN}
      - LOG_LEVEL=trace
      - SELFSERVICE_FLOWS_REGISTRATION_AFTER_PASSWORD_HOOKS_0_CONFIG_AUTH_CONFIG_VALUE=nosecret
    command: serve -c /etc/config/kratos/kratos.yml --dev --watch-courier
    volumes:
      - type: volume
        source: kratos-sqlite
        target: /var/lib/sqlite
        read_only: false
      - type: bind
        source: ./kratos
        target: /etc/config/kratos
      - type: bind
        source: ../preprod/ory/emails
        target: /etc/config/kratos-templates
    networks:
      - intranet
  keto-migrate:
    image: oryd/keto:latest
    links:
      - postgres:postgresd
    volumes:
      - type: bind
        source: ./keto
        target: /home/ory-comms
    environment:
      - LOG_LEVEL=debug
      - DSN=${POSTGRES_DSN}
    command: [ 'migrate', 'up', '-y' ]
    restart: on-failure
  keto:
    image: oryd/keto:latest
    links:
      - postgres:postgresd
    volumes:
      - type: bind
        source: ./keto
        target: /home/ory-comms
    ports:
      - '4466:4466'
      - '4467:4467'
    depends_on:
      - keto-migrate
    environment:
      - DSN=${POSTGRES_DSN}
    restart: on-failure
  kratos-selfservice-ui-node:
    image: oryd/kratos-selfservice-ui-node:v0.10.1
    environment:
      - KRATOS_PUBLIC_URL=<http://kratos:4433/>
      - KRATOS_BROWSER_URL=<http://127.0.0.1:4455/>
    ports:
      - "3000:3000"
    networks:
      - intranet
    restart: on-failure


volumes:
  db_data:
  kratos-sqlite:

networks:
  intranet:
  int:
    internal: true

Hi @clean-motherboard-93658 You could use separate projects for Production and Development / Testing. Each project can have multiple members added, so your development team for example can share the same project. We also provide the Ory CLI tunnel which will help with local development against your Ory Network project. You can read more about it here https://www.ory.sh/docs/guides/cli/proxy-and-tunnel and here https://www.ory.sh/docs/cli/ory-tunnel Some more resources on local development: https://www.ory.sh/docs/getting-started/local-development#local-development https://www.ory.sh/docs/getting-started/integrate-auth/expressjs

Thanks @wonderful-midnight-19586 and @proud-plumber-24205. From your replies, it sounds like Docker is the way to go for multi-developer and automated test setups. Otherwise, there will be conflicts working with identities and other data. within a single project.