[zend-ldap] unify ldap initialization script

zf1s · Jan 10, 2023 · 122ec21 · 122ec21
1 parent def4168
commit 122ec21
Show file tree

Hide file tree

Showing 8 changed files with 60 additions and 18 deletions.
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -139,14 +139,7 @@ jobs:
           sudo apt-get install -y libnss-ldap libpam-ldap ldap-utils
 
       - name: Import LDAP Configuration
-        run: |
-          echo -e "Applying ACL mod for zf1..."
-          ldapmodify -v -x -D "cn=${LDAP_CONFIG_ADMIN_USERNAME},cn=config" -w "${LDAP_CONFIG_ADMIN_PASSWORD}" -H ldap://127.0.0.1:${LDAP_PORT_NUMBER} -f tests/resources/openldap/ldif-extras/acl-mod.ldif
-          ldapadd -v -x -D "cn=${LDAP_ADMIN_USERNAME},${LDAP_ROOT}" -w "${LDAP_ADMIN_PASSWORD}" -H ldap://127.0.0.1:${LDAP_PORT_NUMBER} -f tests/resources/openldap/ldif-extras/example.com.ldif
-          echo -e "Loading LDIFs fixtures..."
-          for file in tests/resources/openldap/ldif-fixtures/*.ldif; do \
-            ldapadd -v -x -D "cn=${LDAP_ADMIN_USERNAME},${LDAP_ROOT}" -w "${LDAP_ADMIN_PASSWORD}" -H ldap://127.0.0.1:${LDAP_PORT_NUMBER} -f $file; \
-          done
+        run: tests/resources/openldap/docker-entrypoint-initdb.d/init.sh
 
       - name: "Run PHPUnit Tests (Experimental: ${{ matrix.experimental }})"
         run: vendor/bin/phpunit --verbose

diff --git a/tests/resources/openldap/docker-compose.yml b/tests/resources/openldap/docker-compose.yml
@@ -12,18 +12,13 @@ services:
       LDAP_PORT_NUMBER: 1389
       LDAP_ADMIN_USERNAME: "admin"
       LDAP_ADMIN_PASSWORD: "insecure"
+      LDAP_CONFIG_ADMIN_ENABLED: "yes"
+      LDAP_CONFIG_ADMIN_USERNAME: "admin"
+      LDAP_CONFIG_ADMIN_PASSWORD: "configpassword"
       LDAP_ALLOW_ANON_BINDING: "yes"
-      LDAP_LOGLEVEL: 32
+      LDAP_LOGLEVEL: 0
       BITNAMI_DEBUG: "true"
       LDAP_SKIP_DEFAULT_TREE: "yes"
-      LDAP_CONFIG_ADMIN_ENABLED: "yes"
     volumes:
       - './openldap:/bitnami/openldap'
-      - './ldif-extras:/ldif-extras'
-      - './ldif-extras/acl-mod.ldif:/ldifs/acl-mod.ldif'
-      - './ldif-extras/example.com.ldif:/ldifs/example.com.ldif'
-      - './ldif-fixtures/manager.example.com.ldif:/ldifs/manager.example.com.ldif'
-      - './ldif-fixtures/test.example.com.ldif:/ldifs/test.example.com.ldif'
-      - './ldif-fixtures/user1.example.com.ldif:/ldifs/user1.example.com.ldif'
-      #- './ldif-extras:/custom/ldif-extras'
-      #- './ldif-fixtures:/custom/ldif-fixtures'
+      - './docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d'
diff --git a/tests/resources/openldap/docker-entrypoint-initdb.d/init.sh b/tests/resources/openldap/docker-entrypoint-initdb.d/init.sh
@@ -0,0 +1,54 @@
+#!/usr/bin/env bash
+
+set -ex
+
+function is_bitnami {
+  [ -d /opt/bitnami/scripts/ ]
+}
+
+# if script is running in the bitnami image as a part of /docker-entrypoint-initdb.d
+# we have to launch a ldap server manually
+# the server is being stopped here: https://github.com/bitnami/containers/blob/fccaa4c4a4d7755c19c2e02ddef7ac3736dfcbb9/bitnami/openldap/2.6/debian-11/rootfs/opt/bitnami/scripts/libopenldap.sh#L527
+# custom initdb.d scripts are being executed after the server is stopped
+# https://github.com/bitnami/containers/blob/fccaa4c4a4d7755c19c2e02ddef7ac3736dfcbb9/bitnami/openldap/2.5/debian-11/rootfs/opt/bitnami/scripts/openldap/setup.sh#L25
+
+if is_bitnami; then
+  . /opt/bitnami/scripts/libos.sh
+  . /opt/bitnami/scripts/libopenldap.sh
+  ldap_start_bg
+  while is_ldap_not_running; do sleep 1; done
+fi
+
+CURRENT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
+LDIFS="${CURRENT_DIR}/ldifs"
+
+echo "Applying ACL mod for zf1..."
+
+ldapmodify -v -x \
+  -D "cn=${LDAP_CONFIG_ADMIN_USERNAME},cn=config" \
+  -w "${LDAP_CONFIG_ADMIN_PASSWORD}" \
+  -H "ldap://127.0.0.1:${LDAP_PORT_NUMBER}" \
+  -f "${LDIFS}/acl-mod.ldif"
+
+
+echo "Loading LDIFs fixtures..."
+
+ldapadd -v -x \
+  -D "cn=${LDAP_ADMIN_USERNAME},${LDAP_ROOT}" \
+  -w "${LDAP_ADMIN_PASSWORD}" \
+  -H "ldap://127.0.0.1:${LDAP_PORT_NUMBER}" \
+  -f ${LDIFS}/example.com.ldif
+
+files=("manager.example.com.ldif" "test.example.com.ldif" "user1.example.com.ldif")
+
+for file in "${files[@]}"; do \
+  ldapadd -v -x \
+    -D "cn=${LDAP_ADMIN_USERNAME},${LDAP_ROOT}" \
+    -w "${LDAP_ADMIN_PASSWORD}" \
+    -H "ldap://127.0.0.1:${LDAP_PORT_NUMBER}" \
+    -f "${LDIFS}/${file}"
+done
+
+if is_bitnami; then
+  ldap_stop
+fi
diff --git a/...sources/openldap/ldif-extras/acl-mod.ldif → ...er-entrypoint-initdb.d/ldifs/acl-mod.ldif b/...sources/openldap/ldif-extras/acl-mod.ldif → ...er-entrypoint-initdb.d/ldifs/acl-mod.ldif
diff --git a/...ces/openldap/ldif-extras/example.com.ldif → ...ntrypoint-initdb.d/ldifs/example.com.ldif b/...ces/openldap/ldif-extras/example.com.ldif → ...ntrypoint-initdb.d/ldifs/example.com.ldif
diff --git a/...ap/ldif-fixtures/manager.example.com.ldif → ...t-initdb.d/ldifs/manager.example.com.ldif b/...ap/ldif-fixtures/manager.example.com.ldif → ...t-initdb.d/ldifs/manager.example.com.ldif
diff --git a/...nldap/ldif-fixtures/test.example.com.ldif → ...oint-initdb.d/ldifs/test.example.com.ldif b/...nldap/ldif-fixtures/test.example.com.ldif → ...oint-initdb.d/ldifs/test.example.com.ldif
diff --git a/...ldap/ldif-fixtures/user1.example.com.ldif → ...int-initdb.d/ldifs/user1.example.com.ldif b/...ldap/ldif-fixtures/user1.example.com.ldif → ...int-initdb.d/ldifs/user1.example.com.ldif