Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a docker service using openldap/slapd #3228

Merged
merged 5 commits into from
Jan 16, 2025
Merged

Add a docker service using openldap/slapd #3228

merged 5 commits into from
Jan 16, 2025

Conversation

fhanik
Copy link
Contributor

@fhanik fhanik commented Jan 9, 2025
edited
Loading

Continuation of Test Confidence Journey

Reason for this PR: Turns out that once LDAP(openldap) started failing, some tests where rewritten and then those tests removed features that were tested. LDAP encryption with StartTLS was disabled. This PR provides the following

  1. A docker container with OpenLDAP enabled for TLS (port 636) and StartTLS (port 389)
  2. Scripts to generate SSL certificates, including a Certificate Authority
  3. Improve the integrationTest RateLimit settings (failing on faster machines)
  4. Allow the javax.net.debug flag to be set for integrationTest

I would like to remove the @EnabledIfProfile on so that integration tests always require LDAP and startTLS to be tested. This requires a modification to the Github test runners

@fhanik fhanik marked this pull request as draft January 9, 2025 02:24
@fhanik fhanik force-pushed the pr/ldap-as-part-of-docker branch 3 times, most recently from 8201998 to 2405c1b Compare January 9, 2025 14:50
@fhanik fhanik marked this pull request as ready for review January 9, 2025 18:28
@fhanik fhanik marked this pull request as draft January 10, 2025 17:35
@fhanik fhanik force-pushed the pr/ldap-as-part-of-docker branch from 2405c1b to 31533d7 Compare January 10, 2025 21:23
@fhanik fhanik marked this pull request as ready for review January 12, 2025 22:25
@fhanik fhanik force-pushed the pr/ldap-as-part-of-docker branch 3 times, most recently from 45cf16c to 4224087 Compare January 12, 2025 23:15
@fhanik
Copy link
Contributor Author

fhanik commented Jan 15, 2025

@strehle I would like your approval here. Adding LDAP as a docker container so that developers can easily create and tear down LDAP schemas.

strehle
strehle reviewed Jan 15, 2025
View reviewed changes
Copy link
Member

@strehle strehle left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok except the changes in uaa.yml
please check if you have another option for it

build.gradle Show resolved Hide resolved
scripts/cargo/uaa.yml Outdated Show resolved Hide resolved
fhanik added 5 commits January 16, 2025 09:11
@fhanik
Add LdapLoginIT tests
fb84baa
@fhanik
Helper scripts for certificates
f8d397f 
Currently used by the openldap service in docker compose
@fhanik
Add openldap/slapd as a docker service
762bb35 
This service gets populated with the same data set as the in memory
albeit, the InMemoryLDAPServer and slapd use two separate file for data
now

InMemoryLdapServer uses ./uaa/src/test/resources/ldap_init.ldif (same as before)
docker-compose uses ./scripts/ldap/ldap_slapd_data.ldif (new, copy of ldap_init.ldif for now)
docker-compose uses ./scripts/ldap/ldap_slapd_schema.ldif (new, copy of ldap_db_init.ldif for now))

The old scripts still use ./uaa/src/test/resources/ldap_db_init.ldif but
will be removed in future PR
@fhanik
Allow developers to use the javax.net.debug environment property
ac46786
@fhanik
Clean up LDAP scripts
860ed17
@fhanik fhanik force-pushed the pr/ldap-as-part-of-docker branch from 4224087 to 860ed17 Compare January 16, 2025 17:14
strehle
strehle approved these changes Jan 16, 2025
View reviewed changes
Copy link
Member

@strehle strehle left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks

@strehle
Copy link
Member

strehle commented Jan 16, 2025

@coolgang123 @fhanik you can merge

@coolgang123 coolgang123 merged commit 4977728 into cloudfoundry:develop Jan 16, 2025
22 checks passed
@fhanik fhanik deleted the pr/ldap-as-part-of-docker branch January 16, 2025 19:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@coolgang123 coolgang123 coolgang123 approved these changes

@strehle strehle strehle approved these changes

Assignees
No one assigned
Labels
None yet
Projects
Foundational Infrastructure Working Group
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@fhanik @strehle @coolgang123