diff --git a/.gitignore b/.gitignore index 6b3fce77..d43f726e 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,2 @@ -/.* !/.git* /VOLUMES diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 00000000..d6d1f153 --- /dev/null +++ b/.travis.yml @@ -0,0 +1,106 @@ +language: bash + +services: + - docker +env: + global: + - NAME="osixia/openldap" + - VERSION="${TRAVIS_BRANCH}-dev" + matrix: + - TARGET_ARCH=amd64 QEMU_ARCH=x86_64 + - TARGET_ARCH=arm32v7 QEMU_ARCH=arm + - TARGET_ARCH=arm64v8 QEMU_ARCH=aarch64 + +addons: + apt: + # The docker manifest command was added in docker-ee version 18.x + # So update our current installation and we also have to enable the experimental features. + sources: + - sourceline: "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" + key_url: "https://download.docker.com/linux/ubuntu/gpg" + packages: + - docker-ce + +before_install: + - docker --version + - mkdir $HOME/.docker + - 'echo "{" > $HOME/.docker/config.json' + - 'echo " \"experimental\": \"enabled\"" >> $HOME/.docker/config.json' + - 'echo "}" >> $HOME/.docker/config.json' + - sudo service docker restart + +install: + # For cross buidling our images + # This is necessary because travis-ci.org has only x86_64 machines. + # If travis-ci.org gets native arm builds, probably this step is not + # necessary any more. + - docker run --rm --privileged multiarch/qemu-user-static:register --reset + # Bats is necessary for the UT + - curl -o bats.tar.gz -SL https://github.com/bats-core/bats-core/archive/v1.1.0.tar.gz + - mkdir bats-core && tar -xf bats.tar.gz -C bats-core --strip-components=1 + - cd bats-core/ + - sudo ./install.sh /usr/local + - cd .. + +before_script: + # Set baseimage. + # remove pqchecker if arch is not amd64 + - sed -i -e "s/FROM \(.*\)/FROM \1-${TARGET_ARCH}/g" image/Dockerfile; + - if [[ "${TARGET_ARCH}" != 'amd64' ]]; then + sed -i -e "/PQCHECKER/Id" image/Dockerfile; + fi + - cat image/Dockerfile; + # If this is a tag then change the VERSION variable to only have the + # tag name and not also the commit hash. + - if [ -n "$TRAVIS_TAG" ]; then + VERSION=$(echo "${TRAVIS_TAG}" | sed -e 's/\(.*\)[-v]\(.*\)/\1\2/g'); + fi + +script: + - make build-nocache NAME=${NAME} VERSION=${VERSION}-${TARGET_ARCH} + # skip test "ldapsearch existing hdb database and config" if arch != amd64 + - if [[ "${TARGET_ARCH}" != 'amd64' ]]; then + sed -i '/@test "ldapsearch existing hdb database and config"/a skip' test/test.bats; + fi + # Run the test and if the test fails mark the build as failed. + - make test NAME=${NAME} VERSION=${VERSION}-${TARGET_ARCH} + +before_deploy: + - docker run -d --name test_image ${NAME}:${VERSION}-${TARGET_ARCH} sleep 10 + - sleep 5 + - sudo docker ps | grep -q test_image + # To have `DOCKER_USER` and `DOCKER_PASS` + # use `travis env set`. + - docker login -u "$DOCKER_USER" -p "$DOCKER_PASS"; + - make tag NAME=${NAME} VERSION=${VERSION}-${TARGET_ARCH} + +deploy: + provider: script + on: + all_branches: true + script: make push NAME=${NAME} VERSION=${VERSION}-${TARGET_ARCH} + +jobs: + include: + - stage: Manifest creation + install: skip + script: skip + after_deploy: + - docker login -u "$DOCKER_USER" -p "$DOCKER_PASS"; + - docker manifest create ${NAME}:${VERSION} ${NAME}:${VERSION}-amd64 ${NAME}:${VERSION}-arm32v7 ${NAME}:${VERSION}-arm64v8; + docker manifest annotate ${NAME}:${VERSION} ${NAME}:${VERSION}-amd64 --os linux --arch amd64; + docker manifest annotate ${NAME}:${VERSION} ${NAME}:${VERSION}-arm32v7 --os linux --arch arm --variant v7; + docker manifest annotate ${NAME}:${VERSION} ${NAME}:${VERSION}-arm64v8 --os linux --arch arm64 --variant v8; + + # The latest tag is coming from the stable branch of the repo + - if [ "${TRAVIS_BRANCH}" == 'stable' ]; then + docker manifest create ${NAME}:latest ${NAME}:${VERSION}-amd64 ${NAME}:${VERSION}-arm32v7 ${NAME}:${VERSION}-arm64v8; + docker manifest annotate ${NAME}:latest ${NAME}:${VERSION}-amd64 --os linux --arch amd64; + docker manifest annotate ${NAME}:latest ${NAME}:${VERSION}-arm32v7 --os linux --arch arm --variant v7; + docker manifest annotate ${NAME}:latest ${NAME}:${VERSION}-arm64v8 --os linux --arch arm64 --variant v8; + fi + + - docker manifest push ${NAME}:${VERSION}; + if [ "${TRAVIS_BRANCH}" == 'stable' ]; then + docker manifest push ${NAME}:latest; + fi diff --git a/CHANGELOG.md b/CHANGELOG.md index b9ea3139..902e26e0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,14 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html). +## [1.3.0] - 2019-09-29 +## Added + - Multiarch support + +## Changes + - Update openldap 2.4.47 to 2.4.48 #247 + - Upgrade baseimage to light-baseimage:1.2.0 (debian buster) + ## [1.2.5] - 2019-08-16 ## Added - Support for docker secrets #325. Thanks to @anagno ! diff --git a/Makefile b/Makefile index fd47c226..e1c79f77 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ NAME = osixia/openldap -VERSION = 1.2.5 +VERSION = 1.3.0 .PHONY: build build-nocache test tag-latest push push-latest release git-tag-version @@ -12,6 +12,9 @@ build-nocache: test: env NAME=$(NAME) VERSION=$(VERSION) bats test/test.bats +tag: + docker tag $(NAME):$(VERSION) $(NAME):$(VERSION) + tag-latest: docker tag $(NAME):$(VERSION) $(NAME):latest diff --git a/README.md b/README.md index 30f1c170..998aa792 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ ![Docker Stars](https://img.shields.io/docker/stars/osixia/openldap.svg) ![](https://images.microbadger.com/badges/image/osixia/openldap.svg) -Latest release: 1.2.5 - OpenLDAP 2.4.47 - [Changelog](CHANGELOG.md) | [Docker Hub](https://hub.docker.com/r/osixia/openldap/)  +Latest release: 1.3.0 - OpenLDAP 2.4.48 - [Changelog](CHANGELOG.md) | [Docker Hub](https://hub.docker.com/r/osixia/openldap/)  **A docker image to run OpenLDAP.** @@ -12,40 +12,40 @@ Latest release: 1.2.5 - OpenLDAP 2.4.47 - [Changelog](CHANGELOG.md) | [Docker H - [osixia/openldap](#osixiaopenldap) - - [Contributing](#Contributing) - - [Quick Start](#Quick-Start) - - [Beginner Guide](#Beginner-Guide) - - [Create new ldap server](#Create-new-ldap-server) - - [Data persistence](#Data-persistence) - - [Edit your server configuration](#Edit-your-server-configuration) - - [Seed ldap database with ldif](#Seed-ldap-database-with-ldif) - - [Use an existing ldap database](#Use-an-existing-ldap-database) - - [Backup](#Backup) - - [Administrate your ldap server](#Administrate-your-ldap-server) - - [TLS](#TLS) - - [Use auto-generated certificate](#Use-auto-generated-certificate) - - [Use your own certificate](#Use-your-own-certificate) - - [Disable TLS](#Disable-TLS) - - [Multi master replication](#Multi-master-replication) - - [Fix docker mounted file problems](#Fix-docker-mounted-file-problems) - - [Debug](#Debug) - - [Environment Variables](#Environment-Variables) - - [Default.yaml](#Defaultyaml) - - [Default.startup.yaml](#Defaultstartupyaml) - - [Set your own environment variables](#Set-your-own-environment-variables) - - [Use command line argument](#Use-command-line-argument) - - [Link environment file](#Link-environment-file) - - [Docker Secrets](#Docker-Secrets) - - [Make your own image or extend this image](#Make-your-own-image-or-extend-this-image) - - [Advanced User Guide](#Advanced-User-Guide) - - [Extend osixia/openldap:1.2.5 image](#Extend-osixiaopenldap125-dev-image) - - [Make your own openldap image](#Make-your-own-openldap-image) - - [Tests](#Tests) - - [Kubernetes](#Kubernetes) - - [Under the hood: osixia/light-baseimage](#Under-the-hood-osixialight-baseimage) - - [Security](#Security) - - [Known security issues](#Known-security-issues) - - [Changelog](#Changelog) + - [Contributing](#contributing) + - [Quick Start](#quick-start) + - [Beginner Guide](#beginner-guide) + - [Create new ldap server](#create-new-ldap-server) + - [Data persistence](#data-persistence) + - [Edit your server configuration](#edit-your-server-configuration) + - [Seed ldap database with ldif](#seed-ldap-database-with-ldif) + - [Use an existing ldap database](#use-an-existing-ldap-database) + - [Backup](#backup) + - [Administrate your ldap server](#administrate-your-ldap-server) + - [TLS](#tls) + - [Use auto-generated certificate](#use-auto-generated-certificate) + - [Use your own certificate](#use-your-own-certificate) + - [Disable TLS](#disable-tls) + - [Multi master replication](#multi-master-replication) + - [Fix docker mounted file problems](#fix-docker-mounted-file-problems) + - [Debug](#debug) + - [Environment Variables](#environment-variables) + - [Default.yaml](#defaultyaml) + - [Default.startup.yaml](#defaultstartupyaml) + - [Set your own environment variables](#set-your-own-environment-variables) + - [Use command line argument](#use-command-line-argument) + - [Link environment file](#link-environment-file) + - [Docker Secrets](#docker-secrets) + - [Make your own image or extend this image](#make-your-own-image-or-extend-this-image) + - [Advanced User Guide](#advanced-user-guide) + - [Extend osixia/openldap:1.3.0 image](#extend-osixiaopenldap130-image) + - [Make your own openldap image](#make-your-own-openldap-image) + - [Tests](#tests) + - [Kubernetes](#kubernetes) + - [Under the hood: osixia/light-baseimage](#under-the-hood-osixialight-baseimage) + - [Security](#security) + - [Known security issues](#known-security-issues) + - [Changelog](#changelog) ## Contributing @@ -58,11 +58,11 @@ If you find this image useful here's how you can help: ## Quick Start Run OpenLDAP docker image: - docker run --name my-openldap-container --detach osixia/openldap:1.2.5 + docker run --name my-openldap-container --detach osixia/openldap:1.3.0 Do not forget to add the port mapping for both port 389 and 636 if you wish to access the ldap server from another machine. - docker run -p 389:389 -p 636:636 --name my-openldap-container --detach osixia/openldap:1.2.5 + docker run -p 389:389 -p 636:636 --name my-openldap-container --detach osixia/openldap:1.3.0 Either command starts a new container with OpenLDAP running inside. Let's make the first search in our LDAP container: @@ -98,7 +98,7 @@ It will create an empty ldap for the company **Example Inc.** and the domain **e By default the admin has the password **admin**. All those default settings can be changed at the docker command line, for example: docker run --env LDAP_ORGANISATION="My Company" --env LDAP_DOMAIN="my-company.com" \ - --env LDAP_ADMIN_PASSWORD="JonSn0w" --detach osixia/openldap:1.2.5 + --env LDAP_ADMIN_PASSWORD="JonSn0w" --detach osixia/openldap:1.3.0 #### Data persistence @@ -149,12 +149,12 @@ argument to entrypoint if you don't want to overwrite them. # single file example: docker run \ --volume ./bootstrap.ldif:/container/service/slapd/assets/config/bootstrap/ldif/50-bootstrap.ldif \ - osixia/openldap:1.2.5 --copy-service + osixia/openldap:1.3.0 --copy-service #directory example: docker run \ --volume ./ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom \ - osixia/openldap:1.2.5 --copy-service + osixia/openldap:1.3.0 --copy-service ### Use an existing ldap database @@ -165,7 +165,7 @@ simply mount this directories as a volume to `/var/lib/ldap` and `/etc/ldap/slap docker run --volume /data/slapd/database:/var/lib/ldap \ --volume /data/slapd/config:/etc/ldap/slapd.d \ - --detach osixia/openldap:1.2.5 + --detach osixia/openldap:1.3.0 You can also use data volume containers. Please refer to: > [https://docs.docker.com/engine/tutorials/dockervolumes/](https://docs.docker.com/engine/tutorials/dockervolumes/) @@ -185,7 +185,7 @@ If you are looking for a simple solution to administrate your ldap server you ca #### Use auto-generated certificate By default, TLS is already configured and enabled, certificate is created using container hostname (it can be set by docker run --hostname option eg: ldap.example.org). - docker run --hostname ldap.my-company.com --detach osixia/openldap:1.2.5 + docker run --hostname ldap.my-company.com --detach osixia/openldap:1.3.0 #### Use your own certificate @@ -195,24 +195,24 @@ You can set your custom certificate at run time, by mounting a directory contain --env LDAP_TLS_CRT_FILENAME=my-ldap.crt \ --env LDAP_TLS_KEY_FILENAME=my-ldap.key \ --env LDAP_TLS_CA_CRT_FILENAME=the-ca.crt \ - --detach osixia/openldap:1.2.5 + --detach osixia/openldap:1.3.0 Other solutions are available please refer to the [Advanced User Guide](#advanced-user-guide) #### Disable TLS Add --env LDAP_TLS=false to the run command: - docker run --env LDAP_TLS=false --detach osixia/openldap:1.2.5 + docker run --env LDAP_TLS=false --detach osixia/openldap:1.3.0 ### Multi master replication Quick example, with the default config. #Create the first ldap server, save the container id in LDAP_CID and get its IP: - LDAP_CID=$(docker run --hostname ldap.example.org --env LDAP_REPLICATION=true --detach osixia/openldap:1.2.5) + LDAP_CID=$(docker run --hostname ldap.example.org --env LDAP_REPLICATION=true --detach osixia/openldap:1.3.0) LDAP_IP=$(docker inspect -f "{{ .NetworkSettings.IPAddress }}" $LDAP_CID) #Create the second ldap server, save the container id in LDAP2_CID and get its IP: - LDAP2_CID=$(docker run --hostname ldap2.example.org --env LDAP_REPLICATION=true --detach osixia/openldap:1.2.5) + LDAP2_CID=$(docker run --hostname ldap2.example.org --env LDAP_REPLICATION=true --detach osixia/openldap:1.3.0) LDAP2_IP=$(docker inspect -f "{{ .NetworkSettings.IPAddress }}" $LDAP2_CID) #Add the pair "ip hostname" to /etc/hosts on each containers, @@ -248,7 +248,7 @@ You may have some problems with mounted files on some systems. The startup scrip To fix that run the container with `--copy-service` argument : - docker run [your options] osixia/openldap:1.2.5 --copy-service + docker run [your options] osixia/openldap:1.3.0 --copy-service ### Debug @@ -257,11 +257,11 @@ Available levels are: `none`, `error`, `warning`, `info`, `debug` and `trace`. Example command to run the container in `debug` mode: - docker run --detach osixia/openldap:1.2.5 --loglevel debug + docker run --detach osixia/openldap:1.3.0 --loglevel debug See all command line options: - docker run osixia/openldap:1.2.5 --help + docker run osixia/openldap:1.3.0 --help ## Environment Variables @@ -327,7 +327,7 @@ Replication options: If you want to set this variable at docker run command add the tag `#PYTHON2BASH:` and convert the yaml in python: - docker run --env LDAP_REPLICATION_HOSTS="#PYTHON2BASH:['ldap://ldap.example.org','ldap://ldap2.example.org']" --detach osixia/openldap:1.2.5 + docker run --env LDAP_REPLICATION_HOSTS="#PYTHON2BASH:['ldap://ldap.example.org','ldap://ldap2.example.org']" --detach osixia/openldap:1.3.0 To convert yaml to python online: http://yaml-online-parser.appspot.com/ @@ -348,7 +348,7 @@ Other environment variables: Environment variables can be set by adding the --env argument in the command line, for example: docker run --env LDAP_ORGANISATION="My company" --env LDAP_DOMAIN="my-company.com" \ - --env LDAP_ADMIN_PASSWORD="JonSn0w" --detach osixia/openldap:1.2.5 + --env LDAP_ADMIN_PASSWORD="JonSn0w" --detach osixia/openldap:1.3.0 Be aware that environment variable added in command line will be available at any time in the container. In this example if someone manage to open a terminal in this container @@ -359,14 +359,14 @@ he will be able to read the admin password in clear text from environment variab For example if your environment files **my-env.yaml** and **my-env.startup.yaml** are in /data/ldap/environment docker run --volume /data/ldap/environment:/container/environment/01-custom \ - --detach osixia/openldap:1.2.5 + --detach osixia/openldap:1.3.0 Take care to link your environment files folder to `/container/environment/XX-somedir` (with XX < 99 so they will be processed before default environment files) and not directly to `/container/environment` because this directory contains predefined baseimage environment files to fix container environment (INITRD, LANG, LANGUAGE and LC_CTYPE). Note: the container will try to delete the **\*.startup.yaml** file after the end of startup files so the file will also be deleted on the docker host. To prevent that : use --volume /data/ldap/environment:/container/environment/01-custom**:ro** or set all variables in **\*.yaml** file and don't use **\*.startup.yaml**: docker run --volume /data/ldap/environment/my-env.yaml:/container/environment/01-custom/env.yaml \ - --detach osixia/openldap:1.2.5 + --detach osixia/openldap:1.3.0 #### Docker Secrets @@ -385,13 +385,13 @@ This is the best solution if you have a private registry. Please refer to the [A ## Advanced User Guide -### Extend osixia/openldap:1.2.5 image +### Extend osixia/openldap:1.3.0 image If you need to add your custom TLS certificate, bootstrap config or environment files the easiest way is to extends this image. Dockerfile example: - FROM osixia/openldap:1.2.5 + FROM osixia/openldap:1.3.0 MAINTAINER Your Name ADD bootstrap /container/service/slapd/assets/config/bootstrap diff --git a/example/docker-compose.yml b/example/docker-compose.yml index 03a06250..f580b379 100644 --- a/example/docker-compose.yml +++ b/example/docker-compose.yml @@ -1,7 +1,7 @@ version: '2' services: openldap: - image: osixia/openldap:1.2.5 + image: osixia/openldap:1.3.0 container_name: openldap environment: LDAP_LOG_LEVEL: "256" diff --git a/example/extend-osixia-openldap/Dockerfile b/example/extend-osixia-openldap/Dockerfile index b67d7f1c..19bce2c2 100644 --- a/example/extend-osixia-openldap/Dockerfile +++ b/example/extend-osixia-openldap/Dockerfile @@ -1,4 +1,4 @@ -FROM osixia/openldap:1.2.5 +FROM osixia/openldap:1.3.0 MAINTAINER Your Name ADD bootstrap /container/service/slapd/assets/config/bootstrap diff --git a/example/kubernetes/simple/ldap-deployment.yaml b/example/kubernetes/simple/ldap-deployment.yaml index 722a1021..9f33dfef 100644 --- a/example/kubernetes/simple/ldap-deployment.yaml +++ b/example/kubernetes/simple/ldap-deployment.yaml @@ -13,7 +13,7 @@ spec: spec: containers: - name: ldap - image: osixia/openldap:1.2.5 + image: osixia/openldap:1.3.0 volumeMounts: - name: ldap-data mountPath: /var/lib/ldap diff --git a/example/kubernetes/using-secrets/gce-statefullset.yaml b/example/kubernetes/using-secrets/gce-statefullset.yaml index 051edbea..e280b139 100644 --- a/example/kubernetes/using-secrets/gce-statefullset.yaml +++ b/example/kubernetes/using-secrets/gce-statefullset.yaml @@ -12,7 +12,7 @@ spec: spec: containers: - name: azaldap - image: osixia/openldap:1.2.5 + image: osixia/openldap:1.3.0 imagePullPolicy: IfNotPresent #command: ["/bin/bash","-c","while [ 1 = 1 ] ; do sleep 1; date; done"] ports: diff --git a/example/kubernetes/using-secrets/ldap-deployment.yaml b/example/kubernetes/using-secrets/ldap-deployment.yaml index a43762eb..9d96c26b 100644 --- a/example/kubernetes/using-secrets/ldap-deployment.yaml +++ b/example/kubernetes/using-secrets/ldap-deployment.yaml @@ -13,7 +13,7 @@ spec: spec: containers: - name: ldap - image: osixia/openldap:1.2.5 + image: osixia/openldap:1.3.0 args: ["--copy-service"] volumeMounts: - name: ldap-data diff --git a/image/Dockerfile b/image/Dockerfile index f51e43f9..927fc9f6 100644 --- a/image/Dockerfile +++ b/image/Dockerfile @@ -1,6 +1,6 @@ # Use osixia/light-baseimage # sources: https://github.com/osixia/docker-light-baseimage -FROM osixia/light-baseimage:1.1.2 +FROM osixia/light-baseimage:release-1.2.0-dev ARG LDAP_OPENLDAP_GID ARG LDAP_OPENLDAP_UID @@ -13,15 +13,15 @@ ARG PQCHECKER_MD5=c005ce596e97d13e39485e711dcbc7e1 RUN if [ -z "${LDAP_OPENLDAP_GID}" ]; then groupadd -r openldap; else groupadd -r -g ${LDAP_OPENLDAP_GID} openldap; fi \ && if [ -z "${LDAP_OPENLDAP_UID}" ]; then useradd -r -g openldap openldap; else useradd -r -g openldap -u ${LDAP_OPENLDAP_UID} openldap; fi -# Add stretch-backports in preparation for downloading newer openldap components, especially sladp -RUN echo "deb http://ftp.debian.org/debian stretch-backports main" >> /etc/apt/sources.list +# Add buster-backports in preparation for downloading newer openldap components, especially sladp +RUN echo "deb http://ftp.debian.org/debian buster-backports main" >> /etc/apt/sources.list # Install OpenLDAP, ldap-utils and ssl-tools from the (backported) baseimage and clean apt-get files # sources: https://github.com/osixia/docker-light-baseimage/blob/stable/image/tool/add-service-available #  https://github.com/osixia/docker-light-baseimage/blob/stable/image/service-available/:ssl-tools/download.sh RUN echo "path-include /usr/share/doc/krb5*" >> /etc/dpkg/dpkg.cfg.d/docker && apt-get -y update \ && /container/tool/add-service-available :ssl-tools \ - && LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get -t stretch-backports install -y --no-install-recommends \ + && LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get -t buster-backports install -y --no-install-recommends \ ca-certificates \ curl \ ldap-utils \ diff --git a/test/test.bats b/test/test.bats index 984cbfb5..0c23e147 100644 --- a/test/test.bats +++ b/test/test.bats @@ -12,6 +12,9 @@ load test_helper run_image -h ldap.example.org -e LDAP_TLS=false wait_process slapd + + sleep 5 + run docker exec $CONTAINER_ID ldapsearch -x -h ldap.example.org -b dc=example,dc=org -D "cn=admin,dc=example,dc=org" -w admin clear_container @@ -23,7 +26,7 @@ load test_helper run_image -h ldap.example.org -e LDAP_TLS=false -e LDAP_DOMAIN=example.com -e LDAP_BASE_DN="dc=example,dc=org" - sleep 2 + sleep 5 CSTATUS=$(check_container) clear_container @@ -36,7 +39,7 @@ load test_helper run_image -h ldap.example.fr -e LDAP_TLS=false -e LDAP_DOMAIN=example.fr -e LDAP_BASE_DN="ou=myou,o=example,c=fr" - sleep 2 + sleep 5 CSTATUS=$(check_container) clear_container @@ -49,7 +52,7 @@ load test_helper run_image -h ldap.example.com -e LDAP_TLS=false -e LDAP_DOMAIN=example.com -e LDAP_BASE_DN="ou=myou,o=example,dc=com,c=fr" - sleep 2 + sleep 5 CSTATUS=$(check_container) clear_container @@ -63,6 +66,9 @@ load test_helper rm -rf VOLUMES && mkdir -p VOLUMES/config VOLUMES/database LDAP_CID=$(docker run -h ldap.example.org -e LDAP_TLS=false --volume $PWD/VOLUMES/database:/var/lib/ldap --volume $PWD/VOLUMES/config:/etc/ldap/slapd.d -d $NAME:$VERSION) wait_process_by_cid $LDAP_CID slapd + + sleep 5 + run docker exec $LDAP_CID ldapsearch -x -h ldap.example.org -b dc=example,dc=org -D "cn=admin,dc=example,dc=org" -w admin docker kill $LDAP_CID clear_containers_by_cid $LDAP_CID @@ -71,6 +77,9 @@ load test_helper LDAP_CID=$(docker run -h ldap.example.org -e LDAP_TLS=false --volume $PWD/VOLUMES/database:/var/lib/ldap --volume $PWD/VOLUMES/config:/etc/ldap/slapd.d -d $NAME:$VERSION) wait_process_by_cid $LDAP_CID slapd + + sleep 5 + run docker exec $LDAP_CID ldapsearch -x -h ldap.example.org -b dc=example,dc=org -D "cn=admin,dc=example,dc=org" -w admin run docker exec $LDAP_CID chown -R $UID:$UID /var/lib/ldap /etc/ldap/slapd.d docker kill $LDAP_CID @@ -83,13 +92,16 @@ load test_helper @test "ldapsearch database with password provided from file" { - rm $PWD/password.txt && touch $PWD/password.txt - echo "strongPassword" >> $PWD/password.txt + echo "strongPassword" > $PWD/password.txt run_image -h ldap.osixia.net -e LDAP_ADMIN_PASSWORD_FILE=/run/secrets/admin_pw.txt --volume $PWD/password.txt:/run/secrets/admin_pw.txt wait_process slapd + + sleep 5 + run docker exec $CONTAINER_ID ldapsearch -x -h ldap.osixia.net -b dc=example,dc=org -ZZ -D "cn=admin,dc=example,dc=org" -w strongPassword clear_container + rm $PWD/password.txt [ "$status" -eq 0 ] @@ -100,6 +112,9 @@ load test_helper run_image -h ldap.example.org wait_process slapd + + sleep 5 + run docker exec $CONTAINER_ID ldapsearch -x -h ldap.example.org -b dc=example,dc=org -ZZ -D "cn=admin,dc=example,dc=org" -w admin clear_container @@ -111,6 +126,9 @@ load test_helper run_image -h ldap.osixia.net -v $BATS_TEST_DIRNAME/ssl:/container/service/slapd/assets/certs -e LDAP_TLS_CRT_FILENAME=ldap-test.crt -e LDAP_TLS_KEY_FILENAME=ldap-test.key -e LDAP_TLS_CA_CRT_FILENAME=ca-test.crt wait_process slapd + + sleep 5 + run docker exec $CONTAINER_ID ldapsearch -x -h ldap.osixia.net -b dc=example,dc=org -ZZ -D "cn=admin,dc=example,dc=org" -w admin clear_container @@ -122,6 +140,9 @@ load test_helper run_image -h ldap.osixia.net -v $BATS_TEST_DIRNAME/ssl:/container/service/slapd/assets/certs -e LDAP_TLS_CRT_FILENAME=ldap-test.crt -e LDAP_TLS_KEY_FILENAME=ldap-test.key -e LDAP_TLS_DH_PARAM_FILENAME=ldap-test.dhparam -e LDAP_TLS_CA_CRT_FILENAME=ca-test.crt wait_process slapd + + sleep 5 + run docker exec $CONTAINER_ID ldapsearch -x -h ldap.osixia.net -b dc=example,dc=org -ZZ -D "cn=admin,dc=example,dc=org" -w admin clear_container @@ -133,6 +154,9 @@ load test_helper run_image -h ldap.example.org -e LDAP_TLS=false -e LDAP_BACKEND=hdb -v $BATS_TEST_DIRNAME/database:/container/test/database -v $BATS_TEST_DIRNAME/config:/container/test/config wait_process slapd + + sleep 5 + run docker exec $CONTAINER_ID ldapsearch -x -h ldap.example.org -b dc=osixia,dc=net -D "cn=admin,dc=osixia,dc=net" -w admin clear_container @@ -149,7 +173,7 @@ load test_helper LDAP_REPL_CID=$(docker run -h ldap2.example.org -e LDAP_REPLICATION=true -d $NAME:$VERSION) LDAP_REPL_IP=$(get_container_ip_by_cid $LDAP_REPL_CID) - sleep 2 + sleep 5 # ldap server run_image -h ldap.example.org -e LDAP_REPLICATION=true @@ -162,7 +186,7 @@ load test_helper wait_process slapd wait_process_by_cid $LDAP_REPL_CID slapd - sleep 2 + sleep 5 # add user on ldap2.example.org docker exec $LDAP_REPL_CID ldapadd -x -D "cn=admin,dc=example,dc=org" -w admin -f /container/service/slapd/assets/test/new-user.ldif -h ldap2.example.org -ZZ diff --git a/test/test_helper.bash b/test/test_helper.bash index ebc317e2..726833e4 100755 --- a/test/test_helper.bash +++ b/test/test_helper.bash @@ -22,7 +22,7 @@ stop_container() { } remove_container() { - remove_containers_by_cid $CONTAINER_ID + remove_containers_by_cid $CONTAINER_ID } clear_container() {