Skip to content

Commit

Permalink
Add test where ldap port is disable
Browse files Browse the repository at this point in the history
Signed-off-by: Guillaume Perrin <[email protected]>
  • Loading branch information
guillomep committed Apr 19, 2024
1 parent ffc30c3 commit 4fe8524
Show file tree
Hide file tree
Showing 3 changed files with 55 additions and 0 deletions.
25 changes: 25 additions & 0 deletions .bin/disableLdapPort.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
logLevel: debug
resources:
limits:
cpu: "128m"
memory: "64Mi"
replicaCount: 3
customLdifFiles:
00-root.ldif: |-
# Root creation
dn: dc=example,dc=org
objectClass: dcObject
objectClass: organization
o: Example, Inc
service:
enableLdapPort: false
sslLdapPortNodePort: 30636
type: NodePort
initTLSSecret:
tls_enabled: true
image:
registry: docker.io
repository: alpine/openssl
tag: latest
pullPolicy: IfNotPresent
secret: "custom-cert"
12 changes: 12 additions & 0 deletions .bin/simpleUser.ldif
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
dn: cn=Jean Dupond,dc=example,dc=org
cn: Jean Dupond
gidnumber: 500
givenname: Jean
homedirectory: /home/users/jdupond
objectclass: inetOrgPerson
objectclass: posixAccount
objectclass: top
sn: Dupond
uid: jdupond
uidnumber: 1000
userpassword: {MD5}KOULhzfBhPTq9k7a9XfCGw==
18 changes: 18 additions & 0 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,24 @@ jobs:
LDAPTLS_REQCERT=never ldapsearch -x -D 'cn=admin,dc=singlenode,dc=org' -w Not@SecurePassw0rd -H ldaps://localhost:30636 -b 'dc=singlenode,dc=org' > /tmp/test-single-node.txt
cat /tmp/test-single-node.txt
if [ $(grep "numResponses" /tmp/test-single-node.txt | cut -d ":" -f 2 | tr -d ' ') -ne 6 ]; then exit 1 ; fi
- name: deploy openldap-stack-ha-disable-ldap-port
shell: bash
run: |
helm delete openldap-stack-ha
cd "$GITHUB_WORKSPACE"
kubectl -n no-ldap-port create secret generic custom-cert --from-file=./tls.crt --from-file=./tls.key --from-file=./ca.crt
helm install openldap-stack-ha -n no-ldap-port --create-namespace -f .bin/disbaleLdpaPort.yaml .
kubectl rollout status sts openldap-stack-ha -n no-ldap-port
- name: verify no ldap port deployment
shell: bash
run: |
echo "test access to openldap database"
sudo apt-get install -y ldap-utils
echo "Write test to openldap database"
LDAPTLS_REQCERT=never ldapadd -x -D 'cn=admin,dc=example,dc=org' -w Not@SecurePassw0rd -H ldaps://localhost:30636 -f .bin/simpleUser.ldif
LDAPTLS_REQCERT=never ldapsearch -o nettimeout=20 -x -D 'cn=admin,dc=example,dc=org' -w Not@SecurePassw0rd -H ldaps://localhost:30636 -b 'dc=example,dc=org' > /tmp/test-write.txt
cat /tmp/test-write.txt
if [ $(grep "numResponses" /tmp/test-write.txt | cut -d ":" -f 2 | tr -d ' ') -ne 3 ]; then exit 1 ; fi

0 comments on commit 4fe8524

Please sign in to comment.