Skip to content

Commit

Permalink
allow read only to load custom schema during startup
Browse files Browse the repository at this point in the history
  • Loading branch information
jp-gouin committed Oct 3, 2024
1 parent cff4c66 commit ae47cb4
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 27 deletions.
27 changes: 4 additions & 23 deletions templates/_helpers.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -108,14 +108,13 @@ Generate olcSyncRepl list
bindmethod=simple
credentials={{ $adminPassword }}
searchbase={{ $domain }}
type=refreshOnly
type=refreshAndPersist
interval={{ $interval }}
network-timeout=0
retry="{{ $retry }} +"
timeout={{ $timeout }}
starttls={{ $starttls }}
tls_reqcert={{ $tls_reqcert }}
exattrs=olcMirrorMode,olcMultiProvider
{{- end -}}
{{- end -}}

Expand Down Expand Up @@ -179,7 +178,7 @@ Cannot return list => return string comma separated
{{- $mode := index . "mode" -}}
{{- if $context.Values.replication.enabled -}}
{{- if $mode -}}
{{- $schemas = "brep,readonly,acls" -}}
{{- $schemas = "brep,readonly" -}}
{{- else -}}
{{- $schemas = "syncprov,serverid,csyncprov,rep,bsyncprov,brep,acls" -}}
{{- end -}}
Expand All @@ -188,15 +187,7 @@ Cannot return list => return string comma separated
{{- end -}}
{{- print $schemas -}}
{{- end -}}
{{- define "openldap.builtinSchemaFilesReadOnly" -}}
{{- $schemas := "" -}}
{{- if .Values.replication.enabled -}}
{{- $schemas = "serverid,readonlybrep,readonlyrep,readonlyremovemirror" -}}
{{- else -}}
{{- $schemas = "" -}}
{{- end -}}
{{- print $schemas -}}
{{- end -}}

{{/*
Return the list of custom schema files to use
Cannot return list => return string comma separated
Expand All @@ -223,16 +214,6 @@ Cannot return list => return string comma separated
{{- print $schemas -}}
{{- end -}}

{{- define "openldap.schemaFilesReadOnly" -}}
{{- $schemas := (include "openldap.builtinSchemaFilesReadOnly" .) -}}
{{- $custom_schemas := (include "openldap.customSchemaFiles" .) -}}
{{- if gt (len $custom_schemas) 0 -}}
{{- $schemas = print $schemas "," $custom_schemas -}}
{{- end -}}
{{- print $schemas -}}
{{- end -}}


{{/*
Return the proper base domain
*/}}
Expand Down Expand Up @@ -282,4 +263,4 @@ Return the ldap port
*/}}
{{- define "global.ldapPort" -}}
{{- printf "%d" .Values.global.ldapPort -}}
{{- end -}}
{{- end -}}
9 changes: 5 additions & 4 deletions templates/statefulset-readonly.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,10 @@ spec:
- sh
- -c
- |
cp -p -f /cm-schemas-acls/brep.ldif /custom_config/
cp -p -f /cm-schemas-acls/*.ldif /custom_config/
if [ -d /cm-schemas ]; then
cp -p -f /cm-schemas/*.ldif /custom-schemas/
fi
echo "let the replication takes care of everything :)"
{{- if .Values.global.existingSecret }}
sed -i -e "s/%%CONFIG_PASSWORD%%/${LDAP_CONFIG_ADMIN_PASSWORD}/g" /custom_config/*
Expand Down Expand Up @@ -175,9 +178,7 @@ spec:
fieldPath: metadata.name
{{- if .Values.extraEnvVars }}
{{- include "common.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
- name: LDAP_EXTRA_SCHEMAS
value: {{ print "cosine,inetorgperson,nis," (include "openldap.schemaFilesReadOnly" .)}}
{{- end }}
envFrom:
{{- if .Values.extraEnvVarsCM }}
- configMapRef:
Expand Down

0 comments on commit ae47cb4

Please sign in to comment.