Add LDAP sync config to golden test

appuio · Sep 20, 2021 · 4286db9 · 4286db9
1 parent 97074b4
commit 4286db9
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 12 deletions.
diff --git a/tests/defaults.yml b/tests/defaults.yml
@@ -30,7 +30,26 @@ parameters:
           ca: |-
             -----BEGIN CERTIFICATE-----
             -----END CERTIFICATE-----
-          sync: {}
+          sync:
+            rfc2307:
+              groupsQuery:
+                baseDN: ou=Groups,dc=company,dc=tld
+                scope: sub
+                derefAliases: never
+                filter: "(&(objectclass=groupOfUniqueNames)(|(cn=cluster-admins)))"
+                pageSize: 0
+              groupUIDAttribute: dn
+              groupNameAttributes: [cn]
+              groupMembershipAttributes: [uniqueMember]
+              usersQuery:
+                baseDN: dc=company,dc=tld
+                scope: sub
+                derefAliases: never
+                pageSize: 0
+              userUIDAttribute: dn
+              userNameAttributes: [uid]
+              tolerateMemberNotFoundErrors: false
+              tolerateMemberOutOfScopeErrors: false
 
           # Deprecated: Using a string value is legacy. Newer version should use `bindPassword.name` and reference a secret name from `secrets` instead.
           bindPassword: "?{vaultkv:${customer:name}/${cluster:name}/ldap-auth/bindPassword}"

diff --git a/tests/golden/defaults/openshift4-authentication/openshift4-authentication/20_ldap_sync.yaml b/tests/golden/defaults/openshift4-authentication/openshift4-authentication/20_ldap_sync.yaml
@@ -37,17 +37,17 @@ stringData:
   ca-bundle.crt: '-----BEGIN CERTIFICATE-----
 
     -----END CERTIFICATE-----'
-  config.yaml: '"apiVersion": "v1"
-
-    "bindDN": "uid=service,ou=idp,dc=company,dc=tld"
-
-    "bindPassword": "t-silent-test-1234/c-green-test-1234/ldap-auth/bindPassword"
-
-    "ca": "/etc/sync-config/ca-bundle.crt"
-
-    "kind": "LDAPSyncConfig"
-
-    "url": "ldaps://ldap.company.tld:636/ou=services,dc=company,dc=tld?uid"'
+  config.yaml: "\"apiVersion\": \"v1\"\n\"bindDN\": \"uid=service,ou=idp,dc=company,dc=tld\"\
+    \n\"bindPassword\": \"t-silent-test-1234/c-green-test-1234/ldap-auth/bindPassword\"\
+    \n\"ca\": \"/etc/sync-config/ca-bundle.crt\"\n\"kind\": \"LDAPSyncConfig\"\n\"\
+    rfc2307\":\n  \"groupMembershipAttributes\":\n  - \"uniqueMember\"\n  \"groupNameAttributes\"\
+    :\n  - \"cn\"\n  \"groupUIDAttribute\": \"dn\"\n  \"groupsQuery\":\n    \"baseDN\"\
+    : \"ou=Groups,dc=company,dc=tld\"\n    \"derefAliases\": \"never\"\n    \"filter\"\
+    : \"(&(objectclass=groupOfUniqueNames)(|(cn=cluster-admins)))\"\n    \"pageSize\"\
+    : 0\n    \"scope\": \"sub\"\n  \"tolerateMemberNotFoundErrors\": false\n  \"tolerateMemberOutOfScopeErrors\"\
+    : false\n  \"userNameAttributes\":\n  - \"uid\"\n  \"userUIDAttribute\": \"dn\"\
+    \n  \"usersQuery\":\n    \"baseDN\": \"dc=company,dc=tld\"\n    \"derefAliases\"\
+    : \"never\"\n    \"pageSize\": 0\n    \"scope\": \"sub\"\n\"url\": \"ldaps://ldap.company.tld:636/ou=services,dc=company,dc=tld?uid\""
   whitelist.txt: ''
 type: Opaque
 ---