From 4286db96adea3eeac2b64943e418e14600707a32 Mon Sep 17 00:00:00 2001 From: Chris Date: Mon, 20 Sep 2021 14:05:02 +0200 Subject: [PATCH] Add LDAP sync config to golden test --- tests/defaults.yml | 21 +++++++++++++++++- .../20_ldap_sync.yaml | 22 +++++++++---------- 2 files changed, 31 insertions(+), 12 deletions(-) diff --git a/tests/defaults.yml b/tests/defaults.yml index f472d72..840ea62 100644 --- a/tests/defaults.yml +++ b/tests/defaults.yml @@ -30,7 +30,26 @@ parameters: ca: |- -----BEGIN CERTIFICATE----- -----END CERTIFICATE----- - sync: {} + sync: + rfc2307: + groupsQuery: + baseDN: ou=Groups,dc=company,dc=tld + scope: sub + derefAliases: never + filter: "(&(objectclass=groupOfUniqueNames)(|(cn=cluster-admins)))" + pageSize: 0 + groupUIDAttribute: dn + groupNameAttributes: [cn] + groupMembershipAttributes: [uniqueMember] + usersQuery: + baseDN: dc=company,dc=tld + scope: sub + derefAliases: never + pageSize: 0 + userUIDAttribute: dn + userNameAttributes: [uid] + tolerateMemberNotFoundErrors: false + tolerateMemberOutOfScopeErrors: false # Deprecated: Using a string value is legacy. Newer version should use `bindPassword.name` and reference a secret name from `secrets` instead. bindPassword: "?{vaultkv:${customer:name}/${cluster:name}/ldap-auth/bindPassword}" diff --git a/tests/golden/defaults/openshift4-authentication/openshift4-authentication/20_ldap_sync.yaml b/tests/golden/defaults/openshift4-authentication/openshift4-authentication/20_ldap_sync.yaml index f400a20..9de6e25 100644 --- a/tests/golden/defaults/openshift4-authentication/openshift4-authentication/20_ldap_sync.yaml +++ b/tests/golden/defaults/openshift4-authentication/openshift4-authentication/20_ldap_sync.yaml @@ -37,17 +37,17 @@ stringData: ca-bundle.crt: '-----BEGIN CERTIFICATE----- -----END CERTIFICATE-----' - config.yaml: '"apiVersion": "v1" - - "bindDN": "uid=service,ou=idp,dc=company,dc=tld" - - "bindPassword": "t-silent-test-1234/c-green-test-1234/ldap-auth/bindPassword" - - "ca": "/etc/sync-config/ca-bundle.crt" - - "kind": "LDAPSyncConfig" - - "url": "ldaps://ldap.company.tld:636/ou=services,dc=company,dc=tld?uid"' + config.yaml: "\"apiVersion\": \"v1\"\n\"bindDN\": \"uid=service,ou=idp,dc=company,dc=tld\"\ + \n\"bindPassword\": \"t-silent-test-1234/c-green-test-1234/ldap-auth/bindPassword\"\ + \n\"ca\": \"/etc/sync-config/ca-bundle.crt\"\n\"kind\": \"LDAPSyncConfig\"\n\"\ + rfc2307\":\n \"groupMembershipAttributes\":\n - \"uniqueMember\"\n \"groupNameAttributes\"\ + :\n - \"cn\"\n \"groupUIDAttribute\": \"dn\"\n \"groupsQuery\":\n \"baseDN\"\ + : \"ou=Groups,dc=company,dc=tld\"\n \"derefAliases\": \"never\"\n \"filter\"\ + : \"(&(objectclass=groupOfUniqueNames)(|(cn=cluster-admins)))\"\n \"pageSize\"\ + : 0\n \"scope\": \"sub\"\n \"tolerateMemberNotFoundErrors\": false\n \"tolerateMemberOutOfScopeErrors\"\ + : false\n \"userNameAttributes\":\n - \"uid\"\n \"userUIDAttribute\": \"dn\"\ + \n \"usersQuery\":\n \"baseDN\": \"dc=company,dc=tld\"\n \"derefAliases\"\ + : \"never\"\n \"pageSize\": 0\n \"scope\": \"sub\"\n\"url\": \"ldaps://ldap.company.tld:636/ou=services,dc=company,dc=tld?uid\"" whitelist.txt: '' type: Opaque ---