Adding basic LDAP server based on Apache DS / alpine for integration …

…testing blended
woq-blended · Jul 11, 2019 · 7707662 · 7707662
1 parent 990c865
commit 7707662
Show file tree

Hide file tree

Showing 14 changed files with 219 additions and 2 deletions.
diff --git a/apacheds-alpine/Dockerfile b/apacheds-alpine/Dockerfile
@@ -0,0 +1,18 @@
+FROM atooni/zulu-8-alpine:1.0
+MAINTAINER Blended Team
+
+ENV APACHEDS_VERSION 2.0.0.AM25
+ENV APACHEDS_URL http://archive.apache.org/dist/directory/apacheds/dist/${APACHEDS_VERSION}/apacheds-${APACHEDS_VERSION}.tar.gz
+
+RUN apk --no-cache add openldap-clients gettext vim bash
+
+RUN curl ${APACHEDS_URL} | tar -xzC /opt \
+ && ln -s $(ls -d /opt/apacheds*) /opt/apacheds
+
+ADD files /opt/apacheds
+
+RUN /bin/bash -l /opt/apacheds/scripts/configure.sh
+
+ENTRYPOINT ["/bin/bash", "-l", "/opt/apacheds/scripts/run.sh" ]
+EXPOSE 10389
+
diff --git a/apacheds-alpine/files/ldif/admin_pwd.ldif b/apacheds-alpine/files/ldif/admin_pwd.ldif
@@ -0,0 +1,4 @@
+dn: uid=admin,ou=system
+changetype: modify
+replace: userPassword
+userPassword:: ${HASHED_PWD}
diff --git a/apacheds-alpine/files/ldif/group.ldif b/apacheds-alpine/files/ldif/group.ldif
@@ -0,0 +1,5 @@
+dn: cn=${GROUP_NAME},ou=groups,o=${DOMAIN_NAME}
+objectClass: top
+objectClass: groupOfNames
+cn: ${GROUP_NAME}
+member: ${MEMBER}
diff --git a/apacheds-alpine/files/ldif/groupAdd.ldif b/apacheds-alpine/files/ldif/groupAdd.ldif
@@ -0,0 +1,4 @@
+dn: cn=${GROUP_NAME},ou=groups,o=${DOMAIN_NAME}
+changetype: modify
+add: member
+member: ${MEMBER}
diff --git a/apacheds-alpine/files/ldif/partition.ldif b/apacheds-alpine/files/ldif/partition.ldif
@@ -0,0 +1,28 @@
+version: 1
+
+dn: ads-partitionId=${DOMAIN_NAME},ou=partitions,ads-directoryServiceId=default,ou=config
+objectclass: ads-jdbmPartition
+objectclass: ads-partition
+objectclass: ads-base
+objectclass: top
+ads-partitionid: ${DOMAIN_NAME}
+ads-partitionsuffix: o=${DOMAIN_NAME}
+ads-enabled: TRUE
+ads-jdbmpartitionoptimizerenabled: TRUE
+ads-partitioncachesize: 10000
+ads-partitionsynconwrite: TRUE
+
+dn: ou=indexes,ads-partitionId=${DOMAIN_NAME},ou=partitions,ads-directoryServiceId=default,ou=config
+objectclass: top
+objectclass: organizationalUnit
+ou: indexes
+
+dn: ads-indexAttributeId=uid,ou=indexes,ads-partitionId=${DOMAIN_NAME},ou=partitions,ads-directoryServiceId=default,ou=config
+objectclass: top
+objectclass: ads-base
+objectclass: ads-jdbmIndex
+objectclass: ads-index
+ads-indexattributeid: uid
+ads-indexhasreverse: FALSE
+ads-enabled: TRUE
+ads-indexcachesize: 100
diff --git a/apacheds-alpine/files/ldif/top_domain.ldif b/apacheds-alpine/files/ldif/top_domain.ldif
@@ -0,0 +1,4 @@
+dn: o=${DOMAIN_NAME}
+objectClass: organization
+objectClass: top
+o: ${DOMAIN_NAME}
diff --git a/apacheds-alpine/files/ldif/top_objects.ldif b/apacheds-alpine/files/ldif/top_objects.ldif
@@ -0,0 +1,9 @@
+dn: ou=groups,o=${DOMAIN_NAME}
+objectClass: organizationalUnit
+objectClass: top
+ou: groups
+
+dn: ou=users,o=${DOMAIN_NAME}
+objectClass: organizationalUnit
+objectClass: top
+ou: users
diff --git a/apacheds-alpine/files/ldif/user.ldif b/apacheds-alpine/files/ldif/user.ldif
@@ -0,0 +1,9 @@
+dn: uid=${USER},ou=users,o=${DOMAIN_NAME}
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetOrgPerson
+uid: ${USER}
+cn: ${USER_CN}
+sn: ${USER_SN}
+userPassword:: ${USER_PWD}
diff --git a/apacheds-alpine/files/scripts/configure.sh b/apacheds-alpine/files/scripts/configure.sh
@@ -0,0 +1,111 @@
+#!/bin/bash
+
+set -e
+
+export DOMAIN_NAME=blended
+export SYSTEM_PWD=blended
+
+if [ "x${START_DELAY}" == "x" ]; then
+  START_DELAY=10
+fi
+
+APACHEDS_CMD=/opt/apacheds/bin/apacheds.sh
+
+function shaPassword() {
+  pwd=`echo -n $1 | md5sum | awk '{print $1}' | xxd -r -p | base64`
+  export HASHED_PWD=`echo -n "{MD5}${pwd}" | base64`
+}
+
+function stopADS() {
+  ${APACHEDS_CMD} stop
+}
+
+function startADS() {
+
+  if [[ -n "$1" ]]; then
+    START_MODE=$1
+  else
+    START_MODE=start
+  fi
+
+  ${APACHEDS_CMD} $START_MODE
+
+  if [[ -n $2 ]]; then
+    sleep $2
+  fi
+}
+
+function restartADS() {
+  stopADS
+  startADS $*
+}
+
+function loadLdif() {
+  envsubst < /opt/apacheds/ldif/$2.ldif > /tmp/$2.ldif
+  ldapmodify -c -a -f /tmp/$2.ldif -h localhost -p 10389 -D "uid=admin,ou=system" -w $1
+}
+
+function addGroup {
+  export GROUP_NAME=$1
+  export MEMBER=$2
+  loadLdif $SYSTEM_PWD group
+}
+
+function addToGroup {
+  export GROUP_NAME=$1
+  export MEMBER=$2
+  loadLdif $SYSTEM_PWD groupAdd
+}
+
+function addUser {
+  export USER=$1
+  shift
+
+  export USER_CN=$1
+  shift
+
+  export USER_SN=$1
+  shift
+
+  shaPassword $1
+  export USER_PWD=$HASHED_PWD
+  shift
+
+  loadLdif $SYSTEM_PWD user
+}
+
+# Initially start the LDAP server
+startADS start $START_DELAY
+
+# then we change the admin password
+#export HASHED_PWD=$SYSTEM_PWD
+shaPassword $SYSTEM_PWD
+loadLdif secret admin_pwd
+
+# Restart to apply changes
+restartADS start $START_DELAY
+
+netstat -anp | grep 10389
+
+# create a new partition
+loadLdif $SYSTEM_PWD partition
+ldapdelete -r -H ldap://localhost:10389 -D "uid=admin,ou=system" -w $SYSTEM_PWD "ads-partitionId=example,ou=partitions,ads-directoryServiceId=default,ou=config"
+ldapdelete -r -H ldap://localhost:10389 -D "uid=admin,ou=system" -r -w $SYSTEM_PWD "dc=example,dc=com"
+
+restartADS start $START_DELAY
+
+# create the top level entries
+loadLdif $SYSTEM_PWD top_domain
+loadLdif $SYSTEM_PWD top_objects
+
+addUser root "Main Admin" Administrator mysecret
+addUser andreas "Andreas Gies" Gies mysecret
+addUser tobias "Tobias Roeser" Roeser mysecret
+
+addGroup admins "uid=root,ou=users,o=blended"
+addToGroup admins "uid=andreas,ou=users,o=blended"
+
+addGroup blended ""uid=blended,ou=users,o=blended""
+addToGroup blended "uid=andreas,ou=users,o=blended"
+
+${APACHEDS_CMD} stop
diff --git a/apacheds-alpine/files/scripts/run.sh b/apacheds-alpine/files/scripts/run.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+
+APACHEDS_CMD=/opt/apacheds/bin/apacheds.sh
+
+${APACHEDS_CMD} start
+top
diff --git a/base-alpine/Dockerfile b/base-alpine/Dockerfile
@@ -1,6 +1,8 @@
+# We use alpine 3.9 for now. With 3.10 we do see strange errors when we use 
+# Selenium and Google Chrome for head less browser testing 
 FROM alpine:3.9
 
-MAINTAINER WoQ - Way of Quality GmbH - Blended 
+MAINTAINER WoQ - Way of Quality GmbH - Blended Team
 
 ENV USER=blended
 ENV UID=5000	
@@ -28,4 +30,3 @@ RUN addgroup -g "${GID}" "${USER}" \
   --uid "$UID" \
   "$USER" \
  && chown -R $USER:$GROUP /home/$USER
-
diff --git a/build-alpine/.Dockerfile.swp b/build-alpine/.Dockerfile.swp
diff --git a/zulu-8-alpine/Dockerfile b/zulu-8-alpine/Dockerfile
@@ -0,0 +1,18 @@
+# The basic image to run Blended containers
+FROM atooni/base-alpine:1.0
+
+MAINTAINER Andreas Gies 
+
+ENV JAVA_URL=https://cdn.azul.com/zulu/bin/zulu8.38.0.13-ca-jdk8.0.212-linux_musl_x64.tar.gz
+ENV SBT_URL=https://piccolo.link/sbt-1.2.8.tgz
+
+# Installation section
+ADD files/profile.d /etc/profile.d  
+
+# Download the tar files and explode them in one go to save 
+# image space 
+RUN mkdir -p /opt \
+ && curl -L ${JAVA_URL} | tar -xzC /opt \
+ && ln -s $(ls -d /opt/zulu*) /opt/java 
+
+# End of Installation section
diff --git a/build-alpine/files/profile.d/java.sh → zulu-8-alpine/files/profile.d/java.sh b/build-alpine/files/profile.d/java.sh → zulu-8-alpine/files/profile.d/java.sh