ldap: improved ldap test env with more structured users and groups

2025-01-26 08:16:59 -06:00 · 2018-07-02 17:25:44 +02:00 · 2018-07-02 17:25:44 +02:00 · 37efa934f1
commit 37efa934f1
parent 5e08bf5130
16 changed files with 71 additions and 35 deletions
--- a/.gitignore
+++ b/.gitignore
@ -43,6 +43,7 @@ fig.yml
 docker-compose.yml
 docker-compose.yaml
 /conf/provisioning/**/custom.yaml
+/conf/ldap_dev.toml
 profile.cov
 /grafana
 /local
--- a/docker/blocks/openldap/entrypoint.sh
+++ b/docker/blocks/openldap/entrypoint.sh
@ -80,7 +80,15 @@ EOF
        done
    fi

-    for file in `ls /etc/ldap/prepopulate/*.ldif`; do
+    for file in `ls /etc/ldap/prepopulate/units/*.ldif`; do
+        slapadd -F /etc/ldap/slapd.d -l "$file"
+    done
+
+    for file in `ls /etc/ldap/prepopulate/groups/*.ldif`; do
+        slapadd -F /etc/ldap/slapd.d -l "$file"
+    done
+
+    for file in `ls /etc/ldap/prepopulate/users/*.ldif`; do
        slapadd -F /etc/ldap/slapd.d -l "$file"
    done

--- a/docker/blocks/openldap/prepopulate/admin.ldif
+++ b/docker/blocks/openldap/prepopulate/admin.ldif
@ -1,10 +0,0 @@
-dn: cn=ldapadmin,dc=grafana,dc=org
-mail: ldapadmin@grafana.com
-userPassword: grafana
-objectClass: person
-objectClass: top
-objectClass: inetOrgPerson
-objectClass: organizationalPerson
-sn: ldapadmin
-cn: ldapadmin
-memberOf: cn=admins,dc=grafana,dc=org
--- a/docker/blocks/openldap/prepopulate/adminsgroup.ldif
+++ b/docker/blocks/openldap/prepopulate/adminsgroup.ldif
@ -1,5 +0,0 @@
-dn: cn=admins,dc=grafana,dc=org
-cn: admins
-member: cn=ldapadmin,dc=grafana,dc=org
-objectClass: groupOfNames
-objectClass: top
--- a/docker/blocks/openldap/prepopulate/editor.ldif
+++ b/docker/blocks/openldap/prepopulate/editor.ldif
@ -1,10 +0,0 @@
-dn: cn=ldapeditor,dc=grafana,dc=org
-mail: ldapeditor@grafana.com
-userPassword: grafana
-objectClass: person
-objectClass: top
-objectClass: inetOrgPerson
-objectClass: organizationalPerson
-sn: ldapeditor
-cn: ldapeditor
-memberOf: cn=users,dc=grafana,dc=org
--- a/docker/blocks/openldap/prepopulate/groups/admins.ldif
+++ b/docker/blocks/openldap/prepopulate/groups/admins.ldif
@ -0,0 +1,5 @@
+dn: cn=admins,ou=groups,dc=grafana,dc=org
+cn: admins
+objectClass: groupOfNames
+objectClass: top
+member: cn=ldap-admin,ou=users,dc=grafana,dc=org
--- a/docker/blocks/openldap/prepopulate/groups/backend.ldif
+++ b/docker/blocks/openldap/prepopulate/groups/backend.ldif
@ -0,0 +1,5 @@
+dn: cn=backend,ou=groups,dc=grafana,dc=org
+cn: backend
+objectClass: groupOfNames
+objectClass: top
+member: cn=ldap-editor,dc=grafana,dc=org
--- a/docker/blocks/openldap/prepopulate/groups/editor.ldif
+++ b/docker/blocks/openldap/prepopulate/groups/editor.ldif
@ -0,0 +1,5 @@
+dn: cn=editors,ou=groups,dc=grafana,dc=org
+cn: editors
+objectClass: groupOfNames
+objectClass: top
+member: cn=ldap-editor,ou=users,dc=grafana,dc=org
--- a/docker/blocks/openldap/prepopulate/groups/frontend.ldif
+++ b/docker/blocks/openldap/prepopulate/groups/frontend.ldif
@ -0,0 +1,5 @@
+dn: cn=frontend,ou=groups,dc=grafana,dc=org
+cn: frontend
+objectClass: groupOfNames
+objectClass: top
+member: cn=ldap-frontend-1,ou=users,dc=grafana,dc=org
--- a/docker/blocks/openldap/prepopulate/units/groups.ldif
+++ b/docker/blocks/openldap/prepopulate/units/groups.ldif
@ -0,0 +1,3 @@
+dn: ou=groups,dc=grafana,dc=org
+objectclass: top
+objectclass: organizationalUnit
--- a/docker/blocks/openldap/prepopulate/units/users.ldif
+++ b/docker/blocks/openldap/prepopulate/units/users.ldif
@ -0,0 +1,3 @@
+dn: ou=users,dc=grafana,dc=org
+objectclass: top
+objectclass: organizationalUnit
--- a/docker/blocks/openldap/prepopulate/users/ldap-admin.ldif
+++ b/docker/blocks/openldap/prepopulate/users/ldap-admin.ldif
@ -0,0 +1,11 @@
+dn: cn=ldap-admin,ou=users,dc=grafana,dc=org
+mail: ldap-admin@grafana.com
+userPassword: grafana
+objectClass: person
+objectClass: top
+objectClass: inetOrgPerson
+objectClass: organizationalPerson
+sn: ldap-admin
+cn: ldap-admin
+memberOf: cn=admins,ou=groups,dc=grafana,dc=org
+memberOf: cn=editors,ou=groups,dc=grafana,dc=org
--- a/docker/blocks/openldap/prepopulate/users/ldap-editor.ldif
+++ b/docker/blocks/openldap/prepopulate/users/ldap-editor.ldif
@ -0,0 +1,10 @@
+dn: cn=ldap-editor,ou=users,dc=grafana,dc=org
+mail: ldap-editor@grafana.com
+userPassword: grafana
+objectClass: person
+objectClass: top
+objectClass: inetOrgPerson
+objectClass: organizationalPerson
+sn: ldap-editor
+cn: ldap-editor
+memberOf: cn=editors,ou=groups,dc=grafana,dc=org
--- a/docker/blocks/openldap/prepopulate/users/ldap-frontend-1.ldif
+++ b/docker/blocks/openldap/prepopulate/users/ldap-frontend-1.ldif
@ -0,0 +1,10 @@
+dn: cn=ldap-frontend-1,ou=users,dc=grafana,dc=org
+mail: ldap-frontend-1@grafana.com
+userPassword: grafana
+objectClass: person
+objectClass: top
+objectClass: inetOrgPerson
+objectClass: organizationalPerson
+sn: ldap-frontend-1
+cn: ldap-frontend-1
+memberOf: cn=frontend,ou=groups,dc=grafana,dc=org
--- a/docker/blocks/openldap/prepopulate/users/ldap-viewer.ldif
+++ b/docker/blocks/openldap/prepopulate/users/ldap-viewer.ldif
@ -1,9 +1,9 @@
-dn: cn=ldapviewer,dc=grafana,dc=org
-mail: ldapviewer@grafana.com
+dn: cn=ldap-viewer,ou=users,dc=grafana,dc=org
+mail: ldap-viewer@grafana.com
 userPassword: grafana
 objectClass: person
 objectClass: top
 objectClass: inetOrgPerson
 objectClass: organizationalPerson
-sn: ldapviewer
-cn: ldapviewer
+sn: ldap-viewer
+cn: ldap-viewer
--- a/docker/blocks/openldap/prepopulate/usersgroup.ldif
+++ b/docker/blocks/openldap/prepopulate/usersgroup.ldif
@ -1,5 +0,0 @@
-dn: cn=users,dc=grafana,dc=org
-cn: users
-member: cn=ldapeditor,dc=grafana,dc=org
-objectClass: groupOfNames
-objectClass: top