Fix itests for use with new ldap image

2025-01-23 08:44:15 +00:00 · 2025-01-22 11:15:30 -08:00 · 2025-01-22 11:15:30 -08:00 · f983cb3e60
commit f983cb3e60
parent daade335d1
6 changed files with 12 additions and 51 deletions
--- a/2
+++ b/2
@ -64,7 +64,7 @@ itest-up-anon:
 		build
 	docker compose -f docker-compose.yml \
 		-f itest/docker-compose.itest-anon.yml \
-		up -d vaultwarden ldap
+		up -d vaultwarden ldap ldap_admin

 .PHONY: itest-run-anon
 itest-run-anon:
--- a/itest/config-anon.toml
+++ b/itest/config-anon.toml
@ -1,8 +0,0 @@
-vaultwarden_url = "http://vaultwarden:80"
-vaultwarden_admin_token = "admin"
-ldap_host = "ldap"
-# ldap_bind_dn = "cn=readonly,dc=example,dc=org"
-# ldap_bind_password = "readonly"
-ldap_search_base_dn = "dc=example,dc=org"
-ldap_search_filter = "(&(objectClass=*)(uid=*))"
-ldap_sync_loop = false
--- a/itest/docker-compose.itest-anon-env.yml
+++ b/itest/docker-compose.itest-anon-env.yml
@ -1,21 +0,0 @@
---
-services:
-  ldap_sync:
-    environment:
-      CONFIG_PATH: ""
-      APP_VAULTWARDEN_URL: "http://vaultwarden:80"
-      APP_VAULTWARDEN_ADMIN_TOKEN: "admin"
-      APP_LDAP_HOST: "ldap"
-      # APP_LDAP_BIND_DN: "cn=admin,dc=example,dc=org"
-      # APP_LDAP_BIND_PASSWORD: "admin"
-      APP_LDAP_SEARCH_BASE_DN: "dc=example,dc=org"
-      APP_LDAP_SEARCH_FILTER: "(&(objectClass=*)(uid=*))"
-      APP_LDAP_SYNC_LOOP: "false"
-
-  vaultwarden: {}
-
-  ldap:
-    command: ["--copy-service"]
-    volumes:
-      - ./itest/ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom
-      - ./itest/schema/anon.ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom/anon.ldif
--- a/itest/docker-compose.itest-anon.yml
+++ b/itest/docker-compose.itest-anon.yml
@ -1,13 +1,18 @@
 ---
 services:
  ldap_sync:
-    volumes:
-      - ./itest/config-anon.toml:/config.toml:ro
+    environment:
+      CONFIG_PATH: ""
+      APP_VAULTWARDEN_URL: "http://vaultwarden:80"
+      APP_VAULTWARDEN_ADMIN_TOKEN: "admin"
+      APP_LDAP_HOST: "ldap"
+      APP_LDAP_SEARCH_BASE_DN: "dc=example,dc=org"
+      APP_LDAP_SEARCH_FILTER: "(&(objectClass=*)(uid=*))"
+      APP_LDAP_SYNC_LOOP: "false"

  vaultwarden: {}

  ldap:
-    command: ["--copy-service"]
-    volumes:
-      - ./itest/ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom
-      - ./itest/schema/anon.ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom/anon.ldif
+    environment:
+      # Just to make sure there is no accidental auth using merged configs
+      LDAP_ADMIN_PASSWORD: NONE
--- a/itest/ldif/anon.ldif
+++ b/itest/ldif/anon.ldif
--- a/itest/schema/anon.ldif
+++ b/itest/schema/anon.ldif
@ -1,15 +0,0 @@
-dn: olcDatabase={1}mdb,cn=config
-changetype: modify
-replace: olcAccess
-olcAccess: to * 
-  by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage 
-  by * break
-olcAccess: to attrs=userPassword,shadowLastChange
-  by self write
-  by dn="cn=admin,dc=example,dc=org" write
-  by anonymous auth
-  by * none
-olcAccess: to * 
-  by anonymous read
-  by dn="cn=admin,dc=example,dc=org" write
-  by * none