airship/charts
Code Issues Proposed changes

chore(ldap): adds in ldap user setup

Browse Source 
This patch set places in additional users in the openLDAP deployment in
the gate.

Signed-off-by: Tin Lam <tin@irrational.io>
Change-Id: I1564da86e5299ae4e10e0d5d53cb0c1fa97704af
This commit is contained in:
Tin Lam 2021-02-20 16:59:17 -06:00
parent 9675bafb3b
commit 3e0c8adeb9
2 changed files with 69 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
tools/gate/deploy-k8s.sh
View File

@ -5,6 +5,7 @@ set -ex
: "${KUBE_VERSION:="v1.19.6"}" : "${KUBE_VERSION:="v1.19.6"}"
: "${MINIKUBE_VERSION:="v1.16.0"}" : "${MINIKUBE_VERSION:="v1.16.0"}"
: "${CALICO_VERSION:="v3.17"}" : "${CALICO_VERSION:="v3.17"}"
: "${YQ_VERSION:="v4.6.0"}"
: "${HTTP_PROXY:=""}" : "${HTTP_PROXY:=""}"
: "${HTTPS_PROXY:=""}" : "${HTTPS_PROXY:=""}"
@ -121,6 +122,9 @@ sudo -E apt-get install -y \
sudo mkdir -p /var/lib/minikube/etcd sudo mkdir -p /var/lib/minikube/etcd
sudo mount -t tmpfs -o size=512m tmpfs /var/lib/minikube/etcd sudo mount -t tmpfs -o size=512m tmpfs /var/lib/minikube/etcd
# Install YQ
wget https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_amd64.tar.gz -O - | tar xz && sudo mv yq_linux_amd64 /usr/local/bin/yq
# Install minikube and kubectl # Install minikube and kubectl
URL="https://storage.googleapis.com" URL="https://storage.googleapis.com"
sudo -E curl -sSLo /usr/local/bin/minikube "${URL}"/minikube/releases/"${MINIKUBE_VERSION}"/minikube-linux-amd64 sudo -E curl -sSLo /usr/local/bin/minikube "${URL}"/minikube/releases/"${MINIKUBE_VERSION}"/minikube-linux-amd64

65
tools/gate/jarvis/200-deploy-support.sh
View File

@ -49,6 +49,71 @@ helm upgrade \
./tools/deployment/common/wait-for-pods.sh ingress-nginx ./tools/deployment/common/wait-for-pods.sh ingress-nginx
cat > /tmp/base.ldif <<EOF
dn: ou=Users,dc=jarvis,dc=local
changetype: add
objectClass: organizationalUnit
ou: Users
dn: ou=Groups,dc=jarvis,dc=local
changetype: add
objectClass: organizationalUnit
ou: Groups
dn: uid=jarvis,ou=Users,dc=jarvis,dc=local
changetype: add
objectClass: top
objectClass: person
objectClass: inetOrgPerson
cn: jarvis
sn: User
displayname: jarvis User
mail: jarvis@cluster.local
userpassword: {SSHA}fCJ5vuW1BQ4/OfOVkkx1qjwi7yHFuGNB
dn: cn=jarvis-admins,ou=Groups,dc=jarvis,dc=local
changetype: add
objectClass: top
objectClass: groupOfUniqueNames
cn: jarvis-admins
description: Jarvis Administrators
uniqueMember: uid=jarvis,ou=Users,dc=jarvis,dc=local
EOF
ldif_add_user() {
local USER=$1
local PASSWORD=$2
cat >> /tmp/base.ldif << EOF
dn: uid=$USER,ou=Users,dc=jarvis,dc=local
changetype: add
objectClass: top
objectClass: person
objectClass: inetOrgPerson
cn: $USER
sn: User
displayname: $USER User
mail: $USER@cluster.local
userpassword: $PASSWORD
EOF
}
project_path=./tools/gate/jarvis/5G-SA-core
if [ -d "$project_path" ]; then
projects=$(find $project_path -maxdepth 1 -mindepth 1 -type d -printf '%f\n')
for proj in $projects; do
# password: "harbor-user-password"
ldif_add_user $proj-harbor "{SSHA}u1BT4/+0D4CRCZEFYQHRieswErdUc5Zm"
# password: "harbor-staging-user-password"
ldif_add_user $proj-harbor-staging "{SSHA}gYtZk9+9j59ytEj9z6/KUsKw4/CvpaEU"
# password: "dev-password"
ldif_add_user $proj-dev "{SSHA}o8PQMzyBjq7+3wlnyFmjWILphtfnZ5tA"
done
fi
export LDIFFILE=$(cat /tmp/base.ldif)
yq -i eval '.customLdifFiles."groups.ldif" = strenv(LDIFFILE)' charts/ldap/values_overrides/default.yaml
helm repo add stable https://charts.helm.sh/stable helm repo add stable https://charts.helm.sh/stable
# shellcheck disable=SC2046 # shellcheck disable=SC2046
helm upgrade \ helm upgrade \