Merge "chore(ldap): adds in ldap user setup"

2021-02-23 18:44:19 +00:00 · 2021-02-23 18:44:19 +00:00 · 3fac7a245e
commit 3fac7a245e
parent b7796718d7 3e0c8adeb9
2 changed files with 69 additions and 0 deletions
--- a/tools/gate/deploy-k8s.sh
+++ b/tools/gate/deploy-k8s.sh
@ -5,6 +5,7 @@ set -ex
 : "${KUBE_VERSION:="v1.19.6"}"
 : "${MINIKUBE_VERSION:="v1.16.0"}"
 : "${CALICO_VERSION:="v3.17"}"
+: "${YQ_VERSION:="v4.6.0"}"

 : "${HTTP_PROXY:=""}"
 : "${HTTPS_PROXY:=""}"
@ -122,6 +123,9 @@ sudo -E apt-get install -y \
 sudo mkdir -p /var/lib/minikube/etcd
 sudo mount -t tmpfs -o size=512m tmpfs /var/lib/minikube/etcd

+# Install YQ
+wget https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_amd64.tar.gz -O - | tar xz && sudo mv yq_linux_amd64 /usr/local/bin/yq
+
 # Install minikube and kubectl
 URL="https://storage.googleapis.com"
 sudo -E curl -sSLo /usr/local/bin/minikube "${URL}"/minikube/releases/"${MINIKUBE_VERSION}"/minikube-linux-amd64
--- a/tools/gate/jarvis/200-deploy-support.sh
+++ b/tools/gate/jarvis/200-deploy-support.sh
@ -49,6 +49,71 @@ helm upgrade \

 ./tools/deployment/common/wait-for-pods.sh ingress-nginx

+cat > /tmp/base.ldif <<EOF
+dn: ou=Users,dc=jarvis,dc=local
+changetype: add
+objectClass: organizationalUnit
+ou: Users
+
+dn: ou=Groups,dc=jarvis,dc=local
+changetype: add
+objectClass: organizationalUnit
+ou: Groups
+
+dn: uid=jarvis,ou=Users,dc=jarvis,dc=local
+changetype: add
+objectClass: top
+objectClass: person
+objectClass: inetOrgPerson
+cn: jarvis
+sn: User
+displayname: jarvis User
+mail: jarvis@cluster.local
+userpassword: {SSHA}fCJ5vuW1BQ4/OfOVkkx1qjwi7yHFuGNB
+
+dn: cn=jarvis-admins,ou=Groups,dc=jarvis,dc=local
+changetype: add
+objectClass: top
+objectClass: groupOfUniqueNames
+cn: jarvis-admins
+description: Jarvis Administrators
+uniqueMember: uid=jarvis,ou=Users,dc=jarvis,dc=local
+EOF
+
+ldif_add_user() {
+local USER=$1
+local PASSWORD=$2
+cat >> /tmp/base.ldif << EOF
+
+dn: uid=$USER,ou=Users,dc=jarvis,dc=local
+changetype: add
+objectClass: top
+objectClass: person
+objectClass: inetOrgPerson
+cn: $USER
+sn: User
+displayname: $USER User
+mail: $USER@cluster.local
+userpassword: $PASSWORD
+EOF
+}
+
+project_path=./tools/gate/jarvis/5G-SA-core
+if [ -d "$project_path" ]; then
+  projects=$(find $project_path  -maxdepth 1 -mindepth 1 -type d -printf '%f\n')
+  for proj in $projects; do
+    # password: "harbor-user-password"
+    ldif_add_user $proj-harbor "{SSHA}u1BT4/+0D4CRCZEFYQHRieswErdUc5Zm"
+    # password: "harbor-staging-user-password"
+    ldif_add_user $proj-harbor-staging "{SSHA}gYtZk9+9j59ytEj9z6/KUsKw4/CvpaEU"
+    # password: "dev-password"
+    ldif_add_user $proj-dev "{SSHA}o8PQMzyBjq7+3wlnyFmjWILphtfnZ5tA"
+  done
+fi
+
+export LDIFFILE=$(cat /tmp/base.ldif)
+yq -i eval '.customLdifFiles."groups.ldif" = strenv(LDIFFILE)' charts/ldap/values_overrides/default.yaml
+
 helm repo add stable https://charts.helm.sh/stable
 # shellcheck disable=SC2046
 helm upgrade \