[Gerrit][OpenLDAP] Add mail attribute to users

Change-Id: Ifbc041f35f5f99ef195c51012c0c0cef304bd43a
2016-05-06 18:54:36 +03:00 · 2016-05-06 18:54:36 +03:00 · 5294882e36
commit 5294882e36
parent 9105564b3f
6 changed files with 54 additions and 16 deletions
--- a/murano-apps/CiCdEnvironment/package/Classes/CiCdEnvironment.yaml
+++ b/murano-apps/CiCdEnvironment/package/Classes/CiCdEnvironment.yaml
@ -47,6 +47,7 @@ Methods:

      - $user: 'user'
      - $password: 'P@ssw0rd'
+      - $mail: 'user@mail.com'

      # OpenLDAP
      - If: $this.ldap = null
@ -65,8 +66,10 @@ Methods:
              domain => 'infra.local',
              ldapRootUser => 'root',
              ldapRootPass => 'openstack',
+              ldapRootEmail => 'root@mail.com',
              ldapUser => $user,
-              ldapPass => $password)
+              ldapPass => $password,
+              ldapEmail => $mail)

      # Gerrit
      - If: $this.gerrit = null
--- a/murano-apps/Gerrit/package/Resources/scripts/site.pp
+++ b/murano-apps/Gerrit/package/Resources/scripts/site.pp
@ -61,6 +61,7 @@ node default {
    ldap_password                       => $ldap_password,
    ldap_accountfullname                => 'cn',
    ldap_account_pattern                => '(cn=${username})',
+    ldap_account_email_address          => 'mail',
    mysql_host                          => hiera('gerrit_mysql_host', 'localhost'),
    mysql_password                      => hiera('gerrit_db_password'),
    email_private_key                   => hiera('gerrit_email_private_key'),
--- a/murano-apps/OpenLDAP/package/Classes/OpenLDAP.yaml
+++ b/murano-apps/OpenLDAP/package/Classes/OpenLDAP.yaml
@ -21,10 +21,14 @@ Properties:
    Contract: $.string().notNull()
  ldapRootPass:
    Contract: $.string().notNull()
+  ldapRootEmail:
+    Contract: $.string().notNull()
  ldapUser:
    Contract: $.string()
  ldapPass:
    Contract: $.string()
+  ldapEmail:
+    Contract: $.string()

 Methods:
  .init:
@ -65,7 +69,7 @@ Methods:
          - If: $.ldapUser != '' and $.ldapUser != null
            Then:
              - $._environment.reporter.report($this, format('Configuring base non-admin LDAP user'))
-              - $.configureOpenLDAPUser($.ldapUser, $.ldapPass)
+              - $.configureOpenLDAPUser($.ldapUser, $.ldapPass, $.ldapEmail)

          - $.setAttr(deployed, true)
          - $._environment.reporter.report($this, 'OpenLDAP is deployed!')
@ -99,11 +103,12 @@ Methods:
    Body:
      - $resources: new(sys:Resources)
      - $template: $resources.yaml('ConfigureOpenLDAPUser.template').bind(dict(
-            domain => $this.domain,
+            domain   => $this.domain,
            rootUser => $this.ldapRootUser,
            rootPass => $this.ldapRootPass,
-            user => '',
-            password => ''
+            user     => '',
+            password => '',
+            email    => $this.ldapRootEmail
          ))
      - $.instance.agent.call($template, $resources)

@ -113,14 +118,17 @@ Methods:
          Contract: $.string().notNull()
      - password:
          Contract: $.string().notNull()
+      - email:
+          Contract: $.string().notNull()
    Body:
      - $resources: new(sys:Resources)
      - $template: $resources.yaml('ConfigureOpenLDAPUser.template').bind(dict(
-            domain => $this.domain,
+            domain   => $this.domain,
            rootUser => $this.ldapRootUser,
            rootPass => $this.ldapRootPass,
-            user => $user,
-            password => $password
+            user     => $user,
+            password => $password,
+            email    => $email
          ))
      - $.instance.agent.call($template, $resources)

--- a/murano-apps/OpenLDAP/package/Resources/ConfigureOpenLDAPUser.template
+++ b/murano-apps/OpenLDAP/package/Resources/ConfigureOpenLDAPUser.template
@ -8,15 +8,17 @@ Parameters:
  rootPass: $rootPass
  user: $user
  password: $password
+  email: $email

 Body: |
  return configure(
-      '{0} {1} {2} {3} {4}'.format(
+      '"{0}" "{1}" "{2}" "{3}" "{4}" "{5}"'.format(
          args.domain,
          args.rootUser,
          args.rootPass,
          args.user,
-          args.password)).stdout
+          args.password,
+          args.email)).stdout

 Scripts:
  configure:
--- a/murano-apps/OpenLDAP/package/Resources/scripts/configureOpenLDAPUser.sh
+++ b/murano-apps/OpenLDAP/package/Resources/scripts/configureOpenLDAPUser.sh
@ -4,6 +4,7 @@ ADMIN_USERNAME="$2"
 ADMIN_PASSWORD="$3"
 USERNAME="$4"
 PASSWORD="$5"
+EMAIL="$6"

 DOMAIN_PASSWORD="$ADMIN_PASSWORD"

@ -14,7 +15,7 @@ TLD="`echo "$DOMAIN" | cut -d. -f2`"
 # script will create just admin user

 if [ -z $USERNAME ];
-  then 
+  then
    USERNAME="$ADMIN_USERNAME";
    PASSWORD="$ADMIN_PASSWORD";
 fi
@ -23,11 +24,12 @@ fi
 ldapadd -x -w $DOMAIN_PASSWORD -D "cn=${ADMIN_USERNAME},dc=${NAME},dc=${TLD}" << USER
 dn: uid=${USERNAME},ou=users,dc=${NAME},dc=${TLD}
 objectClass: top
-objectClass: account
 objectClass: posixAccount
 objectClass: shadowAccount
+objectclass: iNetOrgPerson
 cn: ${USERNAME}
 uid: ${USERNAME}
+sn: ${USERNAME}
 uidNumber: 1001
 gidNumber: 1001
 homeDirectory: /home/${USERNAME}
@ -37,6 +39,7 @@ userPassword: {crypt}x
 shadowLastChange: 0
 shadowMax: 0
 shadowWarning: 0
+mail: ${EMAIL}
 USER

 ldappasswd -w $DOMAIN_PASSWORD -s ${PASSWORD} -D "cn=${ADMIN_USERNAME},dc=${NAME},dc=${TLD}" -x uid=${USERNAME},ou=users,dc=${NAME},dc=${TLD}
--- a/murano-apps/OpenLDAP/package/UI/ui.yaml
+++ b/murano-apps/OpenLDAP/package/UI/ui.yaml
@ -7,8 +7,10 @@ Application:
  domain: $.appConfiguration.domain
  ldapRootUser: $.appConfiguration.ldapRootUser
  ldapRootPass: $.appConfiguration.ldapRootPass
+  ldapRootEmail: $.appConfiguration.ldapRootEmail
  ldapUser: $.appConfiguration.ldapUser
  ldapPass: $.appConfiguration.ldapPass
+  ldapEmail: $.appConfiguration.ldapEmail
  instance:
    ?:
      type: io.murano.opaas.puppet.PuppetInstance
@ -49,20 +51,39 @@ Forms:
          descriptionTitle: LDAP Root Password
          description: >-
            Please, provide admin password
+        - name: ldapRootEmail
+          type: string
+          regexpValidator: '^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$'
+          errorMessages:
+            invalid: Please provide valid email address.
+          label: Root User Email
+          descriptionTitle: LDAP Root User Email
+          description: >-
+            Please, provide admin user email
        - name: ldapUser
          type: string
          label: Username
          required: false
-          descriptionTitle: LDAP User
+          descriptionTitle: LDAP regular user
          description: >-
-            Please, provide username
+            Please, provide name for regular user
        - name: ldapPass
          type: password
          label: Password
          required: false
-          descriptionTitle: LDAP Password
+          descriptionTitle: LDAP password for regular user
          description: >-
-            Please, provide password
+            Please, provide password for regular user
+        - name: ldapEmail
+          type: string
+          regexpValidator: '^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$'
+          errorMessages:
+            invalid: Please provide valid email address.
+          label: Email
+          required: false
+          descriptionTitle: LDAP Email
+          description: >-
+            Please, provide regular user email
        - name: assignFloatingIP
          type: boolean
          label: Assign Floating IP