From 5294882e36de9d63cc90eff8dfea0e5df81c7c88 Mon Sep 17 00:00:00 2001 From: Anastasia Kuznetsova Date: Fri, 6 May 2016 18:54:36 +0300 Subject: [PATCH] [Gerrit][OpenLDAP] Add mail attribute to users Change-Id: Ifbc041f35f5f99ef195c51012c0c0cef304bd43a --- .../package/Classes/CiCdEnvironment.yaml | 5 +++- .../Gerrit/package/Resources/scripts/site.pp | 1 + .../OpenLDAP/package/Classes/OpenLDAP.yaml | 22 +++++++++----- .../Resources/ConfigureOpenLDAPUser.template | 6 ++-- .../scripts/configureOpenLDAPUser.sh | 7 +++-- murano-apps/OpenLDAP/package/UI/ui.yaml | 29 ++++++++++++++++--- 6 files changed, 54 insertions(+), 16 deletions(-) diff --git a/murano-apps/CiCdEnvironment/package/Classes/CiCdEnvironment.yaml b/murano-apps/CiCdEnvironment/package/Classes/CiCdEnvironment.yaml index 48d2815..7008f10 100644 --- a/murano-apps/CiCdEnvironment/package/Classes/CiCdEnvironment.yaml +++ b/murano-apps/CiCdEnvironment/package/Classes/CiCdEnvironment.yaml @@ -47,6 +47,7 @@ Methods: - $user: 'user' - $password: 'P@ssw0rd' + - $mail: 'user@mail.com' # OpenLDAP - If: $this.ldap = null @@ -65,8 +66,10 @@ Methods: domain => 'infra.local', ldapRootUser => 'root', ldapRootPass => 'openstack', + ldapRootEmail => 'root@mail.com', ldapUser => $user, - ldapPass => $password) + ldapPass => $password, + ldapEmail => $mail) # Gerrit - If: $this.gerrit = null diff --git a/murano-apps/Gerrit/package/Resources/scripts/site.pp b/murano-apps/Gerrit/package/Resources/scripts/site.pp index a926479..7111431 100644 --- a/murano-apps/Gerrit/package/Resources/scripts/site.pp +++ b/murano-apps/Gerrit/package/Resources/scripts/site.pp @@ -61,6 +61,7 @@ node default { ldap_password => $ldap_password, ldap_accountfullname => 'cn', ldap_account_pattern => '(cn=${username})', + ldap_account_email_address => 'mail', mysql_host => hiera('gerrit_mysql_host', 'localhost'), mysql_password => hiera('gerrit_db_password'), email_private_key => hiera('gerrit_email_private_key'), diff --git a/murano-apps/OpenLDAP/package/Classes/OpenLDAP.yaml b/murano-apps/OpenLDAP/package/Classes/OpenLDAP.yaml index 2319ca9..62da0a7 100644 --- a/murano-apps/OpenLDAP/package/Classes/OpenLDAP.yaml +++ b/murano-apps/OpenLDAP/package/Classes/OpenLDAP.yaml @@ -21,10 +21,14 @@ Properties: Contract: $.string().notNull() ldapRootPass: Contract: $.string().notNull() + ldapRootEmail: + Contract: $.string().notNull() ldapUser: Contract: $.string() ldapPass: Contract: $.string() + ldapEmail: + Contract: $.string() Methods: .init: @@ -65,7 +69,7 @@ Methods: - If: $.ldapUser != '' and $.ldapUser != null Then: - $._environment.reporter.report($this, format('Configuring base non-admin LDAP user')) - - $.configureOpenLDAPUser($.ldapUser, $.ldapPass) + - $.configureOpenLDAPUser($.ldapUser, $.ldapPass, $.ldapEmail) - $.setAttr(deployed, true) - $._environment.reporter.report($this, 'OpenLDAP is deployed!') @@ -99,11 +103,12 @@ Methods: Body: - $resources: new(sys:Resources) - $template: $resources.yaml('ConfigureOpenLDAPUser.template').bind(dict( - domain => $this.domain, + domain => $this.domain, rootUser => $this.ldapRootUser, rootPass => $this.ldapRootPass, - user => '', - password => '' + user => '', + password => '', + email => $this.ldapRootEmail )) - $.instance.agent.call($template, $resources) @@ -113,14 +118,17 @@ Methods: Contract: $.string().notNull() - password: Contract: $.string().notNull() + - email: + Contract: $.string().notNull() Body: - $resources: new(sys:Resources) - $template: $resources.yaml('ConfigureOpenLDAPUser.template').bind(dict( - domain => $this.domain, + domain => $this.domain, rootUser => $this.ldapRootUser, rootPass => $this.ldapRootPass, - user => $user, - password => $password + user => $user, + password => $password, + email => $email )) - $.instance.agent.call($template, $resources) diff --git a/murano-apps/OpenLDAP/package/Resources/ConfigureOpenLDAPUser.template b/murano-apps/OpenLDAP/package/Resources/ConfigureOpenLDAPUser.template index cb4e2ce..f4eb8f5 100644 --- a/murano-apps/OpenLDAP/package/Resources/ConfigureOpenLDAPUser.template +++ b/murano-apps/OpenLDAP/package/Resources/ConfigureOpenLDAPUser.template @@ -8,15 +8,17 @@ Parameters: rootPass: $rootPass user: $user password: $password + email: $email Body: | return configure( - '{0} {1} {2} {3} {4}'.format( + '"{0}" "{1}" "{2}" "{3}" "{4}" "{5}"'.format( args.domain, args.rootUser, args.rootPass, args.user, - args.password)).stdout + args.password, + args.email)).stdout Scripts: configure: diff --git a/murano-apps/OpenLDAP/package/Resources/scripts/configureOpenLDAPUser.sh b/murano-apps/OpenLDAP/package/Resources/scripts/configureOpenLDAPUser.sh index 275b680..21abb2c 100644 --- a/murano-apps/OpenLDAP/package/Resources/scripts/configureOpenLDAPUser.sh +++ b/murano-apps/OpenLDAP/package/Resources/scripts/configureOpenLDAPUser.sh @@ -4,6 +4,7 @@ ADMIN_USERNAME="$2" ADMIN_PASSWORD="$3" USERNAME="$4" PASSWORD="$5" +EMAIL="$6" DOMAIN_PASSWORD="$ADMIN_PASSWORD" @@ -14,7 +15,7 @@ TLD="`echo "$DOMAIN" | cut -d. -f2`" # script will create just admin user if [ -z $USERNAME ]; - then + then USERNAME="$ADMIN_USERNAME"; PASSWORD="$ADMIN_PASSWORD"; fi @@ -23,11 +24,12 @@ fi ldapadd -x -w $DOMAIN_PASSWORD -D "cn=${ADMIN_USERNAME},dc=${NAME},dc=${TLD}" << USER dn: uid=${USERNAME},ou=users,dc=${NAME},dc=${TLD} objectClass: top -objectClass: account objectClass: posixAccount objectClass: shadowAccount +objectclass: iNetOrgPerson cn: ${USERNAME} uid: ${USERNAME} +sn: ${USERNAME} uidNumber: 1001 gidNumber: 1001 homeDirectory: /home/${USERNAME} @@ -37,6 +39,7 @@ userPassword: {crypt}x shadowLastChange: 0 shadowMax: 0 shadowWarning: 0 +mail: ${EMAIL} USER ldappasswd -w $DOMAIN_PASSWORD -s ${PASSWORD} -D "cn=${ADMIN_USERNAME},dc=${NAME},dc=${TLD}" -x uid=${USERNAME},ou=users,dc=${NAME},dc=${TLD} diff --git a/murano-apps/OpenLDAP/package/UI/ui.yaml b/murano-apps/OpenLDAP/package/UI/ui.yaml index 92ab65d..5b39035 100644 --- a/murano-apps/OpenLDAP/package/UI/ui.yaml +++ b/murano-apps/OpenLDAP/package/UI/ui.yaml @@ -7,8 +7,10 @@ Application: domain: $.appConfiguration.domain ldapRootUser: $.appConfiguration.ldapRootUser ldapRootPass: $.appConfiguration.ldapRootPass + ldapRootEmail: $.appConfiguration.ldapRootEmail ldapUser: $.appConfiguration.ldapUser ldapPass: $.appConfiguration.ldapPass + ldapEmail: $.appConfiguration.ldapEmail instance: ?: type: io.murano.opaas.puppet.PuppetInstance @@ -49,20 +51,39 @@ Forms: descriptionTitle: LDAP Root Password description: >- Please, provide admin password + - name: ldapRootEmail + type: string + regexpValidator: '^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$' + errorMessages: + invalid: Please provide valid email address. + label: Root User Email + descriptionTitle: LDAP Root User Email + description: >- + Please, provide admin user email - name: ldapUser type: string label: Username required: false - descriptionTitle: LDAP User + descriptionTitle: LDAP regular user description: >- - Please, provide username + Please, provide name for regular user - name: ldapPass type: password label: Password required: false - descriptionTitle: LDAP Password + descriptionTitle: LDAP password for regular user description: >- - Please, provide password + Please, provide password for regular user + - name: ldapEmail + type: string + regexpValidator: '^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$' + errorMessages: + invalid: Please provide valid email address. + label: Email + required: false + descriptionTitle: LDAP Email + description: >- + Please, provide regular user email - name: assignFloatingIP type: boolean label: Assign Floating IP