Skip to content
Snippets Groups Projects
Unverified Commit f11db503 authored by Mark Sagi-Kazar's avatar Mark Sagi-Kazar
Browse files

test(connector/ldap): rewrite tests to use a single server instance

parent 447841f5
No related branches found
No related tags found
No related merge requests found
......@@ -54,6 +54,9 @@ jobs:
- name: Checkout code
uses: actions/checkout@v2
- name: Start services
run: docker-compose -f docker-compose.test.yaml up -d
- name: Test
run: make testall
env:
......@@ -69,6 +72,9 @@ jobs:
DEX_POSTGRES_PORT: ${{ job.services.postgres.ports[5432] }}
DEX_ETCD_ENDPOINTS: http://localhost:${{ job.services.etcd.ports[2379] }}
DEX_LDAP_TESTS: 1
DEX_LDAP_HOST: localhost
DEX_LDAP_PORT: 389
DEX_LDAP_TLS_PORT: 636
DEX_KEYSTONE_URL: http://localhost:${{ job.services.keystone.ports[5000] }}
DEX_KEYSTONE_ADMIN_URL: http://localhost:${{ job.services.keystone.ports[35357] }}
DEX_KEYSTONE_ADMIN_USER: demo
......
This diff is collapsed.
dn: ou=TestQuery,dc=example,dc=org
objectClass: organizationalUnit
ou: TestQuery
dn: ou=People,ou=TestQuery,dc=example,dc=org
objectClass: organizationalUnit
ou: People
dn: cn=jane,ou=People,ou=TestQuery,dc=example,dc=org
objectClass: person
objectClass: inetOrgPerson
sn: doe
cn: jane
mail: janedoe@example.com
userpassword: foo
dn: cn=john,ou=People,ou=TestQuery,dc=example,dc=org
objectClass: person
objectClass: inetOrgPerson
sn: doe
cn: john
mail: johndoe@example.com
userpassword: bar
########################################################################
dn: ou=TestQueryWithEmailSuffix,dc=example,dc=org
objectClass: organizationalUnit
ou: TestQueryWithEmailSuffix
dn: ou=People,ou=TestQueryWithEmailSuffix,dc=example,dc=org
objectClass: organizationalUnit
ou: People
dn: cn=jane,ou=People,ou=TestQueryWithEmailSuffix,dc=example,dc=org
objectClass: person
objectClass: inetOrgPerson
sn: doe
cn: jane
mail: janedoe@example.com
userpassword: foo
dn: cn=john,ou=People,ou=TestQueryWithEmailSuffix,dc=example,dc=org
objectClass: person
objectClass: inetOrgPerson
sn: doe
cn: john
userpassword: bar
########################################################################
dn: ou=TestUserFilter,dc=example,dc=org
objectClass: organizationalUnit
ou: TestUserFilter
dn: ou=Seattle,ou=TestUserFilter,dc=example,dc=org
objectClass: organizationalUnit
ou: Seattle
dn: ou=Portland,ou=TestUserFilter,dc=example,dc=org
objectClass: organizationalUnit
ou: Portland
dn: ou=People,ou=Seattle,ou=TestUserFilter,dc=example,dc=org
objectClass: organizationalUnit
ou: People
dn: ou=People,ou=Portland,ou=TestUserFilter,dc=example,dc=org
objectClass: organizationalUnit
ou: People
dn: cn=jane,ou=People,ou=Seattle,ou=TestUserFilter,dc=example,dc=org
objectClass: person
objectClass: inetOrgPerson
sn: doe
cn: jane
mail: janedoe@example.com
userpassword: foo
dn: cn=jane,ou=People,ou=Portland,ou=TestUserFilter,dc=example,dc=org
objectClass: person
objectClass: inetOrgPerson
sn: doe
cn: jane
mail: janedoefromportland@example.com
userpassword: baz
dn: cn=john,ou=People,ou=Seattle,ou=TestUserFilter,dc=example,dc=org
objectClass: person
objectClass: inetOrgPerson
sn: doe
cn: john
mail: johndoe@example.com
userpassword: bar
########################################################################
dn: ou=TestGroupQuery,dc=example,dc=org
objectClass: organizationalUnit
ou: TestGroupQuery
dn: ou=People,ou=TestGroupQuery,dc=example,dc=org
objectClass: organizationalUnit
ou: People
dn: cn=jane,ou=People,ou=TestGroupQuery,dc=example,dc=org
objectClass: person
objectClass: inetOrgPerson
sn: doe
cn: jane
mail: janedoe@example.com
userpassword: foo
dn: cn=john,ou=People,ou=TestGroupQuery,dc=example,dc=org
objectClass: person
objectClass: inetOrgPerson
sn: doe
cn: john
mail: johndoe@example.com
userpassword: bar
# Group definitions.
dn: ou=Groups,ou=TestGroupQuery,dc=example,dc=org
objectClass: organizationalUnit
ou: Groups
dn: cn=admins,ou=Groups,ou=TestGroupQuery,dc=example,dc=org
objectClass: groupOfNames
cn: admins
member: cn=john,ou=People,ou=TestGroupQuery,dc=example,dc=org
member: cn=jane,ou=People,ou=TestGroupQuery,dc=example,dc=org
dn: cn=developers,ou=Groups,ou=TestGroupQuery,dc=example,dc=org
objectClass: groupOfNames
cn: developers
member: cn=jane,ou=People,ou=TestGroupQuery,dc=example,dc=org
########################################################################
dn: ou=TestGroupsOnUserEntity,dc=example,dc=org
objectClass: organizationalUnit
ou: TestGroupsOnUserEntity
dn: ou=People,ou=TestGroupsOnUserEntity,dc=example,dc=org
objectClass: organizationalUnit
ou: People
# Groups are enumerated as part of the user entity instead of the members being
# a list on the group entity.
dn: cn=jane,ou=People,ou=TestGroupsOnUserEntity,dc=example,dc=org
objectClass: person
objectClass: inetOrgPerson
sn: doe
cn: jane
mail: janedoe@example.com
userpassword: foo
departmentNumber: 1000
departmentNumber: 1001
dn: cn=john,ou=People,ou=TestGroupsOnUserEntity,dc=example,dc=org
objectClass: person
objectClass: inetOrgPerson
sn: doe
cn: john
mail: johndoe@example.com
userpassword: bar
departmentNumber: 1000
departmentNumber: 1002
# Group definitions. Notice that they don't have any "member" field.
dn: ou=Groups,ou=TestGroupsOnUserEntity,dc=example,dc=org
objectClass: organizationalUnit
ou: Groups
dn: cn=admins,ou=Groups,ou=TestGroupsOnUserEntity,dc=example,dc=org
objectClass: posixGroup
cn: admins
gidNumber: 1000
dn: cn=developers,ou=Groups,ou=TestGroupsOnUserEntity,dc=example,dc=org
objectClass: posixGroup
cn: developers
gidNumber: 1001
dn: cn=designers,ou=Groups,ou=TestGroupsOnUserEntity,dc=example,dc=org
objectClass: posixGroup
cn: designers
gidNumber: 1002
########################################################################
dn: ou=TestGroupFilter,dc=example,dc=org
objectClass: organizationalUnit
ou: TestGroupFilter
dn: ou=People,ou=TestGroupFilter,dc=example,dc=org
objectClass: organizationalUnit
ou: People
dn: cn=jane,ou=People,ou=TestGroupFilter,dc=example,dc=org
objectClass: person
objectClass: inetOrgPerson
sn: doe
cn: jane
mail: janedoe@example.com
userpassword: foo
dn: cn=john,ou=People,ou=TestGroupFilter,dc=example,dc=org
objectClass: person
objectClass: inetOrgPerson
sn: doe
cn: john
mail: johndoe@example.com
userpassword: bar
# Group definitions.
dn: ou=Seattle,ou=TestGroupFilter,dc=example,dc=org
objectClass: organizationalUnit
ou: Seattle
dn: ou=Portland,ou=TestGroupFilter,dc=example,dc=org
objectClass: organizationalUnit
ou: Portland
dn: ou=Groups,ou=Seattle,ou=TestGroupFilter,dc=example,dc=org
objectClass: organizationalUnit
ou: Groups
dn: ou=Groups,ou=Portland,ou=TestGroupFilter,dc=example,dc=org
objectClass: organizationalUnit
ou: Groups
dn: cn=qa,ou=Groups,ou=Portland,ou=TestGroupFilter,dc=example,dc=org
objectClass: groupOfNames
cn: qa
member: cn=john,ou=People,ou=TestGroupFilter,dc=example,dc=org
dn: cn=admins,ou=Groups,ou=Seattle,ou=TestGroupFilter,dc=example,dc=org
objectClass: groupOfNames
cn: admins
member: cn=john,ou=People,ou=TestGroupFilter,dc=example,dc=org
member: cn=jane,ou=People,ou=TestGroupFilter,dc=example,dc=org
dn: cn=developers,ou=Groups,ou=Seattle,ou=TestGroupFilter,dc=example,dc=org
objectClass: groupOfNames
cn: developers
member: cn=jane,ou=People,ou=TestGroupFilter,dc=example,dc=org
########################################################################
dn: ou=TestGroupToUserMatchers,dc=example,dc=org
objectClass: organizationalUnit
ou: TestGroupToUserMatchers
dn: ou=People,ou=TestGroupToUserMatchers,dc=example,dc=org
objectClass: organizationalUnit
ou: People
dn: cn=jane,ou=People,ou=TestGroupToUserMatchers,dc=example,dc=org
objectClass: person
objectClass: inetOrgPerson
sn: doe
cn: jane
uid: janedoe
mail: janedoe@example.com
userpassword: foo
dn: cn=john,ou=People,ou=TestGroupToUserMatchers,dc=example,dc=org
objectClass: person
objectClass: inetOrgPerson
sn: doe
cn: john
uid: johndoe
mail: johndoe@example.com
userpassword: bar
# Group definitions.
dn: ou=Seattle,ou=TestGroupToUserMatchers,dc=example,dc=org
objectClass: organizationalUnit
ou: Seattle
dn: ou=Portland,ou=TestGroupToUserMatchers,dc=example,dc=org
objectClass: organizationalUnit
ou: Portland
dn: ou=Groups,ou=Seattle,ou=TestGroupToUserMatchers,dc=example,dc=org
objectClass: organizationalUnit
ou: Groups
dn: ou=UnixGroups,ou=Seattle,ou=TestGroupToUserMatchers,dc=example,dc=org
objectClass: organizationalUnit
ou: UnixGroups
dn: ou=Groups,ou=Portland,ou=TestGroupToUserMatchers,dc=example,dc=org
objectClass: organizationalUnit
ou: Groups
dn: ou=UnixGroups,ou=Portland,ou=TestGroupToUserMatchers,dc=example,dc=org
objectClass: organizationalUnit
ou: UnixGroups
dn: cn=qa,ou=Groups,ou=Portland,ou=TestGroupToUserMatchers,dc=example,dc=org
objectClass: groupOfNames
cn: qa
member: cn=john,ou=People,ou=TestGroupToUserMatchers,dc=example,dc=org
dn: cn=logger,ou=UnixGroups,ou=Portland,ou=TestGroupToUserMatchers,dc=example,dc=org
objectClass: posixGroup
gidNumber: 1000
cn: logger
memberUid: johndoe
dn: cn=admins,ou=Groups,ou=Seattle,ou=TestGroupToUserMatchers,dc=example,dc=org
objectClass: groupOfNames
cn: admins
member: cn=john,ou=People,ou=TestGroupToUserMatchers,dc=example,dc=org
member: cn=jane,ou=People,ou=TestGroupToUserMatchers,dc=example,dc=org
dn: cn=developers,ou=Groups,ou=Seattle,ou=TestGroupToUserMatchers,dc=example,dc=org
objectClass: groupOfNames
cn: developers
member: cn=jane,ou=People,ou=TestGroupToUserMatchers,dc=example,dc=org
dn: cn=frontend,ou=UnixGroups,ou=Seattle,ou=TestGroupToUserMatchers,dc=example,dc=org
objectClass: posixGroup
gidNumber: 1001
cn: frontend
memberUid: janedoe
########################################################################
dn: ou=TestDeprecatedGroupToUserMatcher,dc=example,dc=org
objectClass: organizationalUnit
ou: TestDeprecatedGroupToUserMatcher
dn: ou=People,ou=TestDeprecatedGroupToUserMatcher,dc=example,dc=org
objectClass: organizationalUnit
ou: People
dn: cn=jane,ou=People,ou=TestDeprecatedGroupToUserMatcher,dc=example,dc=org
objectClass: person
objectClass: inetOrgPerson
sn: doe
cn: jane
mail: janedoe@example.com
userpassword: foo
dn: cn=john,ou=People,ou=TestDeprecatedGroupToUserMatcher,dc=example,dc=org
objectClass: person
objectClass: inetOrgPerson
sn: doe
cn: john
mail: johndoe@example.com
userpassword: bar
# Group definitions.
dn: ou=Seattle,ou=TestDeprecatedGroupToUserMatcher,dc=example,dc=org
objectClass: organizationalUnit
ou: Seattle
dn: ou=Portland,ou=TestDeprecatedGroupToUserMatcher,dc=example,dc=org
objectClass: organizationalUnit
ou: Portland
dn: ou=Groups,ou=Seattle,ou=TestDeprecatedGroupToUserMatcher,dc=example,dc=org
objectClass: organizationalUnit
ou: Groups
dn: ou=Groups,ou=Portland,ou=TestDeprecatedGroupToUserMatcher,dc=example,dc=org
objectClass: organizationalUnit
ou: Groups
dn: cn=qa,ou=Groups,ou=Portland,ou=TestDeprecatedGroupToUserMatcher,dc=example,dc=org
objectClass: groupOfNames
cn: qa
member: cn=john,ou=People,ou=TestDeprecatedGroupToUserMatcher,dc=example,dc=org
dn: cn=admins,ou=Groups,ou=Seattle,ou=TestDeprecatedGroupToUserMatcher,dc=example,dc=org
objectClass: groupOfNames
cn: admins
member: cn=john,ou=People,ou=TestDeprecatedGroupToUserMatcher,dc=example,dc=org
member: cn=jane,ou=People,ou=TestDeprecatedGroupToUserMatcher,dc=example,dc=org
dn: cn=developers,ou=Groups,ou=Seattle,ou=TestDeprecatedGroupToUserMatcher,dc=example,dc=org
objectClass: groupOfNames
cn: developers
member: cn=jane,ou=People,ou=TestDeprecatedGroupToUserMatcher,dc=example,dc=org
########################################################################
dn: ou=TestStartTLS,dc=example,dc=org
objectClass: organizationalUnit
ou: TestStartTLS
dn: ou=People,ou=TestStartTLS,dc=example,dc=org
objectClass: organizationalUnit
ou: People
dn: cn=jane,ou=People,ou=TestStartTLS,dc=example,dc=org
objectClass: person
objectClass: inetOrgPerson
sn: doe
cn: jane
mail: janedoe@example.com
userpassword: foo
########################################################################
dn: ou=TestInsecureSkipVerify,dc=example,dc=org
objectClass: organizationalUnit
ou: TestInsecureSkipVerify
dn: ou=People,ou=TestInsecureSkipVerify,dc=example,dc=org
objectClass: organizationalUnit
ou: People
dn: cn=jane,ou=People,ou=TestInsecureSkipVerify,dc=example,dc=org
objectClass: person
objectClass: inetOrgPerson
sn: doe
cn: jane
mail: janedoe@example.com
userpassword: foo
########################################################################
dn: ou=TestLDAPS,dc=example,dc=org
objectClass: organizationalUnit
ou: TestLDAPS
dn: ou=People,ou=TestLDAPS,dc=example,dc=org
objectClass: organizationalUnit
ou: People
dn: cn=jane,ou=People,ou=TestLDAPS,dc=example,dc=org
objectClass: person
objectClass: inetOrgPerson
sn: doe
cn: jane
mail: janedoe@example.com
userpassword: foo
......@@ -12,3 +12,8 @@ services:
etcd:
ports:
- "127.0.0.1:2379:2379"
ldap:
ports:
- "127.0.0.1:389:389"
- "127.0.0.1:636:636"
version: "3.8"
services:
ldap:
image: osixia/openldap:1.4.0
# Copying is required because the entrypoint modifies the *.ldif files.
# For verbose output, use: command: ["--copy-service", "--loglevel", "debug"]
command: ["--copy-service"]
environment:
LDAP_BASE_DN: "dc=example,dc=org"
LDAP_TLS: "true"
LDAP_TLS_VERIFY_CLIENT: try
ports:
- 389:389
- 636:636
volumes:
- ./connector/ldap/testdata/certs:/container/service/slapd/assets/certs
- ./connector/ldap/testdata/schema.ldif:/container/service/slapd/assets/config/bootstrap/ldif/99-schema.ldif
......@@ -32,3 +32,16 @@ services:
# For testing the Kubernetes storage backend we suggest https://kind.sigs.k8s.io/:
# kind create cluster
ldap:
image: osixia/openldap:1.4.0
# Copying is required because the entrypoint modifies the *.ldif files.
# For verbose output, use: command: ["--copy-service", "--loglevel", "debug"]
command: ["--copy-service"]
environment:
LDAP_BASE_DN: "dc=example,dc=org"
LDAP_TLS: "true"
LDAP_TLS_VERIFY_CLIENT: try
volumes:
- ./connector/ldap/testdata/certs:/container/service/slapd/assets/certs
- ./connector/ldap/testdata/schema.ldif:/container/service/slapd/assets/config/bootstrap/ldif/99-schema.ldif
......@@ -4,13 +4,13 @@ go 1.15
require (
github.com/AppsFlyer/go-sundheit v0.3.1
github.com/Microsoft/hcsshim v0.8.14 // indirect
github.com/beevik/etree v1.1.0
github.com/coreos/go-oidc/v3 v3.0.0
github.com/dexidp/dex/api/v2 v2.0.0
github.com/felixge/httpsnoop v1.0.1
github.com/ghodss/yaml v1.0.0
github.com/go-sql-driver/mysql v1.5.0
github.com/gogo/protobuf v1.3.1 // indirect
github.com/golang/protobuf v1.3.2
github.com/gorilla/handlers v1.5.1
github.com/gorilla/mux v1.8.0
......@@ -20,17 +20,19 @@ require (
github.com/mattermost/xml-roundtrip-validator v0.0.0-20201219040909-8fd2afad43d1
github.com/mattn/go-sqlite3 v1.14.6
github.com/oklog/run v1.1.0
github.com/onsi/ginkgo v1.8.0 // indirect
github.com/onsi/gomega v1.5.0 // indirect
github.com/pkg/errors v0.9.1
github.com/prometheus/client_golang v1.4.0
github.com/russellhaering/goxmldsig v1.1.0
github.com/sirupsen/logrus v1.7.0
github.com/spf13/cobra v1.1.3
github.com/stretchr/testify v1.7.0
github.com/testcontainers/testcontainers-go v0.0.9
go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738
golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad
golang.org/x/net v0.0.0-20201224014010-6772e930b67b
golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d
golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3 // indirect
google.golang.org/api v0.15.0
google.golang.org/grpc v1.26.0
gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d // indirect
......
This diff is collapsed.
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment