From fd1c32ef2a98468635d82498e926d2b5045a59bc Mon Sep 17 00:00:00 2001
From: Jean-Philippe G <jp-gouin@hotmail.fr>
Date: Mon, 5 Feb 2024 17:19:26 +0100
Subject: [PATCH] improve ci and add memberOf test

---
 .bin/kind-conf.yml            | 2 +-
 .bin/myval.yaml               | 4 +++-
 .bin/singleNode.yaml          | 2 ++
 .github/workflows/ci.yml      | 9 +++++----
 advanced_examples/MemberOf.md | 1 -
 values.yaml                   | 4 ++--
 6 files changed, 13 insertions(+), 9 deletions(-)

diff --git a/.bin/kind-conf.yml b/.bin/kind-conf.yml
index aa5908f..67a046a 100644
--- a/.bin/kind-conf.yml
+++ b/.bin/kind-conf.yml
@@ -14,7 +14,7 @@ nodes:
     hostPort: 8080
     protocol: TCP
   - containerPort: 443
-    hostPort: 8443
+    hostPort: 8444
     protocol: TCP
   - containerPort: 30636
     hostPort: 30636
diff --git a/.bin/myval.yaml b/.bin/myval.yaml
index 05192e7..d61897c 100644
--- a/.bin/myval.yaml
+++ b/.bin/myval.yaml
@@ -14,18 +14,20 @@ phpldapadmin:
     - "phpldapadmin.example"
 customSchemaFiles:
   00-memberof.ldif: |-
+    # Load memberof module
     dn: cn=module,cn=config
     cn: module
     objectClass: olcModuleList
     olcModuleLoad: memberof
     olcModulePath: /opt/bitnami/openldap/lib/openldap
-  01-memberof.ldif: |-
+
     dn: olcOverlay=memberof,olcDatabase={2}mdb,cn=config
     changetype: add
     objectClass: olcOverlayConfig
     objectClass: olcMemberOf
     olcOverlay: memberof
     olcMemberOfRefint: TRUE
+    
   10_owncloud_schema.ldif: |-
     # This LDIF files describes the ownCloud schema and can be used to
     # add two optional attributes: ownCloudQuota and ownCloudUUID
diff --git a/.bin/singleNode.yaml b/.bin/singleNode.yaml
index d7c4c15..856065c 100644
--- a/.bin/singleNode.yaml
+++ b/.bin/singleNode.yaml
@@ -1,4 +1,6 @@
 logLevel: debug
+global:
+  ldapDomain: "singlenode.org"
 resources: 
   limits:
     cpu: "128m"
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 69d62f9..2006670 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -46,7 +46,7 @@ jobs:
         run: |
            echo "test access to openldap database"
            sudo apt-get install -y ldap-utils
-           sleep 30
+           sleep 10
            LDAPTLS_REQCERT=never ldapsearch -x -D 'cn=admin,dc=example,dc=org' -w Not@SecurePassw0rd -H ldaps://localhost:30636 -b 'dc=example,dc=org'
       - name: test phpldapadmin access
         shell: bash
@@ -63,7 +63,8 @@ jobs:
         shell: bash
         run: |
            echo "verify certificate"
-           openssl s_client -showcerts -connect localhost:30636 </dev/null | grep "issuer=CN = example.com"
+           echo | openssl s_client -showcerts -servername example.com -connect localhost:30636 2>/dev/null | openssl x509 -inform pem -noout -text > /tmp/test-cert.txt
+           if ! grep -q "CN = example.com" /tmp/test-cert.txt; then  echo exit 1; fi
       - name: apply chaos tests
         shell: bash
         run: |
@@ -75,7 +76,7 @@ jobs:
            echo "Write test to openldap database"
            LDAPTLS_REQCERT=never ldapadd -x -D 'cn=admin,dc=example,dc=org' -w Not@SecurePassw0rd -H ldaps://localhost:30636 -f  .bin/user.ldif
            LDAPTLS_REQCERT=never ldapsearch -o nettimeout=20 -x -D 'cn=admin,dc=example,dc=org' -w Not@SecurePassw0rd -H ldaps://localhost:30636 -b 'dc=example,dc=org' > /tmp/test-write.txt
-           if [ $(grep "numResponses" /tmp/test-write.txt | cut -d ":" -f 2 | tr -d ' ') -ne 5 ]; then exit 1 ; fi
+           if [ $(grep "numResponses" /tmp/test-write.txt | cut -d ":" -f 2 | tr -d ' ') -ne 9 ]; then exit 1 ; fi
            if ! grep -q "objectClass: ownCloud" /tmp/test-write.txt; then  echo exit 1; fi
       - name: test memberOf
         shell: bash
@@ -101,7 +102,7 @@ jobs:
         run: |
            echo "test access to openldap database"
            sudo apt-get install -y ldap-utils
-           LDAPTLS_REQCERT=never ldapsearch -x -D 'cn=admin,dc=example,dc=org' -w Not@SecurePassw0rd -H ldaps://localhost:30636 -b 'dc=example,dc=org' > /tmp/test-single-node.txt
+           LDAPTLS_REQCERT=never ldapsearch -x -D 'cn=admin,dc=singlenode,dc=org' -w Not@SecurePassw0rd -H ldaps://localhost:30636 -b 'dc=singlenode,dc=org' > /tmp/test-single-node.txt
            cat /tmp/test-single-node.txt
            if [ $(grep "numResponses" /tmp/test-single-node.txt | cut -d ":" -f 2 | tr -d ' ') -ne 6 ]; then exit 1 ; fi
 
diff --git a/advanced_examples/MemberOf.md b/advanced_examples/MemberOf.md
index 5691eac..a0e5dee 100644
--- a/advanced_examples/MemberOf.md
+++ b/advanced_examples/MemberOf.md
@@ -73,7 +73,6 @@ customSchemaFiles:
     olcModuleLoad: memberof
     olcModulePath: /opt/bitnami/openldap/lib/openldap
 
-  01-memberof.ldif: |-
     dn: olcOverlay=memberof,olcDatabase={2}mdb,cn=config
     changetype: add
     objectClass: olcOverlayConfig
diff --git a/values.yaml b/values.yaml
index 4547fee..e6554a9 100644
--- a/values.yaml
+++ b/values.yaml
@@ -56,8 +56,8 @@ image:
   #repository: bitnami/openldap
   #tag: 2.6.3
   # Temporary fix
-  repository: bitnami/openldap
-  tag: 2.6.6
+  repository: jpgouin/openldap
+  tag: 2.6.6-fix
   pullPolicy: Always
   pullSecrets: []