From 9be8dbd9a71d064300782af265032cce64c5950c Mon Sep 17 00:00:00 2001 From: Martin van Es Date: Tue, 24 Sep 2024 09:23:38 +0200 Subject: [PATCH 1/9] Filter only None values from records --- plsc_ordered.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plsc_ordered.py b/plsc_ordered.py index ff23629..dc52b52 100755 --- a/plsc_ordered.py +++ b/plsc_ordered.py @@ -100,7 +100,7 @@ def res(days, interval): # clean up the lists, such that we return empty lists if no attribute is present, rather than [None] for key, val in record.items(): - record[key] = list(filter(None, record[key])) + record[key] = list(filter(lambda n: n is not None, val)) rdn = f"uid={username}" From 821ed1fb04a1553402445d48e47a9fcf5b3bc93c Mon Sep 17 00:00:00 2001 From: Martin van Es Date: Tue, 24 Sep 2024 10:11:37 +0200 Subject: [PATCH 2/9] Fix CI action --- .github/workflows/ci.yml | 4 +++- run-ldapci.sh | 14 ++++++++++++++ 2 files changed, 17 insertions(+), 1 deletion(-) create mode 100755 run-ldapci.sh diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6be222c..54d6a13 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -26,8 +26,10 @@ jobs: image: osixia/openldap:latest ports: - 389:389 + volumes: + - ./misc/schema:/opt/misc/schema env: - LDAP_SEED_INTERNAL_SCHEMA_PATH: "${CI_PROJECT_DIR}/misc/schema" + LDAP_SEED_INTERNAL_SCHEMA_PATH: /opt/misc/schema LDAP_DOMAIN: services.sram.tld LDAP_ADMIN_USERNAME: admin LDAP_ADMIN_PASSWORD: secret diff --git a/run-ldapci.sh b/run-ldapci.sh new file mode 100755 index 0000000..68572e1 --- /dev/null +++ b/run-ldapci.sh @@ -0,0 +1,14 @@ +#!/bin/sh +docker rm ldap-ci || true +docker run -ti \ + -e "LDAP_SEED_INTERNAL_SCHEMA_PATH=/opt/misc/schema" \ + -e "LDAP_DOMAIN=services.sram.tld" \ + -e "LDAP_ADMIN_USERNAME=admin" \ + -e "LDAP_ADMIN_PASSWORD=secret" \ + -e "LDAP_CONFIG_PASSWORD=config" \ + -e "LDAP_BASE_DN=dc=services,dc=sram,dc=tld" \ + -e "LDAP_TLS=true" \ + -v "./misc/schema:/opt/misc/schema" \ + -p 389:389 \ + --name ldap-ci \ + osixia/openldap:latest From 4cf052bd946104c6c4ab15b3b180eaf252d2e34f Mon Sep 17 00:00:00 2001 From: Martin van Es Date: Tue, 24 Sep 2024 10:20:14 +0200 Subject: [PATCH 3/9] Do we need checkout in an action? --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 54d6a13..76ef8c7 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -38,7 +38,7 @@ jobs: LDAP_TLS: true steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: Install dependencies run: sudo apt-get update && sudo apt-get install -y libsasl2-dev libldap2-dev ldap-utils From 6fcc54f372901290387ed4cb796e850a1806d1a1 Mon Sep 17 00:00:00 2001 From: Martin van Es Date: Tue, 24 Sep 2024 10:42:35 +0200 Subject: [PATCH 4/9] WIP --- .github/workflows/ci.yml | 18 ++++++++++++++++-- run-ldapci.sh | 4 ++-- 2 files changed, 18 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 76ef8c7..05464b3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -27,7 +27,8 @@ jobs: ports: - 389:389 volumes: - - ./misc/schema:/opt/misc/schema + - ${{ github.workspace }}/misc/schema:/opt/misc/schema + options: --name ldap env: LDAP_SEED_INTERNAL_SCHEMA_PATH: /opt/misc/schema LDAP_DOMAIN: services.sram.tld @@ -38,7 +39,15 @@ jobs: LDAP_TLS: true steps: - # - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + - name: Checkout + uses: actions/checkout@master + with: + path: plsc + + - name: Restart LDAP container + uses: docker://docker + with: + args: docker restart ldap - name: Install dependencies run: sudo apt-get update && sudo apt-get install -y libsasl2-dev libldap2-dev ldap-utils @@ -49,16 +58,19 @@ jobs: python-version: ${{ matrix.python }} - name: Install dependencies + working-directory: ./plsc run: | python3 -m pip install --upgrade pip flake8 gera2ld-pyserve pip install flake8 pytest if [ -f requirements.txt ]; then pip install -r requirements.txt; fi - name: Check syntax + working-directory: ./plsc run: | flake8 . - name: ldap - Initialization... + working-directory: ./plsc run: > sleep 5; ldapwhoami -H ${LDAP_URL} -D ${LDAP_BIND_DN} -w ${LDAP_ADMIN_PASSWORD}; @@ -81,6 +93,7 @@ jobs: # uses: mxschmitt/action-tmate@v3 - name: Run pytest... + working-directory: ./plsc run: | export PYTHONPATH="." pytest @@ -91,6 +104,7 @@ jobs: LDAP_BIND_DN: cn=admin,dc=services,dc=sram,dc=tld - name: Dump ldap... + working-directory: ./plsc run: ldapsearch -x -H ${LDAP_URL} -b ${LDAP_BASE_DN} -s sub objectclass=organizationalUnit env: diff --git a/run-ldapci.sh b/run-ldapci.sh index 68572e1..e3ae811 100755 --- a/run-ldapci.sh +++ b/run-ldapci.sh @@ -1,5 +1,5 @@ #!/bin/sh -docker rm ldap-ci || true +docker rm ldap || true docker run -ti \ -e "LDAP_SEED_INTERNAL_SCHEMA_PATH=/opt/misc/schema" \ -e "LDAP_DOMAIN=services.sram.tld" \ @@ -10,5 +10,5 @@ docker run -ti \ -e "LDAP_TLS=true" \ -v "./misc/schema:/opt/misc/schema" \ -p 389:389 \ - --name ldap-ci \ + --name ldap \ osixia/openldap:latest From 774c6674d73b50c1c3f31cb85bcb00086fd6f5bf Mon Sep 17 00:00:00 2001 From: Martin van Es Date: Tue, 24 Sep 2024 10:51:54 +0200 Subject: [PATCH 5/9] Add tmate session to debug --- .github/workflows/ci.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 05464b3..7b8488d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -111,5 +111,14 @@ jobs: LDAP_URL: ldap://localhost:389 LDAP_BASE_DN: dc=services,dc=sram,dc=tld + # Setup tmate session + - name: Setup tmate session + env: + ACTIONS_STEP_DEBUG: ${{ secrets.ACTIONS_STEP_DEBUG}} + if: ${{ failure() && env.ACTIONS_STEP_DEBUG == 'true' }} + uses: mxschmitt/action-tmate@v3 + with: + limit-access-to-actor: true + timeout-minutes: 60 From 96c5c6071c6ff7e9eea822d209d5002e785d3921 Mon Sep 17 00:00:00 2001 From: Martin van Es Date: Tue, 24 Sep 2024 11:01:14 +0200 Subject: [PATCH 6/9] WIP --- .github/workflows/ci.yml | 32 +++----------------------------- 1 file changed, 3 insertions(+), 29 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7b8488d..9ca3ff4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -21,33 +21,12 @@ jobs: - '3.11' - '3.12' - services: - ldap: - image: osixia/openldap:latest - ports: - - 389:389 - volumes: - - ${{ github.workspace }}/misc/schema:/opt/misc/schema - options: --name ldap - env: - LDAP_SEED_INTERNAL_SCHEMA_PATH: /opt/misc/schema - LDAP_DOMAIN: services.sram.tld - LDAP_ADMIN_USERNAME: admin - LDAP_ADMIN_PASSWORD: secret - LDAP_CONFIG_PASSWORD: config - LDAP_BASE_DN: dc=services,dc=sram,dc=tld - LDAP_TLS: true - steps: - name: Checkout - uses: actions/checkout@master - with: - path: plsc + uses: actions/checkout@v4 - - name: Restart LDAP container - uses: docker://docker - with: - args: docker restart ldap + - name: Start LDAP container + run: ./run-ldapci.sh - name: Install dependencies run: sudo apt-get update && sudo apt-get install -y libsasl2-dev libldap2-dev ldap-utils @@ -58,19 +37,16 @@ jobs: python-version: ${{ matrix.python }} - name: Install dependencies - working-directory: ./plsc run: | python3 -m pip install --upgrade pip flake8 gera2ld-pyserve pip install flake8 pytest if [ -f requirements.txt ]; then pip install -r requirements.txt; fi - name: Check syntax - working-directory: ./plsc run: | flake8 . - name: ldap - Initialization... - working-directory: ./plsc run: > sleep 5; ldapwhoami -H ${LDAP_URL} -D ${LDAP_BIND_DN} -w ${LDAP_ADMIN_PASSWORD}; @@ -93,7 +69,6 @@ jobs: # uses: mxschmitt/action-tmate@v3 - name: Run pytest... - working-directory: ./plsc run: | export PYTHONPATH="." pytest @@ -104,7 +79,6 @@ jobs: LDAP_BIND_DN: cn=admin,dc=services,dc=sram,dc=tld - name: Dump ldap... - working-directory: ./plsc run: ldapsearch -x -H ${LDAP_URL} -b ${LDAP_BASE_DN} -s sub objectclass=organizationalUnit env: From b37746b66298b38dee29b2f735497066e0492701 Mon Sep 17 00:00:00 2001 From: Martin van Es Date: Tue, 24 Sep 2024 11:04:18 +0200 Subject: [PATCH 7/9] WIP --- run-ldapci.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/run-ldapci.sh b/run-ldapci.sh index e3ae811..7719590 100755 --- a/run-ldapci.sh +++ b/run-ldapci.sh @@ -1,6 +1,6 @@ #!/bin/sh docker rm ldap || true -docker run -ti \ +docker run -d \ -e "LDAP_SEED_INTERNAL_SCHEMA_PATH=/opt/misc/schema" \ -e "LDAP_DOMAIN=services.sram.tld" \ -e "LDAP_ADMIN_USERNAME=admin" \ From 600e3c8676b1f1c0afbcf70a51254a6c7b0ff1f5 Mon Sep 17 00:00:00 2001 From: Martin van Es Date: Tue, 24 Sep 2024 11:16:54 +0200 Subject: [PATCH 8/9] WIP --- .github/workflows/ci.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9ca3ff4..5caf4ef 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -50,11 +50,12 @@ jobs: run: > sleep 5; ldapwhoami -H ${LDAP_URL} -D ${LDAP_BIND_DN} -w ${LDAP_ADMIN_PASSWORD}; + ldapwhoami -H ${LDAP_URL} -D cn=admin,cn=config -w ${LDAP_CONFIG_PASSWORD}; for f in access eduPerson voPerson groupOfMembers config; do - ldapadd -H ${LDAP_URL} - -D cn=admin,cn=config - -w ${LDAP_CONFIG_PASSWORD} + ldapadd -H ${LDAP_URL} \ + -D cn=admin,cn=config \ + -w ${LDAP_CONFIG_PASSWORD} \ -f etc/ldif/$f.ldif; done; env: From 4165b49d02aa3d8b6cdc152a568999d5e076a5eb Mon Sep 17 00:00:00 2001 From: Martin van Es Date: Tue, 24 Sep 2024 11:19:45 +0200 Subject: [PATCH 9/9] Fix sramPerson.ldif --- misc/schema/sramPerson.ldif | 36 ++++++++++-------------------------- 1 file changed, 10 insertions(+), 26 deletions(-) diff --git a/misc/schema/sramPerson.ldif b/misc/schema/sramPerson.ldif index af7996b..e194381 100644 --- a/misc/schema/sramPerson.ldif +++ b/misc/schema/sramPerson.ldif @@ -1,39 +1,23 @@ # Internet X.500 Schema for Ldappc -# Includes the sczGroup ObjectClass schema +# Includes the sramPerson ObjectClass schema # -# An auxiliary object class, "sczGroup," is a convenient container -# for an extensible set of attributes concerning group memberships. +# An auxiliary object class, "sramPerson," is a convenient container +# for an extensible set of attributes concerning sram persons. # At this time, the only attribute specified as belonging to the -# object class is "sczMember." -# -# It is specifically configured to support the memberOf overlay. -# +# object class is "sramInactiveDays". # dn: cn=sramPerson,cn=schema,cn=config objectClass: olcSchemaConfig cn: sramPerson -olcAttributeTypes: ( 1.3.6.1.4.1.1076.20.100.20.2.1 NAME 'sramLastActivityDate' - DESC 'Date when this entity was last active' - EQUALITY generalizedTimeMatch - ORDERING generalizedTimeOrderingMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 - ) -olcAttributeTypes: ( 1.3.6.1.4.1.1076.20.100.20.2.2 NAME 'sramAUPacceptedURI' - DESC 'URI of accepted AUP' - EQUALITY caseExactMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 - ) -olcAttributeTypes: ( 1.3.6.1.4.1.1076.20.100.20.2.3 NAME 'sramAUPacceptedDate' - DESC 'Date when the AUP was accepted' - EQUALITY generalizedTimeMatch - ORDERING generalizedTimeOrderingMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 +olcAttributeTypes: ( 1.3.6.1.4.1.1076.20.100.20.2.1 NAME 'sramInactiveDays' + DESC 'Number of days this entity was inactive' + EQUALITY IntegerMatch + ORDERING IntegerOrderingMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) olcObjectClasses: ( 1.3.6.1.4.1.1076.20.100.20.1.1 NAME 'sramPerson' AUXILIARY MAY ( - sramLastActivityDate $ - sramAUPacceptedURI $ - sramAUPacceptedDate + sramInactiveDays ) )