-
Notifications
You must be signed in to change notification settings - Fork 325
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1832 from wireapp/release-2021-10-01
- Loading branch information
Showing
358 changed files
with
13,318 additions
and
12,263 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -27,4 +27,5 @@ RUN apk add --no-cache \ | |
llvm-libunwind \ | ||
ca-certificates \ | ||
dumb-init \ | ||
libxml2 | ||
libxml2 \ | ||
ncurses |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
# Patterns to ignore when building packages. | ||
# This supports shell glob matching, relative path matching, and | ||
# negation (prefixed with !). Only one pattern per line. | ||
.DS_Store | ||
# Common VCS dirs | ||
.git/ | ||
.gitignore | ||
.bzr/ | ||
.bzrignore | ||
.hg/ | ||
.hgignore | ||
.svn/ | ||
# Common backup files | ||
*.swp | ||
*.bak | ||
*.tmp | ||
*~ | ||
# Various IDEs | ||
.project | ||
.idea/ | ||
*.tmproj |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
apiVersion: v1 | ||
description: ldap-scim-bridge - Sync LDAP via Wire Server SCIM API | ||
name: ldap-scim-bridge | ||
version: 0.0.1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
# ldap-scim-bridge | ||
|
||
To do a test deployment on a existing cluster from a machine able to deploy helm charts… | ||
```bash | ||
git clone wire-server | ||
cd wire-server | ||
# deploy test instance of openldap with preloaded users | ||
helm upgrade --install -n wire openldap charts/openldap/ | ||
# deploy ldap-scim-bridge with default chart values | ||
helm upgrade --install -n wire ldap-scim-bridge charts/ldap-scim-bridge -f charts/ldap-scim-bridge/values.yaml | ||
``` | ||
|
||
The kubernetes cronjob resource will spawn a new `ldap-scim-bridge-XXXXXX` pod every minute. Logs for the pod can be gathered with `kubectl log`. | ||
``` | ||
kubectl get pods -n wire | ||
kubectl logs ldap-scim-bridge-XXXXXX -n wire | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
apiVersion: batch/v1beta1 | ||
kind: CronJob | ||
metadata: | ||
name: ldap-scim-bridge | ||
labels: | ||
wireService: ldap-scim-bridge | ||
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} | ||
release: {{ .Release.Name }} | ||
heritage: {{ .Release.Service }} | ||
spec: | ||
concurrencyPolicy: Forbid | ||
schedule: {{ .Values.schedule | quote }} | ||
jobTemplate: | ||
metadata: | ||
labels: | ||
wireService: ldap-scim-bridge | ||
release: {{ .Release.Name }} | ||
annotations: | ||
# An annotation of the configmap checksum ensures changes to the configmap cause a redeployment upon `helm upgrade` | ||
checksum/secret: {{ include (print .Template.BasePath "/secret.yaml") . | sha256sum }} | ||
spec: | ||
backoffLimit: 0 | ||
template: | ||
spec: | ||
restartPolicy: Never | ||
volumes: | ||
- name: "ldap-scim-bridge-config" | ||
secret: | ||
secretName: "ldap-scim-bridge" | ||
containers: | ||
- name: ldap-scim-bridge | ||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" | ||
imagePullPolicy: {{ default "" .Values.imagePullPolicy | quote }} | ||
args: ["ldap-scim-bridge", "/etc/ldap-scim-bridge/config.yaml"] | ||
volumeMounts: | ||
- name: "ldap-scim-bridge-config" | ||
mountPath: "/etc/ldap-scim-bridge/" | ||
resources: | ||
{{ toYaml .Values.resources | indent 16 }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
apiVersion: v1 | ||
kind: Secret | ||
metadata: | ||
name: ldap-scim-bridge | ||
labels: | ||
wireService: ldap-scim-bridge | ||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" | ||
release: "{{ .Release.Name }}" | ||
heritage: "{{ .Release.Service }}" | ||
type: Opaque | ||
stringData: | ||
config.yaml: | | ||
{{ toYaml .Values.config | indent 4 }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
image: | ||
repository: quay.io/wire/ldap-scim-bridge | ||
tag: 0.2 | ||
resources: | ||
requests: | ||
memory: "256Mi" | ||
cpu: "100m" | ||
limits: | ||
memory: "512Mi" | ||
cpu: "500m" | ||
# https://v1-19.docs.kubernetes.io/docs/tasks/job/automated-tasks-with-cron-jobs/#schedule | ||
# schedule: "@hourly" | ||
schedule: "*/1 * * * *" | ||
# https://github.com/wireapp/ldap-scim-bridge | ||
config: | ||
logLevel: "Debug" # one of Trace,Debug,Info,Warn,Error,Fatal; `Fatal` is least noisy, `Trace` most. | ||
ldapSource: | ||
tls: false | ||
host: "openldap" | ||
port: 389 | ||
dn: "cn=admin,dc=nodomain" | ||
password: "admin" | ||
search: | ||
base: "ou=People,dc=nodomain" | ||
objectClass: "account" | ||
codec: "utf8" | ||
deleteOnAttribute: # optional, related to `delete-from-directory`. | ||
key: "deleted" | ||
value: "true" | ||
deleteFromDirectory: # optional; ok to use together with `delete-on-attribute` if you use both. | ||
base: "ou=DeletedPeople,dc=nodomain" | ||
objectClass: "account" | ||
scimTarget: | ||
tls: false | ||
host: "spar" | ||
port: 8080 | ||
path: "/scim/v2" | ||
token: "Bearer U6DRfAcwsvCg9eBStJWtiHu/XqTB1iVDcvNcsuftvqk=" | ||
mapping: | ||
userName: "uidNumber" | ||
externalId: "uid" | ||
email: "email" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
# Patterns to ignore when building packages. | ||
# This supports shell glob matching, relative path matching, and | ||
# negation (prefixed with !). Only one pattern per line. | ||
.DS_Store | ||
# Common VCS dirs | ||
.git/ | ||
.gitignore | ||
.bzr/ | ||
.bzrignore | ||
.hg/ | ||
.hgignore | ||
.svn/ | ||
# Common backup files | ||
*.swp | ||
*.bak | ||
*.tmp | ||
*~ | ||
# Various IDEs | ||
.project | ||
.idea/ | ||
*.tmproj |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
apiVersion: v1 | ||
description: openldap - Test instance for LDAP sync with ldap-scim-bridge | ||
name: openldap | ||
version: 0.0.1 |
Oops, something went wrong.