Rework to use docker-compose

Signed-off-by: Martin Heide <martin.heide@faro.com>
This commit is contained in:
Martin Heide 2020-07-15 09:37:54 +00:00
parent b4d22bf1b2
commit 705cf8bb6a
5 changed files with 22 additions and 60 deletions

View file

@ -13,16 +13,17 @@ The connector executes two primary queries:
The dex repo contains a basic LDAP setup using [OpenLDAP][openldap]. The dex repo contains a basic LDAP setup using [OpenLDAP][openldap].
First start the LDAP server using the example script. This will run the OpenLDAP daemon in a Docker container, and seed it with an initial set of users. First start the LDAP server using docker-compose. This will run the OpenLDAP daemon in a Docker container, and seed it with an initial set of users.
``` ```
./scripts/slapd.sh cd examples/ldap
docker-compose up
``` ```
This script sets the LDAP daemon to debug mode, and is expected to print several error messages which are normal. Once the server is up, run dex. This container is expected to print several warning messages which are normal. Once the server is up, run dex in another terminal.
``` ```
./bin/dex serve examples/config-ldap.yaml ./bin/dex serve examples/ldap/config-ldap.yaml
``` ```
Then run the OAuth client in another terminal. Then run the OAuth client in another terminal.

View file

@ -0,0 +1,17 @@
version: "3"
services:
ldap:
image: osixia/openldap:1.4.0
# Copying is required because the entrypoint modifies the *.ldif files.
# For verbose output, use:
#command: ["--copy-service", "--loglevel", "debug"]
command: ["--copy-service"]
volumes:
# https://github.com/osixia/docker-openldap#seed-ldap-database-with-ldif
# Option 1: Add additional seed file by mounting to /container/service/slapd/assets/config/bootstrap/ldif/custom/
# Option 2: Overwrite default seed file by mounting to /container/service/slapd/assets/config/bootstrap/ldif/
- ./config-ldap.ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom/config-ldap.ldif
ports:
- 389:389
- 636:636

View file

@ -1,56 +0,0 @@
#!/bin/bash
#
# Start an OpenLDAP container and populate it with example entries.
# https://github.com/dexidp/dex/blob/master/Documentation/connectors/ldap.md
#
# Usage:
# slapd.sh Kill a possibly preexisting "ldap" container, start a new one, and populate the directory.
# slapd.sh --keep Same, but keep the container if it is already running.
#
set -eu
cd -- "$(dirname "$0")/.."
run_cmd() {
echo ">" "$@" >&2
"$@"
}
keep_running=
if [ $# -gt 0 ] && [ "$1" = "--keep" ]; then
keep_running=1
fi
if [ -z "$keep_running" ] || [ "$(docker inspect --format="{{.State.Running}}" ldap 2> /dev/null)" != "true" ]; then
echo "LDAP container not running, or running and --keep not specified."
echo "Removing old LDAP container (if any)..."
run_cmd docker rm --force ldap || true
echo "Starting LDAP container..."
# Currently the most popular OpenLDAP image on Docker Hub. Comes with the latest version OpenLDAP 2.4.50.
run_cmd docker run -p 389:389 -p 636:636 -v $PWD:$PWD --name ldap --detach osixia/openldap:1.4.0
tries=1
max_tries=10
echo "Waiting for LDAP container ($tries/$max_tries)..."
# Wait until expected line "structuralObjectClass: organization" shows up.
# Seems to work more reliably than waiting for exit code 0. That would be:
# while ! docker exec ldap slapcat -b "dc=example,dc=org" > /dev/null 2>&1; do
while [[ ! "$(docker exec ldap slapcat -b "dc=example,dc=org" 2>/dev/null)" =~ organization ]]; do
((++tries))
if [ "$tries" -gt "$max_tries" ]; then
echo "ERROR: Timeout waiting for LDAP container."
exit 1
fi
sleep 1
echo "Waiting for LDAP container ($tries/$max_tries)..."
done
fi
echo "Adding example entries to directory..."
run_cmd docker exec ldap ldapadd \
-x \
-D "cn=admin,dc=example,dc=org" \
-w admin \
-H ldap://localhost:389/ \
-f $PWD/examples/config-ldap.ldif
echo "OK."