Class: Gitlab::QA::Component::LDAP

Inherits:
Object
  • Object
show all
Includes:
Scenario::Actable
Defined in:
lib/gitlab/qa/component/ldap.rb

Constant Summary collapse

LDAP_IMAGE = 
'osixia/openldap'.freeze
LDAP_IMAGE_TAG = 
'latest'.freeze
LDAP_DOMAIN = 
'example.org'.freeze
ADMIN_USER = 
'admin'.freeze
ADMIN_PASSWORD = 
'admin'.freeze
LDAP_USER = 
'tanuki'.freeze
LDAP_PASSWORD = 
'password'.freeze
LDAP_PORT = 
389
LDAP_TLS_PORT = 
636
BASE_DN = 
'dc=example,dc=org'.freeze
BIND_DN = 
'cn=admin,dc=example,dc=org'.freeze
BOOTSTRAP_LDIF = 
'/container/service/slapd/assets/config/bootstrap/ldif/custom'.freeze
GROUP_BASE = 
'ou=Global Groups,dc=example,dc=org'.freeze
ADMIN_GROUP = 
'AdminGroup'.freeze
FIXTURE_PATH = 
File.expand_path('../../../../fixtures/ldap'.freeze, __dir__)

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from Scenario::Actable

#act, included

Constructor Details

#initializeLDAP

Returns a new instance of LDAP.



41
42
43
44
45
46
47
48
 
# File 'lib/gitlab/qa/component/ldap.rb', line 41

def initialize
  @docker = Docker::Engine.new
  @environment = {}
  @volumes = {}
  @network_aliases = []

  @volumes[FIXTURE_PATH] = BOOTSTRAP_LDIF
end

Instance Attribute Details

#dockerObject (readonly)

Returns the value of attribute docker.



37
38
39
 
# File 'lib/gitlab/qa/component/ldap.rb', line 37

def docker
  @docker
end

#environmentObject

Returns the value of attribute environment.



38
39
40
 
# File 'lib/gitlab/qa/component/ldap.rb', line 38

def environment
  @environment
end

#nameObject 



78
79
80
 
# File 'lib/gitlab/qa/component/ldap.rb', line 78

def name
  @name ||= "openldap-#{SecureRandom.hex(4)}"
end

#networkObject

Returns the value of attribute network.



38
39
40
 
# File 'lib/gitlab/qa/component/ldap.rb', line 38

def network
  @network
end

#volumesObject

Returns the value of attribute volumes.



38
39
40
 
# File 'lib/gitlab/qa/component/ldap.rb', line 38

def volumes
  @volumes
end

Instance Method Details

#add_network_alias(name) ⇒ Object 



74
75
76
 
# File 'lib/gitlab/qa/component/ldap.rb', line 74

def add_network_alias(name)
  @network_aliases.push(name)
end

#hostnameObject 



82
83
84
 
# File 'lib/gitlab/qa/component/ldap.rb', line 82

def hostname
  "#{name}.#{network}"
end

#instanceObject 



86
87
88
89
90
91
92
93
94
95
 
# File 'lib/gitlab/qa/component/ldap.rb', line 86

def instance
  raise 'Please provide a block!' unless block_given?

  prepare
  start

  yield self
ensure
  teardown
end

#passwordObject 



70
71
72
 
# File 'lib/gitlab/qa/component/ldap.rb', line 70

def password
  LDAP_PASSWORD
end

#prepareObject 



97
98
99
100
101
102
103
 
# File 'lib/gitlab/qa/component/ldap.rb', line 97

def prepare
  @docker.pull(LDAP_IMAGE, LDAP_IMAGE_TAG)

  return if @docker.network_exists?(network)

  @docker.network_create(network)
end

#pullObject 



139
140
141
 
# File 'lib/gitlab/qa/component/ldap.rb', line 139

def pull
  @docker.pull(LDAP_IMAGE, LDAP_IMAGE_TAG)
end

#restartObject 



128
129
130
 
# File 'lib/gitlab/qa/component/ldap.rb', line 128

def restart
  @docker.restart(name)
end

#set_accept_insecure_certsObject 



171
172
173
 
# File 'lib/gitlab/qa/component/ldap.rb', line 171

def set_accept_insecure_certs
  ::Gitlab::QA::Runtime::Env.accept_insecure_certs = 'true'
end

#set_gitlab_credentialsObject 



166
167
168
169
 
# File 'lib/gitlab/qa/component/ldap.rb', line 166

def set_gitlab_credentials
  ::Gitlab::QA::Runtime::Env.ldap_username = username
  ::Gitlab::QA::Runtime::Env.ldap_password = password
end

#startObject 



105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
 
# File 'lib/gitlab/qa/component/ldap.rb', line 105

def start
  # copy-service needed for bootstraping LDAP user:
  # https://github.com/osixia/docker-openldap#seed-ldap-database-with-ldif
  docker.run(LDAP_IMAGE, LDAP_IMAGE_TAG, '--copy-service') do |command|
    command << '-d '
    command << "--name #{name}"
    command << "--net #{network}"
    command << "--hostname #{hostname}"

    @volumes.to_h.each do |to, from|
      command.volume(to, from, 'Z')
    end

    @environment.to_h.each do |key, value|
      command.env(key, value)
    end

    @network_aliases.to_a.each do |network_alias|
      command << "--network-alias #{network_alias}"
    end
  end
end

#teardownObject 



132
133
134
135
136
137
 
# File 'lib/gitlab/qa/component/ldap.rb', line 132

def teardown
  raise 'Invalid instance name!' unless name

  @docker.stop(name)
  @docker.remove(name)
end

#tls=(status) ⇒ Object

LDAP_TLS is true by default



51
52
53
54
55
56
57
58
59
60
 
# File 'lib/gitlab/qa/component/ldap.rb', line 51

def tls=(status)
  if status
    @environment['LDAP_TLS_CRT_FILENAME'] = "#{hostname}.crt"
    @environment['LDAP_TLS_KEY_FILENAME'] = "#{hostname}.key"
    @environment['LDAP_TLS_ENFORCE'] = 'true'
    @environment['LDAP_TLS_VERIFY_CLIENT'] = 'never'
  else
    @environment['LDAP_TLS'] = 'false'
  end
end

#tls?Boolean

Returns:

  • (Boolean) 


62
63
64
 
# File 'lib/gitlab/qa/component/ldap.rb', line 62

def tls?
  @environment['LDAP_TLS'] != 'false'
end

#to_configObject 



143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
 
# File 'lib/gitlab/qa/component/ldap.rb', line 143

def to_config
  config = YAML.safe_load <<~CFG
    main:
      label: LDAP
      host: #{hostname}
      port: #{tls? ? LDAP_TLS_PORT : LDAP_PORT}
      uid: 'uid'
      bind_dn: #{BIND_DN}
      password: #{ADMIN_PASSWORD}
      encryption: #{tls? ? 'simple_tls' : 'plain'}
      verify_certificates: false
      base: #{BASE_DN}
      user_filter: ''
      group_base: #{GROUP_BASE}
      admin_group: #{ADMIN_GROUP}
      external_groups: ''
      sync_ssh_keys: false
  CFG

  # Quotes get eaten up when the string is set in the environment
  config.to_s.gsub("\"", "\\\"")
end

#usernameObject 



66
67
68
 
# File 'lib/gitlab/qa/component/ldap.rb', line 66

def username
  LDAP_USER
end