Merge branch 'obourdon-fix-domain-dn' into hotfix-1.2.5

image/service/slapd/startup.sh

@@ -81,7 +81,15 @@ if [ ! -e "$FIRST_START_DONE" ]; then
 
       LDAP_BASE_DN=${LDAP_BASE_DN::-1}
     fi
-
+    # Check that LDAP_BASE_DN and LDAP_DOMAIN are in sync
+    domain_from_base_dn=$(echo $LDAP_BASE_DN | tr ',' '\n' | sed -e 's/^.*=//' | tr '\n' '.' | sed -e 's/\.$//')
+    set +e
+    echo "$domain_from_base_dn" | egrep -q ".*$LDAP_DOMAIN\$"
+    if [ $? -ne 0 ]; then
+      log-helper error "Error: domain $domain_from_base_dn derived from LDAP_BASE_DN $LDAP_BASE_DN does not match LDAP_DOMAIN $LDAP_DOMAIN"
+      exit 1
+    fi
+    set -e
   }
 
   function is_new_schema() {
@@ -127,6 +135,7 @@ if [ ! -e "$FIRST_START_DONE" ]; then
     log-helper info "Database and config directory are empty..."
     log-helper info "Init new ldap server..."
 
+    get_ldap_base_dn
     cat <<EOF | debconf-set-selections
 slapd slapd/internal/generated_adminpw password ${LDAP_ADMIN_PASSWORD}
 slapd slapd/internal/adminpw password ${LDAP_ADMIN_PASSWORD}

test/test.bats

@@ -19,6 +19,45 @@ load test_helper
 
 }
 
+@test "ldap domain with ldap base dn" {
+
+  run_image -h ldap.example.org -e LDAP_TLS=false -e LDAP_DOMAIN=example.com -e LDAP_BASE_DN="dc=example,dc=org"
+
+  sleep 2
+
+  CSTATUS=$(check_container)
+  clear_container
+
+  [ "$CSTATUS" != "running 0" ]
+
+}
+
+@test "ldap domain with ldap base dn subdomain" {
+
+  run_image -h ldap.example.fr -e LDAP_TLS=false -e LDAP_DOMAIN=example.fr -e LDAP_BASE_DN="ou=myou,o=example,c=fr"
+
+  sleep 2
+
+  CSTATUS=$(check_container)
+  clear_container
+
+  [ "$CSTATUS" == "running 0" ]
+
+}
+
+@test "ldap domain with ldap base dn subdomain included" {
+
+  run_image -h ldap.example.com -e LDAP_TLS=false -e LDAP_DOMAIN=example.com -e LDAP_BASE_DN="ou=myou,o=example,dc=com,c=fr"
+
+  sleep 2
+
+  CSTATUS=$(check_container)
+  clear_container
+
+  [ "$CSTATUS" != "running 0" ]
+
+}
+
 @test "ldapsearch database from created volumes" {
 
   rm -rf VOLUMES && mkdir -p VOLUMES/config VOLUMES/database
@@ -26,13 +65,17 @@ load test_helper
   wait_process_by_cid $LDAP_CID slapd
   run docker exec $LDAP_CID ldapsearch -x -h ldap.example.org -b dc=example,dc=org -D "cn=admin,dc=example,dc=org" -w admin
   docker kill $LDAP_CID
+  clear_containers_by_cid $LDAP_CID
+
   [ "$status" -eq 0 ]
+
   LDAP_CID=$(docker run -h ldap.example.org -e LDAP_TLS=false --volume $PWD/VOLUMES/database:/var/lib/ldap --volume $PWD/VOLUMES/config:/etc/ldap/slapd.d -d $NAME:$VERSION)
   wait_process_by_cid $LDAP_CID slapd
   run docker exec $LDAP_CID ldapsearch -x -h ldap.example.org -b dc=example,dc=org -D "cn=admin,dc=example,dc=org" -w admin
   run docker exec $LDAP_CID chown -R $UID:$UID /var/lib/ldap /etc/ldap/slapd.d
   docker kill $LDAP_CID
   rm -rf VOLUMES
+  clear_containers_by_cid $LDAP_CID
 
   [ "$status" -eq 0 ]
 

test/test_helper.bash

@@ -9,7 +9,7 @@ build_image() {
 }
 
 run_image() {
-  CONTAINER_ID=$(docker run $@ -d $IMAGE_NAME --copy-service -c "/container/service/slapd/test.sh")
+  CONTAINER_ID=$(docker run $@ -d $IMAGE_NAME --copy-service -c "/container/service/slapd/test.sh" $EXTRA_DOCKER_RUN_FLAGS)
   CONTAINER_IP=$(get_container_ip_by_cid $CONTAINER_ID)
 }
 
@@ -34,6 +34,12 @@ wait_process() {
   wait_process_by_cid $CONTAINER_ID $@
 }
 
+check_container() {
+  # "Status" = "exited", and "ExitCode" != 0,
+  local CSTAT=$(docker inspect -f "{{ .State.Status }} {{ .State.ExitCode }}" $CONTAINER_ID)
+  echo "$CSTAT"
+}
+
 # generic functions
 get_container_ip_by_cid() {
   local IP=$(docker inspect -f "{{ .NetworkSettings.IPAddress }}" $1)