stevekuznetsov
commented
9 years ago @liggitt PTAL
Closed stevekuznetsov closed 9 years ago
stevekuznetsov
commented
9 years ago @liggitt PTAL
stevekuznetsov
commented
9 years ago @bparees PTAL as well! This image will only be used for our testing (for now). I am of the opinion that as long as we label it as such we can get away with keeping the future TODO list as future TODOs.
stevekuznetsov
commented
9 years ago @bparees Updated, everything works fine with UID == 0 and UID != 0
stevekuznetsov
commented
9 years ago @bparees updated Dockerfile to grant low-port bind access to binary instead of creating large security hole
bparees
commented
9 years ago what's with the binary files in contrib/lib? we don't generally check binary files into git. can we not get those files from a package install of ldap?
stevekuznetsov
commented
9 years ago @bparees Unfortunately I have not been able to find a way in the last two weeks to get this to run as non-root other than to bulldoze my way through the config and data directories, overwriting it all from a default-configured setup. I would also prefer not to put the binaries in the repository, but that is the only way this works at all.
bparees
commented
9 years ago i'm going to need a better understanding of why that is........ it's going to be a pain to maintain that as binary files, nevermind the general horribleness of having binary content in git in terms of what it does to repo size.
stevekuznetsov
commented
9 years ago @bparees PTAL - added HACKING.md to address your concerns. Will merge if it LGTY.
stevekuznetsov
commented
9 years ago @bparees Moved test data out of this repo
bparees
commented
9 years ago one final comment and lgtm.
bparees
commented
9 years ago @stevekuznetsov failed testing: https://ci.openshift.redhat.com/jenkins/view/Image%20Verification/job/openldap/3/console
looks like it might just be this rmdir that failed, though i'm not clear why that would be...maybe the dir couldn't be rm'd because your container didn't stop so the cidfile wasn't removed?
rmdir /tmp/tmp.jjean7DZk1openldap_test_cidfiles make: *\ [test] Error 1
stevekuznetsov
commented
9 years ago I can't reproduce this with TARGET=rhel7 make test locally. The logs look like they show the container stopping with a 0 exit code, as well:
+ CONTAINER=7bd0c9fdebadeff2fcbe657e67d8c76bb7f4e9fffaa929f1e3d0c76cf431ea90
+ echo 'Stopping and removing container 7bd0c9fdebadeff2fcbe657e67d8c76bb7f4e9fffaa929f1e3d0c76cf431ea90...'
+ docker stop 7bd0c9fdebadeff2fcbe657e67d8c76bb7f4e9fffaa929f1e3d0c76cf431ea90
++ docker inspect -f '{{.State.ExitCode}}' 7bd0c9fdebadeff2fcbe657e67d8c76bb7f4e9fffaa929f1e3d0c76cf431ea90
+ exit_status=0
+ '[' 0 '!=' 0 ']'
+ docker rm 7bd0c9fdebadeff2fcbe657e67d8c76bb7f4e9fffaa929f1e3d0c76cf431ea90
+ rm /tmp/tmp.jjean7DZk1openldap_test_cidfiles/test_container_root
+ echo Done.@bparees I use ldapsearch in order to test the image, and the Jenkins server doesn't have this installed. Thoughts?
bparees
commented
9 years ago can you curl/wget ldapsearch as part of the test script?
stevekuznetsov
commented
9 years ago I'll look into it. I think it should be possible.
stevekuznetsov
commented
9 years ago @bparees Great Success
bparees
commented
9 years ago @stevekuznetsov i actually just meant use curl to download ldapsearch and then use it..but i guess that works too.
Also added a testenv image that adds test data for use in Origin integration testing.
Future TODO:
ldiffororganizationobject#3(pulled into this PR now)#5(pulled into this PR now)