Closed stevekuznetsov closed 9 years ago
@liggitt PTAL
@bparees PTAL as well! This image will only be used for our testing (for now). I am of the opinion that as long as we label it as such we can get away with keeping the future TODO list as future TODOs.
@bparees Updated, everything works fine with UID == 0 and UID != 0
@bparees updated Dockerfile
to grant low-port bind access to binary instead of creating large security hole
what's with the binary files in contrib/lib? we don't generally check binary files into git. can we not get those files from a package install of ldap?
@bparees Unfortunately I have not been able to find a way in the last two weeks to get this to run as non-root other than to bulldoze my way through the config and data directories, overwriting it all from a default-configured setup. I would also prefer not to put the binaries in the repository, but that is the only way this works at all.
i'm going to need a better understanding of why that is........ it's going to be a pain to maintain that as binary files, nevermind the general horribleness of having binary content in git in terms of what it does to repo size.
@bparees PTAL - added HACKING.md to address your concerns. Will merge if it LGTY.
@bparees Moved test data out of this repo
one final comment and lgtm.
@stevekuznetsov failed testing: https://ci.openshift.redhat.com/jenkins/view/Image%20Verification/job/openldap/3/console
looks like it might just be this rmdir that failed, though i'm not clear why that would be...maybe the dir couldn't be rm'd because your container didn't stop so the cidfile wasn't removed?
rmdir /tmp/tmp.jjean7DZk1openldap_test_cidfiles make: *\ [test] Error 1
I can't reproduce this with TARGET=rhel7 make test
locally. The logs look like they show the container stopping with a 0 exit code, as well:
+ CONTAINER=7bd0c9fdebadeff2fcbe657e67d8c76bb7f4e9fffaa929f1e3d0c76cf431ea90
+ echo 'Stopping and removing container 7bd0c9fdebadeff2fcbe657e67d8c76bb7f4e9fffaa929f1e3d0c76cf431ea90...'
+ docker stop 7bd0c9fdebadeff2fcbe657e67d8c76bb7f4e9fffaa929f1e3d0c76cf431ea90
++ docker inspect -f '{{.State.ExitCode}}' 7bd0c9fdebadeff2fcbe657e67d8c76bb7f4e9fffaa929f1e3d0c76cf431ea90
+ exit_status=0
+ '[' 0 '!=' 0 ']'
+ docker rm 7bd0c9fdebadeff2fcbe657e67d8c76bb7f4e9fffaa929f1e3d0c76cf431ea90
+ rm /tmp/tmp.jjean7DZk1openldap_test_cidfiles/test_container_root
+ echo Done.
@bparees I use ldapsearch
in order to test the image, and the Jenkins server doesn't have this installed. Thoughts?
can you curl/wget ldapsearch as part of the test script?
I'll look into it. I think it should be possible.
@bparees Great Success
@stevekuznetsov i actually just meant use curl to download ldapsearch and then use it..but i guess that works too.
Also added a testenv image that adds test data for use in Origin integration testing.
Future TODO:
ldif
fororganization
object#3(pulled into this PR now)#5(pulled into this PR now)