Merge pull request #4 from marisbahtins/feature/ldap-is-modifiable

Conditional steps for LDAP is it modifiable or not.
RobertNorthard · Nov 15, 2017 · 3d86a1c · 3d86a1c
2 parents 8558f08 + cc10701
commit 3d86a1c
Show file tree

Hide file tree

Showing 2 changed files with 53 additions and 34 deletions.
diff --git a/bootstrap/Workspace_Management/Generate_Workspace.groovy b/bootstrap/Workspace_Management/Generate_Workspace.groovy
@@ -8,13 +8,20 @@ def workspaceManagementFolder = folder(workspaceManagementFolderName) { displayN
 def generateWorkspaceJob = freeStyleJob(workspaceManagementFolderName + "/Generate_Workspace")
 
 def adopLdapEnabled = '';
+def ldapIsModifiable = '';
 
 try{
   adopLdapEnabled = "${ADOP_LDAP_ENABLED}".toBoolean();
 }catch(MissingPropertyException ex){
   adopLdapEnabled = true;
 }
 
+try {
+  ldapIsModifiable = "${LDAP_IS_MODIFIABLE}".toBoolean();
+} catch(MissingPropertyException ex) {
+  ldapIsModifiable = true;
+}
+
 // Setup generateWorkspaceJob
 generateWorkspaceJob.with{
     parameters{
@@ -71,16 +78,19 @@ exit 0
             }
         }
         if(adopLdapEnabled == true) {
-          shell('''
-# LDAP
-${WORKSPACE}/common/ldap/generate_role.sh -r "admin" -n "${WORKSPACE_NAME}" -d "${DC}" -g "${OU_GROUPS}" -p "${OU_PEOPLE}" -u "${ADMIN_USERS}" -f "${OUTPUT_FILE}" -w "${WORKSPACE}"
-${WORKSPACE}/common/ldap/generate_role.sh -r "developer" -n "${WORKSPACE_NAME}" -d "${DC}" -g "${OU_GROUPS}" -p "${OU_PEOPLE}" -u "${DEVELOPER_USERS}" -f "${OUTPUT_FILE}" -w "${WORKSPACE}"
-${WORKSPACE}/common/ldap/generate_role.sh -r "viewer" -n "${WORKSPACE_NAME}" -d "${DC}" -g "${OU_GROUPS}" -p "${OU_PEOPLE}" -u "${VIEWER_USERS}" -f "${OUTPUT_FILE}" -w "${WORKSPACE}"
-
-set +e
-${WORKSPACE}/common/ldap/load_ldif.sh -h ldap -u "${LDAP_ADMIN_USER}" -p "${LDAP_ADMIN_PASSWORD}" -b "${DC}" -f "${OUTPUT_FILE}"
-set -e
+          if ( ldapIsModifiable == true) {
+            shell('''
+  # LDAP
+  ${WORKSPACE}/common/ldap/generate_role.sh -r "admin" -n "${WORKSPACE_NAME}" -d "${DC}" -g "${OU_GROUPS}" -p "${OU_PEOPLE}" -u "${ADMIN_USERS}" -f "${OUTPUT_FILE}" -w "${WORKSPACE}"
+  ${WORKSPACE}/common/ldap/generate_role.sh -r "developer" -n "${WORKSPACE_NAME}" -d "${DC}" -g "${OU_GROUPS}" -p "${OU_PEOPLE}" -u "${DEVELOPER_USERS}" -f "${OUTPUT_FILE}" -w "${WORKSPACE}"
+  ${WORKSPACE}/common/ldap/generate_role.sh -r "viewer" -n "${WORKSPACE_NAME}" -d "${DC}" -g "${OU_GROUPS}" -p "${OU_PEOPLE}" -u "${VIEWER_USERS}" -f "${OUTPUT_FILE}" -w "${WORKSPACE}"
 
+  set +e
+  ${WORKSPACE}/common/ldap/load_ldif.sh -h ldap -u "${LDAP_ADMIN_USER}" -p "${LDAP_ADMIN_PASSWORD}" -b "${DC}" -f "${OUTPUT_FILE}"
+  set -e
+            ''')
+          }
+          shell('''
 ADMIN_USERS=$(echo ${ADMIN_USERS} | tr ',' ' ')
 DEVELOPER_USERS=$(echo ${DEVELOPER_USERS} | tr ',' ' ')
 VIEWER_USERS=$(echo ${VIEWER_USERS} | tr ',' ' ')

diff --git a/workspaces/jobs/jobs.groovy b/workspaces/jobs/jobs.groovy
@@ -12,13 +12,20 @@ def projectManagementFolder = folder(projectManagementFolderName) { displayName(
 def generateProjectJob = freeStyleJob(projectManagementFolderName + "/Generate_Project")
 
 def adopLdapEnabled = '';
+def ldapIsModifiable = '';
 
 try{
   adopLdapEnabled = "${ADOP_LDAP_ENABLED}".toBoolean();
 }catch(MissingPropertyException ex){
   adopLdapEnabled = true;
 }
 
+try {
+  ldapIsModifiable = "${LDAP_IS_MODIFIABLE}".toBoolean();
+} catch(MissingPropertyException ex) {
+  ldapIsModifiable = true;
+}
+
 // Setup Generate_Project
 generateProjectJob.with{
     parameters{
@@ -39,7 +46,7 @@ generateProjectJob.with{
         {
           environmentVariables
           {
-              env('DC', "${LDAP_ROOTDN}")
+              env('DC', "${DC}")
               env('OU_GROUPS','ou=groups')
               env('OU_PEOPLE','ou=people')
               env('OUTPUT_FILE','output.ldif')
@@ -80,32 +87,34 @@ exit 0
             }
         }
         if(adopLdapEnabled == true){
-          shell('''
- # LDAP
- ${WORKSPACE}/common/ldap/generate_role.sh -r "admin" -n "${WORKSPACE_NAME}" -d "${DC}" -g "${OU_GROUPS}" -p "${OU_PEOPLE}" -u "${ADMIN_USERS}" -f "${OUTPUT_FILE}" -w "${WORKSPACE}"
- ${WORKSPACE}/common/ldap/generate_role.sh -r "developer" -n "${WORKSPACE_NAME}" -d "${DC}" -g "${OU_GROUPS}" -p "${OU_PEOPLE}" -u "${DEVELOPER_USERS}" -f "${OUTPUT_FILE}" -w "${WORKSPACE}"
- ${WORKSPACE}/common/ldap/generate_role.sh -r "viewer" -n "${WORKSPACE_NAME}" -d "${DC}" -g "${OU_GROUPS}" -p "${OU_PEOPLE}" -u "${VIEWER_USERS}" -f "${OUTPUT_FILE}" -w "${WORKSPACE}"
-
- set +e
- ${WORKSPACE}/common/ldap/load_ldif.sh -h ldap -u "${LDAP_ADMIN_USER}" -p "${LDAP_ADMIN_PASSWORD}" -b "${DC}" -f "${OUTPUT_FILE}"
- set -e
+            if ( ldapIsModifiable == true ) {
+              shell('''
+  # LDAP
+  ${WORKSPACE}/common/ldap/generate_role.sh -r "admin" -n "${WORKSPACE_NAME}" -d "${DC}" -g "${OU_GROUPS}" -p "${OU_PEOPLE}" -u "${ADMIN_USERS}" -f "${OUTPUT_FILE}" -w "${WORKSPACE}"
+  ${WORKSPACE}/common/ldap/generate_role.sh -r "developer" -n "${WORKSPACE_NAME}" -d "${DC}" -g "${OU_GROUPS}" -p "${OU_PEOPLE}" -u "${DEVELOPER_USERS}" -f "${OUTPUT_FILE}" -w "${WORKSPACE}"
+  ${WORKSPACE}/common/ldap/generate_role.sh -r "viewer" -n "${WORKSPACE_NAME}" -d "${DC}" -g "${OU_GROUPS}" -p "${OU_PEOPLE}" -u "${VIEWER_USERS}" -f "${OUTPUT_FILE}" -w "${WORKSPACE}"
 
- ADMIN_USERS=$(echo ${ADMIN_USERS} | tr ',' ' ')
- DEVELOPER_USERS=$(echo ${DEVELOPER_USERS} | tr ',' ' ')
- VIEWER_USERS=$(echo ${VIEWER_USERS} | tr ',' ' ')
-
- # Gerrit
- for user in $ADMIN_USERS $DEVELOPER_USERS $VIEWER_USERS
- do
-     username=$(echo ${user} | cut -d'@' -f1)
-     ${WORKSPACE}/common/gerrit/create_user.sh -g http://gerrit:8080/gerrit -u "${username}" -p "${username}"
- done
+  set +e
+  ${WORKSPACE}/common/ldap/load_ldif.sh -h ldap -u "${LDAP_ADMIN_USER}" -p "${LDAP_ADMIN_PASSWORD}" -b "${DC}" -f "${OUTPUT_FILE}"
+  set -e
+              ''')
+            }
+          shell('''
+  ADMIN_USERS=$(echo ${ADMIN_USERS} | tr ',' ' ')
+  DEVELOPER_USERS=$(echo ${DEVELOPER_USERS} | tr ',' ' ')
+  VIEWER_USERS=$(echo ${VIEWER_USERS} | tr ',' ' ')
+  # Gerrit
+  for user in $ADMIN_USERS $DEVELOPER_USERS $VIEWER_USERS
+  do
+      username=$(echo ${user} | cut -d'@' -f1)
+      ${WORKSPACE}/common/gerrit/create_user.sh -g http://gerrit:8080/gerrit -u "${username}" -p "${username}"
+  done
 
- # Gerrit
- source ${WORKSPACE}/projects/gerrit/configure.sh
- # Generate second permission repo with enabled code-review
- source ${WORKSPACE}/projects/gerrit/configure.sh -r permissions-with-review
-             ''')
+  # Gerrit
+  source ${WORKSPACE}/projects/gerrit/configure.sh
+  # Generate second permission repo with enabled code-review
+  source ${WORKSPACE}/projects/gerrit/configure.sh -r permissions-with-review
+          ''')
         }
         dsl {
           external("projects/jobs/**/*.groovy")