Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix ldap CA config for docker images #2560

Merged
merged 1 commit into from
Sep 30, 2021
Merged

fix ldap CA config for docker images #2560

merged 1 commit into from
Sep 30, 2021

Conversation

wkloucek
Copy link
Contributor

Description

STORAGE_LDAP_CACERT was intruduced in #2492 and needs to be set to the same value as GLAUTH_LDAPS_CERT in the all-in one deployment case. In our docker images we change the default of GLAUTH_LDAPS_CERT but didn't change the new value...

Aktually I don't know if we futhermore should introduce a secondary ENV var like:

diff --git a/storage/pkg/flagset/ldap.go b/storage/pkg/flagset/ldap.go
index e550a60d7..a021f0395 100644
--- a/storage/pkg/flagset/ldap.go
+++ b/storage/pkg/flagset/ldap.go
@@ -30,7 +30,7 @@ func LDAPWithConfig(cfg *config.Config) []cli.Flag {
                        Name:        "ldap-cacert",
                        Value:       flags.OverrideDefaultString(cfg.Reva.LDAP.CACert, path.Join(pkgos.MustUserConfigDir("ocis", "ldap"), "ldap.crt")),
                        Usage:       "Path to a trusted Certificate file (in PEM format) for the LDAP Connection",
-                       EnvVars:     []string{"STORAGE_LDAP_CACERT"},
+                       EnvVars:     []string{"STORAGE_LDAP_CACERT", "GLAUTH_LDAPS_CERT"},
                        Destination: &cfg.Reva.LDAP.CACert,
                },
                &cli.BoolFlag{

How Has This Been Tested?

Screenshots (if appropriate):

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Technical debt
  • Tests only (no source changes)

Checklist:

  • Code changes
  • Unit tests added
  • Acceptance tests added
  • Documentation ticket raised:

@update-docs
Copy link

update-docs bot commented Sep 29, 2021

Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a changelog item based on your changes.

@wkloucek wkloucek requested a review from refs September 29, 2021 12:04
@ownclouders
Copy link
Contributor

💥 Acceptance tests Core-API-Tests-ocis-storage-2 failed. The build is cancelled...

@rhafer
Copy link
Contributor

rhafer commented Sep 29, 2021

Aktually I don't know if we futhermore should introduce a secondary ENV var like

[...]

Hm, that could work. I am somewhat undecided on that. It seems a bit unclean. But that is true for the hardocded default (pkgos.MustUserConfigDir("ocis", "ldap"), "ldap.crt")) for STORAGE_LDAP_CACERT as well. OTOH it makes deployments simpler.

@sonarqubecloud
Copy link

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@wkloucek wkloucek merged commit ec50eeb into master Sep 30, 2021
@delete-merged-branch delete-merged-branch bot deleted the fix_ldap_ca_error_for_docker_images branch September 30, 2021 05:16
ownclouders pushed a commit that referenced this pull request Sep 30, 2021
@wkloucek
commit ec50eeb
60960a5 
Merge: 2a1a9aa 23178bd
Author: Willy Kloucek <[email protected]>
Date:   Thu Sep 30 07:16:44 2021 +0200

    Merge pull request #2560 from owncloud/fix_ldap_ca_error_for_docker_images

    fix ldap CA config for docker images
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rhafer rhafer rhafer approved these changes

@refs refs Awaiting requested review from refs

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@wkloucek @ownclouders @rhafer