debug ci

Ubuntu · Ubuntu · commit 27ea54146fc7 · 2024-05-21T14:48:54.000Z
diff --git a/.github/workflows/ci-ha.yml b/.github/workflows/ci-ha.yml
@@ -0,0 +1,74 @@
+name: Test-HA
+on:
+  workflow_call:
+jobs:
+  qualif:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Check out code
+      uses: actions/checkout@v1
+    - name: Run custom action
+      # Use the location in the repository (without action.yml)
+      uses: ./.github/actions/setup
+      with:
+        install-chaos: true
+    - name: setup certs
+      shell: bash
+      run: |
+        openssl req -x509 -newkey rsa:4096 -nodes -subj '/CN=example.com' -keyout tls.key -out tls.crt -days 365
+        cp tls.crt ca.crt
+        kubectl create secret generic custom-cert --from-file=./tls.crt --from-file=./tls.key --from-file=./ca.crt
+    - name: deploy openldap-stack-ha
+      shell: bash
+      run: |
+        cd "$GITHUB_WORKSPACE"
+        helm install openldap-stack-ha -f .bin/myval.yaml .
+        kubectl rollout status sts openldap-stack-ha 
+    - name: verify deployment
+      shell: bash
+      run: |
+          echo "test access to openldap database"
+          sleep 10
+          LDAPTLS_REQCERT=never ldapsearch -x -D 'cn=admin,dc=example,dc=org' -w Not@SecurePassw0rd -H ldaps://localhost:30636 -b 'dc=example,dc=org'
+    - name: test phpldapadmin access
+      shell: bash
+      run: |
+          echo "test access to phpldapadmin"
+          echo "127.0.0.1 phpldapadmin.example ssl-ldap2.example" | sudo tee -a /etc/hosts
+          curl phpldapadmin.example:8080
+    - name: test self service pwd access
+      shell: bash
+      run: |
+          echo "test access to ssp"
+          curl ssl-ldap2.example:8080
+    - name: verify certs
+      shell: bash
+      run: |
+          echo "verify certificate"
+          echo | openssl s_client -showcerts -servername example.com -connect localhost:30636 2>/dev/null | openssl x509 -inform pem -noout -text > /tmp/test-cert.txt
+          if ! grep -q "CN = example.com" /tmp/test-cert.txt; then  echo exit 1; fi
+    - name: apply chaos tests
+      shell: bash
+      run: |
+          echo "test access to openldap database"
+          kubectl apply -f .bin/chaos.yaml
+    - name: test write
+      shell: bash
+      run: |
+          echo "Write test to openldap database"
+          LDAPTLS_REQCERT=never ldapadd -x -D 'cn=admin,dc=example,dc=org' -w Not@SecurePassw0rd -H ldaps://localhost:30636 -f  .bin/user.ldif
+          LDAPTLS_REQCERT=never ldapsearch -o nettimeout=20 -x -D 'cn=admin,dc=example,dc=org' -w Not@SecurePassw0rd -H ldaps://localhost:30636 -b 'dc=example,dc=org' > /tmp/test-write.txt
+          if ! grep  "Einstein" /tmp/test-write.txt; then exit 1 ; fi
+          if ! grep  "objectClass: ownCloud" /tmp/test-write.txt; then  echo 'no ownCloud entry found'; fi
+    - name: test memberOf
+      shell: bash
+      run: |
+          echo "MemberOf test to openldap database"
+          LDAPTLS_REQCERT=never ldapsearch -o nettimeout=20 -x -D 'cn=admin,dc=example,dc=org' -w Not@SecurePassw0rd -H ldaps://localhost:30636 -b 'dc=example,dc=org' "(memberOf=cn=testgroup,ou=Group,dc=example,dc=org)" > /tmp/test-write.txt
+          if [ $(grep "numResponses" /tmp/test-write.txt | cut -d ":" -f 2 | tr -d ' ') -ne 2 ]; then exit 1 ; fi
+          if ! grep -q "uid=test1,ou=People,dc=example,dc=org" /tmp/test-write.txt; then  echo exit 1; fi
+    - name: chaos tests
+      shell: bash
+      run: |
+          echo "test access to openldap database"
+          for i in {1..20}; do  LDAPTLS_REQCERT=never ldapsearch -o nettimeout=20 -x -D 'cn=admin,dc=example,dc=org' -w Not@SecurePassw0rd -H ldaps://localhost:30636 -b 'dc=example,dc=org' && sleep 60 ; done
diff --git a/.github/workflows/ci-other.yml b/.github/workflows/ci-other.yml
@@ -0,0 +1,33 @@
+name: Test-Other
+on:
+  workflow_call:
+jobs:
+  qualif:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Check out code
+      uses: actions/checkout@v1
+    - name: Run custom action
+      # Use the location in the repository (without action.yml)
+      uses: ./.github/actions/setup
+      with:
+        install-chaos: false
+    - name: deploy openldap-stack-ha-disable-ldap-port
+      shell: bash
+      run: |
+        cd "$GITHUB_WORKSPACE"
+        helm install openldap-stack-ha -n no-ldap-port --create-namespace -f .bin/disableLdapPort.yaml .
+        kubectl -n no-ldap-port create secret generic custom-cert --from-file=./tls.crt --from-file=./tls.key --from-file=./ca.crt
+        kubectl -n no-ldap-port rollout status sts openldap-stack-ha -n no-ldap-port
+    - name: verify no ldap port deployment
+      shell: bash
+      run: |
+          echo "test access to openldap database"
+          echo "Write test to openldap database"
+          LDAPTLS_REQCERT=never ldapadd -x -D 'cn=admin,dc=example,dc=org' -w Not@SecurePassw0rd -H ldaps://localhost:30636 -f .bin/simpleUser.ldif
+          LDAPTLS_REQCERT=never ldapsearch -o nettimeout=20 -x -D 'cn=admin,dc=example,dc=org' -w Not@SecurePassw0rd -H ldaps://localhost:30636 -b 'dc=example,dc=org' > /tmp/test-write.txt
+          cat /tmp/test-write.txt
+          if [ $(grep "numResponses" /tmp/test-write.txt | cut -d ":" -f 2 | tr -d ' ') -ne 3 ]; then exit 1 ; fi
+
+
+      
diff --git a/.github/workflows/ci-singlenode.yml b/.github/workflows/ci-singlenode.yml
@@ -0,0 +1,27 @@
+name: Test-SingleNode
+on:
+  workflow_call:
+jobs:
+  qualif:
+      runs-on: ubuntu-latest
+      steps:
+      - name: Check out code
+        uses: actions/checkout@v1
+      - name: Run custom action
+        # Use the location in the repository (without action.yml)
+        uses: ./.github/actions/setup
+        with:
+          install-chaos: false
+      - name: deploy openldap-stack-ha-single-node
+        shell: bash
+        run: |
+          cd "$GITHUB_WORKSPACE"
+          helm install openldap-stack-ha -n single --create-namespace -f .bin/singleNode.yaml .
+          kubectl rollout status sts openldap-stack-ha -n single
+      - name: verify single node deployment
+        shell: bash
+        run: |
+           echo "test access to openldap database"
+           LDAPTLS_REQCERT=never ldapsearch -x -D 'cn=admin,dc=singlenode,dc=org' -w Not@SecurePassw0rd -H ldaps://localhost:30636 -b 'dc=singlenode,dc=org' > /tmp/test-single-node.txt
+           cat /tmp/test-single-node.txt
+           if [ $(grep "numResponses" /tmp/test-single-node.txt | cut -d ":" -f 2 | tr -d ' ') -ne 6 ]; then exit 1 ; fi
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -9,8 +9,8 @@ on:
       - "bitnami"
 jobs:
   call-ci-singlenode:
-    uses: ./.github/workflows/tests/ci-singlenode.yml
+    uses: ./.github/workflows/ci-singlenode.yml
   call-ci-other:
-    uses: ./.github/workflows/tests/ci-other.yml
+    uses: ./.github/workflows/ci-other.yml
   call-ci-ha:
-    uses: ./.github/workflows/tests/ci-ha.yml
+    uses: ./.github/workflows/ci-ha.yml
