[RHPAM-1210] Allow LDAP authentication #54
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Ruben Romero Montes <rromerom@redhat.com>
spolti
changed the title
|
Why exactly did you create shell scripts to run the tests? If you think that concreate is not able to test we can add our own custom steps to test that. |
spolti
previously requested changes
Jun 13, 2018
|
|
||
| function unset_kie_security_ldap_env() { | ||
| # please keep these in alphabetical order | ||
| unset KIE_AUTH_LDAP_ALLOW_EMPTY_PASSWORDS |
There was a problem hiding this comment.
those new envs also needs to be added to the image descriptors.
| And container log should contain The startup strategy invalid is not valid, the valid strategies are LocalContainersStartupStrategy and ControllerBasedStartupStrategy | ||
|
|
||
| Scenario: Don't configure kie server to use LDAP authentication |
There was a problem hiding this comment.
Is this env enough to know if the user provided all needed envs to setup the Ldap login module correctly?
There was a problem hiding this comment.
No, but there are so many different combinations that I didn't want to make the logic too complex. For other integrations like SSO, the URL is usually the main discriminator.
| } | ||
|
|
||
| function configure_ldap_security_domain() { | ||
| if [[ -z ${KIE_AUTH_LDAP_URL} ]]; then |
There was a problem hiding this comment.
If user provides only this env the configuration will be set, plus I didn't find default values for any env that does not need a explicit value from user.
There was a problem hiding this comment.
I don't think default values would help as the LoginModule already has their own and are documented.
|
@spolti I followed the same approach I did for the maven refactor I did here jboss-openshift/cct_module#231 And let the tool go module by module running the tests: I think having unit tests helps preventing regression issues and having a better understanding of each individual script. |
errantepiphany
approved these changes
Jun 29, 2018
errantepiphany
dismissed
spolti’s stale review
We can improve on this in a future release.
spolti
pushed a commit
to spolti/jboss-kie-modules
that referenced
this pull request
Nov 3, 2020
spolti
pushed a commit
to spolti/jboss-kie-modules
that referenced
this pull request
Nov 4, 2020
spolti
added a commit
that referenced
this pull request
Nov 11, 2020
…ranch (#402) * [CLOUD-2555] EAP CD 13 OpenShift Image - Modules (#12) * CLOUD-2420 - logging update logmanager-ext & jolokia for CD13 * update standalone-openshift.xml with diffs to CD13 * correct messaging subsystem version * update to latest dev release * update to beta 1 * correct messaging subsystem version * update CD13 modules to match beta1 * update to latest test release * update to latest test release * test amq7 * Port WF 12 to WF 13 standalone-full-ha.xml changes to standalone-openshift.xml * update to jboss-eap-7.2.0.CD13-20180606.zip * update to CD13-20180606 * CLOUD-2531 EAP CD AMQ7 integration * jboss-eap-7.2.0.CD13-20180612_4.zip * update to jboss-eap-7.2.0.CD13-20180618_2.zip * correct queue / topic seperator for AMQ 7 * move java:JmsXA to the remote connection factory for QS etc. * update to jboss-eap-7.2.0.CD13.CR1.zip * fix queue / topic lookup * installed artifact name override support * generalize the dist artifact name so it only needs to be updated on one place. * cleanup messaging config * remove extra comments in configs * CLOUD-2551 [EAP] messaging.sh contains wrong warnings * [CLOUD-2797] - update jolokia config to support both old a new JSON modules (#19) * CLOUD-2954 - Move EAP modules out of cct_module (#46) * CLOUD-2954 - move eap specific modules out of cct_modules * move jboss/container/eap to jboss-eap-modules * Move EAP specific products/ from cct_module to jboss-eap-modules * Merge changes from CLOUD-2542 - Running transaction recovery in environment where shared persistent volume is not available * CLOUD-2954 - Move EAP modules out of cct_module (#46) * CLOUD-2954 - move eap specific modules out of cct_modules * move jboss/container/eap to jboss-eap-modules * Move EAP specific products/ from cct_module to jboss-eap-modules * Merge changes from CLOUD-2542 - Running transaction recovery in environment where shared persistent volume is not available * CLOUD-2954 - Move EAP modules out of cct_module (#46) * CLOUD-2954 - move eap specific modules out of cct_modules * move jboss/container/eap to jboss-eap-modules * Move EAP specific products/ from cct_module to jboss-eap-modules * Merge changes from CLOUD-2542 - Running transaction recovery in environment where shared persistent volume is not available * CLOUD-2954 - Move EAP modules out of cct_module (#46) * CLOUD-2954 - move eap specific modules out of cct_modules * move jboss/container/eap to jboss-eap-modules * Move EAP specific products/ from cct_module to jboss-eap-modules * Merge changes from CLOUD-2542 - Running transaction recovery in environment where shared persistent volume is not available * [CLOUD-2784][EAP72] - Enable the Prometheus agent by default (#49) * [CLOUD-2784] Prometheus jmx-exporter configuration Update the jmx-exporter configuration for both EAP 6.4 and 7.1 agents so that the metric names and labels follows the same convention that the metrics that will be exposed by a subsystem in next EAP releases: * add `jboss_` prefix to all metrics * renamed `web_servlet_xxx` and `undertow_servlet_xxx` to `jboss_web_xxx` and `jboww_undertow_xxx` (as the `servlet is already mentioned in the labels` * remove labels of type `type: $2, name:$3` and replace them by a single label `$2: $3` to be consistent with other labels (that maps to the resource path address. As an example, metrics for datasource: * before: `type: data-source, name=ExampleDS` * now: `data_source: ExampleDS` * renamed datasources metrics to either `jboss_datasources_jdbc` or `jboss_datasources_pool` depending on the origin of the statistics. These changes ensure that the metric names and labels can be consistently computed from the resource metadata and its address without specific treatment depending on the resources. JIRA: https://issues.jboss.org/browse/CLOUD-2784 * prometheus support for eap72 * fix typo in 6.4 config * [CLOUD-2784] - add support for expression enabling datasource statistics * [CLOUD-2784] - add support for expression enabling datasource statistics to CD14/CD15/7.1 * [CLOUD-2784] - add additional statistics for datasources, correct typo in quotes (#54) * CLOUD-3091 - Update builds to not use cacher (#58) * CLOUD-3091 - Update builds to not use cacher * update use name / target / md5 * [CLOUD-3119] txrecovery module to run with python3 (#64) * [CLOUD-3074] Expose Subsystem metrics (#60) * [CLOUD-3097] Add jboss.eap.cd16.openshift module Copy standalone-openshift.xml from jboss.eap.cd15.openshift and update it based on the standalone-full-ha.xml from WildFly 16.0.0.Final In addition to the extensions version bumps, the only change is the statistics-enabled attribute that uses expressions for the ejb3 and webservices subsystems. JIRA: https://issues.jboss.org/browse/CLOUD-3097 * [CLOUD-3074] Expose Subsystem metrics * add the metric subsystem to standalone-openshift.xml * by default, prefix the subsystem metrics with jboss * add wildfly.statistics-enabled=true System property to openshift-launch.sh script JIRA: https://issues.jboss.org/browse/CLOUD-3074 * Update standalone-openshift.xml * [CLOUD-3102] - Allow configuration of logger category (#57) https://issues.jboss.org/browse/CLOUD-3102 Signed-off-by: Filippe Spolti <fspolti@redhat.com> * [CLOUD-3139] Bind management interface to 0.0.0.0 (#65) * Overrides the default binding to 127.0.0.1 speficied in the standalone-openshift.xml by passing `-bmanagement 0.0.0.0` to the `standalone.sh` script JIRA: https://issues.jboss.org/browse/CLOUD-3139 * [CLOUD-3146] fix tests for CI * [CLOUD-3146] fix tests for CI * CLOUD-3121 - EAP 7.2 / OpenJDK 11 image support (#69) * [CLOUD-3121] EAP 7.2 / OpenJDK 11 image - correct bootclasspath to use append, and drop jboss-modules - Update behave tests for EAP 7.2 / OpenJDK 11 (jboss-eap-7/eap72-openjdk-11-openshift) - improve java major version checking, update name in templates - add configs for OpenJDK 11 - no default db drivers - add log_warning if hawkular is enabled notifying the user the configuration will be ignored - update tests - Add new module for datasource configuration, initial version 1.0, this module has no support for bundled DB drivers - Note that jboss.eap.logging.jdk11 is deprecated * CLOUD-3198 Datasource generation should escape ampersand * CLOUD-3233 - fix logging tests * Update configs for CD16 / JDK 11 * [CLOUD-3287] Move the module under the jboss-eap-config-openshift hierarchy * CLOUD-3319 - remove mysql & postgres from CD 17 standalone-openshift.xml * CLOUD-3331 - OpenShift Images for 7.3 Beta * CLOUD-3331 - OpenShift Images for 7.3 Beta * Add 'is-same-rm-override' configuration when Oracle XA Datasource is set JIRA Issue: https://issues.jboss.org/browse/CLOUD-2903 * [RHPAM-2261] - DB2 fails with externaldb template Add the no-tx-separate-pools parameter Signed-off-by: Filippe Spolti <fspolti@redhat.com> * CLOUD-3270 - There is no environment variable to configure the initial metaspace size * CLOUD-3398 - update jolokia config for new jakarta jar locations * [CLOUD-3443] Remove invalid characters in jboss-eap-cd-jolokia/added/standalone.conf * [CLOUD-3444] Redirect dynamic_resources.sh standard output to null when sourcing in standalone.conf * CLOUD-3473 - support for legacy zip installer module and EAP 7.3 * [JBEAP-18124] fixing transaction_isolation setting for non-xa datasources * CLOUD-3606 - EAP 7.3.0 config for layered products update * [RHPAM-3071] - Missing support for configuration of xa-pool is-same-rm-override Signed-off-by: spolti <fspolti@redhat.com> * [KIECLOUD-458] - Migrate needed jboss-eap-modules from 7.3.x-legacy branch Extract files and git history of os-eap7-launch module before copy to jboss-kie-modules Signed-off-by: spolti <fspolti@redhat.com> * [KIECLOUD-458] - Migrate needed jboss-eap-modules from 7.3.x-legacy branch Extract files and git history of os-eap7-openshift module before copy to jboss-kie-modules Signed-off-by: spolti <fspolti@redhat.com> * [KIECLOUD-458] - Migrate needed jboss-eap-modules from 7.3.x-legacy branch Extract files and git history of os-eap-launch module before copy to jboss-kie-modules Signed-off-by: spolti <fspolti@redhat.com> * [KIECLOUD-458] - Migrate needed jboss-eap-modules from 7.3.x-legacy branch Extract files and git history of jboss.container.eap.prometheus module before copy to jboss-kie-modules Signed-off-by: spolti <fspolti@redhat.com> * [KIECLOUD-458] - Migrate needed jboss-eap-modules from 7.3.x-legacy branch Extract files and git history of jboss-eap-cd-jolokia module before copy to jboss-kie-modules Signed-off-by: spolti <fspolti@redhat.com> * [KIECLOUD-458] - Migrate needed jboss-eap-modules from 7.3.x-legacy branch Extract files and git history of jboss-eap-config-openshift module before copy to jboss-kie-modules Signed-off-by: spolti <fspolti@redhat.com> * [KIECLOUD-458] - Migrate needed jboss-eap-modules from 7.3.x-legacy branch The current settings on xml will led EAP to fail to start. Tracing subsystem is entirelly added by tracing module/script and it is disabled by default. Signed-off-by: spolti <fspolti@redhat.com> * [KIECLOUD-458] - Migrate needed jboss-eap-modules from 7.3.x-legacy branch Move the os-eap* modules to a new folder: os-eap-legacy All migrated modules from legacy EAP branch must have a different version to avoid module conflict on the product images that was not migrated yet to use the modules from this repo. Signed-off-by: spolti <fspolti@redhat.com> * [KIECLOUD-458] - Migrate needed jboss-eap-modules from 7.3.x-legacy branch Adjust the bats tests from the migrated modules. Signed-off-by: spolti <fspolti@redhat.com> * [KIECLOUD-458] - Migrate needed jboss-eap-modules from 7.3.x-legacy branch Clean up unneded module versions. Signed-off-by: spolti <fspolti@redhat.com> Co-authored-by: Ken Wills <ken@zaptillion.net> Co-authored-by: chalda <ochaloup@redhat.com> Co-authored-by: Jeff Mesnil <jmesnil@gmail.com> Co-authored-by: Sebastian Laskawiec <slaskawi@redhat.com> Co-authored-by: Brian Stansberry <brian.stansberry@redhat.com> Co-authored-by: rimolive <ricardo.martinelli.oliveira@gmail.com> Co-authored-by: Yeray Borges <yborgess@redhat.com> Co-authored-by: Ivo Studensky <istudens@redhat.com> Co-authored-by: Ken Wills <kwills@redhat.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Signed-off-by: Ruben Romero Montes rromerom@redhat.com
Thanks for submitting your Pull Request!
Fixes https://issues.jboss.org/browse/RHPAM-1210
Added all possible parameters allowed by LdapExtended LoginModule