From ce772f4ab7ccfe79f95a63191548407f4c067321 Mon Sep 17 00:00:00 2001
From: XD-DENG <xd.deng.r@gmail.com>
Date: Mon, 16 Nov 2020 19:41:55 +0100
Subject: [PATCH 1/2] Remove inapplicable configuration section [ldap] (since
 2.0.0)

[ldap] section in airflow.cfg is not applicable anymore in 2.0 and master,
because the LDAP authentication (for webserver and API) is handled by FAB,
and the configuration for this is handled by webserver_config.py file.
---
 airflow/config_templates/config.yml          | 78 --------------------
 airflow/config_templates/default_airflow.cfg | 18 -----
 airflow/configuration.py                     |  1 -
 docs/howto/set-config.rst                    |  1 -
 docs/spelling_wordlist.txt                   |  1 -
 5 files changed, 99 deletions(-)

diff --git a/airflow/config_templates/config.yml b/airflow/config_templates/config.yml
index df5a53abe72821..516bb6284e1c0e 100644
--- a/airflow/config_templates/config.yml
+++ b/airflow/config_templates/config.yml
@@ -1747,84 +1747,6 @@
       type: string
       example: ~
       default: "False"
-- name: ldap
-  description: ~
-  options:
-    - name: uri
-      description: |
-        set this to ldaps://<your.ldap.server>:<port>
-      version_added: ~
-      type: string
-      example: ~
-      default: ""
-    - name: user_filter
-      description: ~
-      version_added: ~
-      type: string
-      example: ~
-      default: "objectClass=*"
-    - name: user_name_attr
-      description: ~
-      version_added: ~
-      type: string
-      example: ~
-      default: "uid"
-    - name: group_member_attr
-      description: ~
-      version_added: ~
-      type: string
-      example: ~
-      default: "memberOf"
-    - name: superuser_filter
-      description: ~
-      version_added: ~
-      type: string
-      example: ~
-      default: ""
-    - name: data_profiler_filter
-      description: ~
-      version_added: ~
-      type: string
-      example: ~
-      default: ""
-    - name: bind_user
-      description: ~
-      version_added: ~
-      type: string
-      example: ~
-      default: "cn=Manager,dc=example,dc=com"
-    - name: bind_password
-      description: ~
-      version_added: ~
-      type: string
-      example: ~
-      default: "insecure"
-    - name: basedn
-      description: ~
-      version_added: ~
-      type: string
-      example: ~
-      default: "dc=example,dc=com"
-    - name: cacert
-      description: ~
-      version_added: ~
-      type: string
-      example: ~
-      default: "/etc/ca/ldap_ca.crt"
-    - name: search_scope
-      description: ~
-      version_added: ~
-      type: string
-      example: ~
-      default: "LEVEL"
-    - name: ignore_malformed_schema
-      description: |
-        This setting allows the use of LDAP servers that either return a
-        broken schema, or do not return a schema.
-      version_added: 1.10.3
-      type: string
-      example: ~
-      default: "False"
 - name: kerberos
   description: ~
   options:
diff --git a/airflow/config_templates/default_airflow.cfg b/airflow/config_templates/default_airflow.cfg
index 8a9a6a62b6cebb..cebbfd955489f1 100644
--- a/airflow/config_templates/default_airflow.cfg
+++ b/airflow/config_templates/default_airflow.cfg
@@ -873,24 +873,6 @@ use_job_schedule = True
 # Only has effect if schedule_interval is set to None in DAG
 allow_trigger_in_future = False
 
-[ldap]
-# set this to ldaps://<your.ldap.server>:<port>
-uri =
-user_filter = objectClass=*
-user_name_attr = uid
-group_member_attr = memberOf
-superuser_filter =
-data_profiler_filter =
-bind_user = cn=Manager,dc=example,dc=com
-bind_password = insecure
-basedn = dc=example,dc=com
-cacert = /etc/ca/ldap_ca.crt
-search_scope = LEVEL
-
-# This setting allows the use of LDAP servers that either return a
-# broken schema, or do not return a schema.
-ignore_malformed_schema = False
-
 [kerberos]
 ccache = /tmp/airflow_krb5_ccache
 
diff --git a/airflow/configuration.py b/airflow/configuration.py
index 92790d1fb763b8..338526b06c62d3 100644
--- a/airflow/configuration.py
+++ b/airflow/configuration.py
@@ -129,7 +129,6 @@ class AirflowConfigParser(ConfigParser):  # pylint: disable=too-many-ancestors
         ('celery', 'result_backend'),
         ('atlas', 'password'),
         ('smtp', 'smtp_password'),
-        ('ldap', 'bind_password'),
         ('kubernetes', 'git_password'),
     }
 
diff --git a/docs/howto/set-config.rst b/docs/howto/set-config.rst
index 090a6f9352d449..3ba7d9fd2ab020 100644
--- a/docs/howto/set-config.rst
+++ b/docs/howto/set-config.rst
@@ -69,7 +69,6 @@ The following config options support this ``_cmd`` and ``_secret`` version:
 * ``result_backend`` in ``[celery]`` section
 * ``password`` in ``[atlas]`` section
 * ``smtp_password`` in ``[smtp]`` section
-* ``bind_password`` in ``[ldap]`` section
 * ``git_password`` in ``[kubernetes]`` section
 
 The ``_cmd`` config options can also be set using a corresponding environment variable
diff --git a/docs/spelling_wordlist.txt b/docs/spelling_wordlist.txt
index 0a1571a59c78f6..eaf8c2e15d60ca 100644
--- a/docs/spelling_wordlist.txt
+++ b/docs/spelling_wordlist.txt
@@ -478,7 +478,6 @@ backticks
 balancer
 balancers
 baseOperator
-basedn
 basestring
 basetaskrunner
 bashrc

From f54e70845349c8b718a4d9da8df12e771dc46ab5 Mon Sep 17 00:00:00 2001
From: XD-DENG <xd.deng.r@gmail.com>
Date: Mon, 16 Nov 2020 20:14:39 +0100
Subject: [PATCH 2/2] Fix-up

---
 tests/core/test_config_templates.py | 1 -
 1 file changed, 1 deletion(-)

diff --git a/tests/core/test_config_templates.py b/tests/core/test_config_templates.py
index 9c09c318c678c0..42ba99133028a2 100644
--- a/tests/core/test_config_templates.py
+++ b/tests/core/test_config_templates.py
@@ -45,7 +45,6 @@
     'celery_broker_transport_options',
     'dask',
     'scheduler',
-    'ldap',
     'kerberos',
     'github_enterprise',
     'admin',