debug ci #163

Summary
Jobs
- qualif
Run details
- Usage
- Workflow file

Workflow file for this run

	name: Qualif
	on:
	push:
	branches:
	- "*"
	pull_request:
	branches:
	- "master"
	- "bitnami"
	jobs:
	qualif:
	runs-on: ubuntu-latest
	steps:
	- name: Check out code
	uses: actions/checkout@v1
	- name: Lint
	shell: bash
	run: \|
	helm lint .
	- name: setup cluster
	shell: bash
	run: \|
	curl -Lo /tmp/kind https://kind.sigs.k8s.io/dl/v0.23.0/kind-linux-amd64
	chmod +x /tmp/kind
	/tmp/kind create cluster --config=$GITHUB_WORKSPACE/.bin/kind-conf.yml --image=kindest/node:v1.29.4@sha256:3abb816a5b1061fb15c6e9e60856ec40d56b7b52bcea5f5f1350bc6e2320b6f8
	kubectl apply -f https://projectcontour.io/quickstart/contour.yaml
	kubectl patch daemonsets -n projectcontour envoy -p '{"spec":{"template":{"spec":{"nodeSelector":{"ingress-ready":"true"}}}}}'
	- name: setup chaos mesh
	shell: bash
	run: \|
	curl -sSL https://mirrors.chaos-mesh.org/v2.6.2/install.sh \| bash -s -- --local kind
	- name: setup certs
	shell: bash
	run: \|
	openssl req -x509 -newkey rsa:4096 -nodes -subj '/CN=example.com' -keyout tls.key -out tls.crt -days 365
	cp tls.crt ca.crt
	kubectl create secret generic custom-cert --from-file=./tls.crt --from-file=./tls.key --from-file=./ca.crt
	- name: deploy openldap-stack-ha
	shell: bash
	run: \|
	cd "$GITHUB_WORKSPACE"
	helm install openldap-stack-ha -f .bin/myval.yaml .
	kubectl rollout status sts openldap-stack-ha
	- name: verify deployment
	shell: bash
	run: \|
	echo "test access to openldap database"
	sudo apt-get install -y ldap-utils
	sleep 10
	LDAPTLS_REQCERT=never ldapsearch -x -D 'cn=admin,dc=example,dc=org' -w Not@SecurePassw0rd -H ldaps://localhost:30636 -b 'dc=example,dc=org'
	- name: test phpldapadmin access
	shell: bash
	run: \|
	echo "test access to phpldapadmin"
	echo "127.0.0.1 phpldapadmin.example ssl-ldap2.example" \| sudo tee -a /etc/hosts
	curl phpldapadmin.example:8080
	- name: test self service pwd access
	shell: bash
	run: \|
	echo "test access to ssp"
	curl ssl-ldap2.example:8080
	- name: verify certs
	shell: bash
	run: \|
	echo "verify certificate"
	echo \| openssl s_client -showcerts -servername example.com -connect localhost:30636 2>/dev/null \| openssl x509 -inform pem -noout -text > /tmp/test-cert.txt
	if ! grep -q "CN = example.com" /tmp/test-cert.txt; then echo exit 1; fi
	- name: apply chaos tests
	shell: bash
	run: \|
	echo "test access to openldap database"
	kubectl apply -f .bin/chaos.yaml
	- name: test write
	shell: bash
	run: \|
	echo "Write test to openldap database"
	LDAPTLS_REQCERT=never ldapadd -x -D 'cn=admin,dc=example,dc=org' -w Not@SecurePassw0rd -H ldaps://localhost:30636 -f .bin/user.ldif
	LDAPTLS_REQCERT=never ldapsearch -o nettimeout=20 -x -D 'cn=admin,dc=example,dc=org' -w Not@SecurePassw0rd -H ldaps://localhost:30636 -b 'dc=example,dc=org' > /tmp/test-write.txt
	if ! grep "Einstein" /tmp/test-write.txt; then exit 1 ; fi
	if ! grep "objectClass: ownCloud" /tmp/test-write.txt; then echo 'no ownCloud entry found'; fi
	- name: test memberOf
	shell: bash
	run: \|
	echo "MemberOf test to openldap database"
	LDAPTLS_REQCERT=never ldapsearch -o nettimeout=20 -x -D 'cn=admin,dc=example,dc=org' -w Not@SecurePassw0rd -H ldaps://localhost:30636 -b 'dc=example,dc=org' "(memberOf=cn=testgroup,ou=Group,dc=example,dc=org)" > /tmp/test-write.txt
	if [ $(grep "numResponses" /tmp/test-write.txt \| cut -d ":" -f 2 \| tr -d ' ') -ne 2 ]; then exit 1 ; fi
	if ! grep -q "uid=test1,ou=People,dc=example,dc=org" /tmp/test-write.txt; then echo exit 1; fi
	- name: chaos tests
	shell: bash
	run: \|
	echo "test access to openldap database"
	for i in {1..20}; do LDAPTLS_REQCERT=never ldapsearch -o nettimeout=20 -x -D 'cn=admin,dc=example,dc=org' -w Not@SecurePassw0rd -H ldaps://localhost:30636 -b 'dc=example,dc=org' && sleep 60 ; done
	- name: deploy openldap-stack-ha-single-node
	shell: bash
	run: \|
	helm delete openldap-stack-ha
	cd "$GITHUB_WORKSPACE"
	helm install openldap-stack-ha -n single --create-namespace -f .bin/singleNode.yaml .
	kubectl rollout status sts openldap-stack-ha -n single
	- name: verify single node deployment
	shell: bash
	run: \|
	echo "test access to openldap database"
	sudo apt-get install -y ldap-utils
	LDAPTLS_REQCERT=never ldapsearch -x -D 'cn=admin,dc=singlenode,dc=org' -w Not@SecurePassw0rd -H ldaps://localhost:30636 -b 'dc=singlenode,dc=org' > /tmp/test-single-node.txt
	cat /tmp/test-single-node.txt
	if [ $(grep "numResponses" /tmp/test-single-node.txt \| cut -d ":" -f 2 \| tr -d ' ') -ne 6 ]; then exit 1 ; fi
	- name: deploy openldap-stack-ha-disable-ldap-port
	shell: bash
	run: \|
	helm delete -n single openldap-stack-ha
	cd "$GITHUB_WORKSPACE"
	helm install openldap-stack-ha -n no-ldap-port --create-namespace -f .bin/disableLdapPort.yaml .
	kubectl -n no-ldap-port create secret generic custom-cert --from-file=./tls.crt --from-file=./tls.key --from-file=./ca.crt
	kubectl -n no-ldap-port rollout status sts openldap-stack-ha -n no-ldap-port
	- name: verify no ldap port deployment
	shell: bash
	run: \|
	echo "test access to openldap database"
	sudo apt-get install -y ldap-utils
	echo "Write test to openldap database"
	LDAPTLS_REQCERT=never ldapadd -x -D 'cn=admin,dc=example,dc=org' -w Not@SecurePassw0rd -H ldaps://localhost:30636 -f .bin/simpleUser.ldif
	LDAPTLS_REQCERT=never ldapsearch -o nettimeout=20 -x -D 'cn=admin,dc=example,dc=org' -w Not@SecurePassw0rd -H ldaps://localhost:30636 -b 'dc=example,dc=org' > /tmp/test-write.txt
	cat /tmp/test-write.txt
	if [ $(grep "numResponses" /tmp/test-write.txt \| cut -d ":" -f 2 \| tr -d ' ') -ne 3 ]; then exit 1 ; fi

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

debug ci #163

Workflow file

debug ci #163

Jobs

Run details

Workflow file for this run