ldap: improved ldap test env with more structured users and groups

.gitignore

@@ -43,6 +43,7 @@ fig.yml
 docker-compose.yml
 docker-compose.yaml
 /conf/provisioning/**/custom.yaml
+/conf/ldap_dev.toml
 profile.cov
 /grafana
 /local

docker/blocks/openldap/entrypoint.sh

@@ -80,7 +80,15 @@ EOF
         done
     fi
 
-    for file in `ls /etc/ldap/prepopulate/*.ldif`; do
+    for file in `ls /etc/ldap/prepopulate/units/*.ldif`; do
+        slapadd -F /etc/ldap/slapd.d -l "$file"
+    done
+
+    for file in `ls /etc/ldap/prepopulate/groups/*.ldif`; do
+        slapadd -F /etc/ldap/slapd.d -l "$file"
+    done
+
+    for file in `ls /etc/ldap/prepopulate/users/*.ldif`; do
         slapadd -F /etc/ldap/slapd.d -l "$file"
     done
 

docker/blocks/openldap/prepopulate/admin.ldif

@@ -1,10 +0,0 @@
-dn: cn=ldapadmin,dc=grafana,dc=org
-mail: ldapadmin@grafana.com
-userPassword: grafana
-objectClass: person
-objectClass: top
-objectClass: inetOrgPerson
-objectClass: organizationalPerson
-sn: ldapadmin
-cn: ldapadmin
-memberOf: cn=admins,dc=grafana,dc=org

docker/blocks/openldap/prepopulate/adminsgroup.ldif

@@ -1,5 +0,0 @@
-dn: cn=admins,dc=grafana,dc=org
-cn: admins
-member: cn=ldapadmin,dc=grafana,dc=org
-objectClass: groupOfNames
-objectClass: top

docker/blocks/openldap/prepopulate/editor.ldif

@@ -1,10 +0,0 @@
-dn: cn=ldapeditor,dc=grafana,dc=org
-mail: ldapeditor@grafana.com
-userPassword: grafana
-objectClass: person
-objectClass: top
-objectClass: inetOrgPerson
-objectClass: organizationalPerson
-sn: ldapeditor
-cn: ldapeditor
-memberOf: cn=users,dc=grafana,dc=org

docker/blocks/openldap/prepopulate/groups/admins.ldif

@@ -0,0 +1,5 @@
+dn: cn=admins,ou=groups,dc=grafana,dc=org
+cn: admins
+objectClass: groupOfNames
+objectClass: top
+member: cn=ldap-admin,ou=users,dc=grafana,dc=org

docker/blocks/openldap/prepopulate/groups/backend.ldif

@@ -0,0 +1,5 @@
+dn: cn=backend,ou=groups,dc=grafana,dc=org
+cn: backend
+objectClass: groupOfNames
+objectClass: top
+member: cn=ldap-editor,dc=grafana,dc=org

docker/blocks/openldap/prepopulate/groups/editor.ldif

@@ -0,0 +1,5 @@
+dn: cn=editors,ou=groups,dc=grafana,dc=org
+cn: editors
+objectClass: groupOfNames
+objectClass: top
+member: cn=ldap-editor,ou=users,dc=grafana,dc=org

docker/blocks/openldap/prepopulate/groups/frontend.ldif

@@ -0,0 +1,5 @@
+dn: cn=frontend,ou=groups,dc=grafana,dc=org
+cn: frontend
+objectClass: groupOfNames
+objectClass: top
+member: cn=ldap-frontend-1,ou=users,dc=grafana,dc=org

docker/blocks/openldap/prepopulate/units/groups.ldif

@@ -0,0 +1,3 @@
+dn: ou=groups,dc=grafana,dc=org
+objectclass: top
+objectclass: organizationalUnit

docker/blocks/openldap/prepopulate/units/users.ldif

@@ -0,0 +1,3 @@
+dn: ou=users,dc=grafana,dc=org
+objectclass: top
+objectclass: organizationalUnit

docker/blocks/openldap/prepopulate/users/ldap-admin.ldif

@@ -0,0 +1,11 @@
+dn: cn=ldap-admin,ou=users,dc=grafana,dc=org
+mail: ldap-admin@grafana.com
+userPassword: grafana
+objectClass: person
+objectClass: top
+objectClass: inetOrgPerson
+objectClass: organizationalPerson
+sn: ldap-admin
+cn: ldap-admin
+memberOf: cn=admins,ou=groups,dc=grafana,dc=org
+memberOf: cn=editors,ou=groups,dc=grafana,dc=org

docker/blocks/openldap/prepopulate/users/ldap-editor.ldif

@@ -0,0 +1,10 @@
+dn: cn=ldap-editor,ou=users,dc=grafana,dc=org
+mail: ldap-editor@grafana.com
+userPassword: grafana
+objectClass: person
+objectClass: top
+objectClass: inetOrgPerson
+objectClass: organizationalPerson
+sn: ldap-editor
+cn: ldap-editor
+memberOf: cn=editors,ou=groups,dc=grafana,dc=org

docker/blocks/openldap/prepopulate/users/ldap-frontend-1.ldif

@@ -0,0 +1,10 @@
+dn: cn=ldap-frontend-1,ou=users,dc=grafana,dc=org
+mail: ldap-frontend-1@grafana.com
+userPassword: grafana
+objectClass: person
+objectClass: top
+objectClass: inetOrgPerson
+objectClass: organizationalPerson
+sn: ldap-frontend-1
+cn: ldap-frontend-1
+memberOf: cn=frontend,ou=groups,dc=grafana,dc=org

docker/blocks/openldap/prepopulate/viewer.ldif → docker/blocks/openldap/prepopulate/users/ldap-viewer.ldif

@@ -1,9 +1,9 @@
-dn: cn=ldapviewer,dc=grafana,dc=org
-mail: ldapviewer@grafana.com
+dn: cn=ldap-viewer,ou=users,dc=grafana,dc=org
+mail: ldap-viewer@grafana.com
 userPassword: grafana
 objectClass: person
 objectClass: top
 objectClass: inetOrgPerson
 objectClass: organizationalPerson
-sn: ldapviewer
-cn: ldapviewer
+sn: ldap-viewer
+cn: ldap-viewer

docker/blocks/openldap/prepopulate/usersgroup.ldif

@@ -1,5 +0,0 @@
-dn: cn=users,dc=grafana,dc=org
-cn: users
-member: cn=ldapeditor,dc=grafana,dc=org
-objectClass: groupOfNames
-objectClass: top