Better processing of schema files

Better processing of schema files for the slapd base image.
docker · Jun 16, 2018 · f450c80 · f450c80
1 parent e63a5bd
commit f450c80
Showing 4 changed files with 44 additions and 37 deletions.
diff --git a/comanage-registry-slapd-base/Dockerfile b/comanage-registry-slapd-base/Dockerfile
@@ -34,6 +34,9 @@ ENV OLC_SUFFIX ${OLC_SUFFIX:-dc=my,dc=org}
 ENV OLC_ROOT_DN ${OLC_ROOT_DN:-cn=admin,dc=my,dc=org}
 ENV OLC_ROOT_PW ${OLC_ROOT_PW:-password}
 
+RUN mkdir /schema
+
+COPY edumember.ldif /etc/ldap/schema/
 COPY eduperson.ldif /etc/ldap/schema/
 COPY openssh-lpk.ldif /etc/ldap/schema/
 COPY voperson.ldif /etc/ldap/schema/

diff --git a/comanage-registry-slapd-base/comanage_ldap_utils.sh b/comanage-registry-slapd-base/comanage_ldap_utils.sh
@@ -19,9 +19,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-ADDED_SCHEMAS="eduperson openssh-lpk voperson"
-SCHEMA_DIR="/etc/ldap/schema"
-
 ##########################################
 # Add a hyphen to an LDIF file to indicate multiple ldapmodify entries.
 # Globals:
@@ -39,23 +36,46 @@ function comanage_ldap_utils::add_hyphen() {
 }
 
 ##########################################
-# Add additional schemas if necessary.
+# Add additional schemas if not already defined.
 # Globals:
-#   ADDED_SCHEMAS
-#   SCHEMA_DIR
+#   None
 # Arguments:
 #   None
 # Returns:
 #   None
 ##########################################
 function comanage_ldap_utils::add_schemas() {
+    # Array of schema files to be considered.
+    declare -a schema_files=()
+
+    # Schema required by COmanage.
+    local comanage_required="edumember eduperson openssh-lpk voperson"
+    local schema_dir="/etc/ldap/schema"
     local schema_name
-    for schema_name in ${ADDED_SCHEMAS}; do
-        if ! comanage_ldap_utils::schema_installed $schema_name && 
-            comanage_ldap_utils::schema_defined $schema_name; then
+    for schema_name in ${comanage_required}; do
+        schema_files+=("${schema_dir}/${schema_name}.ldif")
+    done
+
+    # Schema injected at deployment time.
+    schema_dir="/schema"
+    local file_name
+    for file_name in `ls -1 /schema`; do
+        schema_files+=("${schema_dir}/${file_name}")
+    done
+
+    # Loop over all schema files.
+    for file_name in "${schema_files[@]}"; do
+
+        # Parse schema name from the LDIF file.
+        schema_name=`head -n 1 ${file_name} |
+            sed 's/dn: cn=\(.\+\),cn=schema,cn=config/\1/'`
+
+        # If schema is not already installed add it.
+        if ! comanage_ldap_utils::schema_installed ${schema_name}; then
                 ldapmodify -Y EXTERNAL -H ldapi:/// -a \
-                    -f "$SCHEMA_DIR/$schema_name.ldif"  > /dev/null 2>&1
+                    -f "${file_name}"  > /dev/null 2>&1
         fi
+
     done
 }
 
@@ -559,21 +579,6 @@ function comanage_ldap_utils::schema_installed() {
         | grep $schema_name > /dev/null 2>&1
 }
 
-##########################################
-# Determine if a schema is defined.
-# Globals:
-#   None
-# Arguments:
-#   schema name
-# Returns:
-#   None
-##########################################
-function comanage_ldap_utils::schema_defined() {
-    local schema_name="$1"
-
-    [[ -e "$SCHEMA_DIR/$schema_name.ldif" ]]
-}
-
 ##########################################
 # Start slapd listening only on UNIX socket.
 # Globals:

diff --git a/comanage-registry-slapd-base/edumember.ldif b/comanage-registry-slapd-base/edumember.ldif
@@ -0,0 +1,11 @@
+dn: cn=edumember,cn=schema,cn=config
+objectClass: olcSchemaConfig
+cn: edumember
+olcAttributeTypes: {0}( 1.3.6.1.4.1.5923.1.5.1.1 NAME 'isMemberOf' DESC 'ident
+ ifiers for groups to which containing entity belongs' EQUALITY caseExactMatch
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+olcAttributeTypes: {1}( 1.3.6.1.4.1.5923.1.5.1.2 NAME 'hasMember' DESC 'identi
+ fiers for entities that are members of the group' EQUALITY caseExactMatch SYN
+ TAX 1.3.6.1.4.1.1466.115.121.1.15 )
+olcObjectClasses: {0}( 1.3.6.1.4.1.5923.1.5.2.1 NAME 'eduMember' AUXILIARY MAY
+  ( isMemberOf $ hasMember ) )
diff --git a/comanage-registry-slapd-base/eduperson.ldif b/comanage-registry-slapd-base/eduperson.ldif
@@ -50,15 +50,3 @@ olcObjectClasses: {0}( 1.3.6.1.4.1.5923.1.1.2 NAME 'eduPerson' DESC 'eduPerson
  $ eduPersonPrincipalName $ eduPersonEntitlement $ eduPersonPrimaryOrgUnitDN 
  $ eduPersonScopedAffiliation $ eduPersonTargetedID $ eduPersonAssurance $ edu
  PersonPrincipalNamePrior $ eduPersonUniqueId $ eduPersonOrcid ) )
-
-dn: cn=edumember,cn=schema,cn=config
-objectClass: olcSchemaConfig
-cn: edumember
-olcAttributeTypes: {0}( 1.3.6.1.4.1.5923.1.5.1.1 NAME 'isMemberOf' DESC 'ident
- ifiers for groups to which containing entity belongs' EQUALITY caseExactMatch
-  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
-olcAttributeTypes: {1}( 1.3.6.1.4.1.5923.1.5.1.2 NAME 'hasMember' DESC 'identi
- fiers for entities that are members of the group' EQUALITY caseExactMatch SYN
- TAX 1.3.6.1.4.1.1466.115.121.1.15 )
-olcObjectClasses: {0}( 1.3.6.1.4.1.5923.1.5.2.1 NAME 'eduMember' AUXILIARY MAY
-  ( isMemberOf $ hasMember ) )