[ FAB-1892 ] - Add LDAP to fvt test image

run_ldap_tests is a one-off.
Add LDAP funtionality to base FVT image so that
ldap test can be absorbed into CI environment.

Moreover, given the availability of the fabric-ca-fvt
docker image, it takes about 1 second to run the ldap test.

Change-Id: If8b78219ea5b059ab293ab75211ea2e861b090ad
Signed-off-by: rennman <[email protected]>

Makefile

@@ -131,13 +131,16 @@ build/image/openldap/payload : \
 build/image/fabric-ca-fvt/payload: \
 	build/docker/bin/fabric-ca-client \
 	build/docker/bin/fabric-ca-server \
+	images/fabric-ca-fvt/base.ldif \
+	images/fabric-ca-fvt/add-users.ldif \
 	images/fabric-ca-fvt/start.sh
 build/image/%/payload:
 	@echo "Copying $^ to $@"
 	mkdir -p $@
 	cp $^ $@
 
 build/fabric-ca.tar.bz2: $(shell git ls-files images/fabric-ca/payload)
+
 build/%.tar.bz2:
 	@echo "Building $@"
 	@tar -jc -C images/$*/payload $(notdir $^) > $@

images/fabric-ca-fvt/Dockerfile.in

@@ -7,48 +7,69 @@ ENV PGDATA "/usr/local/pgsql/data/"
 ENV PGUSER "postgres"
 ENV PGPASSWORD "postgres"
 ENV PGVER _PGVER_
+ENV HOSTADDR "127.0.0.1"
+ENV LDAPPORT "389"
+ENV LDAPUSER "admin"
+ENV LDAPPASWD "adminpw"
 
 # Avoid ERROR:
 #   invoke-rc.d: policy-rc.d denied execution of start.
 RUN echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d
 
 # Update system
-RUN apt-get -y update --no-install-recommends && apt-get -y install locales
+RUN apt-get -y update && apt-get -y install --no-install-recommends locales
 RUN sed -i -e 's/^[[:blank:]]*#[[:blank:]]*en_US.UTF-8[[:blank:]]*UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen
 RUN printf "LANG=en_US.UTF-8\nLANGUAGE=en_US.UTF-8\n" > /etc/default/locale
 RUN dpkg-reconfigure locales && update-locale LANG=en_US.UTF-8
 
 # Install more test depedencies
 RUN echo "mysql-server mysql-server/root_password password mysql" | debconf-set-selections
 RUN echo "mysql-server mysql-server/root_password_again password mysql" | debconf-set-selections
-RUN apt-get -y install --no-install-recommends bc vim lsof sqlite3 haproxy postgresql-$PGVER postgresql-client-common \
-                       isag jq git html2text debconf-utils zsh htop python2.7-minimal \
-                       libpython2.7-stdlib mysql-client  mysql-common mysql-server
+RUN apt-get -y install --no-install-recommends bc vim lsof sqlite3 haproxy postgresql-$PGVER \
+                       postgresql-client-common postgresql-contrib-$PGVER isag jq git html2text \
+                       debconf-utils zsh htop python2.7-minimal libpython2.7-stdlib \
+                       mysql-client  mysql-common mysql-server
 RUN apt-get -y autoremove
 
 # Configure and start postgres
 RUN echo $PGUSER:$PGUSER | chpasswd
 RUN mkdir -p $PGDATA && chown postgres:postgres $PGDATA
 RUN su $PGUSER -c "/usr/lib/postgresql/$PGVER/bin/initdb -D $PGDATA"
-RUN su $PGUSER -c "/usr/lib/postgresql/$PGVER/bin/pg_ctl start -D $PGDATA" && sleep 10 && psql -U postgres -h localhost -c "ALTER USER $PGUSER WITH PASSWORD '$PGPASSWORD';" && su postgres -c "/usr/lib/postgresql/$PGVER/bin/pg_ctl stop" 
+RUN su $PGUSER -c "/usr/lib/postgresql/$PGVER/bin/pg_ctl start -D $PGDATA" &&\
+                   sleep 10 &&\
+                   psql -U postgres -h localhost -c "ALTER USER $PGUSER WITH PASSWORD '$PGPASSWORD';" &&\
+                   su postgres -c "/usr/lib/postgresql/$PGVER/bin/pg_ctl stop"
 RUN echo "host all  all    0.0.0.0/0  trust" >> ${PGDATA}/pg_hba.conf
 RUN echo "listen_addresses='*'" >> ${PGDATA}/postgresql.conf
 
+# Install slapd
+RUN ls /tmp
+COPY payload/*ldif /etc/ldap/
+RUN printf  "slapd slapd/internal/generated_adminpw password $LDAPPASWD\n\
+slapd slapd/password2 password $LDAPPASWD\n\
+slapd slapd/internal/adminpw password $LDAPPASWD\n\
+slapd slapd/password1 password $LDAPPASWD\n\
+slapd slapd/domain string example.com\n\
+slapd shared/organization string example.com" | debconf-set-selections &&\
+   sudo apt-get -y install --no-install-recommends slapd ldap-utils
+RUN sed -i \
+   "s@^[[:blank:]]*SLAPD_SERVICES=.*@SLAPD_SERVICES=\"ldap://$HOSTADDR:$LDAPPORT/ ldaps:/// ldapi:///\"@"\
+   /etc/default/slapd
+RUN /etc/init.d/slapd start && \
+    ldapadd -h localhost -p 389 -D cn=$LDAPUSER,dc=example,dc=com -w $LDAPPASWD -f /etc/ldap/base.ldif && \
+    ldapadd -h localhost -p 389 -D cn=$LDAPUSER,dc=example,dc=com -w $LDAPPASWD -f /etc/ldap/add-users.ldif && \
+    /etc/init.d/slapd stop
+
 # Install fabric-ca dependencies
 RUN go get github.com/go-sql-driver/mysql
 RUN go get github.com/lib/pq
 
-# Dummy docker exec to fool make
-# we don't need docker
-RUN touch /usr/local/bin/docker && chmod 777 /usr/local/bin/docker
-
 # Use python2, not 3
 RUN ln -s /usr/bin/python2.7 /usr/local/bin/python && chmod 777 /usr/local/bin/python
 
 # Generate version-agnostic postgres command
 RUN ln -s /usr/lib/postgresql/$PGVER/bin/postgres /usr/local/bin/postgres && chmod 777 /usr/local/bin/postgres
 
-
 # Add docker-built execs for (potentially) alternative architecture
 COPY payload/fabric-ca-client /usr/local/bin
 RUN chmod +x /usr/local/bin/fabric-ca-client

images/fabric-ca-fvt/add-users.ldif

@@ -0,0 +1,275 @@
+# User group
+dn: cn=admin,ou=fabric,dc=hyperledeger,dc=example,dc=com
+cn: admin
+objectClass: posixGroup
+gidNumber: 10002
+
+# User account
+dn: uid=admin,ou=users,ou=fabric,dc=hyperledeger,dc=example,dc=com
+objectClass: posixAccount
+objectClass: shadowAccount
+objectClass: inetOrgPerson
+uid: admin
+cn: admin
+sn: Hyperledeger
+givenName: admin
+o: Hyperledger
+ou: Fabric
+st: North Carolina
+uidNumber: 10002
+gidNumber: 10002
+mail: [email protected]
+loginShell: /bin/bash
+homeDirectory: /home/admin
+userPassword: adminpw
+
+# User group
+dn: cn=admin2,ou=fabric,dc=hyperledeger,dc=example,dc=com
+cn: admin2
+objectClass: posixGroup
+gidNumber: 10002
+
+# User account
+dn: uid=admin2,ou=users,ou=fabric,dc=hyperledeger,dc=example,dc=com
+objectClass: posixAccount
+objectClass: shadowAccount
+objectClass: inetOrgPerson
+uid: admin2
+cn: admin2
+sn: Hyperledeger
+givenName: admin2
+o: Hyperledger
+ou: Fabric
+st: North Carolina
+uidNumber: 10002
+gidNumber: 10002
+mail: [email protected]
+loginShell: /bin/bash
+homeDirectory: /home/admin2
+userPassword: admin2pw
+
+# User group
+dn: cn=revoker,ou=fabric,dc=hyperledeger,dc=example,dc=com
+cn: revoker
+objectClass: posixGroup
+gidNumber: 10003
+
+# User account
+dn: uid=revoker,ou=users,ou=fabric,dc=hyperledeger,dc=example,dc=com
+objectClass: posixAccount
+objectClass: shadowAccount
+objectClass: inetOrgPerson
+uid: revoker
+cn: revoker
+sn: Hyperledeger
+givenName: revoker
+o: Hyperledger
+ou: Fabric
+st: North Carolina
+uidNumber: 10003
+gidNumber: 10003
+mail: [email protected]
+loginShell: /bin/bash
+homeDirectory: /home/revoker
+userPassword: revokerpw
+
+# User group
+dn: cn=revoker2,ou=fabric,dc=hyperledeger,dc=example,dc=com
+cn: revoker2
+objectClass: posixGroup
+gidNumber: 10004
+
+# User account
+dn: uid=revoker2,ou=users,ou=fabric,dc=hyperledeger,dc=example,dc=com
+objectClass: posixAccount
+objectClass: shadowAccount
+objectClass: inetOrgPerson
+uid: revoker2
+cn: revoker2
+sn: Hyperledeger
+givenName: revoker2
+o: Hyperledger
+ou: Fabric
+st: North Carolina
+uidNumber: 10004
+gidNumber: 10004
+mail: [email protected]
+loginShell: /bin/bash
+homeDirectory: /home/revoker2
+userPassword: revoker2pw
+
+# User group
+dn: cn=nonrevoker,ou=fabric,dc=hyperledeger,dc=example,dc=com
+cn: nonrevoker
+objectClass: posixGroup
+gidNumber: 10005
+
+# User account
+dn: uid=nonrevoker,ou=users,ou=fabric,dc=hyperledeger,dc=example,dc=com
+objectClass: posixAccount
+objectClass: shadowAccount
+objectClass: inetOrgPerson
+uid: nonrevoker
+cn: nonrevoker
+sn: Hyperledeger
+givenName: nonrevoker
+o: Hyperledger
+ou: Fabric
+st: North Carolina
+uidNumber: 10005
+gidNumber: 10005
+mail: [email protected]
+loginShell: /bin/bash
+homeDirectory: /home/nonrevoker
+userPassword: nonrevokerpw
+
+# User group
+dn: cn=nonrevoker2,ou=fabric,dc=hyperledeger,dc=example,dc=com
+cn: nonrevoker2
+objectClass: posixGroup
+gidNumber: 10006
+
+# User account
+dn: uid=nonrevoker2,ou=users,ou=fabric,dc=hyperledeger,dc=example,dc=com
+objectClass: posixAccount
+objectClass: shadowAccount
+objectClass: inetOrgPerson
+uid: nonrevoker2
+cn: nonrevoker2
+sn: Hyperledeger
+givenName: nonrevoker2
+o: Hyperledger
+ou: Fabric
+st: North Carolina
+uidNumber: 10006
+gidNumber: 10006
+mail: [email protected]
+loginShell: /bin/bash
+homeDirectory: /home/nonrevoker2
+userPassword: nonrevoker2pw
+
+# User group
+dn: cn=notadmin,ou=fabric,dc=hyperledeger,dc=example,dc=com
+cn: notadmin
+objectClass: posixGroup
+gidNumber: 10007
+
+# User account
+dn: uid=notadmin,ou=users,ou=fabric,dc=hyperledeger,dc=example,dc=com
+objectClass: posixAccount
+objectClass: shadowAccount
+objectClass: inetOrgPerson
+uid: notadmin
+cn: notadmin
+sn: Hyperledeger
+givenName: notadmin
+o: Hyperledger
+ou: Fabric
+st: North Carolina
+uidNumber: 10007
+gidNumber: 10007
+mail: [email protected]
+loginShell: /bin/bash
+homeDirectory: /home/notadmin
+userPassword: notadminpw
+
+# User group
+dn: cn=expiryUser,ou=fabric,dc=hyperledeger,dc=example,dc=com
+cn: expiryUser
+objectClass: posixGroup
+gidNumber: 10008
+
+# User account
+dn: uid=expiryUser,ou=users,ou=fabric,dc=hyperledeger,dc=example,dc=com
+objectClass: posixAccount
+objectClass: shadowAccount
+objectClass: inetOrgPerson
+uid: expiryUser
+cn: expiryUser
+sn: Hyperledeger
+givenName: expiryUser
+o: Hyperledger
+ou: Fabric
+st: North Carolina
+uidNumber: 10008
+gidNumber: 10008
+mail: [email protected]
+loginShell: /bin/bash
+homeDirectory: /home/expiryUser
+userPassword: expiryUserpw
+
+# User group
+dn: cn=testUser,ou=fabric,dc=hyperledeger,dc=example,dc=com
+cn: testUser
+objectClass: posixGroup
+gidNumber: 10009
+
+# User account
+dn: uid=testUser,ou=users,ou=fabric,dc=hyperledeger,dc=example,dc=com
+objectClass: posixAccount
+objectClass: shadowAccount
+objectClass: inetOrgPerson
+uid: testUser
+cn: testUser
+sn: Hyperledeger
+givenName: testUser
+o: Hyperledger
+ou: Fabric
+st: North Carolina
+uidNumber: 10009
+gidNumber: 10009
+mail: [email protected]
+loginShell: /bin/bash
+homeDirectory: /home/testUser
+userPassword: testUserpw
+
+# User group
+dn: cn=testUser2,ou=fabric,dc=hyperledeger,dc=example,dc=com
+cn: testUser2
+objectClass: posixGroup
+gidNumber: 100010
+
+# User account
+dn: uid=testUser2,ou=users,ou=fabric,dc=hyperledeger,dc=example,dc=com
+objectClass: posixAccount
+objectClass: shadowAccount
+objectClass: inetOrgPerson
+uid: testUser2
+cn: testUser2
+sn: Hyperledeger
+givenName: testUser2
+o: Hyperledger
+ou: Fabric
+st: North Carolina
+uidNumber: 100010
+gidNumber: 100010
+mail: [email protected]
+loginShell: /bin/bash
+homeDirectory: /home/testUser2
+userPassword: testUser2pw
+
+# User group
+dn: cn=testUser3,ou=fabric,dc=hyperledeger,dc=example,dc=com
+cn: testUser3
+objectClass: posixGroup
+gidNumber: 100011
+
+# User account
+dn: uid=testUser3,ou=users,ou=fabric,dc=hyperledeger,dc=example,dc=com
+objectClass: posixAccount
+objectClass: shadowAccount
+objectClass: inetOrgPerson
+uid: testUser3
+cn: testUser3
+sn: Hyperledeger
+givenName: testUser3
+o: Hyperledger
+ou: Fabric
+st: North Carolina
+uidNumber: 100011
+gidNumber: 100011
+mail: [email protected]
+loginShell: /bin/bash
+homeDirectory: /home/testUser3
+userPassword: testUser3pw
+

images/fabric-ca-fvt/base.ldif

@@ -0,0 +1,14 @@
+dn: dc=hyperledeger,dc=example,dc=com
+objectClass: top
+objectClass: domain
+dc: hyperledeger
+
+dn: ou=fabric,dc=hyperledeger,dc=example,dc=com
+objectClass: top
+objectClass: OrganizationalUnit
+ou: fabric
+
+dn: ou=users,ou=fabric,dc=hyperledeger,dc=example,dc=com
+objectClass: top
+objectClass: OrganizationalUnit
+ou: users