Merge branch 'release-1.3.0' into stable

osixia · Sep 29, 2019 · fa517c2 · fa517c2
2 parents 5a3bd46 + 8f5ff0a
commit fa517c2
Show file tree

Hide file tree

Showing 13 changed files with 214 additions and 74 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,3 +1,2 @@
-/.*
 !/.git*
 /VOLUMES
diff --git a/.travis.yml b/.travis.yml
@@ -0,0 +1,106 @@
+language: bash
+
+services:
+  - docker
+env:
+  global:
+    - NAME="osixia/openldap"
+    - VERSION="${TRAVIS_BRANCH}-dev"
+  matrix:
+    - TARGET_ARCH=amd64 QEMU_ARCH=x86_64
+    - TARGET_ARCH=arm32v7 QEMU_ARCH=arm
+    - TARGET_ARCH=arm64v8 QEMU_ARCH=aarch64
+
+addons:
+  apt:
+    # The docker manifest command was added in docker-ee version 18.x
+    # So update our current installation and we also have to enable the experimental features.
+    sources:
+      - sourceline: "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
+        key_url: "https://download.docker.com/linux/ubuntu/gpg"
+    packages:
+      - docker-ce
+
+before_install:
+  - docker --version
+  - mkdir $HOME/.docker
+  - 'echo "{" > $HOME/.docker/config.json'
+  - 'echo "  \"experimental\": \"enabled\"" >> $HOME/.docker/config.json'
+  - 'echo "}" >> $HOME/.docker/config.json'
+  - sudo service docker restart
+
+install:
+  # For cross buidling our images
+  # This is necessary because travis-ci.org has only x86_64 machines.
+  # If travis-ci.org gets native arm builds, probably this step is not
+  # necessary any more.
+  - docker run --rm --privileged multiarch/qemu-user-static:register --reset
+    # Bats is necessary for the UT
+  - curl -o bats.tar.gz -SL https://github.com/bats-core/bats-core/archive/v1.1.0.tar.gz
+  - mkdir bats-core && tar -xf bats.tar.gz -C bats-core --strip-components=1
+  - cd bats-core/
+  - sudo ./install.sh /usr/local
+  - cd ..
+
+before_script:
+  # Set baseimage.
+  # remove pqchecker if arch is not amd64
+  - sed -i -e "s/FROM \(.*\)/FROM \1-${TARGET_ARCH}/g" image/Dockerfile;
+  - if [[ "${TARGET_ARCH}" != 'amd64' ]]; then
+    sed -i -e "/PQCHECKER/Id" image/Dockerfile;
+    fi
+  - cat image/Dockerfile;
+  # If this is a tag then change the VERSION variable to only have the
+  # tag name and not also the commit hash.
+  - if [ -n "$TRAVIS_TAG" ]; then
+    VERSION=$(echo "${TRAVIS_TAG}" | sed -e 's/\(.*\)[-v]\(.*\)/\1\2/g');
+    fi
+
+script:
+  - make build-nocache NAME=${NAME} VERSION=${VERSION}-${TARGET_ARCH}
+  # skip test "ldapsearch existing hdb database and config" if arch != amd64
+  - if [[ "${TARGET_ARCH}" != 'amd64' ]]; then
+    sed -i '/@test "ldapsearch existing hdb database and config"/a skip' test/test.bats;
+    fi
+  # Run the test and if the test fails mark the build as failed.
+  - make test NAME=${NAME} VERSION=${VERSION}-${TARGET_ARCH}
+
+before_deploy:
+  - docker run -d --name test_image ${NAME}:${VERSION}-${TARGET_ARCH} sleep 10
+  - sleep 5
+  - sudo docker ps | grep -q test_image
+  # To have `DOCKER_USER` and `DOCKER_PASS`
+  # use `travis env set`.
+  - docker login -u "$DOCKER_USER" -p "$DOCKER_PASS";
+  - make tag NAME=${NAME} VERSION=${VERSION}-${TARGET_ARCH}
+
+deploy:
+  provider: script
+  on:
+    all_branches: true
+  script: make push NAME=${NAME} VERSION=${VERSION}-${TARGET_ARCH}
+
+jobs:
+  include:
+    - stage: Manifest creation
+      install: skip
+      script: skip
+      after_deploy:
+        - docker login -u "$DOCKER_USER" -p "$DOCKER_PASS";
+        - docker manifest create ${NAME}:${VERSION} ${NAME}:${VERSION}-amd64 ${NAME}:${VERSION}-arm32v7 ${NAME}:${VERSION}-arm64v8;
+          docker manifest annotate ${NAME}:${VERSION} ${NAME}:${VERSION}-amd64 --os linux --arch amd64;
+          docker manifest annotate ${NAME}:${VERSION} ${NAME}:${VERSION}-arm32v7 --os linux --arch arm --variant v7;
+          docker manifest annotate ${NAME}:${VERSION} ${NAME}:${VERSION}-arm64v8 --os linux --arch arm64 --variant v8;
+
+        # The latest tag is coming from the stable branch of the repo
+        - if [ "${TRAVIS_BRANCH}" == 'stable' ]; then
+          docker manifest create ${NAME}:latest ${NAME}:${VERSION}-amd64 ${NAME}:${VERSION}-arm32v7 ${NAME}:${VERSION}-arm64v8;
+          docker manifest annotate ${NAME}:latest ${NAME}:${VERSION}-amd64 --os linux --arch amd64;
+          docker manifest annotate ${NAME}:latest ${NAME}:${VERSION}-arm32v7 --os linux --arch arm --variant v7;
+          docker manifest annotate ${NAME}:latest ${NAME}:${VERSION}-arm64v8 --os linux --arch arm64 --variant v8;
+          fi
+
+        - docker manifest push ${NAME}:${VERSION};
+          if [ "${TRAVIS_BRANCH}" == 'stable' ]; then
+          docker manifest push ${NAME}:latest;
+          fi
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,14 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
+## [1.3.0] - 2019-09-29
+## Added
+  - Multiarch support
+
+## Changes
+  - Update openldap 2.4.47 to 2.4.48 #247
+  - Upgrade baseimage to light-baseimage:1.2.0 (debian buster)
+
 ## [1.2.5] - 2019-08-16
 ## Added
   - Support for docker secrets #325. Thanks to @anagno !

diff --git a/Makefile b/Makefile
@@ -1,5 +1,5 @@
 NAME = osixia/openldap
-VERSION = 1.2.5
+VERSION = 1.3.0
 
 .PHONY: build build-nocache test tag-latest push push-latest release git-tag-version
 
@@ -12,6 +12,9 @@ build-nocache:
 test:
 	env NAME=$(NAME) VERSION=$(VERSION) bats test/test.bats
 
+tag:
+	docker tag $(NAME):$(VERSION) $(NAME):$(VERSION)
+
 tag-latest:
 	docker tag $(NAME):$(VERSION) $(NAME):latest
 

diff --git a/README.md b/README.md
@@ -4,48 +4,48 @@
 ![Docker Stars](https://img.shields.io/docker/stars/osixia/openldap.svg)
 ![](https://images.microbadger.com/badges/image/osixia/openldap.svg)
 
-Latest release: 1.2.5 - OpenLDAP 2.4.47 -  [Changelog](CHANGELOG.md) | [Docker Hub](https://hub.docker.com/r/osixia/openldap/) 
+Latest release: 1.3.0 - OpenLDAP 2.4.48 -  [Changelog](CHANGELOG.md) | [Docker Hub](https://hub.docker.com/r/osixia/openldap/) 
 
 **A docker image to run OpenLDAP.**
 
 > OpenLDAP website : [www.openldap.org](http://www.openldap.org/)
 
 
 - [osixia/openldap](#osixiaopenldap)
-	- [Contributing](#Contributing)
-	- [Quick Start](#Quick-Start)
-	- [Beginner Guide](#Beginner-Guide)
-		- [Create new ldap server](#Create-new-ldap-server)
-			- [Data persistence](#Data-persistence)
-			- [Edit your server configuration](#Edit-your-server-configuration)
-			- [Seed ldap database with ldif](#Seed-ldap-database-with-ldif)
-		- [Use an existing ldap database](#Use-an-existing-ldap-database)
-		- [Backup](#Backup)
-		- [Administrate your ldap server](#Administrate-your-ldap-server)
-		- [TLS](#TLS)
-			- [Use auto-generated certificate](#Use-auto-generated-certificate)
-			- [Use your own certificate](#Use-your-own-certificate)
-			- [Disable TLS](#Disable-TLS)
-		- [Multi master replication](#Multi-master-replication)
-		- [Fix docker mounted file problems](#Fix-docker-mounted-file-problems)
-		- [Debug](#Debug)
-	- [Environment Variables](#Environment-Variables)
-		- [Default.yaml](#Defaultyaml)
-		- [Default.startup.yaml](#Defaultstartupyaml)
-		- [Set your own environment variables](#Set-your-own-environment-variables)
-			- [Use command line argument](#Use-command-line-argument)
-			- [Link environment file](#Link-environment-file)
-			- [Docker Secrets](#Docker-Secrets)
-			- [Make your own image or extend this image](#Make-your-own-image-or-extend-this-image)
-	- [Advanced User Guide](#Advanced-User-Guide)
-		- [Extend osixia/openldap:1.2.5 image](#Extend-osixiaopenldap125-dev-image)
-		- [Make your own openldap image](#Make-your-own-openldap-image)
-		- [Tests](#Tests)
-		- [Kubernetes](#Kubernetes)
-		- [Under the hood: osixia/light-baseimage](#Under-the-hood-osixialight-baseimage)
-	- [Security](#Security)
-		- [Known security issues](#Known-security-issues)
-	- [Changelog](#Changelog)
+	- [Contributing](#contributing)
+	- [Quick Start](#quick-start)
+	- [Beginner Guide](#beginner-guide)
+		- [Create new ldap server](#create-new-ldap-server)
+			- [Data persistence](#data-persistence)
+			- [Edit your server configuration](#edit-your-server-configuration)
+			- [Seed ldap database with ldif](#seed-ldap-database-with-ldif)
+		- [Use an existing ldap database](#use-an-existing-ldap-database)
+		- [Backup](#backup)
+		- [Administrate your ldap server](#administrate-your-ldap-server)
+		- [TLS](#tls)
+			- [Use auto-generated certificate](#use-auto-generated-certificate)
+			- [Use your own certificate](#use-your-own-certificate)
+			- [Disable TLS](#disable-tls)
+		- [Multi master replication](#multi-master-replication)
+		- [Fix docker mounted file problems](#fix-docker-mounted-file-problems)
+		- [Debug](#debug)
+	- [Environment Variables](#environment-variables)
+		- [Default.yaml](#defaultyaml)
+		- [Default.startup.yaml](#defaultstartupyaml)
+		- [Set your own environment variables](#set-your-own-environment-variables)
+			- [Use command line argument](#use-command-line-argument)
+			- [Link environment file](#link-environment-file)
+			- [Docker Secrets](#docker-secrets)
+			- [Make your own image or extend this image](#make-your-own-image-or-extend-this-image)
+	- [Advanced User Guide](#advanced-user-guide)
+		- [Extend osixia/openldap:1.3.0 image](#extend-osixiaopenldap130-image)
+		- [Make your own openldap image](#make-your-own-openldap-image)
+		- [Tests](#tests)
+		- [Kubernetes](#kubernetes)
+		- [Under the hood: osixia/light-baseimage](#under-the-hood-osixialight-baseimage)
+	- [Security](#security)
+		- [Known security issues](#known-security-issues)
+	- [Changelog](#changelog)
 
 ## Contributing
 
@@ -58,11 +58,11 @@ If you find this image useful here's how you can help:
 ## Quick Start
 Run OpenLDAP docker image:
 
-	docker run --name my-openldap-container --detach osixia/openldap:1.2.5
+	docker run --name my-openldap-container --detach osixia/openldap:1.3.0
 
 Do not forget to add the port mapping for both port 389 and 636 if you wish to access the ldap server from another machine.
 
-	docker run -p 389:389 -p 636:636 --name my-openldap-container --detach osixia/openldap:1.2.5
+	docker run -p 389:389 -p 636:636 --name my-openldap-container --detach osixia/openldap:1.3.0
 
 Either command starts a new container with OpenLDAP running inside. Let's make the first search in our LDAP container:
 
@@ -98,7 +98,7 @@ It will create an empty ldap for the company **Example Inc.** and the domain **e
 By default the admin has the password **admin**. All those default settings can be changed at the docker command line, for example:
 
 	docker run --env LDAP_ORGANISATION="My Company" --env LDAP_DOMAIN="my-company.com" \
-	--env LDAP_ADMIN_PASSWORD="JonSn0w" --detach osixia/openldap:1.2.5
+	--env LDAP_ADMIN_PASSWORD="JonSn0w" --detach osixia/openldap:1.3.0
 
 #### Data persistence
 
@@ -149,12 +149,12 @@ argument to entrypoint if you don't want to overwrite them.
 		# single file example:
 		docker run \
       --volume ./bootstrap.ldif:/container/service/slapd/assets/config/bootstrap/ldif/50-bootstrap.ldif \
-      osixia/openldap:1.2.5 --copy-service
+      osixia/openldap:1.3.0 --copy-service
 
 		#directory example:
 		docker run \
 	     --volume ./ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom \
-	     osixia/openldap:1.2.5 --copy-service
+	     osixia/openldap:1.3.0 --copy-service
 
 ### Use an existing ldap database
 
@@ -165,7 +165,7 @@ simply mount this directories as a volume to `/var/lib/ldap` and `/etc/ldap/slap
 
 	docker run --volume /data/slapd/database:/var/lib/ldap \
 	--volume /data/slapd/config:/etc/ldap/slapd.d \
-	--detach osixia/openldap:1.2.5
+	--detach osixia/openldap:1.3.0
 
 You can also use data volume containers. Please refer to:
 > [https://docs.docker.com/engine/tutorials/dockervolumes/](https://docs.docker.com/engine/tutorials/dockervolumes/)
@@ -185,7 +185,7 @@ If you are looking for a simple solution to administrate your ldap server you ca
 #### Use auto-generated certificate
 By default, TLS is already configured and enabled, certificate is created using container hostname (it can be set by docker run --hostname option eg: ldap.example.org).
 
-	docker run --hostname ldap.my-company.com --detach osixia/openldap:1.2.5
+	docker run --hostname ldap.my-company.com --detach osixia/openldap:1.3.0
 
 #### Use your own certificate
 
@@ -195,24 +195,24 @@ You can set your custom certificate at run time, by mounting a directory contain
 	--env LDAP_TLS_CRT_FILENAME=my-ldap.crt \
 	--env LDAP_TLS_KEY_FILENAME=my-ldap.key \
 	--env LDAP_TLS_CA_CRT_FILENAME=the-ca.crt \
-	--detach osixia/openldap:1.2.5
+	--detach osixia/openldap:1.3.0
 
 Other solutions are available please refer to the [Advanced User Guide](#advanced-user-guide)
 
 #### Disable TLS
 Add --env LDAP_TLS=false to the run command:
 
-	docker run --env LDAP_TLS=false --detach osixia/openldap:1.2.5
+	docker run --env LDAP_TLS=false --detach osixia/openldap:1.3.0
 
 ### Multi master replication
 Quick example, with the default config.
 
 	#Create the first ldap server, save the container id in LDAP_CID and get its IP:
-	LDAP_CID=$(docker run --hostname ldap.example.org --env LDAP_REPLICATION=true --detach osixia/openldap:1.2.5)
+	LDAP_CID=$(docker run --hostname ldap.example.org --env LDAP_REPLICATION=true --detach osixia/openldap:1.3.0)
 	LDAP_IP=$(docker inspect -f "{{ .NetworkSettings.IPAddress }}" $LDAP_CID)
 
 	#Create the second ldap server, save the container id in LDAP2_CID and get its IP:
-	LDAP2_CID=$(docker run --hostname ldap2.example.org --env LDAP_REPLICATION=true --detach osixia/openldap:1.2.5)
+	LDAP2_CID=$(docker run --hostname ldap2.example.org --env LDAP_REPLICATION=true --detach osixia/openldap:1.3.0)
 	LDAP2_IP=$(docker inspect -f "{{ .NetworkSettings.IPAddress }}" $LDAP2_CID)
 
 	#Add the pair "ip hostname" to /etc/hosts on each containers,
@@ -248,7 +248,7 @@ You may have some problems with mounted files on some systems. The startup scrip
 
 To fix that run the container with `--copy-service` argument :
 
-		docker run [your options] osixia/openldap:1.2.5 --copy-service
+		docker run [your options] osixia/openldap:1.3.0 --copy-service
 
 ### Debug
 
@@ -257,11 +257,11 @@ Available levels are: `none`, `error`, `warning`, `info`, `debug` and `trace`.
 
 Example command to run the container in `debug` mode:
 
-	docker run --detach osixia/openldap:1.2.5 --loglevel debug
+	docker run --detach osixia/openldap:1.3.0 --loglevel debug
 
 See all command line options:
 
-	docker run osixia/openldap:1.2.5 --help
+	docker run osixia/openldap:1.3.0 --help
 
 
 ## Environment Variables
@@ -327,7 +327,7 @@ Replication options:
 
 	If you want to set this variable at docker run command add the tag `#PYTHON2BASH:` and convert the yaml in python:
 
-		docker run --env LDAP_REPLICATION_HOSTS="#PYTHON2BASH:['ldap://ldap.example.org','ldap://ldap2.example.org']" --detach osixia/openldap:1.2.5
+		docker run --env LDAP_REPLICATION_HOSTS="#PYTHON2BASH:['ldap://ldap.example.org','ldap://ldap2.example.org']" --detach osixia/openldap:1.3.0
 
 	To convert yaml to python online: http://yaml-online-parser.appspot.com/
 
@@ -348,7 +348,7 @@ Other environment variables:
 Environment variables can be set by adding the --env argument in the command line, for example:
 
 	docker run --env LDAP_ORGANISATION="My company" --env LDAP_DOMAIN="my-company.com" \
-	--env LDAP_ADMIN_PASSWORD="JonSn0w" --detach osixia/openldap:1.2.5
+	--env LDAP_ADMIN_PASSWORD="JonSn0w" --detach osixia/openldap:1.3.0
 
 Be aware that environment variable added in command line will be available at any time
 in the container. In this example if someone manage to open a terminal in this container
@@ -359,14 +359,14 @@ he will be able to read the admin password in clear text from environment variab
 For example if your environment files **my-env.yaml** and **my-env.startup.yaml** are in /data/ldap/environment
 
 	docker run --volume /data/ldap/environment:/container/environment/01-custom \
-	--detach osixia/openldap:1.2.5
+	--detach osixia/openldap:1.3.0
 
 Take care to link your environment files folder to `/container/environment/XX-somedir` (with XX < 99 so they will be processed before default environment files) and not  directly to `/container/environment` because this directory contains predefined baseimage environment files to fix container environment (INITRD, LANG, LANGUAGE and LC_CTYPE).
 
 Note: the container will try to delete the **\*.startup.yaml** file after the end of startup files so the file will also be deleted on the docker host. To prevent that : use --volume /data/ldap/environment:/container/environment/01-custom**:ro** or set all variables in **\*.yaml** file and don't use **\*.startup.yaml**:
 
 	docker run --volume /data/ldap/environment/my-env.yaml:/container/environment/01-custom/env.yaml \
-	--detach osixia/openldap:1.2.5
+	--detach osixia/openldap:1.3.0
 
 #### Docker Secrets
 
@@ -385,13 +385,13 @@ This is the best solution if you have a private registry. Please refer to the [A
 
 ## Advanced User Guide
 
-### Extend osixia/openldap:1.2.5 image
+### Extend osixia/openldap:1.3.0 image
 
 If you need to add your custom TLS certificate, bootstrap config or environment files the easiest way is to extends this image.
 
 Dockerfile example:
 
-	FROM osixia/openldap:1.2.5
+	FROM osixia/openldap:1.3.0
 	MAINTAINER Your Name <your@name.com>
 
 	ADD bootstrap /container/service/slapd/assets/config/bootstrap

diff --git a/example/docker-compose.yml b/example/docker-compose.yml
@@ -1,7 +1,7 @@
 version: '2'
 services:
   openldap:
-    image: osixia/openldap:1.2.5
+    image: osixia/openldap:1.3.0
     container_name: openldap
     environment:
       LDAP_LOG_LEVEL: "256"