Merge pull request #57 from ConductorOne/ggreer/import

Add import script that works with any number of ldif files.
ConductorOne · Aug 19, 2024 · a33b148 · a33b148
2 parents 79aefce + fd0c2ff
commit a33b148
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 7 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -87,12 +87,12 @@ jobs:
       - name: Create ldif files
         run: node ./scripts/ldif.js && ls -la
       - name: Import ldif into openldap
-        run: ldapadd -D 'CN=admin,DC=example,DC=org' -N -x -H 'ldap://localhost:389/' -w admin -f big-00000.ldif && ldapadd -D 'CN=admin,DC=example,DC=org' -N -x -H 'ldap://localhost:389/' -w admin -f big-00001.ldif && ldapadd -D 'CN=admin,DC=example,DC=org' -N -x -H 'ldap://localhost:389/' -w admin -f big-00002.ldif
+        run: ./scripts/import.sh
       - name: Build baton-ldap
         run: go build ./cmd/baton-ldap
       - name: Run baton-ldap
         run: ./baton-ldap
       - name: Revoke grants
-        run: ./baton-ldap --revoke-grant 'group:cn=testgroup00000,dc=example,dc=org:member:user:cn=testuser00999@example.com,dc=example,dc=org' && ./baton-ldap --revoke-grant 'group:cn=othertestgroup00000,dc=example,dc=org:member:user:cn=testuser00999@example.com,dc=example,dc=org'
+        run: ./baton-ldap --revoke-grant 'group:cn=testgroup00000,dc=example,dc=org:member:user:cn=testuser00099@example.com,dc=example,dc=org' && ./baton-ldap --revoke-grant 'group:cn=othertestgroup00000,dc=example,dc=org:member:user:cn=testuser00099@example.com,dc=example,dc=org'
       - name: Grant entitlements
-        run: ./baton-ldap --grant-entitlement 'group:cn=testgroup00000,dc=example,dc=org:member' --grant-principal 'cn=testuser00999@example.com,dc=example,dc=org' --grant-principal-type 'user' && ./baton-ldap --grant-entitlement 'group:cn=othertestgroup00000,dc=example,dc=org:member' --grant-principal 'cn=testuser00999@example.com,dc=example,dc=org' --grant-principal-type 'user'
+        run: ./baton-ldap --grant-entitlement 'group:cn=testgroup00000,dc=example,dc=org:member' --grant-principal 'cn=testuser00099@example.com,dc=example,dc=org' --grant-principal-type 'user' && ./baton-ldap --grant-entitlement 'group:cn=othertestgroup00000,dc=example,dc=org:member' --grant-principal 'cn=testuser00099@example.com,dc=example,dc=org' --grant-principal-type 'user'
diff --git a/scripts/import.sh b/scripts/import.sh
@@ -0,0 +1,9 @@
+#!/usr/bin/env bash
+
+set -euxo pipefail
+
+
+for filename in big-*.ldif; do
+  [ -e "$filename" ] || continue
+  ldapadd -D 'CN=admin,DC=example,DC=org' -N -x -H 'ldap://localhost:389/' -w admin -f "$filename"
+done
diff --git a/scripts/ldif.js b/scripts/ldif.js
@@ -8,18 +8,21 @@ const fs = require('node:fs');
 const userCount = 1000;
 const groupCount = 50;
 const maxFileSize = 2000000; // php ldap admin has a 2MB limit
+const usersPerGroup = 100;
 
 let fileSize = 0;
 let fileCount = 0;
 const baseFileName = "big-";
 
-let f;
+let f = null;
 // Only pass strings that constitute full objects to write().
 // Otherwise the object will span across multiple files and import will fail.
 function write (data, opts = {}) {
   fileSize += data.length;
   if (fileSize > maxFileSize) {
-    fs.closeSync(f);
+    if (f) {
+      fs.closeSync(f);
+    }
     fileSize = data.length;
     fileCount++;
     f = null;
@@ -56,7 +59,7 @@ cn: testgroup${groupIdStr}
 gidNumber: ${groupId}
 `;
 
-  for (let userId = 0; userId < userCount; userId++) {
+  for (let userId = 0; userId < usersPerGroup; userId++) {
     const userIdStr = ("00000" + userId).slice(-5);
     groupStr += `memberUid: testuser${userIdStr}@example.com
 `;
@@ -75,7 +78,7 @@ cn: othertestgroup${groupIdStr}
 owner: [email protected],dc=example,dc=org
 `;
 
-  for (let userId = 0; userId < userCount; userId++) {
+  for (let userId = 0; userId < usersPerGroup; userId++) {
     const userIdStr = ("00000" + userId).slice(-5);
     groupStr += `uniquemember: cn=testuser${userIdStr}@example.com,dc=example,dc=org
 `;