Skip to content

Commit

Permalink
Merge pull request #2 from Ballista-lTD/1-test
Browse files Browse the repository at this point in the history
all working
  • Loading branch information
rohittp0 authored May 20, 2023
2 parents 45c570f + a72c638 commit a15d671
Show file tree
Hide file tree
Showing 19 changed files with 78 additions and 76 deletions.
5 changes: 4 additions & 1 deletion .github/workflows/branch-deploy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,9 @@ jobs:
name: runner / rspec
runs-on: ubuntu-20.04

env:
GITHUB_ORG_TOKEN: ${{ secrets.ORG_TOKEN }}

steps:
- name: branch-deploy
id: branch-deploy
Expand All @@ -31,7 +34,7 @@ jobs:

# Here we run a deploy. It is "gated" by the IssueOps logic and will only run if the outputs from our branch-deploy step indicate that the workflow should continue
- name: deploy
# if: ${{ steps.branch-deploy.outputs.continue == 'true' && steps.branch-deploy.outputs.noop != 'true' }}
if: ${{ steps.branch-deploy.outputs.continue == 'true' && steps.branch-deploy.outputs.noop != 'true' }}
run: |
set -o pipefail
script/deploy | tee deploy.out
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/checksum.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ permissions:
jobs:
rubocop:
name: runner
runs-on: ubuntu-latest
runs-on: ubuntu-20.04

steps:
- uses: ruby/setup-ruby@cd4241788aec4fdcd3325da7068efa9b62a017af
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/manager.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ permissions:
jobs:
rubocop:
name: runner
runs-on: ubuntu-latest
runs-on: ubuntu-20.04

steps:
- uses: ruby/setup-ruby@cd4241788aec4fdcd3325da7068efa9b62a017af
Expand Down
1 change: 1 addition & 0 deletions Gemfile
Original file line number Diff line number Diff line change
Expand Up @@ -11,3 +11,4 @@ gem "concurrent-ruby"
gem "sawyer"
gem 'debase'
gem 'ruby-debug-ide'
gem 'entitlements-github-plugin'
19 changes: 15 additions & 4 deletions Gemfile.lock
Original file line number Diff line number Diff line change
Expand Up @@ -5,16 +5,23 @@ GEM
public_suffix (>= 2.0.2, < 5.0)
concurrent-ruby (1.1.9)
contracts (0.16.0)
debase (0.2.4.1)
debase-ruby_core_source (>= 0.10.2)
debase-ruby_core_source (0.10.15)
debase (0.2.5.beta2)
debase-ruby_core_source (>= 0.10.12)
debase-ruby_core_source (3.2.0)
entitlements (0.1.7)
concurrent-ruby (= 1.1.9)
contracts (= 0.16.0)
faraday (>= 0.17.3, < 0.18)
net-ldap (~> 0.17.0)
octokit (~> 4.18)
optimist (= 3.0.0)
entitlements-github-plugin (0.0.1)
concurrent-ruby (= 1.1.9)
contracts (= 0.16.0)
faraday (>= 0.17.3, < 0.18)
net-ldap (~> 0.17.0)
octokit (~> 4.18)
optimist (= 3.0.0)
faraday (0.17.4)
multipart-post (>= 1.2, < 3)
multipart-post (2.1.1)
Expand All @@ -33,15 +40,19 @@ GEM

PLATFORMS
ruby
x86_64-darwin-19
universal-darwin-22

DEPENDENCIES
concurrent-ruby
contracts
debase
entitlements (= 0.1.7)
entitlements-github-plugin
faraday
net-ldap
octokit
ruby-debug-ide
sawyer

BUNDLED WITH
2.1.4
21 changes: 0 additions & 21 deletions LICENSE

This file was deleted.

57 changes: 22 additions & 35 deletions config/entitlements.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11,42 +11,29 @@ rescue Exception
end
-%>
---
backends:
dockerized-ldap:
ldap_binddn: "cn=admin,dc=example,dc=org"
ldap_bindpw: "admin"
ldap_uri: "ldaps://127.0.0.1"
disable_ssl_verification: true
person_dn_format: uid=%KEY%,ou=People,dc=example,dc=org
type: ldap
configuration_path: ../
extras:
ldap_group: {}

groups:
dummy-ou:
type: dummy
dummy-ou-renamed:
type: dummy
dir: dummy-ou-special
entitlements:
backend: dockerized-ldap
base: ou=Entitlements,ou=Groups,dc=example,dc=org
entitlements/strictly-audited:
backend: dockerized-ldap
base: ou=strictly-audited,ou=Entitlements,ou=Groups,dc=example,dc=org
dir: entitlements/strictly-audited
create_if_missing: true
github.com/Ballista-lTD/org:
addr: https://api.github.com
base: ou=org,ou=Ballista-lTD,ou=GitHub,dc=github,dc=com
dir: github.com/Ballista-lTD/org
org: Ballista-lTD
token: <%= ENV["GITHUB_ORG_TOKEN"] %>
type: "github_org"

github.com/Ballista-lTD/teams:
addr: https://api.github.com
base: ou=teams,ou=Ballista-lTD,ou=GitHub,dc=github,dc=com
dir: github.com/Ballista-lTD/teams
org: Ballista-lTD
token: <%= ENV["GITHUB_ORG_TOKEN"] %>
type: "github_team"

people:
ldap:
type: ldap
yaml:
type: yaml
config:
base: ou=People,dc=example,dc=org
ldap_binddn: "cn=admin,dc=example,dc=org"
ldap_bindpw: "admin"
ldap_uri: "ldaps://127.0.0.1"
disable_ssl_verification: true
person_dn_format: uid=%KEY%,ou=People,dc=example,dc=org
additional_attributes:
- shellentitlements
people_data_source: ldap
filename: config/people.yaml
person_dn_format: uid=%KEY%,ou=People,dc=ballista,dc=tech

people_data_source: yaml
13 changes: 13 additions & 0 deletions config/people.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
---
rohittp0:
dn: uid=rohit,ou=People,dc=ballista,dc=tech
githubdotcomid: rohittp0
manager: rohittp0
varshashaheen:
dn: uid=rohit,ou=People,dc=ballista,dc=tech
githubdotcomid: varshashaheen
manager: rohittp0
sunithvs:
dn: uid=rohit,ou=People,dc=ballista,dc=tech
githubdotcomid: sunithvs
manager: rohittp0
2 changes: 2 additions & 0 deletions github.com/Ballista-lTD/org/admin.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
description = Admins of the Ballista-lTD
username=rohittp0
Original file line number Diff line number Diff line change
@@ -1,4 +1,8 @@
description = Members of the github-entitlements

# Prefer admin over member if defined in both places
group != github.com/github/org/admin
group != github.com/Ballista-lTD/org/admin

metadata_no_conditions_ok = true

username=varshashaheen
4 changes: 4 additions & 0 deletions github.com/Ballista-lTD/teams/test.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
description = Members of test team

username=varshashaheen
username=rohittp0
2 changes: 0 additions & 2 deletions github.com/github-entitlements/org/admin.txt

This file was deleted.

10 changes: 10 additions & 0 deletions lib/entitlements-and-plugins.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
# frozen_string_literal: true

ENV["BUNDLE_GEMFILE"] = File.expand_path("../../Gemfile", File.dirname(__FILE__))
require "bundler/setup"
require "entitlements"

# require entitlements plugins here
require "entitlements/backend/github_org"
require "entitlements/backend/github_team"
require "entitlements/service/github"
10 changes: 0 additions & 10 deletions script/deploy
Original file line number Diff line number Diff line change
Expand Up @@ -10,14 +10,6 @@ export PATH=/usr/share/rbenv/shims:$PATH
export RBENV_VERSION="$(cat "$DIR/.ruby-version")"
export LDAP_DISABLE_SSL_VERIFICATION=true

echo "===================================================================="
echo "Starting LDAP Container"
echo "Date: $(date), Environment: entitlements-config"
echo "===================================================================="
docker rm entitlements-openldap
docker run -p 389:389 -p 636:636 --env LDAP_TLS_VERIFY_CLIENT=try --volume ${DIR}/script/ldap-server/bootstrap.ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom/50-bootstrap.ldif --name entitlements-openldap --detach osixia/openldap:1.5.0 --copy-service
sleep 10

echo "===================================================================="
echo "Executing deploy-entitlements -c ${DIR}/config/entitlements.yaml" "$@"
echo "Date: $(date), Environment: entitlements-config"
Expand All @@ -28,6 +20,4 @@ set +e
exitcode=${PIPESTATUS[0]}
echo "exit=${exitcode}" >> "${DIR}/deploy-output.txt"

docker kill entitlements-openldap 2&> /dev/null
docker rm entitlements-openldap 2&> /dev/null
exit ${exitcode}
Binary file removed vendor/cache/debase-0.2.4.1.gem
Binary file not shown.
Binary file added vendor/cache/debase-0.2.5.beta2.gem
Binary file not shown.
Binary file removed vendor/cache/debase-ruby_core_source-0.10.15.gem
Binary file not shown.
Binary file added vendor/cache/debase-ruby_core_source-3.2.0.gem
Binary file not shown.
Binary file added vendor/cache/entitlements-github-plugin-0.0.1.gem
Binary file not shown.

0 comments on commit a15d671

Please sign in to comment.