[bitnami/openldap] Allow to optionally set olcSuffix via LDAP_SUFFIX env var #67360
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Additional comment: the assignment expression of the new var is different from the others, to allow to set the empty value, that's setting olcSuffix to the empty string, which is legit and allows to store any tree in the underlying database. |
javsalgar
changed the title
javsalgar
added
verify
migruiz4
reviewed
Jun 5, 2024
bitnami/openldap/2.6/debian-12/rootfs/opt/bitnami/scripts/libopenldap.sh
Outdated
Show resolved
Hide resolved
bitnami/openldap/2.5/debian-12/rootfs/opt/bitnami/scripts/libopenldap.sh
Outdated
Show resolved
Hide resolved
Co-authored-by: Miguel Ruiz <miruiz@vmware.com> Signed-off-by: Matteo Brancaleoni <mbrancaleoni@gmail.com>
Fixed and pushed, thanks. |
migruiz4
approved these changes
Jun 6, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of the change
Right now the olcSuffix config is fixed to the
LDAP_ROOTvalue. While this is most of the times reasonable, those values are not strictly related, being olcSuffix the prefix of the queries handled by the internal mdb backend.This change allows to optionally set the LDAP olcSuffix to a different value from
LDAP_ROOT. The change does not break existing behaviour.Benefits
In multi tenant scenarios you end to have multiple trees, right now you either have to use a container for each tree (which is not easy if you create those trees dynamically), or provide a script on container init that does this change. Or, worse, prefix all those trees with a common one.
By allowing to set the olcSuffix on the container, simplifies a lot usage in those scenarios.
Possible drawbacks
None