From 5a04e3883d2cce6c9cdd201cf6ba9b5af87ca89c Mon Sep 17 00:00:00 2001 From: Dan Barrett Date: Wed, 24 Mar 2021 21:20:22 +1100 Subject: [PATCH 01/25] WIP of TLS testing for LDAP --- .github/workflows/continuous-integration.yml | 32 +++-- DependencyInjection/Configuration.php | 1 + .../Iter8LdapRecordExtensionTest.php | 130 +++++++++++++++--- Tests/TestCase.php | 39 +++++- Tests/certs/generate.sh | 25 ++++ composer.json | 3 +- docker-compose.yml | 15 +- phpunit.xml.dist | 3 +- 8 files changed, 208 insertions(+), 40 deletions(-) create mode 100755 Tests/certs/generate.sh diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index f422cee..45ced27 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -48,18 +48,19 @@ jobs: composer-flags: "--ignore-platform-reqs" symfony-require: "5.2.*" - services: - ldap: - image: bitnami/openldap - ports: - - 3389:3389 - env: - LDAP_ADMIN_USERNAME: admin - LDAP_ADMIN_PASSWORD: a_great_password - LDAP_ROOT: dc=local,dc=com - LDAP_PORT_NUMBER: 3389 - LDAP_USERS: a - LDAP_PASSWORDS: a +# services: +# ldap: +# image: bitnami/openldap:latest +# ports: +# - 1389:1389 +# - 1636:1636 +# env: +# LDAP_ADMIN_USERNAME: admin +# LDAP_ADMIN_PASSWORD: a_great_password +# LDAP_ROOT: dc=local,dc=com +# LDAP_PORT_NUMBER: 1636 +# LDAP_USERS: a +# LDAP_PASSWORDS: a steps: - name: "Checkout" @@ -92,5 +93,12 @@ jobs: composer global require --no-progress --no-scripts --no-plugins symfony/flex composer update --no-interaction --no-progress ${{ matrix.composer-flags }} + - name: "Generate certificates" + run: | + composer generate-certs + + - name: "Setup Docker" + run: "docker-compose run --rm ldap" + - name: "Run PHPUnit" run: "vendor/bin/phpunit" diff --git a/DependencyInjection/Configuration.php b/DependencyInjection/Configuration.php index 9fa95e2..61efd26 100644 --- a/DependencyInjection/Configuration.php +++ b/DependencyInjection/Configuration.php @@ -59,6 +59,7 @@ public function getConfigTreeBuilder(): TreeBuilder ->defaultFalse() ->end() ->arrayNode('options') + ->useAttributeAsKey('name') ->arrayPrototype() ->children() ->scalarNode('name')->end() diff --git a/Tests/DependencyInjection/Iter8LdapRecordExtensionTest.php b/Tests/DependencyInjection/Iter8LdapRecordExtensionTest.php index 551def2..9d9188f 100644 --- a/Tests/DependencyInjection/Iter8LdapRecordExtensionTest.php +++ b/Tests/DependencyInjection/Iter8LdapRecordExtensionTest.php @@ -29,30 +29,39 @@ public function test_load_empty_configuration(): void { $this->expectException(InvalidConfigurationException::class); - $container = $this->createContainer(); - $container->registerExtension(new Iter8LdapRecordExtension()); - $container->loadFromExtension('iter8_ldap_record'); - $container->compile(); + $this->createContainerWithConfig([]); } public function test_load_valid_configuration(): void { - $container = $this->createContainer(); - $container->registerExtension(new Iter8LdapRecordExtension()); - $container->loadFromExtension('iter8_ldap_record', $this->baseConfig()); - $container->compile(); + $ldapConfig = $this->getLdapConfig(); + + $config = \array_merge( + $this->baseConfig(), + [ + 'hosts' => [$ldapConfig['host']], + 'port' => $ldapConfig['port'], + ] + ); + + $container = $this->createContainerWithConfig($config); self::assertTrue($container->getDefinition('iter8_ldap_record.connection')->isPublic()); } public function test_is_connected_with_auto_connect_disabled(): void { - $this->getLdapConfig(); + $ldapConfig = $this->getLdapConfig(); - $container = $this->createContainer(); - $container->registerExtension(new Iter8LdapRecordExtension()); - $container->loadFromExtension('iter8_ldap_record', $this->baseConfig()); - $container->compile(); + $config = \array_merge( + $this->baseConfig(), + [ + 'hosts' => [$ldapConfig['host']], + 'port' => $ldapConfig['port'], + ] + ); + + $container = $this->createContainerWithConfig($config); /** @var Connection $connection */ $connection = $container->get('iter8_ldap_record.connection'); @@ -62,35 +71,112 @@ public function test_is_connected_with_auto_connect_disabled(): void public function test_is_connected_with_auto_connect_enabled(): void { - $this->getLdapConfig(); + $ldapConfig = $this->getLdapConfig(); - $config = array_merge( + $config = \array_merge( $this->baseConfig(), - ['auto_connect' => true] + [ + 'hosts' => [$ldapConfig['host']], + 'port' => $ldapConfig['port'], + 'auto_connect' => true, + ] ); - $container = $this->createContainer(); - $container->registerExtension(new Iter8LdapRecordExtension()); - $container->loadFromExtension('iter8_ldap_record', $config); - $container->compile(); + $container = $this->createContainerWithConfig($config); + + /** @var Connection $connection */ + $connection = $container->get('iter8_ldap_record.connection'); + + self::assertTrue($connection->isConnected()); + } + + public function test_manual_connect_with_unsecured_connection(): void + { + $ldapConfig = $this->getLdapConfig(); + + $config = \array_merge( + $this->baseConfig(), + [ + 'hosts' => [$ldapConfig['host']], + 'port' => $ldapConfig['port'], + ] + ); + + $container = $this->createContainerWithConfig($config); + + /** @var Connection $connection */ + $connection = $container->get('iter8_ldap_record.connection'); + + $connection->connect(); + + self::assertTrue($connection->isConnected()); + } + + public function test_manual_connect_with_tls_connection(): void + { + $ldapConfig = $this->getLdapsConfig(); + + $config = \array_merge( + $this->baseConfig(), + [ + 'hosts' => [$ldapConfig['host']], + 'port' => $ldapConfig['port'], + 'use_tls' => true, + ] + ); + + $container = $this->createContainerWithConfig($config); /** @var Connection $connection */ $connection = $container->get('iter8_ldap_record.connection'); + $connection->connect(); + self::assertTrue($connection->isConnected()); } + public function test_can_find_user(): void + { + $ldapConfig = $this->getLdapConfig(); + + $config = \array_merge( + $this->baseConfig(), + [ + 'hosts' => [$ldapConfig['host']], + 'port' => $ldapConfig['port'], + ] + ); + + $container = $this->createContainerWithConfig($config); + + /** @var Connection $connection */ + $connection = $container->get('iter8_ldap_record.connection'); + + $results = $connection->query()->where('cn', '=', 'a')->get(); + + dump($results); + self::assertNotEmpty($results); + } + private function baseConfig(): array { return [ - 'hosts' => ['localhost'], 'base_dn' => 'dc=local,dc=com', 'username' => 'cn=admin,dc=local,dc=com', 'password' => 'a_great_password', - 'port' => 3389, ]; } + private function createContainerWithConfig(array $config): ContainerBuilder + { + $container = $this->createContainer(); + $container->registerExtension(new Iter8LdapRecordExtension()); + $container->loadFromExtension('iter8_ldap_record', $config); + $container->compile(); + + return $container; + } + private function createContainer(): ContainerBuilder { return new ContainerBuilder(new ParameterBag([ diff --git a/Tests/TestCase.php b/Tests/TestCase.php index c667bc0..dcf9c99 100644 --- a/Tests/TestCase.php +++ b/Tests/TestCase.php @@ -6,6 +6,9 @@ use PHPUnit\Framework\TestCase as PHPUnitTestCase; +/** + * @see https://github.com/symfony/symfony/blob/89fedfa/src/Symfony/Component/Ldap/Tests/LdapTestCase.php + */ class TestCase extends PHPUnitTestCase { protected function getLdapConfig(): array @@ -22,7 +25,41 @@ protected function getLdapConfig(): array return [ 'host' => getenv('LDAP_HOST'), - 'port' => getenv('LDAP_PORT'), + 'port' => (int) getenv('LDAP_PORT'), + ]; + } + + protected function getLdapsConfig(): array + { + putenv("TLS_REQCERT=never"); + putenv('LDAPTLS_CIPHER_SUITE=NORMAL:!VERS-TLS1.2'); + + @ldap_set_option(null, \LDAP_OPT_DEBUG_LEVEL, 7); +// @ldap_set_option(null, \LDAP_OPT_X_TLS_CERTFILE, './certs/openldap.crt'); +// @ldap_set_option(null, \LDAP_OPT_X_TLS_KEYFILE, './certs/openldap.key'); + @ldap_set_option(null, \LDAP_OPT_X_TLS_REQUIRE_CERT, \LDAP_OPT_X_TLS_NEVER); + /** @var resource|null $h */ + $h = @ldap_connect((string) getenv('LDAP_HOST'), (int) getenv('LDAPS_PORT')); + @ldap_set_option($h, \LDAP_OPT_PROTOCOL_VERSION, 3); + @ldap_set_option($h, \LDAP_OPT_REFERRALS, 0); + @ldap_get_option($h, LDAP_OPT_DIAGNOSTIC_MESSAGE, $extended_error); + @ldap_start_tls($h); + + if (!\is_resource($h) || !@ldap_bind($h)) { + dump(@ldap_error($h)); + dump($extended_error); + self::markTestSkipped(\sprintf( + 'No server is listening on LDAP_HOST:LDAPS_PORT (%s:%s)', + getenv('LDAP_HOST'), + getenv('LDAPS_PORT') + )); + } + + ldap_unbind($h); + + return [ + 'host' => getenv('LDAP_HOST'), + 'port' => (int) getenv('LDAPS_PORT'), ]; } } diff --git a/Tests/certs/generate.sh b/Tests/certs/generate.sh new file mode 100755 index 0000000..5d599c6 --- /dev/null +++ b/Tests/certs/generate.sh @@ -0,0 +1,25 @@ +#!/usr/bin/env bash + +set -e + +SCRIPT_PATH=$(dirname "$(realpath "$0")") + +# Create a root CA signing key. +openssl genrsa -out "${SCRIPT_PATH}/openldapCA.key" 4096 + +# Now create and self-sign the root CA certificate. +openssl req -x509 -new -nodes -key "${SCRIPT_PATH}/openldapCA.key" -sha256 -days 3650 -subj "/CN=localhostCA" -out "${SCRIPT_PATH}/openldapCA.crt" + +# Generate the LDAP server key. +openssl genrsa -out "${SCRIPT_PATH}/openldap.key" 2048 + +# Now create the CSR for the LDAP server certificate so we can sign it with our root CA. +openssl req -new -sha256 -key "${SCRIPT_PATH}/openldap.key" -subj "/CN=localhost" -out "${SCRIPT_PATH}/openldap.csr" + +# Finally, sign the LDAP server CSR with our root CA so it's ready to use. +openssl x509 -req -in "${SCRIPT_PATH}/openldap.csr" -CA "${SCRIPT_PATH}/openldapCA.crt" -CAkey "${SCRIPT_PATH}/openldapCA.key" -CAcreateserial -out "${SCRIPT_PATH}/openldap.crt" -sha256 -days 3650 + +# Remove the CSR as it's no longer needed. +rm "${SCRIPT_PATH}/openldap.csr" + +exit 0 diff --git a/composer.json b/composer.json index 9d3f13b..f445d18 100644 --- a/composer.json +++ b/composer.json @@ -65,6 +65,7 @@ "phpstan": "phpstan analyze", "phpstan-max": "@phpstan --level=max", "phpunit": "phpunit", - "psalm": "psalm --show-info=true" + "psalm": "psalm --show-info=true", + "generate-certs": "./Tests/certs/generate.sh" } } diff --git a/docker-compose.yml b/docker-compose.yml index 568296a..133aa88 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -2,13 +2,22 @@ version: '2' services: ldap: - image: bitnami/openldap + image: bitnami/openldap:latest ports: - - 3389:3389 + - 1389:1389 + - 1636:1636 environment: - LDAP_ADMIN_USERNAME=admin - LDAP_ADMIN_PASSWORD=a_great_password - LDAP_USERS=a - LDAP_PASSWORDS=a - LDAP_ROOT=dc=local,dc=com - - LDAP_PORT_NUMBER=3389 + - LDAP_PORT_NUMBER=1389 + - LDAP_ENABLE_TLS=yes + - LDAP_LDAPS_PORT_NUMBER=1636 + - LDAP_TLS_VERIFY_CLIENT=try + - LDAP_TLS_CERT_FILE=/opt/bitnami/openldap/certs/openldap.crt + - LDAP_TLS_KEY_FILE=/opt/bitnami/openldap/certs/openldap.key + - LDAP_TLS_CA_FILE=/opt/bitnami/openldap/certs/openldapCA.crt + volumes: + - ./Tests/certs:/opt/bitnami/openldap/certs diff --git a/phpunit.xml.dist b/phpunit.xml.dist index b3988ba..fed6ae8 100644 --- a/phpunit.xml.dist +++ b/phpunit.xml.dist @@ -11,7 +11,8 @@ - + + From 807b6efc870cbc0f0f74212b6420cbb39470efee Mon Sep 17 00:00:00 2001 From: Dan Barrett Date: Wed, 24 Mar 2021 21:53:53 +1100 Subject: [PATCH 02/25] Tweaks to GitHub Actions --- .github/workflows/continuous-integration.yml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 45ced27..74ebfab 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -16,6 +16,8 @@ jobs: phpunit: name: "PHPUnit on PHP ${{ matrix.php-version }} with Symfony ${{ matrix.symfony-require }}" runs-on: "ubuntu-latest" + # Temporary while testing Docker compose for tests + timeout-minutes: 10 strategy: fail-fast: true @@ -97,8 +99,14 @@ jobs: run: | composer generate-certs + # TODO: Cache Docker layers + # - https://github.com/docker/buildx/pull/535 + # - https://github.com/docker/build-push-action/blob/master/docs/advanced/cache.md#github-cache + - name: "Setup Docker" - run: "docker-compose run --rm ldap" + run: "docker-compose up -d" + # Temporary while testing Docker compose for tests + timeout-minutes: 5 - name: "Run PHPUnit" run: "vendor/bin/phpunit" From 9b555baba7630ff610a5efb0f309235e53b7af52 Mon Sep 17 00:00:00 2001 From: Dan Barrett Date: Wed, 24 Mar 2021 22:05:44 +1100 Subject: [PATCH 03/25] Further tweaks to GitHub Actions --- .github/workflows/continuous-integration.yml | 2 ++ .gitignore | 5 +++++ Tests/TestCase.php | 5 ++--- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 74ebfab..fb0f0f7 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -110,3 +110,5 @@ jobs: - name: "Run PHPUnit" run: "vendor/bin/phpunit" + env: + LDAP_HOST: "ldap" diff --git a/.gitignore b/.gitignore index bcb722c..4e01376 100644 --- a/.gitignore +++ b/.gitignore @@ -10,3 +10,8 @@ package.tar /.psalm/ /.idea/ /.phpcs-cache +/Tests/certs/*.crt +/Tests/certs/*.csr +/Tests/certs/*.key +/Tests/certs/*.srl + diff --git a/Tests/TestCase.php b/Tests/TestCase.php index dcf9c99..1d580ef 100644 --- a/Tests/TestCase.php +++ b/Tests/TestCase.php @@ -31,13 +31,12 @@ protected function getLdapConfig(): array protected function getLdapsConfig(): array { - putenv("TLS_REQCERT=never"); - putenv('LDAPTLS_CIPHER_SUITE=NORMAL:!VERS-TLS1.2'); + putenv("TLS_REQCERT=allow"); @ldap_set_option(null, \LDAP_OPT_DEBUG_LEVEL, 7); // @ldap_set_option(null, \LDAP_OPT_X_TLS_CERTFILE, './certs/openldap.crt'); // @ldap_set_option(null, \LDAP_OPT_X_TLS_KEYFILE, './certs/openldap.key'); - @ldap_set_option(null, \LDAP_OPT_X_TLS_REQUIRE_CERT, \LDAP_OPT_X_TLS_NEVER); + @ldap_set_option(null, \LDAP_OPT_X_TLS_REQUIRE_CERT, \LDAP_OPT_X_TLS_ALLOW); /** @var resource|null $h */ $h = @ldap_connect((string) getenv('LDAP_HOST'), (int) getenv('LDAPS_PORT')); @ldap_set_option($h, \LDAP_OPT_PROTOCOL_VERSION, 3); From 7a52764206a5cf283efa82997cfa1ab586eb5c0e Mon Sep 17 00:00:00 2001 From: Dan Barrett Date: Wed, 24 Mar 2021 22:46:05 +1100 Subject: [PATCH 04/25] Debugging --- .github/workflows/continuous-integration.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index fb0f0f7..29bd867 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -103,6 +103,10 @@ jobs: # - https://github.com/docker/buildx/pull/535 # - https://github.com/docker/build-push-action/blob/master/docs/advanced/cache.md#github-cache + - name: "Docker debug" + run: | + docker network ls + - name: "Setup Docker" run: "docker-compose up -d" # Temporary while testing Docker compose for tests From 5c241e8fd418da1b8003a9422985bee1c693657b Mon Sep 17 00:00:00 2001 From: Dan Barrett Date: Wed, 24 Mar 2021 22:54:08 +1100 Subject: [PATCH 05/25] Testing --- docker-compose.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 133aa88..ccc1e04 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,8 +1,9 @@ -version: '2' +version: '3.8' services: ldap: image: bitnami/openldap:latest + network_mode: "bridge" ports: - 1389:1389 - 1636:1636 From 39331acbd514bd72aed3161ff40d5c129d9b3062 Mon Sep 17 00:00:00 2001 From: Dan Barrett Date: Wed, 24 Mar 2021 22:56:27 +1100 Subject: [PATCH 06/25] More testing --- .github/workflows/continuous-integration.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 29bd867..2767498 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -114,5 +114,5 @@ jobs: - name: "Run PHPUnit" run: "vendor/bin/phpunit" - env: - LDAP_HOST: "ldap" +# env: +# LDAP_HOST: "ldap" From cb3ac7e96692abf0cf4c752ece093f58dc74da02 Mon Sep 17 00:00:00 2001 From: Dan Barrett Date: Wed, 24 Mar 2021 23:16:42 +1100 Subject: [PATCH 07/25] Even more testing! --- .github/workflows/continuous-integration.yml | 68 +++++++++++++------- .gitignore | 4 +- Tests/certs/WARNING.md | 3 + Tests/certs/openldap.crt | 22 +++++++ Tests/certs/openldap.key | 27 ++++++++ Tests/certs/openldapCA.crt | 27 ++++++++ Tests/certs/openldapCA.key | 51 +++++++++++++++ 7 files changed, 177 insertions(+), 25 deletions(-) create mode 100644 Tests/certs/WARNING.md create mode 100644 Tests/certs/openldap.crt create mode 100644 Tests/certs/openldap.key create mode 100644 Tests/certs/openldapCA.crt create mode 100644 Tests/certs/openldapCA.key diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 2767498..4d92fc2 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -13,11 +13,25 @@ on: - cron: '0 0 * * 1' jobs: + # configure Docker here with manual running of generate.sh +# certs: +# name: "Generate certificates" +# runs-on: "ubuntu-latest" +# timeout-minutes: 10 +# +# steps: +# - name: "Generate certificates" +# run: | +# openssl genrsa -out openldapCA.key 4096 +# openssl req -x509 -new -nodes -key openldapCA.key -sha256 -days 3650 -subj "/CN=localhostCA" -out openldapCA.crt +# openssl genrsa -out openldap.key 2048 +# openssl req -new -sha256 -key openldap.key -subj "/CN=localhost" -out openldap.csr +# openssl x509 -req -in openldap.csr -CA openldapCA.crt -CAkey openldapCA.key -CAcreateserial -out openldap.crt -sha256 -days 3650 + phpunit: name: "PHPUnit on PHP ${{ matrix.php-version }} with Symfony ${{ matrix.symfony-require }}" runs-on: "ubuntu-latest" - # Temporary while testing Docker compose for tests - timeout-minutes: 10 +# needs: certs strategy: fail-fast: true @@ -50,19 +64,27 @@ jobs: composer-flags: "--ignore-platform-reqs" symfony-require: "5.2.*" -# services: -# ldap: -# image: bitnami/openldap:latest -# ports: -# - 1389:1389 -# - 1636:1636 -# env: -# LDAP_ADMIN_USERNAME: admin -# LDAP_ADMIN_PASSWORD: a_great_password -# LDAP_ROOT: dc=local,dc=com -# LDAP_PORT_NUMBER: 1636 -# LDAP_USERS: a -# LDAP_PASSWORDS: a + services: + ldap: + image: bitnami/openldap:latest + ports: + - 1389:1389 + - 1636:1636 + env: + LDAP_ADMIN_USERNAME: admin + LDAP_ADMIN_PASSWORD: a_great_password + LDAP_ROOT: dc=local,dc=com + LDAP_PORT_NUMBER: 1636 + LDAP_USERS: a + LDAP_PASSWORDS: a + LDAP_ENABLE_TLS: yes + LDAP_LDAPS_PORT_NUMBER: 1636 + LDAP_TLS_VERIFY_CLIENT: try + LDAP_TLS_CERT_FILE: /opt/bitnami/openldap/certs/openldap.crt + LDAP_TLS_KEY_FILE: /opt/bitnami/openldap/certs/openldap.key + LDAP_TLS_CA_FILE: /opt/bitnami/openldap/certs/openldapCA.crt + volumes: + - ./Tests/certs:/opt/bitnami/openldap/certs steps: - name: "Checkout" @@ -103,14 +125,14 @@ jobs: # - https://github.com/docker/buildx/pull/535 # - https://github.com/docker/build-push-action/blob/master/docs/advanced/cache.md#github-cache - - name: "Docker debug" - run: | - docker network ls - - - name: "Setup Docker" - run: "docker-compose up -d" - # Temporary while testing Docker compose for tests - timeout-minutes: 5 +# - name: "Docker debug" +# run: | +# docker network ls +# +# - name: "Setup Docker" +# run: "docker-compose up -d" +# # Temporary while testing Docker compose for tests +# timeout-minutes: 5 - name: "Run PHPUnit" run: "vendor/bin/phpunit" diff --git a/.gitignore b/.gitignore index 4e01376..d560bc4 100644 --- a/.gitignore +++ b/.gitignore @@ -10,8 +10,8 @@ package.tar /.psalm/ /.idea/ /.phpcs-cache -/Tests/certs/*.crt +#/Tests/certs/*.crt /Tests/certs/*.csr -/Tests/certs/*.key +#/Tests/certs/*.key /Tests/certs/*.srl diff --git a/Tests/certs/WARNING.md b/Tests/certs/WARNING.md new file mode 100644 index 0000000..83f6454 --- /dev/null +++ b/Tests/certs/WARNING.md @@ -0,0 +1,3 @@ +These are public⚠︎ certificates so **never** use them in any environment other than this testing suite. + +⚠︎ when I say public I mean they're available to anyone on the internet, so they should **not** be considered safe to use. diff --git a/Tests/certs/openldap.crt b/Tests/certs/openldap.crt new file mode 100644 index 0000000..e47fdd0 --- /dev/null +++ b/Tests/certs/openldap.crt @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDpjCCAY4CCQC2Yu6U/xg09DANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDDAts +b2NhbGhvc3RDQTAeFw0yMTAzMjQxMDU4MjVaFw0zMTAzMjIxMDU4MjVaMBQxEjAQ +BgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +AM3QnwZAzgIxBHz+Ilem1mpJQU5l3oYOYHb2lzkSnKbRHD2npRDYBiCtZGs+ukVL +zJf2Hyg4uhi8sj8wjGyiO+Em9b6jVmsPjIH2nBl1yxiAoN5yjobuF82cuHb62XL7 +j+Ecg+Ps2PHppT3aTH2+oKbZfJU5LhWXCo9/iLmfBX4qMSftYWYnROSQIf8mmX4A +NBIcwadmUtHa9Ge9lLphey+ET9pBW9lvXo1gTFI9quSqtlbOcJhlgb67TMh8WqPS +isVfPnGuOgMt0QTMr/nb/5Npw14hqPJ4M8RIQKIhxBBbPaALIh6Np6arou7zE3lQ +ZYstDwKdaA3GRpe4DutKgHkCAwEAATANBgkqhkiG9w0BAQsFAAOCAgEANrsIBJM0 +PshYVC1TJqcCQwMpyIw9dZVEr8TEpwAcEhpy7U+9z2X9H7yu+bBHnX/XGEj7hfjC +JOldm3cxABihJq8qZJ2JYAuiz3ydJW+gm6e5Vd3C0IVO8anRXKjOnkpJCgehVTQn +W5L2BSeKbZzqbwTPe8d0CSlz6Xl3bvXSgjXvfa16GU/+IUSEjjdkaVdqYiVtgJSj +Z1aajaXvBwfKW6HHcFicl8zxsbQiG7ZhuEpVHofWr0f8EJ8zpknIZZ2+sUGdQbYz +HO2bLrJg4EoychVbdlpBKcenvWqYl6aHyGazaNzvmm1L+o89csrb6i81JHpAARgw +g4NJSLgRKMxBhAuRYLU/qrUHABUBJpU/mE/3KUgAVu5kxTyBMmotjlmFGfZk14oH +tjwfLEbw3QYa4/aYT1VOQzssyR2/4pZOdEEFqURFeLJFAbaz1DDeFN4qKQ8lafbT +fAqW8Rc9CowGxKz9DQk8zUnVHw+3DM+qJOoc5yMLZ7NHTJpSs+P9nYrOZWq3Y9TC +LsfJrHOB9NY+5dt5aAMjjje148MqlzfzybRRGCBZUwR4IEnR+FNJDwJVJnz2S8Du +5hdTLR8j8n8GGyA5D+ciMR3ezUgO2FFW760VsEsYDHSJqKNlblzPbzxD/pvmGBfI +eC48dKEmxaTJQ+l/SdPHKe8VFRyRQP4zxh4= +-----END CERTIFICATE----- diff --git a/Tests/certs/openldap.key b/Tests/certs/openldap.key new file mode 100644 index 0000000..e27bcde --- /dev/null +++ b/Tests/certs/openldap.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAzdCfBkDOAjEEfP4iV6bWaklBTmXehg5gdvaXORKcptEcPael +ENgGIK1kaz66RUvMl/YfKDi6GLyyPzCMbKI74Sb1vqNWaw+MgfacGXXLGICg3nKO +hu4XzZy4dvrZcvuP4RyD4+zY8emlPdpMfb6gptl8lTkuFZcKj3+IuZ8FfioxJ+1h +ZidE5JAh/yaZfgA0EhzBp2ZS0dr0Z72UumF7L4RP2kFb2W9ejWBMUj2q5Kq2Vs5w +mGWBvrtMyHxao9KKxV8+ca46Ay3RBMyv+dv/k2nDXiGo8ngzxEhAoiHEEFs9oAsi +Ho2npqui7vMTeVBliy0PAp1oDcZGl7gO60qAeQIDAQABAoIBAG5zAIQ4jtV6PLBf +KUrki7hqK5PI80v5tybgWnMUW+Dh40frCZgqdc9ffb5X4VqCvP7n4/yPxL61tOpY +QWOjBINlhweRXDUEGSE9mLPJFP7HOI1n6LjcWQXMjum64Krl+WaTCOxuFFZuTnEN +D3ODs28W09a44tRPRCmSBWunvSjgwPoNgprsojdMQfwN0iRGvtIgdRY/TeHa0WeH +IG5B15d2I1BflOXwsBdFSsJHB+VF9JffJtmPFp31qJJElFHzg69dYX90l+2f/YTL +6FkaOeQdNXIya4m5H9tORPhHUuFA9J+I0ECWkDi/qGDNkcVl1zEDRK5MAMg8KjFK +/xSyuMkCgYEA79TcbZfK7SK+LuINsirTWiaPdu3K8Dtx+k2Ch9YVM7hQhQvS+zLb +GqPbK1pyjp/KSrlJEyZoMmuzwU31zRzXNnFq2LsdVe5Cs7ENVltwlO//jyHubNKu +opFRcBn84sCS9zMQWRSC8wE+svrFLSKt5np9Pp/cKyStKK2LMwBUB+MCgYEA27Cv +LU51/EaoO2feLP+E7tGhLwQrY/oGQD1elh5hwMvBn7Ji3hlqInVhxHwnrr9/pAOD +47FUyWnarHPktXSj2pa1kujCxUpNfP7k1AdOCBRCZ/LyKcQCgYvWxU3AFm3YcyTV +wGziPlMsq7QF7ysB9meBqvXuCgdxwa4Z0IzkLPMCgYARlXS34EozirmQ7Gf+qR8n +2+3m1VZsuJ8JsAci+HJDgX790jkcy8S+tkbKbe46QMLvKZiO++Dl2XmrcZDVAglR +Z41i6I0lELv5OsD0lO2zLcl58A3wEp5VMvxakL02ztG3qBnJvjQ/pta2/qXYQlOn +s1FddxEIZL8BXX/4NEz06wKBgQC4AM1ISj4h9WA0mXOKBt3lVSkGgxyAmUohBgWy +AHJpk39x7WxHj8vIXr5rXn2yLGyRB+ywibd1FzbzWAJIRRB0JeSgzllL+0bZmXg5 +aoDd3XIdNGvFtYlPzbst+EgZwRkYn9J0X/5Cq1Fv4tFRl5kGM310npUoS0HpMZQn +i8oVJwKBgQDeRntjGwOi8S/yy7UP8nrJfNNZLX/Fl6fbMRj5F6pdzYlKtSAtF2c8 +1uEJd2KMk/nxWIR9SRO3XkT/BPBw3on4xqITWUWWJZ2TBw+uIFOGVGAJlblvCygM +N0vYKa+o2gyTXOxci1Cpf36Rg3TQsi3fz3a7Es42n79Tqs2jvwlFcg== +-----END RSA PRIVATE KEY----- diff --git a/Tests/certs/openldapCA.crt b/Tests/certs/openldapCA.crt new file mode 100644 index 0000000..425cfac --- /dev/null +++ b/Tests/certs/openldapCA.crt @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE----- +MIIEqDCCApACCQD5KD/g/VvPQTANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDDAts +b2NhbGhvc3RDQTAeFw0yMTAzMjQxMDU4MjVaFw0zMTAzMjIxMDU4MjVaMBYxFDAS +BgNVBAMMC2xvY2FsaG9zdENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC +AgEA6xfQIr6o+CXdvvtcdxDvkfiaXB5Ufee+1XISqaSMIxGauMGKm+suGiA1pRg8 +OoBMyuY/5vpelheVV9vPpZQFMrukbw1C0T0NyQ8QE2ulqJBd2fhEqNPeuIw2/o9P +BOXZfJkSLctnEVQQO8O5njpymhX6ARmT9diyUjVJXExfLUFU0S3PdJiRPHIvYE5q +PehzET85g9RJF0KBjS1KSGVWtc7bynT3EbMdt2dqEWYnQP6HBJII64yP1ogNemar +MiSD1rvXA38EBOpezFHJTMSFvMypLRJjgioSbETQuqb32bBlZfsFcAIV9XJHmB3D +CcOTfrFdmaE/b4ndyHIXgd+1wi05d9hNgIn1O/j+Df/Qo0x3XkriHrzALjQvN5xF +gumxrZzmZVxCVSEVyTYm0mTmB8U6UwmFCxG2qQijlHRPbiQGzXal4G9MHVMHxTuZ +i9ldek8MXv9HDLKSJpf0wQKCShXI6CkKoJB587tdn/BYxxr70PKRXF1RsSyAaIvb +d8YxvNlBVJ8Qm4cIH/s1GwOwecyf05s6/HXJp0XrMnEvjm94O5bpYFgW8Ki7qtuQ +ZgvPYLB4/GFYabHlE0uoQ80VSgCdCgY1aQQ/yx0DhOylEqbAAzscWE6sdwLi1snC +qN224FLbHqbbiY0v589DDyceghIK/AVLZQQ429J+2oAmv4MCAwEAATANBgkqhkiG +9w0BAQsFAAOCAgEAo6XBT06BWp+5m2DQG6u5fBAk6ebMC9G2UpbbL6gztb2hesYI +ALpxHnZAV1LWP/RqCDmW5gBOfqOymV8VdGHixjxbNe/AQy/EWTIToAEaSr4zsIn1 +gOj3bg5zg/6lfnvAU0N4wirFI3hLuH7HKEWCBZy4WJ5BIOYeZ1174KqLCkS/a2+u +hklYBsOhzQHTGW9vVlR4cGvLVpIBV/fT74Eg4bxe7IYZW9iOULfOIV7am5FdRKZW +hq/4sX+O4/7angVbp/RBOr/AHsizj/nABAQr6KsyUi6c7KbbNpEiUW29/NoMZ+Wp +xGGinPc1MyIvDgcN6GXqMX1cIv2s5/NHu9eqE6FOHxtKAd3WlRSvthsj+LK5oWdV +K/d0QqC4tG7BhXOMw6TCbaMci1EJsOXMLOdZdyeuWeg+In9lu1bcG4hdm82Mg+nM +J5kVPqQsubQGIWbuWgYyIeMrXqcO6SCGXLEHAbNIlIEyajcK5zhsGPoyJWr2Ol2S +fNLou26bZO4Rv2zvYZC7M9V8PiOruakRmvcUqBrd+XlKM93OOs3yR9F7+2S0UGeq +3nX1cpl3BCjTcKKpubMFsHHqK9u/1HzsTuy2/6JJWPC+xIy+z7ovOpYnk+r5bigi +1F5RosbdywE/nDLbkOaXiCiuy/gjYC3pQjd4Zyo4jQBi1ApoodrtTWw7kTU= +-----END CERTIFICATE----- diff --git a/Tests/certs/openldapCA.key b/Tests/certs/openldapCA.key new file mode 100644 index 0000000..23939ac --- /dev/null +++ b/Tests/certs/openldapCA.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKgIBAAKCAgEA6xfQIr6o+CXdvvtcdxDvkfiaXB5Ufee+1XISqaSMIxGauMGK +m+suGiA1pRg8OoBMyuY/5vpelheVV9vPpZQFMrukbw1C0T0NyQ8QE2ulqJBd2fhE +qNPeuIw2/o9PBOXZfJkSLctnEVQQO8O5njpymhX6ARmT9diyUjVJXExfLUFU0S3P +dJiRPHIvYE5qPehzET85g9RJF0KBjS1KSGVWtc7bynT3EbMdt2dqEWYnQP6HBJII +64yP1ogNemarMiSD1rvXA38EBOpezFHJTMSFvMypLRJjgioSbETQuqb32bBlZfsF +cAIV9XJHmB3DCcOTfrFdmaE/b4ndyHIXgd+1wi05d9hNgIn1O/j+Df/Qo0x3Xkri +HrzALjQvN5xFgumxrZzmZVxCVSEVyTYm0mTmB8U6UwmFCxG2qQijlHRPbiQGzXal +4G9MHVMHxTuZi9ldek8MXv9HDLKSJpf0wQKCShXI6CkKoJB587tdn/BYxxr70PKR +XF1RsSyAaIvbd8YxvNlBVJ8Qm4cIH/s1GwOwecyf05s6/HXJp0XrMnEvjm94O5bp +YFgW8Ki7qtuQZgvPYLB4/GFYabHlE0uoQ80VSgCdCgY1aQQ/yx0DhOylEqbAAzsc +WE6sdwLi1snCqN224FLbHqbbiY0v589DDyceghIK/AVLZQQ429J+2oAmv4MCAwEA +AQKCAgEAqeKgbqs2sXOzpXJBZG1hoitzaIQmbIGOfvIbGGonNqRfGYoK3xd5Tjne +ajp0M5ZJaAoxPXnJ5k6Ohln62N15UCsW7YU4trmW/6cZ597PbFs+5ueovhO1C8mP +aC8pXBG5M3fuEhe9mGEWBgovVW9JJ54f9rGEIZGBczS8ma06zho675paIxipQ3QE +VmT0E16p4Fm+90vtsZhGxD1pQ52vplwgqlIRxMGaBNH/bSlTznzgFuZs+cKuosnY +a45LwkVu3DsLaqRbxC2VabLkc8xEFKYUztROAl7ix0iHSYqk6rO04pgeWs23DpKR +uBQxwBmLuW70g7NpgvGuyk3gPOLrlU6v1OUpcDOudS7xh8F88a7ZRybzaY6WfB8/ +po7Po39I3UJWn+eMEFxxbyh0o9MRUmcDstDW4uncvv/yp35yk6nHwLQSR4Gc6sRf +8UqOM9PxfKxAZbT4bbUR262EBrv4VLuQZ5HgRtuunudpEAwRT31zQTzoQmnV4yFW +w++yH02ceYzAjSGlPECJ2o6L4+s8bIc1pJhdD2DMFVOMQNJyVVPiO2nkRtlOOLpz +CXhXiJB8lKWuE0wsdNunR8y6kvqiWDquZYMmSmQjsQ42RGgxJnyw2ixy1XX9zk9B +wVPzGxONwKvk5EWqreqPQsw7lE99zD/x9Q2w5/eQW6AH4lMZKBkCggEBAPrx0UBe +IjCztn5mmhJqC8dN+jqzn7LPd2ZM20UBrPrRuKlSs5kVGScEb2x39bp3lczjkeju +BCb/JNuq/CYGl0e1w7yIQbKRK2YzdpywZXvBNm/A1+PJUNq9jwa+5XVDkImjfwea +JyzyULhLnq5ohJJBWsOC4OnqbnxZ00TbcSn2fTaUCGpBmcVzMHA5a+8UvKuHhwBZ +N7tCt6bfyCEO1+aWIQo443KRtQJDYLFez+6EBjbLW5sz4zy9nKMpgxQhdjJOpyYP +jvWaE7yQ/KSqDH55/5hMvr1ES/lkJqKphY/EvAQ5Wtw7x2zAIi1MIRQl4/2UuSVR +f7OuncfdciEMou8CggEBAO/UPsOp9E1yXGqXwziHPYOT/Nq5MDXLh/S+6C3eUuHR +jFZdCbFs1gwwLNduLZJdgdVdWDr0S5F9YtdrdxrDnqLIimVCjCXyR34vcMlNtkrQ +T8FHHfk0BTsrhmWz9MuoI7I6LvBN04PmoVSpUxXrYC3j1lHyTpLbQJhNWDgxrlFm +DHGnW46QttY/Gzpn8tPDCyjxW+LpjcbhsauslZHQl/iBEU+U6QqpUI4hTfUbJ2uL +Os7w5Pld4Kt1DqqwEETbOkMP4ZP4DELoTkyjy38PTqr1/dsZO/52OesLlG3uBfnZ +BAhfkWMty8Y2TdJzNfNvTW+2Hz5eGCVEXpzzIyHdnK0CggEAAfvDUaTs1EG3YYxi +D18zNKITJj+hNYKaSP62hPccbOcXdI8oyD74ceyBDPRtxsmHL5Vk49htw/kkS3Aw +igRnUbPIFkdlbYnkM+yYNWjXhIDkc0Gs8yn2L6Rr6vu7SI/+JnhaWq8HPD22EZ7X +ZD2DPryxgPYZ3P9zXBxBpTuuy0wddT76Sgy2sG7WpSxvA/a//wMVOBV8cUh3tyPx +qwE5B6OMI06Lza4FJj1uGDjNn+7/NZOp57IjS6mcAVYkqRYSnxcsDwr0cFCFc2oZ +9Rs6+gzwzj1dDJXrm88E1yhL2/UMH2RsqWz3iI6ENqNxZ31dLfXs+LSKM9tfd+Ly +MfytlQKCAQEAjc2zJsHwv3IlDqmZNm1Qg+IWmcTxqn0jcCUI50YTP45FKjNsrcmq +bh52BRMSQv6i6+N7bbBQlj/LF5BlJiAQRjPJEMJeV3l/qC6ow339kRLGdYN1R4no +penAV5Yl4d0S7ijU5CVAMTdGoOZVSBqaDcgvSti4eMDG2sawqNlHNr3eEb1gt1T9 +poQ9tzULMQacLKM5L1vlBnkgMl+jOEpb8QVvlNx5RmKCTOeITqq1jjMOnJl26bMG +Spq2B1p+5BezxT84o+MAbPcqhMo8Ym5Ml21HoiqzfGuvJzj7lFwukGIurjzDnB7R +4+rr7MlOVxeyc6D9rES6hh58ytRAK5/7KQKCAQEAuJ1UHP5juT1tp03wuWR+ZNrC +9OdUVEdHkHRpI6GeVXwDFsC5FqsOjABltJwk/HCbgZsR6j5LCGmtQmo7CgjFohNY +rCIJJjGDvwttV2BI4ZovW8BZtwolEgb1IbFgKMTmW+VwzRwa9TvdiT9ImdSPsNtd +ofnTl+jDXZcI2xjTrdlRwmy51AZXV7qzN0iQU85Lq8gh0tBMHKEyWpR9LCA1/YjP +VWLgh3lBoaNZDK4PILaXelQjRNE6jvJJBeFMbEm0dOjc7qTfjFtmbZl4WZ75Ze2W +z/luzHSbyMqJJocmYb9eI7PFvlFxPh/rI30+BxrlhpCYa4gQRgGzcw9+dB0law== +-----END RSA PRIVATE KEY----- From 0abdd52203b61cc6a22fe7a98bd3dbfc5c34884d Mon Sep 17 00:00:00 2001 From: Dan Barrett Date: Thu, 25 Mar 2021 12:58:06 +1100 Subject: [PATCH 08/25] Temp --- .github/workflows/continuous-integration.yml | 62 +++++++++++--------- 1 file changed, 33 insertions(+), 29 deletions(-) diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 4d92fc2..a3bcb44 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -14,12 +14,15 @@ on: jobs: # configure Docker here with manual running of generate.sh -# certs: -# name: "Generate certificates" -# runs-on: "ubuntu-latest" + certs: + name: "Generate certificates" + runs-on: "ubuntu-latest" # timeout-minutes: 10 # -# steps: + steps: + - name: "Checkout" + uses: "actions/checkout@v2" + # - name: "Generate certificates" # run: | # openssl genrsa -out openldapCA.key 4096 @@ -31,7 +34,7 @@ jobs: phpunit: name: "PHPUnit on PHP ${{ matrix.php-version }} with Symfony ${{ matrix.symfony-require }}" runs-on: "ubuntu-latest" -# needs: certs + needs: certs strategy: fail-fast: true @@ -42,27 +45,28 @@ jobs: - php-version: 7.2 composer-flags: "--prefer-lowest --prefer-stable" symfony-require: "4.4.*" - - php-version: 7.3 - composer-flags: "--prefer-stable" - symfony-require: "4.4.*" - - php-version: 7.4 - composer-flags: "--prefer-stable" - symfony-require: "4.4.*" - - php-version: 7.4 - composer-flags: "--prefer-stable" - symfony-require: "5.0.*" - - php-version: 7.4 - composer-flags: "--prefer-stable" - symfony-require: "5.1.*" - - php-version: 7.4 - composer-flags: "--prefer-stable" - symfony-require: "5.2.*" - - php-version: 8.0 - composer-flags: "--prefer-stable" - symfony-require: "5.2.*" - - php-version: 8.1 - composer-flags: "--ignore-platform-reqs" - symfony-require: "5.2.*" + # Temp comment out during Docker testing +# - php-version: 7.3 +# composer-flags: "--prefer-stable" +# symfony-require: "4.4.*" +# - php-version: 7.4 +# composer-flags: "--prefer-stable" +# symfony-require: "4.4.*" +# - php-version: 7.4 +# composer-flags: "--prefer-stable" +# symfony-require: "5.0.*" +# - php-version: 7.4 +# composer-flags: "--prefer-stable" +# symfony-require: "5.1.*" +# - php-version: 7.4 +# composer-flags: "--prefer-stable" +# symfony-require: "5.2.*" +# - php-version: 8.0 +# composer-flags: "--prefer-stable" +# symfony-require: "5.2.*" +# - php-version: 8.1 +# composer-flags: "--ignore-platform-reqs" +# symfony-require: "5.2.*" services: ldap: @@ -84,11 +88,11 @@ jobs: LDAP_TLS_KEY_FILE: /opt/bitnami/openldap/certs/openldap.key LDAP_TLS_CA_FILE: /opt/bitnami/openldap/certs/openldapCA.crt volumes: - - ./Tests/certs:/opt/bitnami/openldap/certs + - Tests/certs:/opt/bitnami/openldap/certs steps: - - name: "Checkout" - uses: "actions/checkout@v2" +# - name: "Checkout" +# uses: "actions/checkout@v2" - name: "Install PHP with PCOV" uses: "shivammathur/setup-php@v2" From 61d7382d6c3a2ed7ec8b4dfc4141a32b0cf5c323 Mon Sep 17 00:00:00 2001 From: Dan Barrett Date: Thu, 25 Mar 2021 13:26:02 +1100 Subject: [PATCH 09/25] Temp 2 --- .github/workflows/continuous-integration.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index a3bcb44..69a2316 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -88,7 +88,7 @@ jobs: LDAP_TLS_KEY_FILE: /opt/bitnami/openldap/certs/openldap.key LDAP_TLS_CA_FILE: /opt/bitnami/openldap/certs/openldapCA.crt volumes: - - Tests/certs:/opt/bitnami/openldap/certs + - ${{ GITHUB_WORKSPACE }}/Tests/certs:/opt/bitnami/openldap/certs steps: # - name: "Checkout" From f7aae7960e44c509214298fc220f3bddfcd6e1ae Mon Sep 17 00:00:00 2001 From: Dan Barrett Date: Thu, 25 Mar 2021 13:29:26 +1100 Subject: [PATCH 10/25] Temp 3 --- .github/workflows/continuous-integration.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 69a2316..bfdf37c 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -88,7 +88,7 @@ jobs: LDAP_TLS_KEY_FILE: /opt/bitnami/openldap/certs/openldap.key LDAP_TLS_CA_FILE: /opt/bitnami/openldap/certs/openldapCA.crt volumes: - - ${{ GITHUB_WORKSPACE }}/Tests/certs:/opt/bitnami/openldap/certs + - ${{ github.workspace }}/Tests/certs:/opt/bitnami/openldap/certs steps: # - name: "Checkout" From 08cb47a00589d9aa254d5298c714089faaedce6c Mon Sep 17 00:00:00 2001 From: Dan Barrett Date: Thu, 25 Mar 2021 20:23:59 +1100 Subject: [PATCH 11/25] Temp 4 --- .github/workflows/continuous-integration.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index bfdf37c..402cf72 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -93,6 +93,10 @@ jobs: steps: # - name: "Checkout" # uses: "actions/checkout@v2" + - name: "Debug" + run: | + pwd + ls -la - name: "Install PHP with PCOV" uses: "shivammathur/setup-php@v2" From b3a904f77eff468bcb1771a581c489834a759e57 Mon Sep 17 00:00:00 2001 From: Dan Barrett Date: Thu, 25 Mar 2021 20:25:54 +1100 Subject: [PATCH 12/25] Temp 5 --- .github/workflows/continuous-integration.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 402cf72..52ac06a 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -97,6 +97,8 @@ jobs: run: | pwd ls -la + ls -la Tests + ls -la Tests/certs - name: "Install PHP with PCOV" uses: "shivammathur/setup-php@v2" From aea1834947ad18efc9a7db13bb791d71d790c91f Mon Sep 17 00:00:00 2001 From: Dan Barrett Date: Thu, 25 Mar 2021 20:34:30 +1100 Subject: [PATCH 13/25] Temp 6 --- .github/workflows/continuous-integration.yml | 29 ++++++++++++-------- 1 file changed, 18 insertions(+), 11 deletions(-) diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 52ac06a..5c197b2 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -14,14 +14,14 @@ on: jobs: # configure Docker here with manual running of generate.sh - certs: - name: "Generate certificates" - runs-on: "ubuntu-latest" -# timeout-minutes: 10 -# - steps: - - name: "Checkout" - uses: "actions/checkout@v2" +# certs: +# name: "Generate certificates" +# runs-on: "ubuntu-latest" +## timeout-minutes: 10 +## +# steps: +# - name: "Checkout" +# uses: "actions/checkout@v2" # - name: "Generate certificates" # run: | @@ -34,7 +34,7 @@ jobs: phpunit: name: "PHPUnit on PHP ${{ matrix.php-version }} with Symfony ${{ matrix.symfony-require }}" runs-on: "ubuntu-latest" - needs: certs +# needs: certs strategy: fail-fast: true @@ -91,8 +91,9 @@ jobs: - ${{ github.workspace }}/Tests/certs:/opt/bitnami/openldap/certs steps: -# - name: "Checkout" -# uses: "actions/checkout@v2" + - name: "Checkout" + uses: "actions/checkout@v2" + - name: "Debug" run: | pwd @@ -100,6 +101,12 @@ jobs: ls -la Tests ls -la Tests/certs +# - name: "Checkout" +# uses: "actions/checkout@v2" + + - name: "Restart Docker" + run: "docker-compose restart" + - name: "Install PHP with PCOV" uses: "shivammathur/setup-php@v2" with: From 3a91575bbd64e8975c9d6f1ebf0633ea41f76419 Mon Sep 17 00:00:00 2001 From: Dan Barrett Date: Thu, 25 Mar 2021 20:40:46 +1100 Subject: [PATCH 14/25] Temp 7 --- .github/workflows/continuous-integration.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 5c197b2..c8ef7c7 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -91,6 +91,9 @@ jobs: - ${{ github.workspace }}/Tests/certs:/opt/bitnami/openldap/certs steps: + - name: "Test" + run: sudo chown -R $USER:$USER ${{ github.workspace }} + - name: "Checkout" uses: "actions/checkout@v2" From 04c8dd1126d7b405574b141427504a89b83388ee Mon Sep 17 00:00:00 2001 From: Dan Barrett Date: Thu, 25 Mar 2021 20:47:28 +1100 Subject: [PATCH 15/25] Temp 8 --- .github/workflows/continuous-integration.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index c8ef7c7..ee4173a 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -92,7 +92,9 @@ jobs: steps: - name: "Test" - run: sudo chown -R $USER:$USER ${{ github.workspace }} + run: | + sudo chown -R $USER:$USER ${{ github.workspace }} + docker container ls - name: "Checkout" uses: "actions/checkout@v2" From 0af1767f63304162782c04ee00dab9151cf434f2 Mon Sep 17 00:00:00 2001 From: Dan Barrett Date: Thu, 25 Mar 2021 20:55:54 +1100 Subject: [PATCH 16/25] Temp 9 --- .github/workflows/continuous-integration.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index ee4173a..29e81ef 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -89,6 +89,7 @@ jobs: LDAP_TLS_CA_FILE: /opt/bitnami/openldap/certs/openldapCA.crt volumes: - ${{ github.workspace }}/Tests/certs:/opt/bitnami/openldap/certs + options: --name ldaprecord steps: - name: "Test" From 2ae3a7252306d347e8f375c19f1eab12ac873a17 Mon Sep 17 00:00:00 2001 From: Dan Barrett Date: Thu, 25 Mar 2021 21:12:53 +1100 Subject: [PATCH 17/25] Temp 10 --- .github/workflows/continuous-integration.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 29e81ef..0c7314d 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -89,7 +89,7 @@ jobs: LDAP_TLS_CA_FILE: /opt/bitnami/openldap/certs/openldapCA.crt volumes: - ${{ github.workspace }}/Tests/certs:/opt/bitnami/openldap/certs - options: --name ldaprecord + options: --name=ldaprecord steps: - name: "Test" From 565663b464900456b75b020d5a16d14e8759f173 Mon Sep 17 00:00:00 2001 From: Dan Barrett Date: Thu, 25 Mar 2021 21:15:38 +1100 Subject: [PATCH 18/25] Temp 11 --- .github/workflows/continuous-integration.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 0c7314d..5777f58 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -96,6 +96,7 @@ jobs: run: | sudo chown -R $USER:$USER ${{ github.workspace }} docker container ls + docker ps - name: "Checkout" uses: "actions/checkout@v2" From 09ece2a43e4055097c258ca0fa7cda2298da6a57 Mon Sep 17 00:00:00 2001 From: Dan Barrett Date: Thu, 25 Mar 2021 21:29:46 +1100 Subject: [PATCH 19/25] Temp 12 --- .github/workflows/continuous-integration.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 5777f58..c71f789 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -112,7 +112,7 @@ jobs: # uses: "actions/checkout@v2" - name: "Restart Docker" - run: "docker-compose restart" + run: "docker restart ldaprecord" - name: "Install PHP with PCOV" uses: "shivammathur/setup-php@v2" From 0227d1ed32f8c7f01449a58ace3ad30a9a2cf6bd Mon Sep 17 00:00:00 2001 From: Dan Barrett Date: Thu, 25 Mar 2021 21:47:07 +1100 Subject: [PATCH 20/25] Temp 13 --- .github/workflows/continuous-integration.yml | 28 ++++++++------------ 1 file changed, 11 insertions(+), 17 deletions(-) diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index c71f789..7096d73 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -101,19 +101,6 @@ jobs: - name: "Checkout" uses: "actions/checkout@v2" - - name: "Debug" - run: | - pwd - ls -la - ls -la Tests - ls -la Tests/certs - -# - name: "Checkout" -# uses: "actions/checkout@v2" - - - name: "Restart Docker" - run: "docker restart ldaprecord" - - name: "Install PHP with PCOV" uses: "shivammathur/setup-php@v2" with: @@ -122,6 +109,13 @@ jobs: php-version: "${{ matrix.php-version }}" ini-values: "zend.assertions=1" + - name: "Generate certificates" + run: | + composer generate-certs + + - name: "Restart Docker" + run: "docker restart ldaprecord" + - name: "Validate composer files" run: "composer validate --strict" @@ -131,8 +125,12 @@ jobs: path: "~/.composer/cache" key: php-${{ matrix.php-version }}-symfony-${{ matrix.symfony-require }}-composer-locked-${{ hashFiles('composer.lock') }} restore-keys: | + php-${{ matrix.php-version }}-symfony-${{ matrix.symfony-require }}-composer-locked-${{ hashFiles('composer.lock') }} php-${{ matrix.php-version }}-symfony-${{ matrix.symfony-require }}-composer-locked- + php-${{ matrix.php-version }}-symfony-${{ matrix.symfony-require }} + php-${{ matrix.php-version }}-symfony- php-${{ matrix.php-version }}- + php- - name: "Install dependencies with composer" env: @@ -141,10 +139,6 @@ jobs: composer global require --no-progress --no-scripts --no-plugins symfony/flex composer update --no-interaction --no-progress ${{ matrix.composer-flags }} - - name: "Generate certificates" - run: | - composer generate-certs - # TODO: Cache Docker layers # - https://github.com/docker/buildx/pull/535 # - https://github.com/docker/build-push-action/blob/master/docs/advanced/cache.md#github-cache From 6ee47ea1dd2dbbab8fbaa62a9875f898c2fa57c4 Mon Sep 17 00:00:00 2001 From: Dan Barrett Date: Thu, 25 Mar 2021 21:51:02 +1100 Subject: [PATCH 21/25] Temp 14 --- .github/workflows/continuous-integration.yml | 36 +------------------- 1 file changed, 1 insertion(+), 35 deletions(-) diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 7096d73..08b8360 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -13,28 +13,9 @@ on: - cron: '0 0 * * 1' jobs: - # configure Docker here with manual running of generate.sh -# certs: -# name: "Generate certificates" -# runs-on: "ubuntu-latest" -## timeout-minutes: 10 -## -# steps: -# - name: "Checkout" -# uses: "actions/checkout@v2" - -# - name: "Generate certificates" -# run: | -# openssl genrsa -out openldapCA.key 4096 -# openssl req -x509 -new -nodes -key openldapCA.key -sha256 -days 3650 -subj "/CN=localhostCA" -out openldapCA.crt -# openssl genrsa -out openldap.key 2048 -# openssl req -new -sha256 -key openldap.key -subj "/CN=localhost" -out openldap.csr -# openssl x509 -req -in openldap.csr -CA openldapCA.crt -CAkey openldapCA.key -CAcreateserial -out openldap.crt -sha256 -days 3650 - phpunit: name: "PHPUnit on PHP ${{ matrix.php-version }} with Symfony ${{ matrix.symfony-require }}" runs-on: "ubuntu-latest" -# needs: certs strategy: fail-fast: true @@ -78,7 +59,7 @@ jobs: LDAP_ADMIN_USERNAME: admin LDAP_ADMIN_PASSWORD: a_great_password LDAP_ROOT: dc=local,dc=com - LDAP_PORT_NUMBER: 1636 + LDAP_PORT_NUMBER: 1389 LDAP_USERS: a LDAP_PASSWORDS: a LDAP_ENABLE_TLS: yes @@ -139,20 +120,5 @@ jobs: composer global require --no-progress --no-scripts --no-plugins symfony/flex composer update --no-interaction --no-progress ${{ matrix.composer-flags }} - # TODO: Cache Docker layers - # - https://github.com/docker/buildx/pull/535 - # - https://github.com/docker/build-push-action/blob/master/docs/advanced/cache.md#github-cache - -# - name: "Docker debug" -# run: | -# docker network ls -# -# - name: "Setup Docker" -# run: "docker-compose up -d" -# # Temporary while testing Docker compose for tests -# timeout-minutes: 5 - - name: "Run PHPUnit" run: "vendor/bin/phpunit" -# env: -# LDAP_HOST: "ldap" From a74d973737be99be0996316265ea1d7754ea96c4 Mon Sep 17 00:00:00 2001 From: Dan Barrett Date: Sun, 28 Mar 2021 15:26:24 +1100 Subject: [PATCH 22/25] Temp 15 --- .github/workflows/continuous-integration.yml | 17 ++++--- Tests/certs/WARNING.md | 3 -- Tests/certs/openldap.crt | 22 --------- Tests/certs/openldap.key | 27 ----------- Tests/certs/openldapCA.crt | 27 ----------- Tests/certs/openldapCA.key | 51 -------------------- 6 files changed, 9 insertions(+), 138 deletions(-) delete mode 100644 Tests/certs/WARNING.md delete mode 100644 Tests/certs/openldap.crt delete mode 100644 Tests/certs/openldap.key delete mode 100644 Tests/certs/openldapCA.crt delete mode 100644 Tests/certs/openldapCA.key diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 08b8360..3cb55b2 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -73,11 +73,9 @@ jobs: options: --name=ldaprecord steps: - - name: "Test" - run: | - sudo chown -R $USER:$USER ${{ github.workspace }} - docker container ls - docker ps +# - name: "Test" +# run: | +# sudo chown -R $USER:$USER ${{ github.workspace }} - name: "Checkout" uses: "actions/checkout@v2" @@ -95,10 +93,12 @@ jobs: composer generate-certs - name: "Restart Docker" - run: "docker restart ldaprecord" + run: | + docker restart ldaprecord - name: "Validate composer files" - run: "composer validate --strict" + run: | + composer validate --strict - name: "Cache dependencies installed with composer" uses: "actions/cache@v2" @@ -121,4 +121,5 @@ jobs: composer update --no-interaction --no-progress ${{ matrix.composer-flags }} - name: "Run PHPUnit" - run: "vendor/bin/phpunit" + run: | + composer phpunit diff --git a/Tests/certs/WARNING.md b/Tests/certs/WARNING.md deleted file mode 100644 index 83f6454..0000000 --- a/Tests/certs/WARNING.md +++ /dev/null @@ -1,3 +0,0 @@ -These are public⚠︎ certificates so **never** use them in any environment other than this testing suite. - -⚠︎ when I say public I mean they're available to anyone on the internet, so they should **not** be considered safe to use. diff --git a/Tests/certs/openldap.crt b/Tests/certs/openldap.crt deleted file mode 100644 index e47fdd0..0000000 --- a/Tests/certs/openldap.crt +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDpjCCAY4CCQC2Yu6U/xg09DANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDDAts -b2NhbGhvc3RDQTAeFw0yMTAzMjQxMDU4MjVaFw0zMTAzMjIxMDU4MjVaMBQxEjAQ -BgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB -AM3QnwZAzgIxBHz+Ilem1mpJQU5l3oYOYHb2lzkSnKbRHD2npRDYBiCtZGs+ukVL -zJf2Hyg4uhi8sj8wjGyiO+Em9b6jVmsPjIH2nBl1yxiAoN5yjobuF82cuHb62XL7 -j+Ecg+Ps2PHppT3aTH2+oKbZfJU5LhWXCo9/iLmfBX4qMSftYWYnROSQIf8mmX4A -NBIcwadmUtHa9Ge9lLphey+ET9pBW9lvXo1gTFI9quSqtlbOcJhlgb67TMh8WqPS -isVfPnGuOgMt0QTMr/nb/5Npw14hqPJ4M8RIQKIhxBBbPaALIh6Np6arou7zE3lQ -ZYstDwKdaA3GRpe4DutKgHkCAwEAATANBgkqhkiG9w0BAQsFAAOCAgEANrsIBJM0 -PshYVC1TJqcCQwMpyIw9dZVEr8TEpwAcEhpy7U+9z2X9H7yu+bBHnX/XGEj7hfjC -JOldm3cxABihJq8qZJ2JYAuiz3ydJW+gm6e5Vd3C0IVO8anRXKjOnkpJCgehVTQn -W5L2BSeKbZzqbwTPe8d0CSlz6Xl3bvXSgjXvfa16GU/+IUSEjjdkaVdqYiVtgJSj -Z1aajaXvBwfKW6HHcFicl8zxsbQiG7ZhuEpVHofWr0f8EJ8zpknIZZ2+sUGdQbYz -HO2bLrJg4EoychVbdlpBKcenvWqYl6aHyGazaNzvmm1L+o89csrb6i81JHpAARgw -g4NJSLgRKMxBhAuRYLU/qrUHABUBJpU/mE/3KUgAVu5kxTyBMmotjlmFGfZk14oH -tjwfLEbw3QYa4/aYT1VOQzssyR2/4pZOdEEFqURFeLJFAbaz1DDeFN4qKQ8lafbT -fAqW8Rc9CowGxKz9DQk8zUnVHw+3DM+qJOoc5yMLZ7NHTJpSs+P9nYrOZWq3Y9TC -LsfJrHOB9NY+5dt5aAMjjje148MqlzfzybRRGCBZUwR4IEnR+FNJDwJVJnz2S8Du -5hdTLR8j8n8GGyA5D+ciMR3ezUgO2FFW760VsEsYDHSJqKNlblzPbzxD/pvmGBfI -eC48dKEmxaTJQ+l/SdPHKe8VFRyRQP4zxh4= ------END CERTIFICATE----- diff --git a/Tests/certs/openldap.key b/Tests/certs/openldap.key deleted file mode 100644 index e27bcde..0000000 --- a/Tests/certs/openldap.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAzdCfBkDOAjEEfP4iV6bWaklBTmXehg5gdvaXORKcptEcPael -ENgGIK1kaz66RUvMl/YfKDi6GLyyPzCMbKI74Sb1vqNWaw+MgfacGXXLGICg3nKO -hu4XzZy4dvrZcvuP4RyD4+zY8emlPdpMfb6gptl8lTkuFZcKj3+IuZ8FfioxJ+1h -ZidE5JAh/yaZfgA0EhzBp2ZS0dr0Z72UumF7L4RP2kFb2W9ejWBMUj2q5Kq2Vs5w -mGWBvrtMyHxao9KKxV8+ca46Ay3RBMyv+dv/k2nDXiGo8ngzxEhAoiHEEFs9oAsi -Ho2npqui7vMTeVBliy0PAp1oDcZGl7gO60qAeQIDAQABAoIBAG5zAIQ4jtV6PLBf -KUrki7hqK5PI80v5tybgWnMUW+Dh40frCZgqdc9ffb5X4VqCvP7n4/yPxL61tOpY -QWOjBINlhweRXDUEGSE9mLPJFP7HOI1n6LjcWQXMjum64Krl+WaTCOxuFFZuTnEN -D3ODs28W09a44tRPRCmSBWunvSjgwPoNgprsojdMQfwN0iRGvtIgdRY/TeHa0WeH -IG5B15d2I1BflOXwsBdFSsJHB+VF9JffJtmPFp31qJJElFHzg69dYX90l+2f/YTL -6FkaOeQdNXIya4m5H9tORPhHUuFA9J+I0ECWkDi/qGDNkcVl1zEDRK5MAMg8KjFK -/xSyuMkCgYEA79TcbZfK7SK+LuINsirTWiaPdu3K8Dtx+k2Ch9YVM7hQhQvS+zLb -GqPbK1pyjp/KSrlJEyZoMmuzwU31zRzXNnFq2LsdVe5Cs7ENVltwlO//jyHubNKu -opFRcBn84sCS9zMQWRSC8wE+svrFLSKt5np9Pp/cKyStKK2LMwBUB+MCgYEA27Cv -LU51/EaoO2feLP+E7tGhLwQrY/oGQD1elh5hwMvBn7Ji3hlqInVhxHwnrr9/pAOD -47FUyWnarHPktXSj2pa1kujCxUpNfP7k1AdOCBRCZ/LyKcQCgYvWxU3AFm3YcyTV -wGziPlMsq7QF7ysB9meBqvXuCgdxwa4Z0IzkLPMCgYARlXS34EozirmQ7Gf+qR8n -2+3m1VZsuJ8JsAci+HJDgX790jkcy8S+tkbKbe46QMLvKZiO++Dl2XmrcZDVAglR -Z41i6I0lELv5OsD0lO2zLcl58A3wEp5VMvxakL02ztG3qBnJvjQ/pta2/qXYQlOn -s1FddxEIZL8BXX/4NEz06wKBgQC4AM1ISj4h9WA0mXOKBt3lVSkGgxyAmUohBgWy -AHJpk39x7WxHj8vIXr5rXn2yLGyRB+ywibd1FzbzWAJIRRB0JeSgzllL+0bZmXg5 -aoDd3XIdNGvFtYlPzbst+EgZwRkYn9J0X/5Cq1Fv4tFRl5kGM310npUoS0HpMZQn -i8oVJwKBgQDeRntjGwOi8S/yy7UP8nrJfNNZLX/Fl6fbMRj5F6pdzYlKtSAtF2c8 -1uEJd2KMk/nxWIR9SRO3XkT/BPBw3on4xqITWUWWJZ2TBw+uIFOGVGAJlblvCygM -N0vYKa+o2gyTXOxci1Cpf36Rg3TQsi3fz3a7Es42n79Tqs2jvwlFcg== ------END RSA PRIVATE KEY----- diff --git a/Tests/certs/openldapCA.crt b/Tests/certs/openldapCA.crt deleted file mode 100644 index 425cfac..0000000 --- a/Tests/certs/openldapCA.crt +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEqDCCApACCQD5KD/g/VvPQTANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDDAts -b2NhbGhvc3RDQTAeFw0yMTAzMjQxMDU4MjVaFw0zMTAzMjIxMDU4MjVaMBYxFDAS -BgNVBAMMC2xvY2FsaG9zdENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC -AgEA6xfQIr6o+CXdvvtcdxDvkfiaXB5Ufee+1XISqaSMIxGauMGKm+suGiA1pRg8 -OoBMyuY/5vpelheVV9vPpZQFMrukbw1C0T0NyQ8QE2ulqJBd2fhEqNPeuIw2/o9P -BOXZfJkSLctnEVQQO8O5njpymhX6ARmT9diyUjVJXExfLUFU0S3PdJiRPHIvYE5q -PehzET85g9RJF0KBjS1KSGVWtc7bynT3EbMdt2dqEWYnQP6HBJII64yP1ogNemar -MiSD1rvXA38EBOpezFHJTMSFvMypLRJjgioSbETQuqb32bBlZfsFcAIV9XJHmB3D -CcOTfrFdmaE/b4ndyHIXgd+1wi05d9hNgIn1O/j+Df/Qo0x3XkriHrzALjQvN5xF -gumxrZzmZVxCVSEVyTYm0mTmB8U6UwmFCxG2qQijlHRPbiQGzXal4G9MHVMHxTuZ -i9ldek8MXv9HDLKSJpf0wQKCShXI6CkKoJB587tdn/BYxxr70PKRXF1RsSyAaIvb -d8YxvNlBVJ8Qm4cIH/s1GwOwecyf05s6/HXJp0XrMnEvjm94O5bpYFgW8Ki7qtuQ -ZgvPYLB4/GFYabHlE0uoQ80VSgCdCgY1aQQ/yx0DhOylEqbAAzscWE6sdwLi1snC -qN224FLbHqbbiY0v589DDyceghIK/AVLZQQ429J+2oAmv4MCAwEAATANBgkqhkiG -9w0BAQsFAAOCAgEAo6XBT06BWp+5m2DQG6u5fBAk6ebMC9G2UpbbL6gztb2hesYI -ALpxHnZAV1LWP/RqCDmW5gBOfqOymV8VdGHixjxbNe/AQy/EWTIToAEaSr4zsIn1 -gOj3bg5zg/6lfnvAU0N4wirFI3hLuH7HKEWCBZy4WJ5BIOYeZ1174KqLCkS/a2+u -hklYBsOhzQHTGW9vVlR4cGvLVpIBV/fT74Eg4bxe7IYZW9iOULfOIV7am5FdRKZW -hq/4sX+O4/7angVbp/RBOr/AHsizj/nABAQr6KsyUi6c7KbbNpEiUW29/NoMZ+Wp -xGGinPc1MyIvDgcN6GXqMX1cIv2s5/NHu9eqE6FOHxtKAd3WlRSvthsj+LK5oWdV -K/d0QqC4tG7BhXOMw6TCbaMci1EJsOXMLOdZdyeuWeg+In9lu1bcG4hdm82Mg+nM -J5kVPqQsubQGIWbuWgYyIeMrXqcO6SCGXLEHAbNIlIEyajcK5zhsGPoyJWr2Ol2S -fNLou26bZO4Rv2zvYZC7M9V8PiOruakRmvcUqBrd+XlKM93OOs3yR9F7+2S0UGeq -3nX1cpl3BCjTcKKpubMFsHHqK9u/1HzsTuy2/6JJWPC+xIy+z7ovOpYnk+r5bigi -1F5RosbdywE/nDLbkOaXiCiuy/gjYC3pQjd4Zyo4jQBi1ApoodrtTWw7kTU= ------END CERTIFICATE----- diff --git a/Tests/certs/openldapCA.key b/Tests/certs/openldapCA.key deleted file mode 100644 index 23939ac..0000000 --- a/Tests/certs/openldapCA.key +++ /dev/null @@ -1,51 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIJKgIBAAKCAgEA6xfQIr6o+CXdvvtcdxDvkfiaXB5Ufee+1XISqaSMIxGauMGK -m+suGiA1pRg8OoBMyuY/5vpelheVV9vPpZQFMrukbw1C0T0NyQ8QE2ulqJBd2fhE -qNPeuIw2/o9PBOXZfJkSLctnEVQQO8O5njpymhX6ARmT9diyUjVJXExfLUFU0S3P -dJiRPHIvYE5qPehzET85g9RJF0KBjS1KSGVWtc7bynT3EbMdt2dqEWYnQP6HBJII -64yP1ogNemarMiSD1rvXA38EBOpezFHJTMSFvMypLRJjgioSbETQuqb32bBlZfsF -cAIV9XJHmB3DCcOTfrFdmaE/b4ndyHIXgd+1wi05d9hNgIn1O/j+Df/Qo0x3Xkri -HrzALjQvN5xFgumxrZzmZVxCVSEVyTYm0mTmB8U6UwmFCxG2qQijlHRPbiQGzXal -4G9MHVMHxTuZi9ldek8MXv9HDLKSJpf0wQKCShXI6CkKoJB587tdn/BYxxr70PKR -XF1RsSyAaIvbd8YxvNlBVJ8Qm4cIH/s1GwOwecyf05s6/HXJp0XrMnEvjm94O5bp -YFgW8Ki7qtuQZgvPYLB4/GFYabHlE0uoQ80VSgCdCgY1aQQ/yx0DhOylEqbAAzsc -WE6sdwLi1snCqN224FLbHqbbiY0v589DDyceghIK/AVLZQQ429J+2oAmv4MCAwEA -AQKCAgEAqeKgbqs2sXOzpXJBZG1hoitzaIQmbIGOfvIbGGonNqRfGYoK3xd5Tjne -ajp0M5ZJaAoxPXnJ5k6Ohln62N15UCsW7YU4trmW/6cZ597PbFs+5ueovhO1C8mP -aC8pXBG5M3fuEhe9mGEWBgovVW9JJ54f9rGEIZGBczS8ma06zho675paIxipQ3QE -VmT0E16p4Fm+90vtsZhGxD1pQ52vplwgqlIRxMGaBNH/bSlTznzgFuZs+cKuosnY -a45LwkVu3DsLaqRbxC2VabLkc8xEFKYUztROAl7ix0iHSYqk6rO04pgeWs23DpKR -uBQxwBmLuW70g7NpgvGuyk3gPOLrlU6v1OUpcDOudS7xh8F88a7ZRybzaY6WfB8/ -po7Po39I3UJWn+eMEFxxbyh0o9MRUmcDstDW4uncvv/yp35yk6nHwLQSR4Gc6sRf -8UqOM9PxfKxAZbT4bbUR262EBrv4VLuQZ5HgRtuunudpEAwRT31zQTzoQmnV4yFW -w++yH02ceYzAjSGlPECJ2o6L4+s8bIc1pJhdD2DMFVOMQNJyVVPiO2nkRtlOOLpz -CXhXiJB8lKWuE0wsdNunR8y6kvqiWDquZYMmSmQjsQ42RGgxJnyw2ixy1XX9zk9B -wVPzGxONwKvk5EWqreqPQsw7lE99zD/x9Q2w5/eQW6AH4lMZKBkCggEBAPrx0UBe -IjCztn5mmhJqC8dN+jqzn7LPd2ZM20UBrPrRuKlSs5kVGScEb2x39bp3lczjkeju -BCb/JNuq/CYGl0e1w7yIQbKRK2YzdpywZXvBNm/A1+PJUNq9jwa+5XVDkImjfwea -JyzyULhLnq5ohJJBWsOC4OnqbnxZ00TbcSn2fTaUCGpBmcVzMHA5a+8UvKuHhwBZ -N7tCt6bfyCEO1+aWIQo443KRtQJDYLFez+6EBjbLW5sz4zy9nKMpgxQhdjJOpyYP -jvWaE7yQ/KSqDH55/5hMvr1ES/lkJqKphY/EvAQ5Wtw7x2zAIi1MIRQl4/2UuSVR -f7OuncfdciEMou8CggEBAO/UPsOp9E1yXGqXwziHPYOT/Nq5MDXLh/S+6C3eUuHR -jFZdCbFs1gwwLNduLZJdgdVdWDr0S5F9YtdrdxrDnqLIimVCjCXyR34vcMlNtkrQ -T8FHHfk0BTsrhmWz9MuoI7I6LvBN04PmoVSpUxXrYC3j1lHyTpLbQJhNWDgxrlFm -DHGnW46QttY/Gzpn8tPDCyjxW+LpjcbhsauslZHQl/iBEU+U6QqpUI4hTfUbJ2uL -Os7w5Pld4Kt1DqqwEETbOkMP4ZP4DELoTkyjy38PTqr1/dsZO/52OesLlG3uBfnZ -BAhfkWMty8Y2TdJzNfNvTW+2Hz5eGCVEXpzzIyHdnK0CggEAAfvDUaTs1EG3YYxi -D18zNKITJj+hNYKaSP62hPccbOcXdI8oyD74ceyBDPRtxsmHL5Vk49htw/kkS3Aw -igRnUbPIFkdlbYnkM+yYNWjXhIDkc0Gs8yn2L6Rr6vu7SI/+JnhaWq8HPD22EZ7X -ZD2DPryxgPYZ3P9zXBxBpTuuy0wddT76Sgy2sG7WpSxvA/a//wMVOBV8cUh3tyPx -qwE5B6OMI06Lza4FJj1uGDjNn+7/NZOp57IjS6mcAVYkqRYSnxcsDwr0cFCFc2oZ -9Rs6+gzwzj1dDJXrm88E1yhL2/UMH2RsqWz3iI6ENqNxZ31dLfXs+LSKM9tfd+Ly -MfytlQKCAQEAjc2zJsHwv3IlDqmZNm1Qg+IWmcTxqn0jcCUI50YTP45FKjNsrcmq -bh52BRMSQv6i6+N7bbBQlj/LF5BlJiAQRjPJEMJeV3l/qC6ow339kRLGdYN1R4no -penAV5Yl4d0S7ijU5CVAMTdGoOZVSBqaDcgvSti4eMDG2sawqNlHNr3eEb1gt1T9 -poQ9tzULMQacLKM5L1vlBnkgMl+jOEpb8QVvlNx5RmKCTOeITqq1jjMOnJl26bMG -Spq2B1p+5BezxT84o+MAbPcqhMo8Ym5Ml21HoiqzfGuvJzj7lFwukGIurjzDnB7R -4+rr7MlOVxeyc6D9rES6hh58ytRAK5/7KQKCAQEAuJ1UHP5juT1tp03wuWR+ZNrC -9OdUVEdHkHRpI6GeVXwDFsC5FqsOjABltJwk/HCbgZsR6j5LCGmtQmo7CgjFohNY -rCIJJjGDvwttV2BI4ZovW8BZtwolEgb1IbFgKMTmW+VwzRwa9TvdiT9ImdSPsNtd -ofnTl+jDXZcI2xjTrdlRwmy51AZXV7qzN0iQU85Lq8gh0tBMHKEyWpR9LCA1/YjP -VWLgh3lBoaNZDK4PILaXelQjRNE6jvJJBeFMbEm0dOjc7qTfjFtmbZl4WZ75Ze2W -z/luzHSbyMqJJocmYb9eI7PFvlFxPh/rI30+BxrlhpCYa4gQRgGzcw9+dB0law== ------END RSA PRIVATE KEY----- From ed5480f392ebf328a0eca545edd7e8ff60c2bb29 Mon Sep 17 00:00:00 2001 From: Dan Barrett Date: Sun, 28 Mar 2021 15:29:25 +1100 Subject: [PATCH 23/25] Temp 16 --- .github/workflows/continuous-integration.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 3cb55b2..ceb1ce8 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -73,9 +73,9 @@ jobs: options: --name=ldaprecord steps: -# - name: "Test" -# run: | -# sudo chown -R $USER:$USER ${{ github.workspace }} + - name: "Make current user owner of workspace" + run: | + sudo chown -R $USER:$USER ${{ github.workspace }} - name: "Checkout" uses: "actions/checkout@v2" From 7bfbcf4c954a5aec87fe11abf53756a1db447174 Mon Sep 17 00:00:00 2001 From: Dan Barrett Date: Sun, 28 Mar 2021 15:45:46 +1100 Subject: [PATCH 24/25] Temp 17 --- Tests/TestCase.php | 16 ++++++++-------- phpcs.xml.dist | 4 ++++ 2 files changed, 12 insertions(+), 8 deletions(-) diff --git a/Tests/TestCase.php b/Tests/TestCase.php index 1d580ef..e3c17fb 100644 --- a/Tests/TestCase.php +++ b/Tests/TestCase.php @@ -31,22 +31,22 @@ protected function getLdapConfig(): array protected function getLdapsConfig(): array { - putenv("TLS_REQCERT=allow"); + putenv('TLS_REQCERT=allow'); - @ldap_set_option(null, \LDAP_OPT_DEBUG_LEVEL, 7); -// @ldap_set_option(null, \LDAP_OPT_X_TLS_CERTFILE, './certs/openldap.crt'); -// @ldap_set_option(null, \LDAP_OPT_X_TLS_KEYFILE, './certs/openldap.key'); +// @ldap_set_option(null, \LDAP_OPT_DEBUG_LEVEL, 7); @ldap_set_option(null, \LDAP_OPT_X_TLS_REQUIRE_CERT, \LDAP_OPT_X_TLS_ALLOW); /** @var resource|null $h */ $h = @ldap_connect((string) getenv('LDAP_HOST'), (int) getenv('LDAPS_PORT')); @ldap_set_option($h, \LDAP_OPT_PROTOCOL_VERSION, 3); @ldap_set_option($h, \LDAP_OPT_REFERRALS, 0); - @ldap_get_option($h, LDAP_OPT_DIAGNOSTIC_MESSAGE, $extended_error); - @ldap_start_tls($h); + if (\is_resource($h)) { + @ldap_get_option($h, \LDAP_OPT_DIAGNOSTIC_MESSAGE, $extendedError); + @ldap_start_tls($h); + } if (!\is_resource($h) || !@ldap_bind($h)) { - dump(@ldap_error($h)); - dump($extended_error); +// dump(@ldap_error($h)); +// dump($extendedError); self::markTestSkipped(\sprintf( 'No server is listening on LDAP_HOST:LDAPS_PORT (%s:%s)', getenv('LDAP_HOST'), diff --git a/phpcs.xml.dist b/phpcs.xml.dist index ec27d43..49c2517 100644 --- a/phpcs.xml.dist +++ b/phpcs.xml.dist @@ -48,6 +48,10 @@ Tests + + Tests + + From 6ef497db724b799726a48d23600fc311a9ba9557 Mon Sep 17 00:00:00 2001 From: Dan Barrett Date: Sun, 28 Mar 2021 15:49:37 +1100 Subject: [PATCH 25/25] Temp 18 --- .github/workflows/coding-standards.yml | 3 +- .github/workflows/continuous-integration.yml | 44 ++++++++++---------- .github/workflows/static-analysis.yml | 6 ++- 3 files changed, 28 insertions(+), 25 deletions(-) diff --git a/.github/workflows/coding-standards.yml b/.github/workflows/coding-standards.yml index a808734..187fb35 100644 --- a/.github/workflows/coding-standards.yml +++ b/.github/workflows/coding-standards.yml @@ -30,4 +30,5 @@ jobs: uses: "ramsey/composer-install@v1" - name: "Run PHP_CodeSniffer" - run: "vendor/bin/phpcs -q --no-colors --report=checkstyle | cs2pr" + run: | + vendor/bin/phpcs -q --no-colors --report=checkstyle | cs2pr diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index ceb1ce8..75325a2 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -26,28 +26,27 @@ jobs: - php-version: 7.2 composer-flags: "--prefer-lowest --prefer-stable" symfony-require: "4.4.*" - # Temp comment out during Docker testing -# - php-version: 7.3 -# composer-flags: "--prefer-stable" -# symfony-require: "4.4.*" -# - php-version: 7.4 -# composer-flags: "--prefer-stable" -# symfony-require: "4.4.*" -# - php-version: 7.4 -# composer-flags: "--prefer-stable" -# symfony-require: "5.0.*" -# - php-version: 7.4 -# composer-flags: "--prefer-stable" -# symfony-require: "5.1.*" -# - php-version: 7.4 -# composer-flags: "--prefer-stable" -# symfony-require: "5.2.*" -# - php-version: 8.0 -# composer-flags: "--prefer-stable" -# symfony-require: "5.2.*" -# - php-version: 8.1 -# composer-flags: "--ignore-platform-reqs" -# symfony-require: "5.2.*" + - php-version: 7.3 + composer-flags: "--prefer-stable" + symfony-require: "4.4.*" + - php-version: 7.4 + composer-flags: "--prefer-stable" + symfony-require: "4.4.*" + - php-version: 7.4 + composer-flags: "--prefer-stable" + symfony-require: "5.0.*" + - php-version: 7.4 + composer-flags: "--prefer-stable" + symfony-require: "5.1.*" + - php-version: 7.4 + composer-flags: "--prefer-stable" + symfony-require: "5.2.*" + - php-version: 8.0 + composer-flags: "--prefer-stable" + symfony-require: "5.2.*" + - php-version: 8.1 + composer-flags: "--ignore-platform-reqs" + symfony-require: "5.2.*" services: ldap: @@ -73,6 +72,7 @@ jobs: options: --name=ldaprecord steps: + # Required as ./Tests/certs is created during ldap service build. - name: "Make current user owner of workspace" run: | sudo chown -R $USER:$USER ${{ github.workspace }} diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml index 703ff97..ecf01dd 100644 --- a/.github/workflows/static-analysis.yml +++ b/.github/workflows/static-analysis.yml @@ -30,7 +30,9 @@ jobs: uses: "ramsey/composer-install@v1" - name: "Run a static analysis with phpstan/phpstan" - run: "vendor/bin/phpstan analyse" + run: | + vendor/bin/phpstan analyse - name: "Run a static analysis with vimeo/psalm" - run: "vendor/bin/psalm --output-format=github" + run: | + vendor/bin/psalm --output-format=github