From 8651ada4d9b4dfa55078dcd74f7dc92b7a3d0c37 Mon Sep 17 00:00:00 2001
From: Brad Stein <Brad.Stein@gmail.com>
Date: Fri, 2 Jan 2026 13:25:30 -0300
Subject: [PATCH] sso: fix openldap bootstrap job

---
 services/openldap/bootstrap-job.yaml | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/services/openldap/bootstrap-job.yaml b/services/openldap/bootstrap-job.yaml
index 2f94f88..31fa382 100644
--- a/services/openldap/bootstrap-job.yaml
+++ b/services/openldap/bootstrap-job.yaml
@@ -2,7 +2,7 @@
 apiVersion: batch/v1
 kind: Job
 metadata:
-  name: openldap-bootstrap-1
+  name: openldap-bootstrap-2
   namespace: sso
 spec:
   backoffLimit: 3
@@ -29,18 +29,24 @@ spec:
             - |
               set -euo pipefail
 
-              domain="${LDAP_DOMAIN}"
-              base_dn="$(printf '%s' "${domain}" | awk -F. '{for (i=1;i<=NF;i++) printf("%sdc=%s", (i==1?"":","), $i)}')"
+              base_dn="dc=bstein,dc=dev"
               admin_dn="cn=admin,${base_dn}"
-              ldap_uri="ldap://openldap.sso.svc.cluster.local:389"
+              ldap_uri="ldap://openldap-0.openldap.sso.svc.cluster.local:389"
 
               echo "Waiting for OpenLDAP..."
-              for i in $(seq 1 60); do
+              i=0
+              while [ "${i}" -lt 60 ]; do
                 if ldapsearch -x -H "${ldap_uri}" -b "${base_dn}" -s base '(objectClass=*)' dn >/dev/null 2>&1; then
+                  echo "OpenLDAP is ready"
                   break
                 fi
                 sleep 2
+                i=$((i+1))
               done
+              if ! ldapsearch -x -H "${ldap_uri}" -b "${base_dn}" -s base '(objectClass=*)' dn >/dev/null 2>&1; then
+                echo "OpenLDAP did not become ready in time" >&2
+                exit 1
+              fi
 
               ensure_ou() {
                 local ou_name="${1}"