sso: remove openldap bootstrap job

2026-01-02 13:50:02 -03:00 · 2026-01-02 13:50:02 -03:00 · d70b685f27
commit d70b685f27
parent 2c86a6d95f
2 changed files with 0 additions and 70 deletions
--- a/services/openldap/bootstrap-job.yaml
+++ b/services/openldap/bootstrap-job.yaml
@ -1,69 +0,0 @@
 # services/openldap/bootstrap-job.yaml
 apiVersion: batch/v1
 kind: Job
 metadata:
  name: openldap-bootstrap-3
  namespace: sso
 spec:
  backoffLimit: 3
  template:
    spec:
      restartPolicy: OnFailure
      nodeSelector:
        kubernetes.io/arch: arm64
        node-role.kubernetes.io/worker: "true"
      containers:
        - name: bootstrap
          image: docker.io/osixia/openldap:1.5.0
          imagePullPolicy: IfNotPresent
          env:
            - name: LDAP_DOMAIN
              value: bstein.dev
            - name: LDAP_ADMIN_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: openldap-admin
                  key: LDAP_ADMIN_PASSWORD
          command: ["/bin/sh", "-c"]
          args:
            - |
              set -eu
              base_dn="dc=bstein,dc=dev"
              admin_dn="cn=admin,${base_dn}"
              ldap_uri="ldap://openldap-0.openldap.sso.svc.cluster.local:389"
              echo "Waiting for OpenLDAP..."
              i=0
              while [ "${i}" -lt 60 ]; do
                if ldapsearch -x -H "${ldap_uri}" -b "${base_dn}" -s base '(objectClass=*)' dn >/dev/null 2>&1; then
                  echo "OpenLDAP is ready"
                  break
                fi
                sleep 2
                i=$((i+1))
              done
              if ! ldapsearch -x -H "${ldap_uri}" -b "${base_dn}" -s base '(objectClass=*)' dn >/dev/null 2>&1; then
                echo "OpenLDAP did not become ready in time" >&2
                exit 1
              fi
              ensure_ou() {
                ou_name="${1}"
                ou_dn="ou=${ou_name},${base_dn}"
                if ldapsearch -x -H "${ldap_uri}" -D "${admin_dn}" -w "${LDAP_ADMIN_PASSWORD}" -b "${ou_dn}" -s base '(objectClass=organizationalUnit)' dn >/dev/null 2>&1; then
                  echo "OU ${ou_name} exists"
                  return 0
                fi
                echo "Creating OU ${ou_name}"
                cat <<EOF | ldapadd -x -H "${ldap_uri}" -D "${admin_dn}" -w "${LDAP_ADMIN_PASSWORD}"
              dn: ${ou_dn}
              objectClass: organizationalUnit
              ou: ${ou_name}
              EOF
              }
              ensure_ou users
              ensure_ou groups
--- a/services/openldap/kustomization.yaml
+++ b/services/openldap/kustomization.yaml
@ -5,4 +5,3 @@ namespace: sso
 resources:
  - service.yaml
  - statefulset.yaml
  - bootstrap-job.yaml