external-software/github_OpenIdentityPlatform_OpenDJ.git

parent: 9828ff5c | patch | commit | ignore whitespace

Docker base DN entry creation opt-in and improves bootstrap LDIF loading re...

Valery Kharseko

5 hours ago b49cc974037aa8935cb51727e22a069eab54d6be

Docker base DN entry creation opt-in and improves bootstrap LDIF loading resilience (#644)

5 files modified

	.github/workflows/build.yml	4 ●●●●● patch \| view \| raw \| blame \| history
	opendj-packages/opendj-docker/Dockerfile	6 ●●●●● patch \| view \| raw \| blame \| history
	opendj-packages/opendj-docker/Dockerfile-alpine	6 ●●●●● patch \| view \| raw \| blame \| history
	opendj-packages/opendj-docker/README.md	2 ●●●●● patch \| view \| raw \| blame \| history
	opendj-packages/opendj-docker/bootstrap/setup.sh	2 ●●●●● patch \| view \| raw \| blame \| history

 .github/workflows/build.yml

@@ -365,7 +365,7 @@
      - name: Docker test custom password
        shell: bash
        run: |
          docker run --rm -it -d --memory="512m" -e ROOT_PASSWORD=custom_password --name=test_custom localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}
          docker run --rm -it -d --memory="512m" -e ADD_BASE_ENTRY="--addBaseEntry" -e ROOT_PASSWORD=custom_password --name=test_custom localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}
          timeout 3m bash -c 'until docker inspect --format="{{json .State.Health.Status}}" test_custom | grep -q \"healthy\"; do sleep 10; done'
          docker exec test_custom 'sh' '-c' '/opt/opendj/bin/ldapsearch --hostname localhost --port 1636 --bindDN "cn=Directory Manager" --bindPassword custom_password --useSsl --trustAll --baseDN "dc=example,dc=com" --searchScope base "(objectClass=*)" 1.1'
          docker kill test_custom
@@ -437,7 +437,7 @@
      - name: Docker test custom password
        shell: bash
        run: |
          docker run --rm -it -d --memory="1g" -e ROOT_PASSWORD=custom_password --name=test_custom localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}-alpine
          docker run --rm -it -d --memory="1g" -e ADD_BASE_ENTRY="--addBaseEntry" -e ROOT_PASSWORD=custom_password --name=test_custom localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}-alpine
          timeout 3m bash -c 'until docker inspect --format="{{json .State.Health.Status}}" test_custom | grep -q \"healthy\"; do sleep 10; done'
          docker exec test_custom 'sh' '-c' '/opt/opendj/bin/ldapsearch --hostname localhost --port 1636 --bindDN "cn=Directory Manager" --bindPassword custom_password --useSsl --trustAll --baseDN "dc=example,dc=com" --searchScope base "(objectClass=*)" 1.1'
          docker kill test_custom

 opendj-packages/opendj-docker/Dockerfile

@@ -10,13 +10,13 @@
# Header, with the fields enclosed by brackets [] replaced by your own identifying
# information: "Portions copyright [year] [name of copyright owner]".
#
# Copyright 2026 3A Systems, LLC.
# Copyright 2018-2026 3A Systems, LLC.

FROM eclipse-temurin:25-jre-jammy

LABEL org.opencontainers.image.authors="Open Identity Platform Community"

ENV ADD_BASE_ENTRY="--addBaseEntry"
#ENV ADD_BASE_ENTRY="--addBaseEntry" use during setup to add a base entry
ENV PORT=1389
ENV LDAPS_PORT=1636
ENV ADMIN_PORT=4444
@@ -65,6 +65,6 @@

USER $OPENDJ_USER

HEALTHCHECK --interval=30s --timeout=30s --start-period=1s --retries=3 CMD opendj/bin/ldapsearch --hostname localhost --port $LDAPS_PORT --bindDN "$ROOT_USER_DN" --bindPassword "${ROOT_PASSWORD:-password}" --useSsl --trustAll --baseDN "$BASE_DN" --searchScope base "(objectClass=*)" 1.1 || exit 1
HEALTHCHECK --interval=30s --timeout=30s --start-period=1s --retries=3 CMD opendj/bin/ldapsearch --hostname localhost --port $LDAPS_PORT --bindDN "$ROOT_USER_DN" --bindPassword "${ROOT_PASSWORD:-password}" --useSsl --trustAll --baseDN "" --searchScope base "(objectClass=*)" 1.1 || exit 1

ENTRYPOINT ["/opt/opendj/run.sh"]

 opendj-packages/opendj-docker/Dockerfile-alpine

@@ -10,13 +10,13 @@
# Header, with the fields enclosed by brackets [] replaced by your own identifying
# information: "Portions copyright [year] [name of copyright owner]".
#
# Copyright 2026 3A Systems, LLC.
# Copyright 2018-2026 3A Systems, LLC.

FROM alpine:latest

LABEL org.opencontainers.image.authors="Open Identity Platform Community"

ENV ADD_BASE_ENTRY="--addBaseEntry"
#ENV ADD_BASE_ENTRY="--addBaseEntry" use during setup to add a base entry
ENV PORT=1389
ENV LDAPS_PORT=1636
ENV ADMIN_PORT=4444
@@ -67,6 +67,6 @@

USER $OPENDJ_USER

HEALTHCHECK --interval=30s --timeout=30s --start-period=1s --retries=3 CMD opendj/bin/ldapsearch --hostname localhost --port $LDAPS_PORT --bindDN "$ROOT_USER_DN" --bindPassword "${ROOT_PASSWORD:-password}" --useSsl --trustAll --baseDN "$BASE_DN" --searchScope base "(objectClass=*)" 1.1 || exit 1
HEALTHCHECK --interval=30s --timeout=30s --start-period=1s --retries=3 CMD opendj/bin/ldapsearch --hostname localhost --port $LDAPS_PORT --bindDN "$ROOT_USER_DN" --bindPassword "${ROOT_PASSWORD:-password}" --useSsl --trustAll --baseDN "" --searchScope base "(objectClass=*)" 1.1 || exit 1

ENTRYPOINT ["/opt/opendj/run.sh"]

 opendj-packages/opendj-docker/README.md

@@ -16,7 +16,7 @@

| Variable                | Default Value                   | Description                                                                                                                                                                                                                                             |
|-------------------------|---------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| ADD_BASE_ENTRY          | --addBaseEntry                  | if set, creates base DN entry                                                                                                                                                                                                                           |
| ADD_BASE_ENTRY          |                                 | if set --addBaseEntry , creates base DN entry                                                                                                                                                                                                           |
| PORT                    | 1389                            | LDAP Listener Port                                                                                                                                                                                                                                      |
| LDAPS_PORT              | 1636                            | LDAPS Listener Port                                                                                                                                                                                                                                     |
| BASE_DN                 | dc=example,dc=com               | OpenDJ Base DN                                                                                                                                                                                                                                          |

 opendj-packages/opendj-docker/bootstrap/setup.sh

@@ -83,6 +83,6 @@

  for file in /opt/opendj/bootstrap/data/*; do
    echo "Loading $file ..."
    /opt/opendj/bin/ldapmodify -D "$ROOT_USER_DN" -h localhost -p $PORT -w $ROOT_PASSWORD -f $file
    /opt/opendj/bin/ldapmodify -D "$ROOT_USER_DN" -h localhost -p $PORT -w $ROOT_PASSWORD -f $file --continueOnError
  done
fi

			@@ -365,7 +365,7 @@
			- name: Docker test custom password
			shell: bash
			run: \|
			docker run --rm -it -d --memory="512m" -e ROOT_PASSWORD=custom_password --name=test_custom localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}
			docker run --rm -it -d --memory="512m" -e ADD_BASE_ENTRY="--addBaseEntry" -e ROOT_PASSWORD=custom_password --name=test_custom localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}
			timeout 3m bash -c 'until docker inspect --format="{{json .State.Health.Status}}" test_custom \| grep -q \"healthy\"; do sleep 10; done'
			docker exec test_custom 'sh' '-c' '/opt/opendj/bin/ldapsearch --hostname localhost --port 1636 --bindDN "cn=Directory Manager" --bindPassword custom_password --useSsl --trustAll --baseDN "dc=example,dc=com" --searchScope base "(objectClass=*)" 1.1'
			docker kill test_custom
			@@ -437,7 +437,7 @@
			- name: Docker test custom password
			shell: bash
			run: \|
			docker run --rm -it -d --memory="1g" -e ROOT_PASSWORD=custom_password --name=test_custom localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}-alpine
			docker run --rm -it -d --memory="1g" -e ADD_BASE_ENTRY="--addBaseEntry" -e ROOT_PASSWORD=custom_password --name=test_custom localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}-alpine
			timeout 3m bash -c 'until docker inspect --format="{{json .State.Health.Status}}" test_custom \| grep -q \"healthy\"; do sleep 10; done'
			docker exec test_custom 'sh' '-c' '/opt/opendj/bin/ldapsearch --hostname localhost --port 1636 --bindDN "cn=Directory Manager" --bindPassword custom_password --useSsl --trustAll --baseDN "dc=example,dc=com" --searchScope base "(objectClass=*)" 1.1'
			docker kill test_custom

			@@ -10,13 +10,13 @@
			# Header, with the fields enclosed by brackets [] replaced by your own identifying
			# information: "Portions copyright [year] [name of copyright owner]".
			#
			# Copyright 2026 3A Systems, LLC.
			# Copyright 2018-2026 3A Systems, LLC.

			FROM eclipse-temurin:25-jre-jammy

			LABEL org.opencontainers.image.authors="Open Identity Platform Community"

			ENV ADD_BASE_ENTRY="--addBaseEntry"
			#ENV ADD_BASE_ENTRY="--addBaseEntry" use during setup to add a base entry
			ENV PORT=1389
			ENV LDAPS_PORT=1636
			ENV ADMIN_PORT=4444
			@@ -65,6 +65,6 @@

			USER $OPENDJ_USER

			HEALTHCHECK --interval=30s --timeout=30s --start-period=1s --retries=3 CMD opendj/bin/ldapsearch --hostname localhost --port $LDAPS_PORT --bindDN "$ROOT_USER_DN" --bindPassword "${ROOT_PASSWORD:-password}" --useSsl --trustAll --baseDN "$BASE_DN" --searchScope base "(objectClass=*)" 1.1 \|\| exit 1
			HEALTHCHECK --interval=30s --timeout=30s --start-period=1s --retries=3 CMD opendj/bin/ldapsearch --hostname localhost --port $LDAPS_PORT --bindDN "$ROOT_USER_DN" --bindPassword "${ROOT_PASSWORD:-password}" --useSsl --trustAll --baseDN "" --searchScope base "(objectClass=*)" 1.1 \|\| exit 1

			ENTRYPOINT ["/opt/opendj/run.sh"]

			@@ -16,7 +16,7 @@

			\| Variable \| Default Value \| Description \|
			\|-------------------------\|---------------------------------\|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------\|
			\| ADD_BASE_ENTRY \| --addBaseEntry \| if set, creates base DN entry \|
			\| ADD_BASE_ENTRY \| \| if set --addBaseEntry , creates base DN entry \|
			\| PORT \| 1389 \| LDAP Listener Port \|
			\| LDAPS_PORT \| 1636 \| LDAPS Listener Port \|
			\| BASE_DN \| dc=example,dc=com \| OpenDJ Base DN \|

			@@ -83,6 +83,6 @@

			for file in /opt/opendj/bootstrap/data/*; do
			echo "Loading $file ..."
			/opt/opendj/bin/ldapmodify -D "$ROOT_USER_DN" -h localhost -p $PORT -w $ROOT_PASSWORD -f $file
			/opt/opendj/bin/ldapmodify -D "$ROOT_USER_DN" -h localhost -p $PORT -w $ROOT_PASSWORD -f $file --continueOnError
			done
			fi