From b49cc974037aa8935cb51727e22a069eab54d6be Mon Sep 17 00:00:00 2001
From: Valery Kharseko <vharseko@3a-systems.ru>
Date: Sat, 16 May 2026 05:52:01 +0000
Subject: [PATCH] Docker base DN entry creation opt-in and improves bootstrap LDIF loading resilience (#644)
---
opendj-packages/opendj-docker/Dockerfile-alpine | 6 +++---
opendj-packages/opendj-docker/README.md | 2 +-
opendj-packages/opendj-docker/bootstrap/setup.sh | 2 +-
.github/workflows/build.yml | 4 ++--
opendj-packages/opendj-docker/Dockerfile | 6 +++---
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 72e7936..58927fe 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -365,7 +365,7 @@
- name: Docker test custom password
shell: bash
run: |
- docker run --rm -it -d --memory="512m" -e ROOT_PASSWORD=custom_password --name=test_custom localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}
+ docker run --rm -it -d --memory="512m" -e ADD_BASE_ENTRY="--addBaseEntry" -e ROOT_PASSWORD=custom_password --name=test_custom localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}
timeout 3m bash -c 'until docker inspect --format="{{json .State.Health.Status}}" test_custom | grep -q \"healthy\"; do sleep 10; done'
docker exec test_custom 'sh' '-c' '/opt/opendj/bin/ldapsearch --hostname localhost --port 1636 --bindDN "cn=Directory Manager" --bindPassword custom_password --useSsl --trustAll --baseDN "dc=example,dc=com" --searchScope base "(objectClass=*)" 1.1'
docker kill test_custom
@@ -437,7 +437,7 @@
- name: Docker test custom password
shell: bash
run: |
- docker run --rm -it -d --memory="1g" -e ROOT_PASSWORD=custom_password --name=test_custom localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}-alpine
+ docker run --rm -it -d --memory="1g" -e ADD_BASE_ENTRY="--addBaseEntry" -e ROOT_PASSWORD=custom_password --name=test_custom localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}-alpine
timeout 3m bash -c 'until docker inspect --format="{{json .State.Health.Status}}" test_custom | grep -q \"healthy\"; do sleep 10; done'
docker exec test_custom 'sh' '-c' '/opt/opendj/bin/ldapsearch --hostname localhost --port 1636 --bindDN "cn=Directory Manager" --bindPassword custom_password --useSsl --trustAll --baseDN "dc=example,dc=com" --searchScope base "(objectClass=*)" 1.1'
docker kill test_custom
diff --git a/opendj-packages/opendj-docker/Dockerfile b/opendj-packages/opendj-docker/Dockerfile
index f49c067..4aa8ba5 100644
--- a/opendj-packages/opendj-docker/Dockerfile
+++ b/opendj-packages/opendj-docker/Dockerfile
@@ -10,13 +10,13 @@
# Header, with the fields enclosed by brackets [] replaced by your own identifying
# information: "Portions copyright [year] [name of copyright owner]".
#
-# Copyright 2026 3A Systems, LLC.
+# Copyright 2018-2026 3A Systems, LLC.
FROM eclipse-temurin:25-jre-jammy
LABEL org.opencontainers.image.authors="Open Identity Platform Community"
-ENV ADD_BASE_ENTRY="--addBaseEntry"
+#ENV ADD_BASE_ENTRY="--addBaseEntry" use during setup to add a base entry
ENV PORT=1389
ENV LDAPS_PORT=1636
ENV ADMIN_PORT=4444
@@ -65,6 +65,6 @@
USER $OPENDJ_USER
-HEALTHCHECK --interval=30s --timeout=30s --start-period=1s --retries=3 CMD opendj/bin/ldapsearch --hostname localhost --port $LDAPS_PORT --bindDN "$ROOT_USER_DN" --bindPassword "${ROOT_PASSWORD:-password}" --useSsl --trustAll --baseDN "$BASE_DN" --searchScope base "(objectClass=*)" 1.1 || exit 1
+HEALTHCHECK --interval=30s --timeout=30s --start-period=1s --retries=3 CMD opendj/bin/ldapsearch --hostname localhost --port $LDAPS_PORT --bindDN "$ROOT_USER_DN" --bindPassword "${ROOT_PASSWORD:-password}" --useSsl --trustAll --baseDN "" --searchScope base "(objectClass=*)" 1.1 || exit 1
ENTRYPOINT ["/opt/opendj/run.sh"]
diff --git a/opendj-packages/opendj-docker/Dockerfile-alpine b/opendj-packages/opendj-docker/Dockerfile-alpine
index 415ac37..5794b5d 100644
--- a/opendj-packages/opendj-docker/Dockerfile-alpine
+++ b/opendj-packages/opendj-docker/Dockerfile-alpine
@@ -10,13 +10,13 @@
# Header, with the fields enclosed by brackets [] replaced by your own identifying
# information: "Portions copyright [year] [name of copyright owner]".
#
-# Copyright 2026 3A Systems, LLC.
+# Copyright 2018-2026 3A Systems, LLC.
FROM alpine:latest
LABEL org.opencontainers.image.authors="Open Identity Platform Community"
-ENV ADD_BASE_ENTRY="--addBaseEntry"
+#ENV ADD_BASE_ENTRY="--addBaseEntry" use during setup to add a base entry
ENV PORT=1389
ENV LDAPS_PORT=1636
ENV ADMIN_PORT=4444
@@ -67,6 +67,6 @@
USER $OPENDJ_USER
-HEALTHCHECK --interval=30s --timeout=30s --start-period=1s --retries=3 CMD opendj/bin/ldapsearch --hostname localhost --port $LDAPS_PORT --bindDN "$ROOT_USER_DN" --bindPassword "${ROOT_PASSWORD:-password}" --useSsl --trustAll --baseDN "$BASE_DN" --searchScope base "(objectClass=*)" 1.1 || exit 1
+HEALTHCHECK --interval=30s --timeout=30s --start-period=1s --retries=3 CMD opendj/bin/ldapsearch --hostname localhost --port $LDAPS_PORT --bindDN "$ROOT_USER_DN" --bindPassword "${ROOT_PASSWORD:-password}" --useSsl --trustAll --baseDN "" --searchScope base "(objectClass=*)" 1.1 || exit 1
ENTRYPOINT ["/opt/opendj/run.sh"]
diff --git a/opendj-packages/opendj-docker/README.md b/opendj-packages/opendj-docker/README.md
index 5fcaddb..9c40fc3 100644
--- a/opendj-packages/opendj-docker/README.md
+++ b/opendj-packages/opendj-docker/README.md
@@ -16,7 +16,7 @@
| Variable | Default Value | Description |
|-------------------------|---------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| ADD_BASE_ENTRY | --addBaseEntry | if set, creates base DN entry |
+| ADD_BASE_ENTRY | | if set --addBaseEntry , creates base DN entry |
| PORT | 1389 | LDAP Listener Port |
| LDAPS_PORT | 1636 | LDAPS Listener Port |
| BASE_DN | dc=example,dc=com | OpenDJ Base DN |
diff --git a/opendj-packages/opendj-docker/bootstrap/setup.sh b/opendj-packages/opendj-docker/bootstrap/setup.sh
index e887039..a71782c 100755
--- a/opendj-packages/opendj-docker/bootstrap/setup.sh
+++ b/opendj-packages/opendj-docker/bootstrap/setup.sh
@@ -83,6 +83,6 @@
for file in /opt/opendj/bootstrap/data/*; do
echo "Loading $file ..."
- /opt/opendj/bin/ldapmodify -D "$ROOT_USER_DN" -h localhost -p $PORT -w $ROOT_PASSWORD -f $file
+ /opt/opendj/bin/ldapmodify -D "$ROOT_USER_DN" -h localhost -p $PORT -w $ROOT_PASSWORD -f $file --continueOnError
done
fi
--
Gitblit v1.10.0