Skip to content

Docker base DN entry creation opt-in and improves bootstrap LDIF loading resilience #644

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
vharseko merged 3 commits into from
May 16, 2026
Merged

Docker base DN entry creation opt-in and improves bootstrap LDIF loading resilience #644

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
aa8ae31
Docker base DN entry creation opt-in and improves bootstrap LDIF load…
vharseko May 15, 2026
fd791fe
FIX HEALTHCHECK without create baseDN
vharseko May 15, 2026
8313e5d
Add ADD_BASE_ENTRY environment variable to Docker tests custom passwo…
vharseko May 15, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/workflows/build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -365,7 +365,7 @@ jobs:
- name: Docker test custom password
shell: bash
run: |
docker run --rm -it -d --memory="512m" -e ROOT_PASSWORD=custom_password --name=test_custom localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}
docker run --rm -it -d --memory="512m" -e ADD_BASE_ENTRY="--addBaseEntry" -e ROOT_PASSWORD=custom_password --name=test_custom localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}
timeout 3m bash -c 'until docker inspect --format="{{json .State.Health.Status}}" test_custom | grep -q \"healthy\"; do sleep 10; done'
docker exec test_custom 'sh' '-c' '/opt/opendj/bin/ldapsearch --hostname localhost --port 1636 --bindDN "cn=Directory Manager" --bindPassword custom_password --useSsl --trustAll --baseDN "dc=example,dc=com" --searchScope base "(objectClass=*)" 1.1'
docker kill test_custom
Expand Down Expand Up @@ -437,7 +437,7 @@ jobs:
- name: Docker test custom password
shell: bash
run: |
docker run --rm -it -d --memory="1g" -e ROOT_PASSWORD=custom_password --name=test_custom localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}-alpine
docker run --rm -it -d --memory="1g" -e ADD_BASE_ENTRY="--addBaseEntry" -e ROOT_PASSWORD=custom_password --name=test_custom localhost:5000/${GITHUB_REPOSITORY,,}:${{ env.release_version }}-alpine
timeout 3m bash -c 'until docker inspect --format="{{json .State.Health.Status}}" test_custom | grep -q \"healthy\"; do sleep 10; done'
docker exec test_custom 'sh' '-c' '/opt/opendj/bin/ldapsearch --hostname localhost --port 1636 --bindDN "cn=Directory Manager" --bindPassword custom_password --useSsl --trustAll --baseDN "dc=example,dc=com" --searchScope base "(objectClass=*)" 1.1'
docker kill test_custom
6 changes: 3 additions & 3 deletions opendj-packages/opendj-docker/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,13 +10,13 @@
# Header, with the fields enclosed by brackets [] replaced by your own identifying
# information: "Portions copyright [year] [name of copyright owner]".
#
# Copyright 2026 3A Systems, LLC.
# Copyright 2018-2026 3A Systems, LLC.

FROM eclipse-temurin:25-jre-jammy

LABEL org.opencontainers.image.authors="Open Identity Platform Community"

ENV ADD_BASE_ENTRY="--addBaseEntry"
#ENV ADD_BASE_ENTRY="--addBaseEntry" use during setup to add a base entry
ENV PORT=1389
ENV LDAPS_PORT=1636
ENV ADMIN_PORT=4444
Expand Down Expand Up @@ -65,6 +65,6 @@ EXPOSE $PORT/tcp $LDAPS_PORT/tcp $ADMIN_PORT/tcp

USER $OPENDJ_USER

HEALTHCHECK --interval=30s --timeout=30s --start-period=1s --retries=3 CMD opendj/bin/ldapsearch --hostname localhost --port $LDAPS_PORT --bindDN "$ROOT_USER_DN" --bindPassword "${ROOT_PASSWORD:-password}" --useSsl --trustAll --baseDN "$BASE_DN" --searchScope base "(objectClass=*)" 1.1 || exit 1
HEALTHCHECK --interval=30s --timeout=30s --start-period=1s --retries=3 CMD opendj/bin/ldapsearch --hostname localhost --port $LDAPS_PORT --bindDN "$ROOT_USER_DN" --bindPassword "${ROOT_PASSWORD:-password}" --useSsl --trustAll --baseDN "" --searchScope base "(objectClass=*)" 1.1 || exit 1

ENTRYPOINT ["/opt/opendj/run.sh"]
6 changes: 3 additions & 3 deletions opendj-packages/opendj-docker/Dockerfile-alpine
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,13 +10,13 @@
# Header, with the fields enclosed by brackets [] replaced by your own identifying
# information: "Portions copyright [year] [name of copyright owner]".
#
# Copyright 2026 3A Systems, LLC.
# Copyright 2018-2026 3A Systems, LLC.

FROM alpine:latest

LABEL org.opencontainers.image.authors="Open Identity Platform Community"

ENV ADD_BASE_ENTRY="--addBaseEntry"
#ENV ADD_BASE_ENTRY="--addBaseEntry" use during setup to add a base entry
ENV PORT=1389
ENV LDAPS_PORT=1636
ENV ADMIN_PORT=4444
Expand Down Expand Up @@ -67,6 +67,6 @@ EXPOSE $PORT/tcp $LDAPS_PORT/tcp $ADMIN_PORT/tcp

USER $OPENDJ_USER

HEALTHCHECK --interval=30s --timeout=30s --start-period=1s --retries=3 CMD opendj/bin/ldapsearch --hostname localhost --port $LDAPS_PORT --bindDN "$ROOT_USER_DN" --bindPassword "${ROOT_PASSWORD:-password}" --useSsl --trustAll --baseDN "$BASE_DN" --searchScope base "(objectClass=*)" 1.1 || exit 1
HEALTHCHECK --interval=30s --timeout=30s --start-period=1s --retries=3 CMD opendj/bin/ldapsearch --hostname localhost --port $LDAPS_PORT --bindDN "$ROOT_USER_DN" --bindPassword "${ROOT_PASSWORD:-password}" --useSsl --trustAll --baseDN "" --searchScope base "(objectClass=*)" 1.1 || exit 1

ENTRYPOINT ["/opt/opendj/run.sh"]
2 changes: 1 addition & 1 deletion opendj-packages/opendj-docker/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ docker run -d -p 1389:1389 -p 1636:1636 -p 4444:4444 --name opendj openidentityp

| Variable | Default Value | Description |
|-------------------------|---------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| ADD_BASE_ENTRY | --addBaseEntry | if set, creates base DN entry |
| ADD_BASE_ENTRY | | if set --addBaseEntry , creates base DN entry |
| PORT | 1389 | LDAP Listener Port |
| LDAPS_PORT | 1636 | LDAPS Listener Port |
| BASE_DN | dc=example,dc=com | OpenDJ Base DN |
Expand Down
2 changes: 1 addition & 1 deletion opendj-packages/opendj-docker/bootstrap/setup.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,6 @@ if [ -d /opt/opendj/bootstrap/data/ ]; then

for file in /opt/opendj/bootstrap/data/*; do
echo "Loading $file ..."
/opt/opendj/bin/ldapmodify -D "$ROOT_USER_DN" -h localhost -p $PORT -w $ROOT_PASSWORD -f $file
/opt/opendj/bin/ldapmodify -D "$ROOT_USER_DN" -h localhost -p $PORT -w $ROOT_PASSWORD -f $file --continueOnError
done
fi