Kevin Veen-Birkenbach
7791bd8c04
Integration tests added/updated:
- tests/integration/test_filters_usage.py: AST-based detection of filter definitions (FilterModule.filters), robust Jinja detection ({{ ... }}, {% ... %}, {% filter ... %}), plus Python call tracking; fails if a filter is used only under tests/.
- tests/integration/test_filters_are_defined.py: inverse check — every filter used in .yml/.yaml/.j2/.jinja2/.tmpl must be defined locally. Scans only inside Jinja blocks and ignores pipes inside strings (e.g., lookup('pipe', "... | grep ... | awk ...")) to avoid false positives like trusted_hosts, woff/woff2, etc.
Bug fixes & robustness:
- Build regexes without %-string formatting to avoid ValueError from literal '%' in Jinja tags.
- Strip quoted strings in usage analysis so sed/grep/awk pipes are not miscounted as filters.
- Prevent self-matches in the defining file.
Cleanup / removal of dead code:
- Removed unused filter plugins and related unit tests:
* filter_plugins/alias_domains_map.py
* filter_plugins/get_application_id.py
* filter_plugins/load_configuration.py
* filter_plugins/safe.py
* filter_plugins/safe_join.py
* roles/svc-db-openldap/filter_plugins/build_ldap_nested_group_entries.py
* roles/sys-ctl-bkp-docker-2-loc/filter_plugins/dict_to_cli_args.py
* corresponding tests under tests/unit/*
- roles/svc-db-postgres/filter_plugins/split_postgres_connections.py: dropped no-longer-needed list_postgres_roles API; adjusted tests.
Misc:
- sys-stk-front-proxy/defaults/main.yml: clarified valid vhost_flavour values (comma-separated).
Ref: https://chatgpt.com/share/68b56bac-c4f8-800f-aeef-6708dbb44199
LDAP
Description
Unleash the potential of centralized identity management with OpenLDAP. This powerful directory service provides a robust platform for managing users, groups, and organizational units while ensuring secure, scalable, and efficient authentication and authorization.
Overview
Deploy OpenLDAP in a Docker environment with support for TLS-secured communication via an NGINX stream proxy. OpenLDAP offers advanced directory management capabilities, including flexible schema definitions, dynamic configuration overlays, and comprehensive query support with LDAP search utilities.
For further setup instructions and advanced configuration details, please refer to the following resources available in this directory:
Features
- Centralized Identity Management: Maintain a unified repository for all users and groups with robust organizational structures.
- Flexible Schema Support: Customize and extend directory schemas to meet diverse organizational requirements.
- Secure Communications: Enable TLS encryption for data in transit when accessed through an NGINX reverse proxy.
- Dynamic Configuration: Leverage runtime configuration overlays to adjust directory settings without downtime.
- Comprehensive Query Capabilities: Utilize LDAP search tools to efficiently query and manage directory data.
- High Performance and Scalability: Designed to handle large-scale deployments with rapid lookup and authentication response times.
Further Resources
Credits
Developed and maintained by Kevin Veen-Birkenbach.
Learn more at veen.world.
Part of the Infinito.Nexus Project
Licensed under Infinito.Nexus NonCommercial License.