CI: drop bitnami openldap test image (#2626)

.github/workflows/build.yml

@@ -241,16 +241,18 @@ jobs:
           --health-timeout 5s
           --health-retries 5
       openldap:
-        image: docker.io/bitnami/openldap:2.6
+        image: osixia/openldap:1.5.0
         ports:
-          - 1389:1389
-          - 1636:1636
-        env:
-          LDAP_ADMIN_USERNAME: "admin"
-          LDAP_ADMIN_PASSWORD: "adminpassword"
-          LDAP_USERS: "alice,bob,foo"
-          LDAP_PASSWORDS: "password1,password2,password3"
+          - 10389:389
+        options: >-
+          --health-cmd "sleep 10"
+          --health-interval 1s
+          --health-timeout 30s
+          --health-retries 30
     steps:
+      - name: install ldap utils
+        run:
+          sudo apt-get install -y ldap-utils
       - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
       - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
         with:
@@ -316,8 +318,11 @@ jobs:
           CONSUL_HTTP_ADDR: "consul:8500"
           GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
           LDAP_BINDDN: "cn=admin,dc=example,dc=org"
-          LDAP_BINDPASS: "adminpassword"
-          LDAP_URL: "ldap://openldap:1389"
+          LDAP_BINDPASS: "admin"
+          # host and port of the openldap container, from the pov of the github runner
+          LDAP_HOST_URL: "ldap://0.0.0.0:10389"
+          # service URL of accessible from the Vault container
+          LDAP_URL: "ldap://openldap:389"
           VAULT_PLUGIN_COMMAND: ${{ steps.plugin.outputs.command }}
         run: |
           if [[ ${{ matrix.image }} =~ "-ent" ]]; then
@@ -325,6 +330,9 @@ jobs:
           else
             target="testacc"
           fi
+          if [ -n "${{ env.LDAP_HOST_URL }}" ]; then
+            cat testdata/openldap/ldif/*.ldif | ldapadd -x -H ${{ env.LDAP_HOST_URL }} -D "${{ env.LDAP_BINDDN }}" -w "${{ env.LDAP_BINDPASS }}"
+          fi
           make $target TESTARGS='-test.v' SKIP_MSSQL_MULTI_CI=true SKIP_RAFT_TESTS=true SKIP_VAULT_NEXT_TESTS=true TF_ACC_K8S_SKIP_IN_CLUSTER=true
       - name: "Generate Vault API Path Coverage Report"
         run: |

testdata/openldap/ldif/users.ldif

@@ -0,0 +1,46 @@
+dn: ou=users,dc=example,dc=org
+objectClass: top
+objectClass: organizationalUnit
+ou: users
+
+dn: ou=groups,dc=example,dc=org
+objectClass: top
+objectClass: organizationalUnit
+ou: groups
+
+
+dn: cn=alice,ou=users,dc=example,dc=org
+cn: alice
+sn: alice
+objectClass: inetOrgPerson
+objectClass: posixAccount
+objectClass: shadowAccount
+userPassword:: cGFzc3dvcmQxCg==
+uid: alice
+uidNumber: 2000
+gidNumber: 2000
+homeDirectory: /home/alice
+
+dn: cn=bob,ou=users,dc=example,dc=org
+cn: bob
+sn: bob
+objectClass: inetOrgPerson
+objectClass: posixAccount
+objectClass: shadowAccount
+userPassword:: cGFzc3dvcmQyCg==
+uid: bob
+uidNumber: 2001
+gidNumber: 2001
+homeDirectory: /home/bob
+
+dn: cn=foo,ou=users,dc=example,dc=org
+cn: foo
+sn: foo
+objectClass: inetOrgPerson
+objectClass: posixAccount
+objectClass: shadowAccount
+userPassword:: cGFzc3dvcmQzCg==
+uid: foo
+uidNumber: 2002
+gidNumber: 2002
+homeDirectory: /home/foo

testdata/user.ldif

@@ -1,11 +0,0 @@
-dn: CN=Bob,CN=Users,DC=corp,DC=example,DC=net
-objectClass: top
-objectClass: person
-objectClass: organizationalPerson
-objectClass: user
-cn: Bob
-description: test account
-name: Bob
-sAMAccountName: Bob
-distinguishedName: CN=Bob,CN=Users,DC=corp,DC=example,DC=net
-userPrincipalName: Bob

vault/resource_ldap_secret_backend_library_set_test.go

@@ -10,6 +10,7 @@ import (
 
 	"github.com/hashicorp/terraform-plugin-testing/helper/acctest"
 	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
+
 	"github.com/hashicorp/terraform-provider-vault/internal/consts"
 	"github.com/hashicorp/terraform-provider-vault/internal/provider"
 	"github.com/hashicorp/terraform-provider-vault/testutil"