support customSchemaFiles and extraSchemaFiles options

.bin/myval.yaml

@@ -1,19 +1,19 @@
 logLevel: debug
-resources: 
+resources:
   limits:
     cpu: "128m"
     memory: "64Mi"
 replicaCount: 3
 ltb-passwd:
   ingress:
     hosts:
-    - "ssl-ldap2.example"
+      - "ssl-ldap2.example"
 phpldapadmin:
   ingress:
     hosts:
-    - "phpldapadmin.example"
-customSchemaFiles:
-  00-memberof.ldif: |-
+      - "phpldapadmin.example"
+extraSchemaFiles:
+  memberof.ldif: |-
     # Load memberof module
     dn: cn=module,cn=config
     cn: module
@@ -27,8 +27,8 @@ customSchemaFiles:
     objectClass: olcMemberOf
     olcOverlay: memberof
     olcMemberOfRefint: TRUE
-    
-  10_owncloud_schema.ldif: |-
+customSchemaFiles:
+  00_owncloud_schema.ldif: |-
     # This LDIF files describes the ownCloud schema and can be used to
     # add two optional attributes: ownCloudQuota and ownCloudUUID
     # The ownCloudUUID is used to store a unique, non-reassignable, persistent identifier for users and groups
@@ -105,4 +105,4 @@ initTLSSecret:
     repository: alpine/openssl
     tag: latest
     pullPolicy: IfNotPresent
-  secret: "custom-cert" 
+  secret: "custom-cert"

advanced_examples/MemberOf.md

@@ -1,12 +1,12 @@
 # Examples of MemberOf configuration
 
-## Enable MemberOf 
+## Enable MemberOf
 
 Use the following values to enable `memberof` attribute:
 
 This configuration works regardless of the `replication` configuration (`enabled` or `disabled`)
 
-```
+```ldif
 # Default configuration for openldap as environment variables. These get injected directly in the container.
 # Use the env variables from https://github.com/osixia/docker-openldap#beginner-guide
 env:
@@ -45,7 +45,7 @@ customLdifFiles:
     objectclass: posixGroup
     objectclass: top
     add: memberUid
-    memberUid: jdupond    
+    memberUid: jdupond
   03-test-memberof.ldif: |-
     dn: ou=Group,dc=example,dc=org
     objectclass: organizationalUnit
@@ -63,7 +63,7 @@ customLdifFiles:
     objectclass: groupOfNames
     cn: testgroup
     member: uid=test1,ou=People,dc=example,dc=org
-customSchemaFiles:
+extraSchemaFiles:
   #enable memberOf ldap search functionality, users automagically track groups they belong to
   00-memberof.ldif: |-
     # Load memberof module
@@ -83,11 +83,13 @@ customSchemaFiles:
 
 Connect to your openldap instance and execute:
 
-```
+```bash
 LDAPTLS_REQCERT=never ldapsearch -x -D 'cn=admin,dc=example,dc=org' -w Not@SecurePassw0rd -H ldaps://127.0.0.1:1636 -b 'dc=example,dc=org' "(memberOf=cn=testgroup,ou=Group,dc=example,dc=org)"
 ```
-You should get the following result: 
-```
+
+You should get the following result:
+
+```ldif
 # extended LDIF
 #
 # LDAPv3
@@ -107,4 +109,4 @@ result: 0 Success
 
 # numResponses: 2
 # numEntries: 1
-```
+```

templates/_helpers.tpl

@@ -89,7 +89,7 @@ Generate olcSyncRepl list
 {{- define "olcSyncRepls2" -}}
 {{- $name := (include "openldap.fullname" .) }}
 {{- $domain := (include "global.baseDomain" .) }}
-{{- $bindDNUser := .Values.global.adminUser }} 
+{{- $bindDNUser := .Values.global.adminUser }}
 {{- $namespace := .Release.Namespace }}
 {{- $cluster := .Values.replication.clusterName }}
 {{- $adminPassword := ternary .Values.global.adminPassword "%%ADMIN_PASSWORD%%" (empty .Values.global.existingSecret) }}
@@ -186,9 +186,9 @@ Cannot return list => return string comma separated
 Return the list of custom schema files to use
 Cannot return list => return string comma separated
 */}}
-{{- define "openldap.customSchemaFiles" -}}
+{{- define "openldap.extraSchemaFiles" -}}
   {{- $schemas := "" -}}
-  {{- $schemas := ((join "," (.Values.customSchemaFiles | keys | sortAlpha))  | replace ".ldif" "") -}}
+  {{- $schemas := ((join "," (.Values.extraSchemaFiles | keys | sortAlpha))  | replace ".ldif" "") -}}
   {{- print $schemas -}}
 {{- end -}}
 
@@ -198,7 +198,7 @@ Cannot return list => return string comma separated
 */}}
 {{- define "openldap.schemaFiles" -}}
   {{- $schemas := (include "openldap.builtinSchemaFiles" .) -}}
-  {{- $custom_schemas := (include "openldap.customSchemaFiles" .) -}}
+  {{- $custom_schemas := (include "openldap.extraSchemaFiles" .) -}}
   {{- if gt (len $custom_schemas) 0 -}}
     {{- $schemas = print $schemas "," $custom_schemas  -}}
   {{- end -}}

templates/configmap-extraschema.yaml

@@ -0,0 +1,23 @@
+#
+# A ConfigMap spec for openldap slapd that map directly to files under
+# /opt/bitnami/openldap/etc/schema/custom
+#
+{{- if .Values.extraSchemaFiles }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "openldap.fullname" . }}-extraschema
+  labels:
+    app: {{ template "openldap.name" . }}
+    chart: {{ template "openldap.chart" . }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+{{- if .Values.extraLabels }}
+{{ toYaml .Values.extraLabels | indent 4 }}
+{{- end }}
+data:
+{{- range $key, $val := .Values.extraSchemaFiles }}
+  {{ $key }}: |-
+{{ $val | indent 4}}
+{{- end }}
+{{- end }}

templates/statefulset.yaml

@@ -33,6 +33,12 @@ spec:
         {{- if .Values.customLdifFiles}}
         checksum/configmap-customldif: {{ include (print $.Template.BasePath "/configmap-customldif.yaml") . | sha256sum }}
         {{- end }}
+        {{- if .Values.extraSchemaFiles}}
+        checksum/configmap-extraschema: {{ include (print $.Template.BasePath "/configmap-extraschema.yaml") . | sha256sum }}
+        {{- end }}
+        {{- if .Values.customSchemaFiles}}
+        checksum/configmap-customschema: {{ include (print $.Template.BasePath "/configmap-customschema.yaml") . | sha256sum }}
+        {{- end }}
       labels: {{- include "common.labels.standard" . | nindent 8 }}
         app.kubernetes.io/component: {{ template "openldap.fullname" . }}
         release: {{ .Release.Name }}
@@ -52,12 +58,15 @@ spec:
               if [ "$host" = "{{ template "openldap.fullname" . }}-0" ]
               then
                 echo "This is the main openldap so let's init all additional schemas and ldifs here"
-                cp -p -f /cm-schemas-acls/*.ldif /custom_config/ 
-                if [ -d /cm-schemas ]; then
-                  cp -p -f /cm-schemas/*.ldif /custom-schemas/ 
+                cp -p -f /cm-schemas-acls/*.ldif /custom_config/
+                if [ -d /cm-extra-schemas ]; then
+                  cp -p -f /cm-extra-schemas/*.ldif /extra-schemas/
+                fi
+                if [ -d /cm-custom-schemas ]; then
+                  cp -p -f /cm-custom-schemas/*.ldif /custom-schemas/
                 fi
                 if [ -d /cm-ldifs ]; then
-                  cp -p -f /cm-ldifs/*.ldif /custom-ldifs/ 
+                  cp -p -f /cm-ldifs/*.ldif /custom-ldifs/
                 fi
               else
                 cp -p -f /cm-schemas-acls/*.ldif /custom_config/
@@ -74,14 +83,20 @@ spec:
           resources: {{- toYaml .Values.initTLSSecret.resources | nindent 12 }}
           {{- end }}
           volumeMounts:
-    {{- if .Values.customSchemaFiles }}
-      {{- range $file := (include "openldap.customSchemaFiles" . | split ",") }}
-            - name: cm-custom-schema-files
-              mountPath: /cm-schemas/{{ $file }}.ldif
+    {{- if .Values.extraSchemaFiles }}
+      {{- range $file := (include "openldap.extraSchemaFiles" . | split ",") }}
+            - name: cm-extra-schema-files
+              mountPath: /cm-extra-schemas/{{ $file }}.ldif
               subPath: {{ $file }}.ldif
       {{- end }}
+            - name: extra-schema-files
+              mountPath: /extra-schemas/
+    {{- end }}
+    {{- if .Values.customSchemaFiles }}
+            - name: cm-custom-schema-files
+              mountPath: /cm-custom-schemas
             - name: custom-schema-files
-              mountPath: /custom-schemas/
+              mountPath: /custom-schemas
     {{- end }}
     {{- if or (.Values.customLdifFiles) (.Values.customLdifCm) }}
             - name: cm-custom-ldif-files
@@ -141,7 +156,7 @@ spec:
             - mountPath: /bitnami
               name: data
       {{- end }}
-    
+
       serviceAccountName: {{ template "openldap.serviceAccountName" . }}
       {{- include "openldap.imagePullSecrets" . | nindent 6 }}
       {{- if .Values.hostAliases }}
@@ -252,16 +267,20 @@ spec:
               mountPath: /opt/bitnami/openldap/etc/schema/{{ $file }}.ldif
               subPath: {{ $file }}.ldif
             {{- end }}
-{{- if .Values.customSchemaFiles}}
-            {{- range $file := (include "openldap.customSchemaFiles" . | split ",") }}
-            - name: custom-schema-files
+{{- if .Values.extraSchemaFiles}}
+            {{- range $file := (include "openldap.extraSchemaFiles" . | split ",") }}
+            - name: extra-schema-files
               mountPath: /opt/bitnami/openldap/etc/schema/{{ $file }}.ldif
               subPath: {{ $file }}.ldif
             {{- end }}
 {{- end }}
+{{- if .Values.customSchemaFiles}}
+            - name: custom-schema-files
+              mountPath: /schemas # default value for LDAP_CUSTOM_SCHEMA_DIR, see https://github.com/bitnami/containers/blob/c969cdc2e0d547f67f89b7e4a21bc2e00716f6ab/bitnami/openldap/2.6/debian-12/rootfs/opt/bitnami/scripts/libopenldap.sh#L42
+{{- end }}
 {{- if or (.Values.customLdifFiles) (.Values.customLdifCm) }}
             - name: custom-ldif-files
-              mountPath: /ldifs/
+              mountPath: /ldifs # default value for LDAP_CUSTOM_LDIF_DIR, see https://github.com/bitnami/containers/blob/c969cdc2e0d547f67f89b7e4a21bc2e00716f6ab/bitnami/openldap/2.6/debian-
 {{- end }}
 {{- range .Values.customFileSets }}
 {{- $fs := . }}
@@ -307,6 +326,14 @@ spec:
           emptyDir:
             medium: Memory
 {{- end }}
+{{- if .Values.extraSchemaFiles }}
+        - name: cm-extra-schema-files
+          configMap:
+            name: {{ template "openldap.fullname" . }}-extraschema
+        - name: extra-schema-files
+          emptyDir:
+            medium: Memory
+{{- end }}
 {{- if .Values.customSchemaFiles }}
         - name: cm-custom-schema-files
           configMap: