Redo ldap test to use postmap instead of sending email

integration-tests/ldap-allow/docker-compose.yml

@@ -1,42 +0,0 @@
-version: '3.7'
-services:
-  postfix_test_587:
-    hostname: "postfix"
-    image: "boky/postfix"
-    restart: always
-    healthcheck:
-      test: [ "CMD", "sh", "-c", "netstat -an | fgrep 587 | fgrep -q LISTEN" ]
-      interval: 10s
-      timeout: 5s
-      start_period: 10s
-      retries: 2
-    volumes:
-      - "./restricted-senders.cf:/etc/postfix/conf/restricted-senders.cf"
-    environment:
-      FORCE_COLOR: "1"
-      ALLOWED_SENDER_DOMAINS: "example.org"
-      POSTFIX_smtpd_sender_restrictions: "check_client_access ldap:/etc/postfix/conf/restricted-senders.cf"
-  ldap:
-    hostname: "ldap"
-    image: "thoteam/slapd-server-mock"
-    restart: always
-    healthcheck:
-      test: [ "CMD", "sh", "-c", "netstat -an | fgrep 389 | fgrep -q LISTEN" ]
-      interval: 10s
-      timeout: 5s
-      start_period: 10s
-      retries: 2
-    volumes:
-      - "./config.ldif:/bootstrap/config.ldif.TEMPLATE"
-      - "./data.ldif:/bootstrap/data.ldif.TEMPLATE"
-  tests:
-    image: "boky/postfix-integration-test"
-    restart: "no"
-    volumes:
-      - "../tester:/code"
-    build:
-      context: ../tester
-    command: "/" # relative path to /code
-    environment:
-      FROM: "demo@example.org"
-      TO: "test@gmail.com"

integration-tests/ldap-allow/restricted-senders.cf

@@ -1,4 +0,0 @@
-    server_host = ldap://ldap
-    search_base = dc=ldapmock,dc=local
-    query_filter = (sn=allowed)
-    result_attribute = mail

integration-tests/ldap-block/config.ldif

@@ -1,37 +0,0 @@
-version: 1
-
-# Add the groupType Attribute and group class for MSAD
-# Kept for memory in case we need to enable this again
-# dn: cn={0}core,cn=schema,cn=config
-# changetype: modify
-# add: olcAttributetypes
-# olcAttributetypes: ( 1.2.840.113556.1.4.750 NAME 'groupType'
-#    SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE
-# )
-#
-# dn: cn={0}core,cn=schema,cn=config
-# changetype: modify
-# add: olcObjectClasses
-# olcObjectClasses: ( 1.2.840.113556.1.5.8 NAME 'Group'
-#         DESC 'a group of users'
-#         SUP top STRUCTURAL
-#         MUST ( groupType $ cn)
-#         MAY ( member ) )
-
-# Configure TLS
-dn: cn=config
-changetype: modify
-replace: olcTLSCertificateFile
-olcTLSCertificateFile: /etc/ldap/ssl/ldap.crt
--
-replace: olcTLSCertificateKeyFile
-olcTLSCertificateKeyFile: /etc/ldap/ssl/ldap.key
--
-replace: olcTLSVerifyClient
-olcTLSVerifyClient: never
-
-# Configure loging
-dn: cn=config
-changetype: modify
-replace: olcLogLevel
-olcLogLevel: stats

integration-tests/ldap-block/data.ldif

@@ -1,9 +0,0 @@
-# demo@example.org
-dn: uid=demo,${LDAP_BASEDN}
-objectClass: inetOrgPerson
-objectClass: organizationalPerson
-objectClass: person
-objectClass: top
-cn: Demo
-sn: blocked
-mail: demo@example.org

integration-tests/ldap-block/docker-compose.yml

@@ -1,42 +0,0 @@
-version: '3.7'
-services:
-  postfix_test_587:
-    hostname: "postfix"
-    image: "boky/postfix"
-    restart: always
-    healthcheck:
-      test: [ "CMD", "sh", "-c", "netstat -an | fgrep 587 | fgrep -q LISTEN" ]
-      interval: 10s
-      timeout: 5s
-      start_period: 10s
-      retries: 2
-    volumes:
-      - "./restricted-senders.cf:/etc/postfix/conf/restricted-senders.cf"
-    environment:
-      FORCE_COLOR: "1"
-      ALLOWED_SENDER_DOMAINS: "example.org"
-      POSTFIX_smtpd_sender_restrictions: "check_client_access ldap:/etc/postfix/conf/restricted-senders.cf"
-  ldap:
-    hostname: "ldap"
-    image: "thoteam/slapd-server-mock"
-    restart: always
-    healthcheck:
-      test: [ "CMD", "sh", "-c", "netstat -an | fgrep 389 | fgrep -q LISTEN" ]
-      interval: 10s
-      timeout: 5s
-      start_period: 10s
-      retries: 2
-    volumes:
-      - "./config.ldif:/bootstrap/config.ldif.TEMPLATE"
-      - "./data.ldif:/bootstrap/data.ldif.TEMPLATE"
-  tests:
-    image: "boky/postfix-integration-test"
-    restart: "no"
-    volumes:
-      - "../tester:/code"
-    build:
-      context: ../tester
-    command: "/" # relative path to /code
-    environment:
-      FROM: "demo@example.org"
-      TO: "test@gmail.com"

integration-tests/ldap-block/restricted-senders.cf

@@ -1,4 +0,0 @@
-    server_host = ldap://ldap
-    search_base = dc=ldapmock,dc=local
-    query_filter = (sn=allowed)
-    result_attribute = mail

integration-tests/ldap-block/test.bats

@@ -1,26 +0,0 @@
-#!/usr/bin/env bats
-
-FROM=$1
-TO=$2
-
-if [ -z "$FROM" ]; then
-    FROM="demo@example.org"
-fi
-
-if [ -z "$TO" ]; then
-    TO="test@gmail.com"
-fi
-
-# Wait for postfix to startup
-wait-for-service -q tcp://postfix_test_587:587
-wait-for-service -q tcp://ldap:389
-
-SMTP_DATA="-smtp postfix_test_587 -port 587"
-
-@test "Make sure postfix rejects the message from us" {
-	! mailsend -debug \
-		-sub "Test email 1" $SMTP_DATA \
-			-from "$FROM" -to "$TO" \
-		body \
-			-msg "Hello world!\nThis is a simple test message!"
-}

integration-tests/ldap/docker-compose.yml

@@ -0,0 +1,31 @@
+version: '3.7'
+services:
+  tests:
+    hostname: "postfix"
+    image: "boky/postfix"
+    restart: "no"
+    volumes:
+      - "./tests:/tests"
+      - "./postfix-conf:/etc/postfix/conf/"
+    environment:
+      FORCE_COLOR: "1"
+      ALLOWED_EMPTY_SENDER_DOMAINS: "example.org"
+      POSTFIX_smtpd_end_of_data_restrictions: "check_client_access static:discard"
+    entrypoint: [ "/bin/sh", "-c" ]
+    command: [ "/tests/test.sh" ]
+    depends_on:
+      ldap:
+        condition: service_healthy
+        restart: true
+  ldap:
+    hostname: "ldap"
+    image: "thoteam/slapd-server-mock"
+    restart: always
+    healthcheck:
+      test: [ "CMD-SHELL", "bash -c 'exec 6<> /dev/tcp/localhost/389'" ]
+      interval: 10s
+      timeout: 5s
+      start_period: 10s
+      retries: 2
+    volumes:
+      - "./ldap-conf:/bootstrap/"

integration-tests/ldap/postfix-conf/restricted-senders.cf

@@ -0,0 +1,4 @@
+server_host = ldap://ldap
+search_base = dc=ldapmock,dc=local
+query_filter = (&(mail=%s)(sn=allowed))
+result_attribute = mail

integration-tests/ldap/tests/test.sh

@@ -0,0 +1,10 @@
+#!/bin/sh
+set -e
+set -x
+
+if ! hash postmap; then
+    echo "postmap not found!" >2
+    exit 1
+fi
+
+postmap -q demo@example.org ldap:/etc/postfix/conf/restricted-senders.cf