feat(ldap): add option to load ldap from file

Signed-off-by: Laurentiu Niculae <[email protected]>

pkg/api/authn.go

@@ -261,14 +261,15 @@ func (amw *AuthnMiddleware) tryAuthnHandlers(ctlr *Controller) mux.MiddlewareFun
 	if ctlr.Config.IsLdapAuthEnabled() {
 		ldapConfig := ctlr.Config.HTTP.Auth.LDAP
 		amw.ldapClient = &LDAPClient{
+			Unauthenticated:    ldapConfig.Unauthenticated,
 			Host:               ldapConfig.Address,
 			Port:               ldapConfig.Port,
 			UseSSL:             !ldapConfig.Insecure,
 			SkipTLS:            !ldapConfig.StartTLS,
 			Base:               ldapConfig.BaseDN,
 			BindDN:             ldapConfig.BindDN,
-			UserGroupAttribute: ldapConfig.UserGroupAttribute, // from config
 			BindPassword:       ldapConfig.BindPassword,
+			UserGroupAttribute: ldapConfig.UserGroupAttribute, // from config
 			UserFilter:         fmt.Sprintf("(%s=%%s)", ldapConfig.UserAttribute),
 			InsecureSkipVerify: ldapConfig.SkipVerify,
 			ServerName:         ldapConfig.Address,

pkg/api/config/config.go

@@ -121,16 +121,23 @@ type SchedulerConfig struct {
 	NumWorkers int
 }
 
+type LDAPCredentials struct {
+	BindDN       string
+	BindPassword string
+}
+
 type LDAPConfig struct {
+	CredentialsFile    string
+	Unauthenticated    bool
 	Port               int
 	Insecure           bool
 	StartTLS           bool // if !Insecure, then StartTLS or LDAPs
 	SkipVerify         bool
 	SubtreeSearch      bool
 	Address            string
-	BindDN             string
+	BindDN             string `json:"-"`
+	BindPassword       string `json:"-"`
 	UserGroupAttribute string
-	BindPassword       string
 	BaseDN             string
 	UserAttribute      string
 	CACert             string