From 047f06d129b6587a1d6e9615603bb7c8c2a78ff0 Mon Sep 17 00:00:00 2001 From: Marcelo Caldas <66540657+mclcaldas@users.noreply.github.com> Date: Mon, 16 Jun 2025 12:46:22 -0300 Subject: [PATCH] [bitnami/airflow] feat: enhance LDAP config with user attribute mapping and support for Flask AppBuilder AUTH_LDAP (#34382) * feat(airflow): enhance LDAP config with user attribute mapping and support for Flask AppBuilder AUTH_LDAP Signed-off-by: marcelo.caldas * Update CHANGELOG.md Signed-off-by: Bitnami Bot * Update CHANGELOG.md Signed-off-by: Bitnami Bot --------- Signed-off-by: marcelo.caldas Signed-off-by: Bitnami Bot Co-authored-by: marcelo.caldas Co-authored-by: Bitnami Bot --- bitnami/airflow/CHANGELOG.md | 8 ++++++-- bitnami/airflow/Chart.yaml | 2 +- bitnami/airflow/README.md | 3 +++ bitnami/airflow/templates/web/configmap.yaml | 5 ++++- bitnami/airflow/values.yaml | 6 ++++++ 5 files changed, 20 insertions(+), 4 deletions(-) diff --git a/bitnami/airflow/CHANGELOG.md b/bitnami/airflow/CHANGELOG.md index 6234d8a170..200afed7f7 100644 --- a/bitnami/airflow/CHANGELOG.md +++ b/bitnami/airflow/CHANGELOG.md @@ -1,8 +1,12 @@ # Changelog -## 24.1.2 (2025-06-06) +## 24.1.3 (2025-06-13) -* [bitnami/airflow] :zap: :arrow_up: Update dependency references ([#34221](https://github.com/bitnami/charts/pull/34221)) +* [bitnami/airflow] feat: enhance LDAP config with user attribute mapping and support for Flask AppBuilder AUTH_LDAP ([#34382](https://github.com/bitnami/charts/pull/34382)) + +## 24.1.2 (2025-06-06) + +* [bitnami/airflow] :zap: :arrow_up: Update dependency references (#34221) ([f42b7ae](https://github.com/bitnami/charts/commit/f42b7aefc905b479c54b142d7c0152fc9fa5c36d)), closes [#34221](https://github.com/bitnami/charts/issues/34221) ## 24.1.1 (2025-05-26) diff --git a/bitnami/airflow/Chart.yaml b/bitnami/airflow/Chart.yaml index 64f203ce72..852d898048 100644 --- a/bitnami/airflow/Chart.yaml +++ b/bitnami/airflow/Chart.yaml @@ -42,4 +42,4 @@ maintainers: name: airflow sources: - https://github.com/bitnami/charts/tree/main/bitnami/airflow -version: 24.1.2 +version: 24.1.3 diff --git a/bitnami/airflow/README.md b/bitnami/airflow/README.md index e03eb9251b..6ee148fa20 100644 --- a/bitnami/airflow/README.md +++ b/bitnami/airflow/README.md @@ -1093,6 +1093,9 @@ The Bitnami Airflow chart relies on the PostgreSQL chart persistence. This means | `ldap.uri` | Server URI, eg. ldap://ldap_server:389 | `ldap://ldap_server:389` | | `ldap.basedn` | Base of the search, eg. ou=example,o=org. | `dc=example,dc=org` | | `ldap.searchAttribute` | if doing an indirect bind to ldap, this is the field that matches the username when searching for the account to bind to | `cn` | +| `ldap.firstnameField` | LDAP field that stores the user's first name. | `givenName` | +| `ldap.lastnameField` | LDAP field that stores the user's last name. | `sn` | +| `ldap.emailField` | field that stores the user's email address, if null in LDAP, email is set to: "{username}@email.notfound" | `mail` | | `ldap.binddn` | DN of the account used to search in the LDAP server. | `cn=admin,dc=example,dc=org` | | `ldap.bindpw` | Bind Password | `""` | | `ldap.existingSecret` | Name of an existing secret containing the LDAP bind password | `""` | diff --git a/bitnami/airflow/templates/web/configmap.yaml b/bitnami/airflow/templates/web/configmap.yaml index 530f0bbb1f..0db35a94ae 100644 --- a/bitnami/airflow/templates/web/configmap.yaml +++ b/bitnami/airflow/templates/web/configmap.yaml @@ -26,12 +26,15 @@ data: import os {{- if .Values.ldap.enabled }} - from airflow.www.fab_security.manager import AUTH_LDAP + from flask_appbuilder.const import AUTH_LDAP AUTH_TYPE = AUTH_LDAP AUTH_LDAP_SERVER = {{ .Values.ldap.uri | squote }} AUTH_LDAP_SEARCH = {{ .Values.ldap.basedn | squote }} AUTH_LDAP_UID_FIELD = {{ .Values.ldap.searchAttribute | squote }} + AUTH_LDAP_FIRSTNAME_FIELD = {{ .Values.ldap.firstnameField | squote }} + AUTH_LDAP_LASTNAME_FIELD = {{ .Values.ldap.lastnameField | squote }} + AUTH_LDAP_EMAIL_FIELD = {{ .Values.ldap.emailField | squote }} AUTH_LDAP_BIND_USER = {{ .Values.ldap.binddn | squote }} AUTH_USER_REGISTRATION = {{ .Values.ldap.userRegistration | squote }} AUTH_USER_REGISTRATION_ROLE = {{ .Values.ldap.userRegistrationRole | squote }} diff --git a/bitnami/airflow/values.yaml b/bitnami/airflow/values.yaml index 22707474fd..8aa03120b4 100644 --- a/bitnami/airflow/values.yaml +++ b/bitnami/airflow/values.yaml @@ -2580,6 +2580,9 @@ setupDBJob: ## @param ldap.uri Server URI, eg. ldap://ldap_server:389 ## @param ldap.basedn Base of the search, eg. ou=example,o=org. ## @param ldap.searchAttribute if doing an indirect bind to ldap, this is the field that matches the username when searching for the account to bind to +## @param ldap.firstnameField LDAP field that stores the user's first name. +## @param ldap.lastnameField LDAP field that stores the user's last name. +## @param ldap.emailField field that stores the user's email address, if null in LDAP, email is set to: "{username}@email.notfound" ## @param ldap.binddn DN of the account used to search in the LDAP server. ## @param ldap.bindpw Bind Password ## @param ldap.existingSecret Name of an existing secret containing the LDAP bind password @@ -2593,6 +2596,9 @@ ldap: uri: "ldap://ldap_server:389" basedn: "dc=example,dc=org" searchAttribute: "cn" + firstnameField: "givenName" + lastnameField: "sn" + emailField: "mail" binddn: "cn=admin,dc=example,dc=org" bindpw: "" existingSecret: ""