Applying ldap test fixes.

tests/testflows/helpers/cluster.py

@@ -164,7 +164,7 @@ class Cluster(object):
         if not os.path.exists(docker_compose_file_path):
             raise TypeError("docker compose file '{docker_compose_file_path}' does not exist")
 
-        self.docker_compose += f" --project-directory \"{docker_compose_project_dir}\" --file \"{docker_compose_file_path}\""
+        self.docker_compose += f" --no-ansi --project-directory \"{docker_compose_project_dir}\" --file \"{docker_compose_file_path}\""
         self.lock = threading.Lock()
 
     def shell(self, node, timeout=120):

tests/testflows/ldap/docker-compose/clickhouse-service.yml

@@ -19,9 +19,9 @@ services:
     healthcheck:
       test: clickhouse client --query='select 1'
       interval: 3s
-      timeout: 2s
-      retries: 40
-      start_period: 2s
+      timeout: 10s
+      retries: 5
+      start_period: 30s
     cap_add:
       - SYS_PTRACE
     security_opt:

tests/testflows/ldap/docker-compose/docker-compose.yml

@@ -57,6 +57,9 @@ services:
       LDAP_TLS_ENFORCE: "false"
       LDAP_TLS_VERIFY_CLIENT: "never"
       LDAP_TLS_CIPHER_SUITE: "SECURE256:+SECURE128:-VERS-TLS-ALL:+VERS-TLS1.2:-RSA:-DHE-DSS:-CAMELLIA-128-CBC:-CAMELLIA-256-CBC"
+    healthcheck:
+      # May need some time to generate DH parameters...
+      start_period: 300s
     volumes:
       - "${CLICKHOUSE_TESTS_DIR}/configs/ldap4/config:/container/service/slapd/assets/config/bootstrap/ldif/custom"
       - "${CLICKHOUSE_TESTS_DIR}/configs/ldap4/certs:/container/service/slapd/assets/certs/"

tests/testflows/ldap/docker-compose/openldap-service.yml

@@ -13,11 +13,11 @@ services:
       - "389"
       - "636"
     healthcheck:
-      test: echo 1
+      test: ldapsearch -x -H ldap://localhost:$${LDAP_PORT:-389} -b "dc=company,dc=com" -D "cn=admin,dc=company,dc=com" -w admin
       interval: 3s
-      timeout: 2s
+      timeout: 10s
       retries: 5
-      start_period: 2s
+      start_period: 30s
     security_opt:
       - label:disable
 

tests/testflows/ldap/regression.py

@@ -23,8 +23,6 @@ xfails = {
     "connection protocols/starttls with custom port":
      [(Fail, "it seems that starttls is not enabled by default on custom plain-text ports in LDAP server")],
     "connection protocols/tls cipher suite":
-     [(Fail, "can't get it to work")],
-    "connection protocols/tls minimum protocol version/:":
      [(Fail, "can't get it to work")]
 }
 

tests/testflows/ldap/tests/connections.py

@@ -237,8 +237,7 @@ def tls_cipher_suite(self):
     ("ssl3", None, None),
     ("tls1.0", None, None),
     ("tls1.1", None, None),
-    ("tls1.2", None, None),
-    ("tls1.3", 36, "DB::Exception: LDAP server 'openldap4' is not configured")
+    ("tls1.2", None, None)
 ])
 def tls_minimum_protocol_version(self, version, exitcode, message):
     """Check that `tls_minimum_protocol_version` parameter can be used specify