Waiting for fix

https://github.com/kanidm/kanidm/pull/2956

config/kanidm/basic-setup.sh

@@ -22,7 +22,7 @@ podman run -itd --rm \
   --network host \
   --name kanidm-client \
   -v "$PWD/client.toml:/root/.config/kanidm:ro" \
-  docker.io/kanidm/tools \
+  docker.io/kanidm/tools:1.2.3 \
   bash -c 'sleep 3600' \
   >/dev/null 2>&1
 sleep 0.2
@@ -43,31 +43,34 @@ function create_user {
   krun kanidm person update "$username" --legalname "$username Lastname" --mail "${username}@example.com" --name idm_admin
 
   # TODO: this doesn't seem to work? can't seem to commit changes
-  (
-    sleep 0.1
-    echo "pass"
-    sleep 0.1
-    echo "$FAKE_PASSWORD"
-    sleep 0.1
-    echo "$FAKE_PASSWORD"
-    sleep 0.1
-    echo "totp"
-    sleep 0.1
-    echo "totpname"
-    sleep 0.25
-    totp_uri="$(rg 'TOTP URI: (.+)' /tmp/create-user-log.txt -r '$1')"
-    totp_secret="$(echo "$totp_uri" | rg '.*?secret=([^&]+).*' -r '$1')"
-    totp_code="$(oathtool --totp=SHA256 -b "$totp_secret")"
-    echo "$totp_code"
-    sleep 0.1
-    echo "commit"
-    sleep 0.1
-    echo "y"
-    sleep 0.1
-    echo "end"
-    ) | krun kanidm person credential update "$username" --name idm_admin | tee /tmp/create-user-log.txt
+  # (
+  #   sleep 0.1
+  #   echo "pass"
+  #   sleep 0.1
+  #   echo "$FAKE_PASSWORD"
+  #   sleep 0.1
+  #   echo "$FAKE_PASSWORD"
+  #   sleep 0.1
+    # echo "totp"
+    # sleep 0.1
+    # echo "totpname"
+    # sleep 0.25
+    # totp_uri="$(rg 'TOTP URI: (.+)' /tmp/create-user-log.txt -r '$1')"
+    # totp_secret="$(echo "$totp_uri" | rg '.*?secret=([^&]+).*' -r '$1')"
+    # totp_code="$(oathtool --totp=SHA256 -b "$totp_secret")"
+    # echo "$totp_code"
+    # sleep 0.1
+    # echo "commit"
+    # sleep 0.1
+    # echo "y"
+    # sleep 0.1
+    # echo "end"
+    # ) | krun kanidm person credential update "$username" --name idm_admin | tee /tmp/create-user-log.txt
 }
 
+# setup loose policies for testing
+krun kanidm group account-policy credential-type-minimum idm_all_persons any --name idm_admin
+
 # some groups
 app="yourcloud"
 adm_group="${app}--admins"
@@ -86,5 +89,5 @@ for u in gilfoyle dinesh; do
 done
 
 # add users to groups
-krun kanidm group add-members "$adm_group" gilfoyle --name idm_admin
-krun kanidm group add-members "$adm_group" dinesh --name idm_admin
+# krun kanidm group add-members "$adm_group" gilfoyle --name idm_admin
+# krun kanidm group add-members "$adm_group" dinesh --name idm_admin

config/kanidm/run-in-podman.sh

@@ -5,4 +5,4 @@ podman run -itd --rm \
   -v "$PWD/chain.pem:/data/chain.pem:ro" \
   -v "$PWD/key.pem:/data/key.pem:ro" \
   --name kanidm \
-  docker.io/kanidm/server:latest &>/dev/null || true
+  docker.io/kanidm/server:1.2.3 &>/dev/null || true

config/kanidm/server.toml

@@ -3,4 +3,5 @@ db_path = "/data/kanidm.db"
 tls_chain = "/data/chain.pem"
 tls_key = "/data/key.pem"
 domain = "localhost"
+log_level = "debug"
 origin = "https://localhost:8443"