Skip to content

feat: replace phpldapadmin image, security patches, bump to 1.4.0 #7

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
llulioscesar merged 2 commits into from
Apr 13, 2026
Merged

feat: replace phpldapadmin image, security patches, bump to 1.4.0 #7

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
faa6f0e
feat: replace phpldapadmin image and bump chart to 1.4.0
llulioscesar Apr 13, 2026
d8257b6
docs: update README for phpldapadmin port and openldap version
llulioscesar Apr 13, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 13 additions & 9 deletions Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@ apiVersion: v2
name: ldap-stack
description: OpenLDAP + phpLDAPadmin + Keycloak stack for centralized identity management with SSO support
type: application
version: 1.3.1
appVersion: "2.6.0"
version: 1.4.0
appVersion: "2.6.1"
annotations:
artifacthub.io/signKey: |
fingerprint: 35D9AD8B98D2FB5AF685CABA019335D0A0561140
Expand All @@ -19,20 +19,24 @@ annotations:
url: https://github.com/start-codex/ldap-stack-helm-chart
artifacthub.io/images: |
- name: openldap
image: startcodex/openldap:2.0.0
image: startcodex/openldap:2.1.0
- name: phpldapadmin
image: osixia/phpldapadmin:latest
image: phpldapadmin/phpldapadmin:latest
- name: keycloak
image: quay.io/keycloak/keycloak:latest
- name: ldap-sync-google
image: startcodex/ldap-sync-google:latest
artifacthub.io/containsSecurityUpdates: "false"
artifacthub.io/containsSecurityUpdates: "true"
artifacthub.io/prerelease: "false"
artifacthub.io/changes: |
- kind: added
description: Add support for extraInitContainers, extraVolumes, and extraVolumeMounts in Keycloak
- kind: added
description: Enable custom provider JARs and themes in Keycloak via init containers
- kind: changed
description: "BREAKING: Replace osixia/phpldapadmin with phpldapadmin/phpldapadmin (port 80 -> 8080)"
- kind: changed
description: Upgrade openldap image to 2.1.0 with security patches (0 critical CVEs)
- kind: security
description: Eliminate 122 critical CVEs by replacing abandoned phpldapadmin image
- kind: security
description: Patch OpenSSL, MariaDB, glibc, BIND CVEs in openldap image
keywords:
- ldap
- openldap
Expand Down
6 changes: 3 additions & 3 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,7 @@ helm install ldap ldap-stack/ldap-stack \
|-----------|-------------|---------|
| `openldap.enabled` | Enable OpenLDAP | `true` |
| `openldap.image.repository` | Image repository | `startcodex/openldap` |
| `openldap.image.tag` | Image tag | `2.0.0` |
| `openldap.image.tag` | Image tag | `2.1.0` |
| `openldap.service.type` | Service type | `ClusterIP` |
| `openldap.service.ldapPort` | LDAP port | `389` |
| `openldap.service.ldapsPort` | LDAPS port | `636` |
Expand All @@ -122,7 +122,7 @@ helm install ldap ldap-stack/ldap-stack \
|-----------|-------------|---------|
| `phpldapadmin.enabled` | Enable phpLDAPadmin | `true` |
| `phpldapadmin.service.type` | Service type | `ClusterIP` |
| `phpldapadmin.service.port` | Service port | `80` |
| `phpldapadmin.service.port` | Service port | `8080` |
| `phpldapadmin.ingress.enabled` | Enable Ingress | `false` |

### Keycloak Parameters
Expand Down Expand Up @@ -160,7 +160,7 @@ helm install ldap ldap-stack/ldap-stack \

```bash
# phpLDAPadmin
kubectl port-forward svc/<release>-phpldapadmin 8080:80
kubectl port-forward svc/<release>-phpldapadmin 8080:8080

# Keycloak
kubectl port-forward svc/<release>-keycloak 8081:8080
Expand Down
10 changes: 6 additions & 4 deletions templates/phpldapadmin-deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,13 +25,15 @@ spec:
imagePullPolicy: {{ .Values.phpldapadmin.image.pullPolicy }}
ports:
- name: http
containerPort: 80
containerPort: 8080
protocol: TCP
env:
- name: PHPLDAPADMIN_LDAP_HOSTS
- name: LDAP_HOST
value: {{ include "ldap-stack.openldap.fullname" . }}
- name: PHPLDAPADMIN_HTTPS
value: "false"
- name: LDAP_PORT
value: "389"
- name: APP_KEY
value: "base64:{{ randAlphaNum 32 | b64enc }}"
livenessProbe:
httpGet:
path: /
Expand Down
6 changes: 3 additions & 3 deletions values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ openldap:

image:
repository: startcodex/openldap
tag: "2.0.0"
tag: "2.1.0"
pullPolicy: IfNotPresent

# LDAP Configuration (REQUIRED - no defaults)
Expand Down Expand Up @@ -145,14 +145,14 @@ phpldapadmin:
enabled: true

image:
repository: osixia/phpldapadmin
repository: phpldapadmin/phpldapadmin
tag: "latest"
pullPolicy: IfNotPresent

# Service configuration
service:
type: ClusterIP # ClusterIP, NodePort, LoadBalancer
port: 80
port: 8080
# NodePort settings (only when type: NodePort)
nodePort: "" # e.g., 30080
# LoadBalancer settings (only when type: LoadBalancer)
Expand Down
Loading