package checker import ( "time" sdk "git.happydns.org/checker-sdk-go/checker" ) // Version is reported in CheckerDefinition.Version. Overridden at build time // by main / plugin. var Version = "built-in" func (p *ldapProvider) Definition() *sdk.CheckerDefinition { return &sdk.CheckerDefinition{ ID: "ldap", Name: "LDAP Directory", Version: Version, Availability: sdk.CheckerAvailability{ ApplyToService: true, LimitToServices: []string{"abstract.LDAP"}, }, HasHTMLReport: true, ObservationKeys: []sdk.ObservationKey{ObservationKeyLDAP}, Options: sdk.CheckerOptionsDocumentation{ RunOpts: []sdk.CheckerOptionDocumentation{ { Id: "domain", Type: "string", Label: "Domain", AutoFill: sdk.AutoFillDomainName, Required: true, }, { Id: "timeout", Type: "number", Label: "Per-endpoint timeout (seconds)", Default: 10, }, { Id: "bind_dn", Type: "string", Label: "Bind DN", Placeholder: "cn=reader,dc=example,dc=com", Description: "Optional. When set (with bind_password), the checker performs an authenticated bind over TLS and reports whether the directory accepts the provided credentials.", }, { Id: "bind_password", Type: "string", Label: "Bind password", Secret: true, Description: "Optional. Only used when bind_dn is set. The password is not persisted in the observation payload.", }, { Id: "base_dn", Type: "string", Label: "Base DN (read test)", Placeholder: "dc=example,dc=com", Description: "Optional. When set, the checker runs a baseObject search on this DN after a successful bind to verify the account has read access. Falls back to an anonymous baseObject search when no bind DN is supplied.", }, }, }, Rules: Rules(), Interval: &sdk.CheckIntervalSpec{ Min: 5 * time.Minute, Max: 7 * 24 * time.Hour, Default: 12 * time.Hour, }, } }