Skip to content

FOUR-31920: Add rollback CI spike for LDAP regression#8873

Open
eiresendez wants to merge 1 commit into
developfrom
task/FOUR-31920-rollback-ci
Open

FOUR-31920: Add rollback CI spike for LDAP regression#8873
eiresendez wants to merge 1 commit into
developfrom
task/FOUR-31920-rollback-ci

Conversation

@eiresendez

@eiresendez eiresendez commented Jun 17, 2026

Copy link
Copy Markdown
Contributor

Issue & Reproduction Steps

LDAP synchronization is partially processing results after the recent dependency updates. In the affected build, LDAP sync imports configured groups but does not import departments or existing users as expected.

This PR is a diagnostic rollback spike for FOUR-31920. It is intended to determine whether reverting the Laravel dependency bump introduced by #8851 resolves the LDAP regression reported in FOUR-31832.

To reproduce, deploy this branch with the CI/CD deploy server and run the LDAP synchronization scenario from FOUR-31832:

  1. Configure LDAP in Admin > Login & Auth > LDAP.
  2. Enable LDAP sync with configured groups and departments.
  3. Run or wait for LDAP synchronization.
  4. Verify whether groups, departments, and users are all imported.

Solution

  • Reverted the Laravel framework constraint from ^13.13 back to ^13.0.
  • Regenerated composer.lock to downgrade the dependency set affected by the Laravel bump, including Laravel, Guzzle, and PSR-7.
  • Preserved unrelated later dependency changes, including the phpseclib advisory fix and the Symfony dependency injection package added for the upload fix.
  • Did not change LDAP code, package-auth code, application code, assets, or local path repositories.

How to Test

  • Confirm the PR deploys successfully through the CI/CD deploy server.
  • QA should test LDAP synchronization on the deployed environment and verify:
    • configured LDAP groups are imported;
    • configured LDAP departments are imported;
    • LDAP users are imported and associated as expected.
  • If LDAP works on this branch, the dependency bump from Fix composer security advisory #8851 is the likely regression source.
  • If LDAP still fails, reverting the Laravel dependency bump is not sufficient and investigation should continue in LDAP configuration/cache/queue/package-auth behavior.

Local validation already performed:

  • composer install --dry-run --no-interaction
  • composer validate passed with existing repository warnings

Related Tickets & Packages

ci:deploy

@processmaker-sonarqube

processmaker-sonarqube Bot commented Jun 17, 2026

Copy link
Copy Markdown

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube

@Kookster310

Kookster310 commented Jun 17, 2026

Copy link
Copy Markdown
Contributor

QA server K8S was successfully deployed https://ci-dfe8bc090c.engk8s.processmaker.net

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@eiresendez @Kookster310