mysqlman 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: f1ffe62bdd3498e4363295323ead2cfa3de380ae
+  data.tar.gz: 4a661762abc2a84051d75e1a63bcc9cbd0dbca1f
+SHA512:
+  metadata.gz: 6eef9e1a8a3c873d1d1762d403792c4da4cd422be35574ea16c800ebd2280f94effebb9ab1abc4724fe579cc4e851c5283973a0c0b0d104aaad0b713541ad7b0
+  data.tar.gz: d32c5d397b2e5ddf293e04606ba024e3b18f74c1f3683fc81f3595c018d9e01c2a46a73e628079489cbef53d859cb54dd01643fba0ae1a46e4bb035f48166a0a

data/.circleci/config.yml

@@ -0,0 +1,36 @@
+version: 2
+jobs:
+  build:
+    parallelism: 1
+    working_directory: ~/mysqlman
+
+    docker:
+      - image: circleci/ruby:2.4.1
+      - image: circleci/mysql:5.7
+        environment:
+          - MYSQL_ALLOW_EMPTY_PASSWORD=true
+          - MYSQL_DATABASE=test
+          - MYSQL_USER=root
+          - MYSQL_ROOT_HOST=%
+
+    steps:
+      - checkout
+      - run:
+          name: deps
+          command: |
+            sudo apt-get update --fix-missing
+            sudo apt-get install -y --force-yes --no-install-recommends mysql-client
+      - run:
+          name: Wait for db
+          command: dockerize -wait tcp://localhost:3306 -timeout 1m
+
+
+      # Bundle install dependencies
+      - run: bundle install --jobs=4 --retry=3 --path=vendor/bundle
+
+      - run:
+          name: Run RSpec
+          command: cd spec/dummy && bundle exec rspec ../* --format documentation --require ../spec_helper.rb
+      - run:
+          name: Run rubocop
+          command: bundle exec rubocop ./lib/**/*

data/.gitignore

@@ -0,0 +1,12 @@
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+/bin/console
+/bin/setup
+# rspec failure tracking
+.rspec_status

data/.rspec

@@ -0,0 +1,3 @@
+--format documentation
+--color
+--require spec_helper

data/.rubocop.yml

@@ -0,0 +1,2 @@
+Style/Documentation:
+  Enabled: false

data/Gemfile

@@ -0,0 +1,9 @@
+source 'https://rubygems.org'
+
+git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
+
+# Specify your gem's dependencies in mysqlman.gemspec
+gemspec
+gem 'pry'
+gem 'rspec'
+gem 'rubocop'

data/Gemfile.lock

@@ -0,0 +1,61 @@
+PATH
+  remote: .
+  specs:
+    mysqlman (0.1.0)
+      mysql2
+      thor
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    ast (2.4.0)
+    coderay (1.1.2)
+    diff-lcs (1.3)
+    method_source (0.9.0)
+    mysql2 (0.4.10)
+    parallel (1.12.1)
+    parser (2.5.0.4)
+      ast (~> 2.4.0)
+    powerpack (0.1.1)
+    pry (0.11.3)
+      coderay (~> 1.1.0)
+      method_source (~> 0.9.0)
+    rainbow (3.0.0)
+    rake (10.5.0)
+    rspec (3.7.0)
+      rspec-core (~> 3.7.0)
+      rspec-expectations (~> 3.7.0)
+      rspec-mocks (~> 3.7.0)
+    rspec-core (3.7.1)
+      rspec-support (~> 3.7.0)
+    rspec-expectations (3.7.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.7.0)
+    rspec-mocks (3.7.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.7.0)
+    rspec-support (3.7.0)
+    rubocop (0.53.0)
+      parallel (~> 1.10)
+      parser (>= 2.5)
+      powerpack (~> 0.1)
+      rainbow (>= 2.2.2, < 4.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (~> 1.0, >= 1.0.1)
+    ruby-progressbar (1.9.0)
+    thor (0.20.0)
+    unicode-display_width (1.3.0)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler (~> 1.16.a)
+  mysqlman!
+  pry
+  rake (~> 10.0)
+  rspec
+  rubocop
+
+BUNDLED WITH
+   1.16.0

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2018 onunu
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,157 @@
+# Mysqlman
+Mysqlman is a tool manage users for MySQL.
+You can start management with writing some yaml files and executing some commands.
+And mysqlman provide feature to manage privileges(global, schema, table, but column)
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'mysqlman'
+```
+
+And then execute:
+
+```
+$ bundle
+```
+
+Or install it yourself as:
+
+```
+$ gem install mysqlman
+```
+
+## Usage
+### 1. Setup
+Firstly, please create file for connecting MySQL.
+Please set the file in executing dir `config/manager.yml`
+
+```yml
+---
+host: 127.0.0.1
+username: root
+password: passw0rd
+```
+
+#### Caution
+The manager needs some privileges.
+The read privileges to manage other users are following.
+
+|schema|table|columns|
+|:-----|:----|:------|
+|mysql | user|User, Host|
+|information_schema|USER_PRIVILEGES|PRIVILEGE_TYPE, IS_GRANTABLE|
+|information_schema|SCHEMA_PRIVILEGES|TABLE_SCHEMA, PRIVILEGE_TYPE, IS_GRANTABLE|
+|information_schema|TABLE_PRIVILEGES|TABLE_SCHEMA, TABLE_NAME, PRIVILEGE_TYPE, IS_GRANTABLE|
+
+And ofcourse, the manager needs privileges that you want to manage with grant option.
+
+### 2. Initialize
+Second, initialize the config.
+In initializing, mysqlman do followings.
+
+- Create each directories(roles.d, users.d, excludes.d)
+- Create exclude users config
+
+Execute:
+
+```
+$ mysqlman init
+```
+
+Exclude users (=Unmanaged users) are that users are already exist in MySQL.
+Exclude users are written in `excludes.d/default.yml` by default.
+If you want to add unmanaged user, or to manage user written in excludes config, please edit the file by yourself.
+
+### 3. Write config
+Write user, role settings.
+please confirm how to write them.
+
+#### 3-1 Role
+Role is config of database privileges.
+All users are belong to one of roles.
+
+In `roles.d/engineer.yml` as example:
+
+```yml
+---
+engineer: # require: as a role name
+  global: # optional: global privileges
+    - select
+  schema: # optional: schema privileges
+    example_schema1: # requrie: schema name
+      - update
+      - insert
+    example_schema2:
+      - update
+  table: # optional: table privileges
+    example_schema1: # require: schema name
+      example_table: # require: table name
+        - delete:
+```
+
+You can write privilege type in format of followings.
+
+- OK:
+  - CREATE USER
+  - create user
+  - CREATE_USER
+  - create_user
+- NG:
+  - CREATEUSER
+  - createuser
+
+##### Special privileges
+###### ALL
+`ALL` type privileges alias of some some privileges of the target level.
+Please confirm following.
+
+(WIP)
+[All privileges](https://github.com/onunu/mysqlman/blob/master/lib/mysqlman/all_privileges.yml)
+
+###### GRANT OPTION
+`GRANT OPTION` is not included in `ALL` privileges.
+If you want add the privileges, please set bot of them.
+
+#### 3-2 User
+User is config of information to connect Mysql.
+All users are belong one of roles.
+
+In `users.d/engineers.yml`:
+
+```yml
+---
+engineer: # require: the role name
+  - onunu: # require: user name
+  - application_user:
+    host: 10.0.0.1 # optional: connectable host(default '%')
+```
+
+### 4. Apply settings
+After writing settings, please apply them.
+
+#### dry-run
+You can confirm changes witout appling settings.
+
+```
+$ mysqlman dryrun
+```
+
+#### apply
+If the changes are same as your plan, please execute apply command.
+
+```
+$ mysqlman apply
+```
+
+Changes are put in STDOUT.
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/onunu/mysqlman.
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,6 @@
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new(:spec)
+
+task default: :spec

data/bin/mysqlman

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require 'mysqlman'
+
+Mysqlman::CLI.start

data/lib/mysqlman/all_privileges.yml

@@ -0,0 +1,33 @@
+---
+table: &table
+  ALTER:
+  CREATE VIEW:
+  CREATE:
+  DELETE:
+  DROP:
+  INDEX:
+  INSERT:
+  SELECT:
+  SHOW VIEW:
+  TRIGGER:
+  UPDATE:
+
+schema: &schema
+  <<: *table
+  CREATE:
+  DROP:
+  EVENT:
+  LOCK TABLES:
+
+global:
+  <<: *schema
+  CREATE TABLESPACE:
+  CREATE USER:
+  FILE:
+  PROCESS:
+  RELOAD:
+  REPLICATION CLIENT:
+  REPLICATION SLAVE:
+  SHOW DATABASES:
+  SHUTDOWN:
+  SUPER:

data/lib/mysqlman/cli.rb

@@ -0,0 +1,25 @@
+require 'thor'
+
+module Mysqlman
+  class CLI < Thor
+    desc 'init', 'initialize settings'
+    long_desc <<-LONGDESC
+      Require: `config/manager.yml` : to connect MySQL.
+      Create: `excludes.d/default.yml`, `roles.d/`,  `users.d/`
+      When you want see how to write or roles some files, please confirm README on Github.
+    LONGDESC
+    def init
+      Initializer.new.init
+    end
+
+    desc 'apply', 'apply settings'
+    def apply
+      Processor.new.apply
+    end
+
+    desc 'dryrun', 'confirm settings, with dry-run'
+    def dryrun
+      Processor.new.apply(true)
+    end
+  end
+end

data/lib/mysqlman/connection.rb

@@ -0,0 +1,22 @@
+require 'mysql2'
+require 'yaml'
+require 'singleton'
+require 'logger'
+
+module Mysqlman
+  class Connection
+    include Singleton
+
+    attr_accessor :conn
+
+    def initialize
+      config = YAML.load_file(MANAGER_CONFIG).map { |k, v| [k.to_sym, v] }.to_h
+      config.merge(database: 'mysql')
+      @conn = Mysql2::Client.new(config)
+    end
+
+    def query(query_string)
+      @conn.query(query_string)
+    end
+  end
+end

data/lib/mysqlman/initializer.rb

@@ -0,0 +1,41 @@
+require 'logger'
+
+module Mysqlman
+  class Initializer
+    def initialize
+      @conn = Connection.instance
+      @logger = Logger.new(STDOUT)
+    end
+
+    # rubocop:disable LineLength
+    def init
+      File.exist?(EXCLUDE_FILE) ? @logger.info('skip: creation excludes.d') : create_exclude_config
+      Dir.exist?(ROLE_DIR) ? @logger.info('skip: creation roles.d') : create_roles_dir
+      Dir.exist?(USER_DIR) ? @logger.info('skip: creation users.d') : create_users_dir
+    end
+    # rubocop:enable LineLength
+
+    private
+
+    def create_exclude_config
+      unless Dir.exist?(EXCLUDE_DIR)
+        Dir.mkdir(EXCLUDE_DIR)
+        @logger.info("created: #{EXCLUDE_DIR}")
+      end
+      File.open(EXCLUDE_FILE, 'w') do |file|
+        file.puts(User.all.map(&:name_with_host).to_yaml)
+      end
+      @logger.info("created: #{EXCLUDE_FILE}")
+    end
+
+    def create_roles_dir
+      Dir.mkdir(ROLE_DIR)
+      @logger.info("created: #{ROLE_DIR}")
+    end
+
+    def create_users_dir
+      Dir.mkdir(USER_DIR)
+      @logger.info("created: #{USER_DIR}")
+    end
+  end
+end

data/lib/mysqlman/privs.rb

@@ -0,0 +1,95 @@
+require 'logger'
+require 'mysqlman/privs_util'
+require 'mysqlman/privs_grant'
+
+module Mysqlman
+  class Privs
+    extend PrivsUtil
+    include PrivsGrant
+
+    def initialize(user)
+      @user = user
+      @conn = Connection.instance
+      @logger = Logger.new(STDOUT)
+    end
+
+    def fetch
+      reload_privs
+    end
+
+    private
+
+    def reload_privs
+      [global_privs, schema_privs, table_privs].compact.flatten
+    end
+
+    def global_privs
+      privs = fetch_privs(
+        'information_schema.USER_PRIVILEGES',
+        %w[PRIVILEGE_TYPE IS_GRANTABLE]
+      )
+      format_privs(add_grantable(privs))
+    end
+
+    def schema_privs
+      privs = fetch_privs(
+        'information_schema.SCHEMA_PRIVILEGES',
+        %w[TABLE_SCHEMA PRIVILEGE_TYPE IS_GRANTABLE]
+      )
+      format_privs(add_grantable(privs))
+    end
+
+    def table_privs
+      privs = fetch_privs(
+        'information_schema.TABLE_PRIVILEGES',
+        %w[TABLE_NAME TABLE_SCHEMA PRIVILEGE_TYPE IS_GRANTABLE]
+      )
+      format_privs(add_grantable(privs))
+    end
+
+    def fetch_privs(table, columns)
+      @conn.query(fetch_query(table, columns)).map do |row|
+        {
+          schema: row['TABLE_SCHEMA'],
+          table: row['TABLE_NAME'],
+          type: row['PRIVILEGE_TYPE'],
+          grant: row['IS_GRANTABLE'] == 'YES'
+        }
+      end
+    end
+
+    def fetch_query(table, columns)
+      <<-SQL
+        SELECT #{columns.join(',')}
+        FROM #{table}
+        WHERE
+          GRANTEE = '\\\'#{@user.user}\\\'@\\\'#{@user.host}\\\''
+      SQL
+    end
+
+    def add_grantable(privs)
+      privs.uniq { |priv| [priv[:schema], priv[:table]] }.each do |names|
+        is_grant = grantable_collection?(privs, names)
+        next unless is_grant
+        privs.push(
+          schema: names[:schema], table: names[:table], type: 'GRANT OPTION'
+        )
+      end
+      privs
+    end
+
+    def grantable_collection?(privs, names)
+      collection = privs.select do |priv|
+        priv[:schema] == names[:schema] && priv[:table] == names[:table]
+      end
+      collection.all? { |priv| priv[:grant] }
+    end
+
+    def format_privs(privs)
+      privs.reject { |p| p[:type] == 'USAGE' }.map do |priv|
+        priv.delete(:grant)
+        priv
+      end
+    end
+  end
+end

data/lib/mysqlman/privs_grant.rb

@@ -0,0 +1,25 @@
+module Mysqlman
+  module PrivsGrant
+    def revoke(priv, debug = false)
+      query = "REVOKE #{priv[:type]} ON #{target_lebel(priv)} FROM #{user_info}"
+      @conn.query(query) unless debug
+      @logger.info(query)
+    end
+
+    def grant(priv, debug = false)
+      query = "GRANT #{priv[:type]} ON #{target_lebel(priv)} TO #{user_info}"
+      @conn.query(query) unless debug
+      @logger.info(query)
+    end
+
+    private
+
+    def user_info
+      "'#{@user.user}'@'#{@user.host}'"
+    end
+
+    def target_lebel(priv)
+      "#{priv[:schema] || '*'}.#{priv[:table] || '*'}"
+    end
+  end
+end

data/lib/mysqlman/privs_util.rb

@@ -0,0 +1,36 @@
+require 'yaml'
+
+module Mysqlman
+  module PrivsUtil
+    def all(schema, table, grantable)
+      privs = all_privs(schema, table, lebel(schema, table))
+      grantable ? privs.push(grant_option(schema, table)) : privs
+    end
+
+    private
+
+    def all_privs(schema, table, key)
+      load_privs(key).map do |priv|
+        { schema: schema, table: table, type: priv }
+      end
+    end
+
+    def lebel(schema, table)
+      if schema && table
+        'table'
+      elsif schema
+        'schema'
+      else
+        'global'
+      end
+    end
+
+    def load_privs(key)
+      YAML.load_file(File.join(__dir__, 'all_privileges.yml'))[key].keys
+    end
+
+    def grant_option(schema = nil, table = nil)
+      { schema: schema, table: table, type: 'GRANT OPTION' }
+    end
+  end
+end

data/lib/mysqlman/processor.rb

@@ -0,0 +1,77 @@
+module Mysqlman
+  class Processor
+    def initialize
+      @current_users = current_users
+      @managed_users = managed_users
+    end
+
+    def apply(debug = false)
+      delete_unknown_user(debug)
+      create_shortage_user(debug)
+      revoke_extra_privileges(debug)
+      grant_shortage_privileges(debug)
+    end
+
+    private
+
+    def current_users
+      User.all.map do |user|
+        exclude_users.include?(user: user.user, host: user.host) ? nil : user
+      end.compact
+    end
+
+    def exclude_users
+      @exclude_users ||= Dir.glob("#{EXCLUDE_DIR}/*.yml").map do |file|
+        YAML.load_file(file).map do |u|
+          { user: u['user'], host: u['host'] || '%' }
+        end
+      end.flatten
+    end
+
+    # rubocop:disable Metrics/MethodLength
+    def managed_users
+      Dir.glob("#{USER_DIR}/*.yml").map do |file|
+        YAML.load_file(file).map do |role, users|
+          users.map do |user|
+            User.new(
+              role: role,
+              user: user.keys.first,
+              host: user['host'] || HOST_ALL
+            )
+          end
+        end
+      end.flatten
+    end
+    # rubocop:enable Metrics/MethodLength
+
+    def delete_unknown_user(_debug)
+      @current_users.each do |cu|
+        cu.drop unless @managed_users.any? do |mu|
+          cu.user == mu.user && cu.host == mu.host
+        end
+      end
+    end
+
+    def create_shortage_user(_debug)
+      @managed_users.each do |user|
+        user.create unless user.exists?
+      end
+    end
+
+    def revoke_extra_privileges(debug)
+      @managed_users.each do |user|
+        (user.privs.fetch - user.role.privs).each do |priv|
+          user.privs.revoke(priv, debug)
+        end
+      end
+    end
+
+    def grant_shortage_privileges(debug)
+      @managed_users.each do |user|
+        (user.role.privs - user.privs.fetch).each do |priv|
+          user.privs.grant(priv, debug)
+        end
+      end
+    end
+  end
+end

data/lib/mysqlman/role.rb

@@ -0,0 +1,74 @@
+require 'yaml'
+
+module Mysqlman
+  class Role
+    class << self
+      def all
+        files = Dir.glob("#{ROLE_DIR}/*.yml")
+        files.map do |file|
+          YAML.load_file(file).map do |name, config|
+            new(name, config)
+          end
+        end.flatten
+      end
+
+      def find(name)
+        roles = all
+        roles.select { |role| role.name == name }.first
+      end
+    end
+
+    attr_reader :name
+
+    def initialize(name, config)
+      @name = name
+      @config = config
+    end
+
+    def privs
+      [global_privs, schema_privs, table_privs].compact.flatten
+    end
+
+    def global_privs
+      return if @config['global'].nil?
+      parse_privs(@config['global'])
+    end
+
+    def schema_privs
+      return if @config['schema'].nil?
+      @config['schema'].map do |schema_name, privs|
+        parse_privs(privs, schema_name)
+      end
+    end
+
+    def table_privs
+      return if @config['table'].nil?
+      @config['table'].map do |schema_name, table_config|
+        table_config.map do |table_name, privs|
+          parse_privs(privs, schema_name, table_name)
+        end
+      end
+    end
+
+    def parse_privs(privs, schema = nil, table = nil)
+      return Privs.all(schema, table, grantable?(privs)) if all_priv?(privs)
+      privs.map do |priv|
+        {
+          schema: schema,
+          table: table,
+          type: priv.upcase.tr('_', ' ')
+        }
+      end
+    end
+
+    def grantable?(privs)
+      privs.map(&:upcase).any? do |priv|
+        priv.tr('_', ' ') == 'GRANT OPTION'
+      end
+    end
+
+    def all_priv?(privs)
+      privs.map(&:upcase).include?('ALL')
+    end
+  end
+end

data/lib/mysqlman/user.rb

@@ -0,0 +1,69 @@
+require 'securerandom'
+require 'logger'
+
+module Mysqlman
+  class User
+    PASSWORD_LENGTH = 8
+    class << self
+      def all
+        conn = Connection.instance
+        conn.query('SELECT Host, User FROM mysql.user').map do |row|
+          new(host: row['Host'], user: row['User'])
+        end
+      end
+
+      def find(user, host = HOST_ALL)
+        conn = Connection.instance
+        user = conn.query(<<-QUERY
+          SELECT Host, User
+          FROM mysql.user
+          WHERE Host = '#{host}' AND User = '#{user}'
+        QUERY
+                         ).first
+        new(host: user['Host'], user: user['User']) unless user.nil?
+      end
+    end
+
+    attr_reader :user, :host, :role, :privs
+
+    def initialize(user:, host: HOST_ALL, role: nil)
+      @host = host
+      @user = user
+      @role = Role.find(role) unless role.nil?
+      @privs = Privs.new(self)
+      @conn = Connection.instance
+    end
+
+    def name_with_host
+      { 'user' => @user, 'host' => @host }
+    end
+
+    def exists?
+      user = @conn.query(<<-QUERY
+        SELECT Host, User
+        FROM mysql.user
+        WHERE Host = '#{@host}' AND User = '#{@user}'
+      QUERY
+                        ).first
+      !user.nil?
+    end
+
+    def create(debug = false)
+      password = debug ? '******' : SecureRandom.urlsafe_base64(PASSWORD_LENGTH)
+      @conn.query(create_user_query(password)) unless debug
+      Logger.new(STDOUT).info(
+        "Create user: '#{@user}'@'#{@host}', password is '#{password}'"
+      )
+      self
+    end
+
+    def create_user_query(password)
+      "CREATE USER '#{@user}'@'#{@host}' IDENTIFIED BY '#{password}'"
+    end
+
+    def drop(debug = false)
+      @conn.query("DROP USER '#{@user}'@'#{@host}'") unless debug
+      Logger.new(STDOUT).info("Delete user: '#{@user}'@'#{@host}'")
+    end
+  end
+end

data/lib/mysqlman/version.rb

@@ -0,0 +1,3 @@
+module Mysqlman
+  VERSION = '0.1.0'.freeze
+end

data/lib/mysqlman.rb

@@ -0,0 +1,21 @@
+require 'mysqlman/version'
+require 'mysqlman/user'
+require 'mysqlman/role'
+require 'mysqlman/initializer'
+require 'mysqlman/processor'
+require 'mysqlman/privs'
+require 'mysqlman/connection'
+require 'mysqlman/cli'
+
+module Mysqlman
+  EXE_DIR = Dir.pwd
+  EXCLUDE_DIR = File.join(EXE_DIR, 'excludes.d')
+  EXCLUDE_FILE = File.join(EXCLUDE_DIR, 'default.yml')
+
+  ROLE_DIR = File.join(EXE_DIR, 'roles.d')
+  USER_DIR = File.join(EXE_DIR, 'users.d')
+
+  MANAGER_CONFIG = File.join(EXE_DIR, 'config', 'manager.yml')
+
+  HOST_ALL = '%'.freeze
+end

data/mysqlman.gemspec

@@ -0,0 +1,29 @@
+lib = File.expand_path('lib', __dir__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'mysqlman/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'mysqlman'
+  spec.version       = Mysqlman::VERSION
+  spec.authors       = ['onunu']
+  spec.email         = ['riku.onuma@livesense.co.jp', 'onunu@zeals.co.jp']
+
+  spec.summary       = 'Management your mysql users.'
+  spec.description   = 'Management your mysql users. You can do that by simple settings written by yaml'
+  spec.homepage      = 'https://github.com/onunu/mysqlman'
+  spec.license       = 'MIT'
+
+  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
+    f.match(%r{^(test|spec|features)/})
+  end
+  spec.bindir        = 'exe'
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ['lib']
+
+  spec.add_dependency 'mysql2'
+  spec.add_dependency 'thor'
+
+  spec.add_development_dependency 'bundler', '~> 1.16.a'
+  spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'rspec', '~> 3.0'
+end

metadata

@@ -0,0 +1,139 @@
+--- !ruby/object:Gem::Specification
+name: mysqlman
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- onunu
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2018-03-22 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: mysql2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: thor
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.16.a
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.16.a
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+description: Management your mysql users. You can do that by simple settings written
+  by yaml
+email:
+- riku.onuma@livesense.co.jp
+- onunu@zeals.co.jp
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".circleci/config.yml"
+- ".gitignore"
+- ".rspec"
+- ".rubocop.yml"
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/mysqlman
+- lib/mysqlman.rb
+- lib/mysqlman/all_privileges.yml
+- lib/mysqlman/cli.rb
+- lib/mysqlman/connection.rb
+- lib/mysqlman/initializer.rb
+- lib/mysqlman/privs.rb
+- lib/mysqlman/privs_grant.rb
+- lib/mysqlman/privs_util.rb
+- lib/mysqlman/processor.rb
+- lib/mysqlman/role.rb
+- lib/mysqlman/user.rb
+- lib/mysqlman/version.rb
+- mysqlman.gemspec
+homepage: https://github.com/onunu/mysqlman
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.11
+signing_key: 
+specification_version: 4
+summary: Management your mysql users.
+test_files: []