pg-ldap-sync 0.5.1 → 0.5.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 62fea7bb7d0ed64a4ccb20bae815fd3f5412fb5d594d5a5aa54c8062da2ec401
-  data.tar.gz: db9d4ff658763c76efc0bcf7d6713b02476d2902df9c2a9ee42de77172bf8b7c
+  metadata.gz: 0d2b110ac0eeff29e7a02739a4756afd30b38436b9c2387da186f0be4b0841d5
+  data.tar.gz: b371cb0096dfa5762d794f49ec955c30e55fee908e0b01861f9806e8c5d85e61
 SHA512:
-  metadata.gz: b56eafdd8955a818d78d65e34916109255b64ff8b0c48d1c6c5ab4d3b6588c0221166dfd5428f36332ea20aede3b22f8fa52122aaaaf3493dd802a56a07c0504
-  data.tar.gz: eb4216d46013a6dd84189ed7ffa913e2cf635bd5ea57a33137f930c5731fe5f8712abe50a0b68a5e55936a427a4a57497630412f99bc53f3ade352acf53b6a13
+  metadata.gz: f0643dba267c51ceef5c3c5efbd3db17c7a63622573b6ae33d39d6fec254b80b160fe80b6f8179f16c581f11d74f3784873aec55914f7d6a765c4269ccc604ec
+  data.tar.gz: 438e1178f11d9b7ff848ec582172f5a21b3a6269ea763370aa31a74b5d5c6ed097ea6ba975d466ab1df54907374ff5f7350ed94ac701b28eeae2db129b187634

data/.github/workflows/ci.yml

@@ -33,7 +33,7 @@ jobs:
             ruby: "head"
             PGVER: "17"
           - os: ubuntu
-            os_ver: "20.04"
+            os_ver: "22.04"
             ruby: "2.3"
             PGVER: "9.3"
           - os: macos
@@ -64,7 +64,7 @@ jobs:
 
           $(new-object net.webclient).DownloadFile("http://get.enterprisedb.com/postgresql/postgresql-$env:PGVERSION-binaries.zip", "postgresql-binaries.zip")
           Unzip "postgresql-binaries.zip" "."
-          echo "$pwd/pgsql/bin"  | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append
+          echo "$env:RI_DEVKIT$env:MINGW_PREFIX/bin;$env:RI_DEVKIT/usr/bin;$pwd/pgsql/bin"  | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append
           echo "PGUSER=$env:USERNAME"  | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
           echo "PGPASSWORD="  | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
           md temp

data/.standard.yml

@@ -0,0 +1 @@
+ruby_version: 2.3

data/CHANGELOG.md

@@ -1,3 +1,11 @@
+## 0.5.2 / 2025-09-01
+
+* Replace `kwalify` by `json-schema` to remove hundreds of warnings about keyword arguments in modern Ruby. #51
+* Allow ERb syntax in config file. #52
+  This can be used to insert password from environment variable like so: `password: <%= ENV["PASSWORD"] %>`
+* Update documentation.
+
+
 ## 0.5.1 / 2025-03-22
 
 * Add dependent gems for compat with ruby-3.5

data/README.md

@@ -1,8 +1,8 @@
 [![Build Status](https://app.travis-ci.com/larskanis/pg-ldap-sync.svg?branch=master)](https://app.travis-ci.com/larskanis/pg-ldap-sync) [![Build status](https://ci.appveyor.com/api/projects/status/09xn9q5p64jbxtka/branch/master?svg=true)](https://ci.appveyor.com/project/larskanis/pg-ldap-sync/branch/master)
 
-# Use LDAP permissions in PostgreSQL
+# Sync users and groups from LDAP to PostgreSQL
 
-* http://github.com/larskanis/pg-ldap-sync
+* https://github.com/larskanis/pg-ldap-sync
 
 ## DESCRIPTION:
 
@@ -27,7 +27,7 @@ It is meant to be started as a cron job.
 * Set scope of considered users/groups on LDAP and PG side
 * Test mode which doesn't do any changes to the DBMS
 * Both LDAP and PG connections can be secured by SSL/TLS
-* NTLM and Kerberos authentication to LDAP server
+* Password, NTLM and Kerberos authentication to LDAP server
 
 ## REQUIREMENTS:
 
@@ -37,23 +37,31 @@ It is meant to be started as a cron job.
 
 ## INSTALL:
 
+pg-ldap-sync is included in Ubuntu-22.04 and Debian-11 and newer.
+It can be installed by
+
+```sh
+sudo apt install ruby-pg-ldap-sync
+```
+
+### Install from source
+
 Install Ruby:
 
-* on Windows: http://rubyinstaller.org
-* on Debian/Ubuntu: `apt-get install ruby libpq-dev`
+* on Windows: https://rubyinstaller.org
+* on Debian/Ubuntu: `apt-get install ruby`
 
 Install pg-ldap-sync and required dependencies:
 ```sh
-  gem install pg-ldap-sync
+gem install pg-ldap-sync
 ```
 
 ### Install from Git:
 ```sh
-  git clone https://github.com/larskanis/pg-ldap-sync.git
-  cd pg-ldap-sync
-  gem install bundler
-  bundle install
-  bundle exec rake install
+git clone https://github.com/larskanis/pg-ldap-sync.git
+cd pg-ldap-sync
+bundle install
+bundle exec rake install
 ```
 
 ## USAGE:
@@ -65,11 +73,11 @@ or even better
 
 Run in test-mode:
 ```sh
-  pg_ldap_sync -c my_config.yaml -vv -t
+pg_ldap_sync -c my_config.yaml -vv -t
 ```
 Run in modify-mode:
 ```sh
-  pg_ldap_sync -c my_config.yaml -vv
+pg_ldap_sync -c my_config.yaml -vv
 ```
 
 It is recommended to avoid granting permissions to synchronized users on the PostgreSQL server, but to grant permissions to groups instead.
@@ -80,9 +88,9 @@ This is because `DROP USER` statements invoked when a user leaves otherwise fail
 ## TEST:
 There is a small test suite in the `test` directory that runs against an internal LDAP server and a PostgreSQL server. Ensure `pg_ctl`, `initdb` and `psql` commands are in the `PATH` like so:
 ```sh
-  cd pg-ldap-sync
-  bundle install
-  PATH=$PATH:/usr/lib/postgresql/10/bin/ bundle exec rake test
+cd pg-ldap-sync
+bundle install
+PATH=$PATH:/usr/lib/postgresql/10/bin/ bundle exec rake test
 ```
 
 ## ISSUES:

data/Rakefile

@@ -10,4 +10,4 @@ Rake::TestTask.new(:test) do |t|
   t.test_files = FileList["test/**/test_*.rb"]
 end
 
-task :gem => :build
+task gem: :build

data/config/sample-config.yaml

@@ -3,7 +3,7 @@
 # is considered as LDAP-synchronized.
 
 # Connection parameters to LDAP server
-# see also: http://net-ldap.rubyforge.org/Net/LDAP.html#method-c-new
+# see also: https://www.rubydoc.info/gems/net-ldap/Net%2FLDAP:initialize
 ldap_connection:
   host: ldapserver
   port: 389
@@ -44,7 +44,7 @@ ldap_groups:
   member_attribute: member
 
 # Connection parameters to PostgreSQL server
-# see also: http://rubydoc.info/gems/pg/PG/Connection#initialize-instance_method
+# see also: https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-PARAMKEYWORDS
 pg_connection:
   host:
   dbname: postgres

data/config/sample-config2.yaml

@@ -9,7 +9,7 @@
 #
 
 # Connection parameters to LDAP server
-# see also: http://net-ldap.rubyforge.org/Net/LDAP.html#method-c-new
+# see also: https://www.rubydoc.info/gems/net-ldap/Net%2FLDAP:initialize
 ldap_connection:
   host: ldapserver
   port: 636
@@ -45,7 +45,7 @@ ldap_groups:
   member_attribute: member
 
 # Connection parameters to PostgreSQL server
-# see also: http://rubydoc.info/gems/pg/PG/Connection#initialize-instance_method
+# see also: https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-PARAMKEYWORDS
 pg_connection:
   host:
   dbname: postgres

data/config/schema.yaml

@@ -1,74 +1,78 @@
-type:       map
-mapping:
-  "ldap_connection":
-    type:      any
-    required:  yes
+"$schema": "http://json-schema.org/draft-04/schema#"
+"id": "https://github.com/larskanis/pg-ldap-sync/blob/-/config/schema.yaml"
+title: pg-ldap-sync config file
+type: object
+required:
+  - ldap_connection
+  - ldap_users
+  - ldap_groups
+  - pg_connection
+  - pg_users
+  - pg_groups
+properties:
+  ldap_connection:
+    type: object
 
-  "ldap_users":
-    type: map
-    required: yes
-    mapping:
-      "base":
-        type: str
-        required:  yes
-      "filter":
-        type: str
-        required:  yes
-      "name_attribute":
-        type: str
-        required:  yes
-      "lowercase_name":
-        type: bool
-        required:  no
-      "bothcase_name":
-        type: bool
-        required:  no
+  ldap_users:
+    type: object
+    required:
+      - base
+      - filter
+      - name_attribute
+    properties:
+      base:
+        type: string
+      filter:
+        type: string
+      name_attribute:
+        type: string
+      lowercase_name:
+        type: boolean
+      bothcase_name:
+        type: boolean
 
-  "ldap_groups":
-    type: map
-    required: yes
-    mapping:
-      "base":
-        type: str
-        required:  yes
-      "filter":
-        type: str
-        required:  yes
-      "name_attribute":
-        type: str
-        required:  yes
-      "lowercase_name":
-        type: bool
-        required:  no
-      "bothcase_name":
-        type: bool
-        required:  no
-      "member_attribute":
-        type: str
-        required:  yes
+  ldap_groups:
+    type: object
+    required:
+      - base
+      - filter
+      - name_attribute
+      - member_attribute
+    properties:
+      base:
+        type: string
+      filter:
+        type: string
+      name_attribute:
+        type: string
+      lowercase_name:
+        type: boolean
+      bothcase_name:
+        type: boolean
+      member_attribute:
+        type: string
 
-  "pg_connection":
-    type:      any
-    required:  yes
+  pg_connection:
+    type: object
 
-  "pg_users":
-    type: map
-    required: yes
-    mapping:
-      "filter":
-        type: str
-        required:  yes
-      "create_options":
-        type: str
+  pg_users:
+    type: object
+    required:
+      - filter
+    properties:
+      filter:
+        type: string
+      create_options:
+        type: ["string", "null"]
 
-  "pg_groups":
-    type: map
-    required: yes
-    mapping:
-      "filter":
-        type: str
-        required:  yes
-      "create_options":
-        type: str
-      "grant_options":
-        type: str
+  pg_groups:
+    type: object
+    required:
+      - filter
+    properties:
+      filter:
+        type: string
+      create_options:
+        type: ["string", "null"]
+      grant_options:
+        type: ["string", "null"]

data/exe/pg_ldap_sync

@@ -1,6 +1,6 @@
 #!/usr/bin/env ruby
 
-require 'pg_ldap_sync'
+require "pg_ldap_sync"
 
 begin
   PgLdapSync::Application.run(ARGV)