Gratan is a tool to manage MySQL permissions.
It defines the state of MySQL permissions using Ruby DSL, and updates permissions according to DSL.
>= 0.3.0- Support template
>= 0.3.1- Fix
<secret>password
- Fix
Add this line to your application's Gemfile:
gem 'gratan'And then execute:
$ bundle
Or install it yourself as:
$ gem install gratan
gratan -e -o Grantfile
vi Grantfile
gratan -a --dry-run
gratan -aUsage: gratan [options]
--host HOST
--port PORT
--socket SOCKET
--username USERNAME
--password PASSWORD
--database DATABASE
-a, --apply
-f, --file FILE
--dry-run
-e, --export
--with-identifier
--split
--chunk-by-user
-o, --output FILE
--ignore-user REGEXP
--target-user REGEXP
--ignore-object REGEXP
--enable-expired
--ignore-not-exist
--ignore-password-secret
--skip-disable-log-bin
--override-sql-mode
--use-show-create-user
--no-color
--debug
--auto-identify OUTPUT
--csv-identify CSV
--mysql2-options JSON
-h, --helpA default connection to a database can be established by setting the following environment variables:
GRATAN_DB_HOST: database hostGRATAN_DB_PORT: database portGRATAN_DB_SOCKET: database socketGRATAN_DB_DATABASE: database database nameGRATAN_DB_USERNAME: database userGRATAN_DB_PASSWORD: database password
require 'other/grantfile'
user "scott", "%" do
on "*.*" do
grant "USAGE"
end
on "test.*", expired: '2014/10/08', identified: "PASSWORD '*ABCDEF'" do
grant "SELECT"
grant "INSERT"
end
on /^foo\.prefix_/ do
grant "SELECT"
grant "INSERT"
end
end
user "scott", ["localhost", "192.168.%"], expired: '2014/10/10' do
on "*.*", with: 'GRANT OPTION' do
grant "ALL PRIVILEGES"
end
endtemplate 'all db template' do
on '*.*' do
grant 'SELECT'
end
end
template 'test db template' do
grant context.default
context.extra.each do |priv|
grant priv
end
end
user 'scott', 'localhost', identified: 'tiger' do
include_template 'all db template'
on 'test.*' do
context.default = 'SELECT'
include_template 'test db template', extra: ['INSERT', 'UPDATE']
end
endbundle install
docker-compose up -d
bundle exec rake
# MYSQL57=1 bundle exec rake