Navigation Menu

Skip to content

Instantly share code, notes, and snippets.

@vinyar

vinyar/README.md

Forked from afiune/README.md
Created December 13, 2016 22:28
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save vinyar/f2faf38d29284e2f274722cb26dccacf to your computer and use it in GitHub Desktop.
Save vinyar/f2faf38d29284e2f274722cb26dccacf to your computer and use it in GitHub Desktop.
Download ZIP
Automate LDAP Bulking User Creation
Raw
README.md

LDAP Bulking User Creation Process

This is temporal automation to create multiple LDAP users in Chef Automate.

Prerequisites

The minimum prerequisites to be able to use this automation are:

Create list of users file

The automation will ask you to provide a file with the list of users to create with the following format:

[USERNAME]|[ROLES]
[USERNAME]|[ROLES]

An example of this file at:

https://gist.github.com/afiune/ac5b4b7074ee9191a876d29ae73fe536#file-users-example-list

Run the automation

Once you have all the prerequisites in place, and the list of users to create, open a terminal and go to the directory that you have previously configured the delivery-cli to point to your Chef Automate Server.

Then run:

➜ ./bulk-user-creation.rb
Automate LDAP Bulking User Creation
Insert the user list file: user.list
Creating Users from 'user.list'
  user1: done.
  user2: done.
Raw
bulk-user-creation.rb
#!/opt/chefdk/embedded/bin/ruby
#
# LDAP Bulking User Creation Process
#
# The file format for the list of users must looks like:
# [USERNAME]|[ROLES]
# [USERNAME]|[ROLES]
#
# Where [ROLES] is a comma separated list of roles to
# grant to the user.
#
# Example of this file at:
# => https://gist.github.com/afiune/ac5b4b7074ee9191a876d29ae73fe536#file-users-example-list
puts "Automate LDAP Bulking User Creation\n"
# Verify we have the delivery-cli installed
raise "\nERROR: Unable to find the delivery-cli.\n" \
"Install the latest version of ChefDK from: "\
"https://downloads.chef.io/chef-dk/" unless system("which delivery > /dev/null")
# Verify we can communicate to the Automate Server
# and that there is already a `.delivery/cli.toml`
user_out = %x( delivery api get users )
unless user_out =~ /"_links": {/
raise "\nERROR: Unable to interact with the Automate Server.\n" \
"Please make sure you are located in a directory where " \
"you have already ran the `delivery setup` command." \
end
# Input the list of users to create
print "Insert the user list file: "
list_file = gets.strip
raise "File '#{list_file}' not found" unless File.exist?(list_file)
puts "Creating Users from '#{list_file}'"
File.open(list_file).each do |line|
user_info = line.split('|')
username = user_info[0].strip
roles = user_info[1].strip.split(',').map { |r| '"' + r + '"' }.join(',')
print " #{username}: "
out1 = %x( delivery api post external-users -d '{"name": "#{username}"}' )
if out1 =~ /conflict/
puts "already exists."
else
# Setting Roles to new user
out2 = %x( delivery api post authz/users/#{username} -d '{"grant": [#{roles}]}' )
if out2 =~ /error/
puts "created but unable to grant roles."
else
puts "done."
end
end
end
Raw
users-example.list
user1|admin,committer,reviewer,shipper,observer
user2|committer,reviewer,shipper,observer
user3|admin
user4|admin
user5|observer,shipper
user6|reviewer
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment