diff --git a/Dockerfile b/Dockerfile index d9ce3bd..cae3f1a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,16 +1,19 @@ FROM golang:1.13-alpine3.10 AS build-env +#Build deps +RUN apk --no-cache add build-base git + #Setup COPY . /src/gitea-group-sync WORKDIR /src/gitea-group-sync -#Build deps -RUN apk --no-cache add build-base git - RUN go get gopkg.in/ldap.v3 && go get gopkg.in/robfig/cron.v3 && go build +# Final FROM alpine:3.10 COPY --from=build-env /src/gitea-group-sync/gitea-group-sync /app/gitea-group-sync/gitea-group-sync + RUN ln -s /app/gitea-group-sync/gitea-group-sync /usr/local/bin/gitea-group-sync + ENTRYPOINT ["/usr/local/bin/gitea-group-sync"] diff --git a/docker-compose.yml b/docker-compose.yml index 3184b8f..e3f6082 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,7 +3,7 @@ services: group-sync: container_name: gitea-group-sync build: . - image: localhost:5000/gitea-group-sync + image: gitea-group-sync:latest environment: GITEA_TOKEN: c00c810bb668c63ce7cd8057411d2f560eac469c GITEA_URL: http://192.168.2.2:3000 @@ -13,4 +13,5 @@ services: BIND_PASSWORD: GoodNewsEveryone LDAP_FILTER: (&(objectClass=person)(memberOf=cn=%s,ou=people,dc=planetexpress,dc=com)) LDAP_USER_SEARCH_BASE: 'ou=people,dc=planetexpress,dc=com' + LDAP_USER_LOGIN_ATTRIBUTE: uid REP_TIME: '@every 1m' diff --git a/gitea-group-sync.go b/gitea-group-sync.go index f2683e7..83bd063 100644 --- a/gitea-group-sync.go +++ b/gitea-group-sync.go @@ -18,8 +18,8 @@ func AddUsersToTeam(apiKeys GiteaKeys, users []Account, team int) bool { for i := 0; i < len(users); i++ { - fullusername := url.PathEscape(fmt.Sprintf("%s", users[i].Full_name)) - apiKeys.Command = "/api/v1/users/search?q=" + fullusername + "&access_token=" + userlogin := url.PathEscape(fmt.Sprintf("%s", users[i].Login)) + apiKeys.Command = "/api/v1/users/search?q=" + userlogin + "&access_token=" foundUsers := RequestSearchResults(apiKeys) for j := 0; j < len(foundUsers.Data); j++ { @@ -147,10 +147,17 @@ func mainJob() { ldapUserSearchBase = os.Getenv("LDAP_USER_SEARCH_BASE") } - var l *ldap.Conn + var ldapUserLoginAttribute string + if len(os.Getenv("LDAP_USER_LOGIN_ATTRIBUTE")) == 0 { + log.Println("LDAP_USER_LOGIN_ATTRIBUTE is empty") + } else { + ldapUserLoginAttribute = os.Getenv("LDAP_USER_LOGIN_ATTRIBUTE") + } + + var l *ldap.Conn var err error - if ldapTls { - l, err = ldap.DialTLS("tcp", fmt.Sprintf("%s:%d", ldapUrl, ldapPort), &tls.Config{InsecureSkipVerify: true}) + if ldapTls { + l, err = ldap.DialTLS("tcp", fmt.Sprintf("%s:%d", ldapUrl, ldapPort), &tls.Config{InsecureSkipVerify: true}) // TODO: move skip verify to environment variable } else { l, err = ldap.Dial("tcp", fmt.Sprintf("%s:%d", ldapUrl, ldapPort)) } @@ -195,7 +202,7 @@ func mainJob() { ldapUserSearchBase, // The base dn to search ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, filter, // The filter to apply - []string{"cn", "uid", "mailPrimaryAddress, sn"}, // A list attributes to retrieve + []string{"cn", "uid", "mailPrimaryAddress, sn", ldapUserLoginAttribute}, // A list attributes to retrieve nil, ) // make request to ldap server @@ -210,9 +217,9 @@ func mainJob() { log.Printf("The LDAP %s has %d users corresponding to team %s", ldapUrl, len(sr.Entries), teamList[j].Name) for _, entry := range sr.Entries { - AccountsLdap[entry.GetAttributeValue("uid")] = Account{ + AccountsLdap[entry.GetAttributeValue(ldapUserLoginAttribute)] = Account{ Full_name: entry.GetAttributeValue("sn"), //change to cn if you need it - Login: entry.GetAttributeValue("uid"), + Login: entry.GetAttributeValue(ldapUserLoginAttribute), } }