Manage Redshift/Postgres privileges in GitOps style written in Rust

Overview

grant-rs crates.io Build & Test

An open-source project that aims to manage Postgres/Redshift database roles and privileges in GitOps style, written in Rust.

Home | Documentation

This project is still in the early stages of development and is not ready for any kind of production use or any alpha/beta testing.

Level Supported Description
DATABASE Support grant CREATE| TEMP | ALL on database(s) to user
SCHEMA Support grant CREATE | USAGE | ALL on schema(s) to user
TABLE Support grant SELECT | INSERT | UPDATE | DELETE | DROP | REFERENCES | ALL on tables(s) or ALL tables in schema(s) to user.
Supported excluding table(s) by adding - before the table name (e.g. tables: [ALL, -table]).
FUNCTION Not supported yet

Installation

Install via Homebrew:

brew tap duyet/tap
brew install grant

Or, install binary from crates.io via Cargo. You will need to have Rust installed. You can get it by visiting rustup.rs. This'll also install Cargo, Rust's package/project manager.

cargo install grant

Usage

Using grant tool:

$ grant --help

grant 0.0.1-beta.3
Manage database roles and privileges in GitOps style

USAGE:
    grant <SUBCOMMAND>

FLAGS:
    -h, --help       Prints help information
    -V, --version    Prints version information

SUBCOMMANDS:
    apply       Apply a configuration to a redshift by file name. Yaml format are accepted
    gen         Generate sample configuration file
    gen-pass    Generate random password
    help        Prints this message or the help of the given subcommand(s)
    inspect     Inspect current database cluster with connection info from configuration file
    validate    Validate a configuration file or a target directory that contains configuration files

Generate project structure

grant gen --target ./cluster

Creating path: "./cluster"
Generated: "./cluster/config.yml"

Apply privilege changes

Content of ./examples/example.yaml:

connection:
  type: "postgres"
  # support environment variables, e.g. postgres://${HOSTNAME}:5432
  url: "postgres://postgres@localhost:5432/postgres"

roles:
  - name: role_database_level
    type: database
    grants:
      - CREATE
      - TEMP
    databases:
      - postgres

  - name: role_schema_level
    type: schema
    grants:
      - CREATE
    databases:
      - postgres
    schemas:
      - public
  - name: role_all_schema
    type: table
    grants:
      - SELECT
      - INSERT
      - UPDATE
    databases:
      - postgres
    schemas:
      - public
    tables:
      - ALL # include all table
      - +public_table # can add `+` to mark included tables (public.public_table)
      - -secret_table # add `-` to exclude this table (public.secret_table)
      - -schema2.table # exclude schema2.table

users:
  - name: duyet
    password: 1234567890 # password in plaintext
    roles:
      - role_database_level
      - role_all_schema
      - role_schema_level
  - name: duyet2
    password: md58243e8f5dfb84bbd851de920e28f596f # support md5 style: grant gen-pass -u duyet2
    roles:
      - role_database_level
      - role_all_schema
      - role_schema_level

Apply this config to cluster:

grant apply -f ./examples/example.yaml

[2021-12-06T14:37:03Z INFO  grant::connection] Connected to database: postgres://postgres@localhost:5432/postgres
[2021-12-06T14:37:03Z INFO  grant::apply] Summary:
    ┌────────────┬────────────────────────────┐
    │ User       │ Action                     │
    │ ---        │ ---                        │
    │ duyet      │ no action (already exists) │
    │ duyet2     │ no action (already exists) │
    └────────────┴────────────────────────────┘
[2021-12-12T13:48:22Z INFO  grant::apply] Success: GRANT CREATE, TEMP ON DATABASE postgres TO duyet;
[2021-12-12T13:48:22Z INFO  grant::apply] Success: GRANT CREATE ON SCHEMA public TO duyet;
[2021-12-12T13:48:22Z INFO  grant::apply] Success: GRANT SELECT, INSERT, UPDATE ON ALL TABLES IN SCHEMA public TO duyet;
[2021-12-12T13:48:22Z INFO  grant::apply] Success: GRANT CREATE, TEMP ON DATABASE postgres TO duyet2;
[2021-12-12T13:48:22Z INFO  grant::apply] Success: GRANT CREATE ON SCHEMA public TO duyet2;
[2021-12-12T13:48:22Z INFO  grant::apply] Success: GRANT SELECT, INSERT, UPDATE ON ALL TABLES IN SCHEMA public TO duyet2;
[2021-12-12T13:48:22Z INFO  grant::apply] Summary:
    ┌────────┬─────────────────────┬──────────────────────┬─────────┐
    │ User   │ Role Name           │ Detail               │ Status  │
    │ ---    │ ---                 │ ---                  │ ---     │
    │ duyet  │ role_database_level │ database["postgres"] │ updated │
    │ duyet  │ role_schema_level   │ schema["public"]     │ updated │
    │ duyet  │ role_table_level    │ table["ALL"]         │ updated │
    │ duyet2 │ role_database_level │ database["postgres"] │ updated │
    │ duyet2 │ role_schema_level   │ schema["public"]     │ updated │
    │ duyet2 │ role_table_level    │ table["ALL"]         │ updated │
    └────────┴─────────────────────┴──────────────────────┴─────────┘

Generate random password

$ grant gen-pass

Generated password: q)ItTjN$EXlkF@Tl
$ grant gen-pass --user duyet

Generated password: o^b3aD1L$xLm%#~U
Generated MD5 (user: duyet): md58243e8f5dfb84bbd851de920e28f596f

Inspect the current cluster

$ grant inspect -f examples/example.yaml

[2021-11-29T07:46:44Z INFO  grant::inspect] Current users in postgres://postgres@localhost:5432/postgres:
    ┌────────────┬──────────┬───────┬──────────┐
    │ User       │ CreateDB │ Super │ Password │
    │ ---        │ ---      │ ---   │ ---      │
    │ postgres   │ truetrue******** │
    │ duyet      │ falsefalse******** │
    └────────────┴──────────┴───────┴──────────┘

Developement

Clone the repo:

git clone https://github.com/duyet/grant-rs && cd grant-rs

Postgres is required for testing, you might need to use the docker-compose.yaml:

docker-compose up -d

Make sure you have connection to postgres://postgres:postgres@localhost:5432/postgres.

On the MacOS, the easiest way is install Postgres.app.

To run the unittest:

cargo test

Contributing

I greatly appreciate if you have any ideas or make a PR to this project. Thank you for contributing!

TODO

  • Support reading connection info from environment variables
  • Support store encrypted password in Git
  • Support Postgres and Redshift
  • Support change password
  • Visuallization (who can see what?)
  • Apply show more detail about diff changes
  • Inspect show more detail about user privileges
  • Command to rotate passwords
  • Suport DROP users that not in the configuration (it's not safe to do it for now)

LICENSE

MIT

Comments
  • chore(deps): update postgres docker tag to v15

    chore(deps): update postgres docker tag to v15

    Mend Renovate

    This PR contains the following updates:

    | Package | Update | Change | |---|---|---| | postgres | major | 14 -> 15 |


    Configuration

    📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

    🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

    Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

    🔕 Ignore: Close this PR and you won't be reminded about this update again.


    • [ ] If you want to rebase/retry this PR, click this checkbox.

    This PR has been generated by Mend Renovate. View repository job log here.

    opened by renovate[bot] 2
  • chore(deps): update actions-rs/toolchain digest to 16499b5

    chore(deps): update actions-rs/toolchain digest to 16499b5

    Mend Renovate

    This PR contains the following updates:

    | Package | Type | Update | Change | |---|---|---|---| | actions-rs/toolchain | action | digest | 88dc235 -> 16499b5 |


    Configuration

    📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

    🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

    Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

    🔕 Ignore: Close this PR and you won't be reminded about this update again.


    • [ ] If you want to rebase/retry this PR, check this box

    This PR has been generated by Mend Renovate. View repository job log here.

    opened by renovate[bot] 1
  • chore(deps): update swatinem/rust-cache action to v2

    chore(deps): update swatinem/rust-cache action to v2

    Mend Renovate

    This PR contains the following updates:

    | Package | Type | Update | Change | |---|---|---|---| | Swatinem/rust-cache | action | major | v1 -> v2 |


    Configuration

    📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

    🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

    Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

    🔕 Ignore: Close this PR and you won't be reminded about this update again.


    • [ ] If you want to rebase/retry this PR, click this checkbox.

    This PR has been generated by Mend Renovate. View repository job log here.

    opened by renovate[bot] 1
  • chore(deps): update actions/checkout action to v3

    chore(deps): update actions/checkout action to v3

    Mend Renovate

    This PR contains the following updates:

    | Package | Type | Update | Change | |---|---|---|---| | actions/checkout | action | major | v2 -> v3 |


    Release Notes

    actions/checkout

    v3

    Compare Source


    Configuration

    📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

    🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

    Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

    🔕 Ignore: Close this PR and you won't be reminded about this update again.


    • [ ] If you want to rebase/retry this PR, click this checkbox.

    This PR has been generated by Mend Renovate. View repository job log here.

    opened by renovate[bot] 1
  • fix(deps): update rust crate serde_yaml to 0.9

    fix(deps): update rust crate serde_yaml to 0.9

    Mend Renovate

    This PR contains the following updates:

    | Package | Type | Update | Change | |---|---|---|---| | serde_yaml | dependencies | minor | 0.8 -> 0.9 |


    Release Notes

    dtolnay/serde-yaml

    v0.9.10

    Compare Source

    • Make Display for Number produce the same representation as serializing (#​316)

    v0.9.9

    Compare Source

    v0.9.8

    Compare Source

    • Fix serialization of TaggedValue when used with to_value (#​313)

    v0.9.7

    Compare Source

    • Allow an empty plain scalar to deserialize as an empty map or seq (#​304)

    v0.9.6

    Compare Source

    • Fix tag not getting serialized in certain map values (#​302)

    v0.9.5

    Compare Source

    v0.9.4

    Compare Source

    • Add serde_yaml::with::singleton_map for serialization of enums as a 1-entry map (#​300)
    • Reject duplicate keys when deserializing Mapping or Value (#​301)

    v0.9.3

    Compare Source

    • Add categories to crates.io metadata
    • Add keywords to crates.io metadata

    v0.9.2

    Compare Source

    • Improve Debug representation of serde_yaml::Error

    v0.9.1

    Compare Source

    • Fix panic on some documents containing syntax error (#​293)
    • Improve error messages that used to contain duplicative line/column information (#​294)

    v0.9.0

    Compare Source

    API documentation: https://docs.rs/serde_yaml/0.9

    Highlights
    • The serde_yaml::Value enum gains a Tagged variant which represents the deserialization of YAML's !Tag syntax. Tagged scalars, sequences, and mappings are all supported.

    • An empty YAML input (or document containing only comments) will deserialize successfully to an empty map, empty sequence, or Serde struct as long as the struct has only optional fields. Previously this would error.

    • A new .apply_merge() method on Value implements YAML's << merge key convention.

    • The Debug representation of serde_yaml::Value has gotten vastly better (https://github.com/dtolnay/serde-yaml/pull/287).

    • Deserialization of borrowed strings now works.

      #[derive(Deserialize, Debug)]
      struct Struct<'a> {
          borrowed: &'a str,
      }
      
      let yaml = "borrowed: 'kölcsönzött'\n";
      let value: Struct = serde_yaml::from_str(yaml)?;
      println!("{:#?}", value);
      
    • Value's and Mapping's methods get and get_mut have been generalized to support a &str argument, as opposed to requiring you to allocate and construct a Value::String for indexing into another existing Value.

    • Mapping exposes more APIs that have become conventional on map data structures, such as .keys(), .values(), .into_keys(), .into_values(), .values_mut(), and .retain(|k, v| …).

    Breaking changes
    • Serialization no longer produces leading ---\n on the serialized output. You can prepend this yourself if your use case demands it.

    • Serialization of enum variants is now based on YAML's !Tag syntax, rather than JSON-style singleton maps.

      #[derive(Serialize, Deserialize)]
      enum Enum {
          Newtype(usize),
          Tuple(usize, usize, usize),
          Struct { x: f64, y: f64 },
      }
      
      - !Newtype 1
      - !Tuple [0, 0, 0]
      - !Struct {x: 1.0, y: 2.0}
      
    • A bunch of non-base-10 edge cases in number parsing have been resolved. For example 0x+1 and ++0x1 are now parsed as strings, whereas they used to be incorrectly treated as numbers.

    • Deserializers obtained through iteration can no longer be iterated further:

      let deserializer = serde_yaml::Deserializer::from_str(multiple_documents);
      for de in deserializer {
          // correct:
          let myvalue = T::deserialize(de)?;
      
          // incorrect: used to produce some questionable result, now produces 0 sub-documents
          for questionable in de {
              let wat = T::deserialize(questionable)?;
          }
      }
      
    • The abandoned yaml-rust crate is no longer used as the YAML backend. The new libyaml-based backend surely has different edge cases and quirks than yaml-rust.

    • Some excessive PartialEq impls have been eliminated.

    • The serde_yaml::to_vec function has been removed. Use serde_yaml::to_writer for doing I/O, or use serde_yaml::to_string + .into_bytes() on the resulting String.

    • The serde_yaml::seed module has been removed. Now that a serde_yaml::Deserializer is publicly available, the same use cases can be addressed via seed.deserialize(Deserializer::from_str(…)) instead.

    Bugfixes
    • Empty values in a mapping are supported, and deserialize to empty string when the corresponding struct field is of type string. Previously they would deserialize to "~" which makes no sense.

    • 128-bit integer deserialization now supports hex and octal input.

    • Serde_yaml now includes a mitigation against a "billion laughs" attack in which malicious input involving YAML anchors and aliases is used to consume an amount of processing or memory that is exponential in the size of the input document. Serde_yaml will quickly produce an error in this situation instead.

    v0.8.26

    Compare Source

    v0.8.25

    Compare Source

    • Add to "encoding" category on crates.io (#​246)

    v0.8.24

    Compare Source

    • Work around indexmap/autocfg not always properly detecting whether a std sysroot crate is available (#​243, thanks @​cuviper)

    v0.8.23

    Compare Source

    • Fix handling of YAML 1.1-style octals that begin with + or - sign (#​228)

    v0.8.22

    Compare Source

    • Switch float serializer to use the same float formatting library as serde_json

    v0.8.21

    Compare Source

    v0.8.20

    Compare Source

    v0.8.19

    Compare Source

    • Add an Entry API for serde_yaml::Mapping (https://docs.rs/serde_yaml/0.8.19/serde_yaml/struct.Mapping.html#method.entry)

    v0.8.18

    Compare Source

    v0.8.17

    Compare Source

    v0.8.16

    Compare Source

    • Add a Serializer and Deserializer type (#​185, #​186)

      let mut buffer = Vec::new();
      let mut ser = serde_yaml::Serializer::new(&mut buffer);
      
      let mut object = BTreeMap::new();
      object.insert("k", 107);
      object.serialize(&mut ser)?;
      
      let de = serde_yaml::Deserializer::from_slice(&buffer);
      let value = Value::deserialize(de)?;
      println!("{:?}", value);
      
    • Support multi-doc serialization (#​187)

      let mut buffer = Vec::new();
      let mut ser = serde_yaml::Serializer::new(&mut buffer);
      
      let mut object = BTreeMap::new();
      object.insert("k", 107);
      object.serialize(&mut ser)?;
      
      object.insert("j", 106);
      object.serialize(&mut ser)?;
      
      assert_eq!(buffer, b"---\nk: 107\n...\n---\nj: 106\nk: 107\n");
      
    • Support multi-doc deserialization (#​189)

      let input = "---\nk: 107\n...\n---\nj: 106\n";
      
      for document in serde_yaml::Deserializer::from_str(input) {
          let value = Value::deserialize(document)?;
          println!("{:?}", value);
      }
      

    v0.8.15

    Compare Source

    • Declare dependency version requirements compatible with minimal-versions lockfile (#​183)

    v0.8.14

    Compare Source

    v0.8.13

    Compare Source

    • Documentation improvements

    v0.8.12

    Compare Source

    • Add serde_yaml::mapping module containing Mapping's various iterator types: Iter, IterMut, IntoIter
    • Fix deserialization of certain strings incorrectly as NaN or infinity; only .nan and .inf and -.inf are YAML's permitted representations for NaN and infinity

    v0.8.11

    Compare Source

    v0.8.10

    Compare Source

    v0.8.9

    Compare Source

    • Add Value::get_mut to index into a &mut Value, returning Option

    v0.8.8

    Compare Source

    • Provide an implementation of Default for serde_yaml::Value which produces Value::Null (#​120, thanks @​macisamuele)

    v0.8.7

    Compare Source

    v0.8.6

    Compare Source

    • 128-bit integer support (#​110)

    v0.8.5

    Compare Source

    v0.8.4

    Compare Source

    • Limit recursion to 128 levels to avoid stack overflows (#​105)

    v0.8.3

    Compare Source

    • Fix possible panic during deserialization (#​101)

    v0.8.2

    Compare Source

    • Documentation improvements

    v0.8.1

    Compare Source

    • Documentation improvements

    Configuration

    📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

    🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

    Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

    🔕 Ignore: Close this PR and you won't be reminded about this update again.


    • [ ] If you want to rebase/retry this PR, click this checkbox.

    This PR has been generated by Mend Renovate. View repository job log here.

    opened by renovate[bot] 1
  • chore(deps): update github/codeql-action action to v2

    chore(deps): update github/codeql-action action to v2

    Mend Renovate

    This PR contains the following updates:

    | Package | Type | Update | Change | |---|---|---|---| | github/codeql-action | action | major | v1 -> v2 |


    Release Notes

    github/codeql-action

    v2

    Compare Source


    Configuration

    📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

    🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

    Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

    🔕 Ignore: Close this PR and you won't be reminded about this update again.


    • [ ] If you want to rebase/retry this PR, click this checkbox.

    This PR has been generated by Mend Renovate. View repository job log here.

    opened by renovate[bot] 1
  • chore(deps): update actions-rs/toolchain digest to 88dc235

    chore(deps): update actions-rs/toolchain digest to 88dc235

    Mend Renovate

    This PR contains the following updates:

    | Package | Type | Update | Change | |---|---|---|---| | actions-rs/toolchain | action | digest | 16499b5 -> 88dc235 |


    Configuration

    📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

    🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

    Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

    🔕 Ignore: Close this PR and you won't be reminded about this update again.


    • [ ] If you want to rebase/retry this PR, click this checkbox.

    This PR has been generated by Mend Renovate. View repository job log here.

    opened by renovate[bot] 1
  • chore(deps): update actions/checkout action to v3

    chore(deps): update actions/checkout action to v3

    Mend Renovate

    This PR contains the following updates:

    | Package | Type | Update | Change | |---|---|---|---| | actions/checkout | action | major | v2 -> v3 |


    Release Notes

    actions/checkout

    v3

    Compare Source


    Configuration

    📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

    🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

    Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

    🔕 Ignore: Close this PR and you won't be reminded about this update again.


    • [ ] If you want to rebase/retry this PR, click this checkbox.

    This PR has been generated by Mend Renovate. View repository job log here.

    opened by renovate[bot] 1
  • chore(deps): update actions/upload-release-asset action to v1.0.2 - autoclosed

    chore(deps): update actions/upload-release-asset action to v1.0.2 - autoclosed

    Mend Renovate

    This PR contains the following updates:

    | Package | Type | Update | Change | |---|---|---|---| | actions/upload-release-asset | action | patch | v1.0.1 -> v1.0.2 |


    Release Notes

    actions/upload-release-asset

    v1.0.2

    Compare Source

    This is a minor update to make the current release have the latest code from master, and additionally allows for a new automation workflow to execute to automate the sliding of the major (v1, v2, v3, etc) version numbers for ease of referencing


    Configuration

    📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

    🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

    Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

    🔕 Ignore: Close this PR and you won't be reminded about this update again.


    • [ ] If you want to rebase/retry this PR, click this checkbox.

    This PR has been generated by Mend Renovate. View repository job log here.

    opened by renovate[bot] 1
  • chore(deps): update predicates requirement from 1 to 2

    chore(deps): update predicates requirement from 1 to 2

    Updates the requirements on predicates to permit the latest version.

    Changelog

    Sourced from predicates's changelog.

    [2.1.0] - 2021-11-22

    Fixed

    • Report user's value (the actual)
      • Having the caller own this means you won't get intermediates like file paths
      • We already show it for the diff predicate
      • Now we show it in each leaf predicate (like Eq) and when adapting it (like taking a path and loading its file)
    • Remove redundant result with eq_file assertions
    • Clarify that the constant in Eq and Ord predicates is the expected value

    [2.0.3] - 2021-10-07

    [2.0.2] - 2021-08-16

    Added

    • All predicates now implement Send and Sync when it's appropriate

    [2.0.1] - 2021-07-26

    Changed

    • Upgraded float-cmp

    [2.0.0] - 2021-07-03

    Breaking Changes

    • predicates::str::diff was removed
    • predicates::str::similar was renamed to diff
    • The difference feature flag was renamed to diff
    • diff().split and diff().distance were removed

    Fixes

    • Shrink the output of Diffs because its redundant
    • Moved off of an unmaintained Diff library

    [1.0.8] - 2021-04-28

    [1.0.7] - 2021-01-29

    [1.0.6] - 2020-12-28

    Fixed

    • NamePredicate now adds itself to the Case returned by find_case.

    [1.0.5] - 2020-07-18

    ... (truncated)

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies rust 
    opened by dependabot[bot] 1
  • Refactor these functions

    Refactor these functions

    https://github.com/duyet/grant.rs/blob/479888f0d1305e5388b4fdb724f4661626d34e5f/src/apply.rs#L15-L20


    This issue was generated by todo based on a TODO comment in 479888f0d1305e5388b4fdb724f4661626d34e5f when #3 was merged. cc @duyet.
    todo :spiral_notepad: 
    opened by todo[bot] 1
  • chore(deps): update env_logger requirement from 0.9 to 0.10

    chore(deps): update env_logger requirement from 0.9 to 0.10

    Updates the requirements on env_logger to permit the latest version.

    Changelog

    Sourced from env_logger's changelog.

    0.10.0 - 2022-11-24

    MSRV changed to 1.60 to hide optional dependencies

    Fixes

    • Resolved soundness issue by switching from atty to is-terminal

    Breaking Changes

    To open room for changing dependencies:

    • Renamed termcolor feature to color
    • Renamed atty feature to auto-color

    0.9.3 - 2022-11-07

    • Fix a regression from v0.9.2 where env_logger would fail to compile with the termcolor feature turned off.

    0.9.2 - 2022-11-07

    • Fix and un-deprecate Target::Pipe, which was basically not working at all before and deprecated in 0.9.1.

    0.9.0 -- 2022-07-14

    Breaking Changes

    • Default message format now prints the target instead of the module

    Improvements

    • Added a method to print the module instead of the target
    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies rust 
    opened by dependabot[bot] 0
  • fix(deps): update rust crate env_logger to 0.10

    fix(deps): update rust crate env_logger to 0.10

    Mend Renovate

    This PR contains the following updates:

    | Package | Type | Update | Change | |---|---|---|---| | env_logger | dependencies | minor | 0.9 -> 0.10 |


    Release Notes

    rust-cli/env_logger

    v0.10.0

    Compare Source

    MSRV changed to 1.60 to hide optional dependencies

    Fixes
    • Resolved soundness issue by switching from atty to is-terminal
    Breaking Changes

    To open room for changing dependencies:

    • Renamed termcolor feature to color
    • Renamed atty feature to auto-color

    v0.9.3

    Compare Source

    • Fix a regression from v0.9.2 where env_logger would fail to compile with the termcolor feature turned off.

    v0.9.2

    Compare Source

    • Fix and un-deprecate Target::Pipe, which was basically not working at all before and deprecated in 0.9.1.

    v0.9.1

    Compare Source


    Configuration

    📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

    🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

    Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

    🔕 Ignore: Close this PR and you won't be reminded about this update again.


    • [ ] If you want to rebase/retry this PR, check this box

    This PR has been generated by Mend Renovate. View repository job log here.

    opened by renovate[bot] 1
  • Row Level Security

    Row Level Security

    Hi, great project! Keen to use it! Could we add support to RLS Policies?

    • https://aws.amazon.com/blogs/big-data/achieve-fine-grained-data-security-with-row-level-access-control-in-amazon-redshift/
    • https://aws.amazon.com/blogs/big-data/achieve-finer-grained-data-security-with-column-level-access-control-in-amazon-redshift/
    • https://aws.amazon.com/blogs/database/multi-tenant-data-isolation-with-postgresql-row-level-security
    opened by dnascimento 0
  • Support SuperUser role

    Support SuperUser role

    We need to create a role SUPERUSER to create custom plpython3u function

    relate to this topic: https://dba.stackexchange.com/questions/37336/cannot-create-function-in-plpython3u-permission-denied

    Or grant this USAGE ON LANGUAGE plpythonu

    opened by hungtg7 0
  • Dependency Dashboard

    Dependency Dashboard

    This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

    Open

    These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

    Detected dependencies

    cargo
    Cargo.toml
    • structopt ^0.3
    • anyhow 1.0
    • indoc 1.0
    • log 0.4
    • env_logger 0.9
    • rand 0.8
    • postgres 0.19
    • serde 1.0
    • serde_yaml 0.9
    • ascii_table 4
    • md5 0.7
    • walkdir 2
    • ansi_term 0.12
    • envmnt 0.10
    • term_size 0.3
    • assert_cmd 2.0
    • predicates 2
    • tempfile 3
    docker-compose
    docker-compose.yaml
    • postgres 15
    github-actions
    .github/workflows/build-test.yaml
    • actions/checkout v3
    • actions-rs/toolchain v1
    • Swatinem/rust-cache v2
    • actions/checkout v3
    • actions-rs/toolchain v1
    • Swatinem/rust-cache v2
    .github/workflows/post-release.yaml
    • actions/checkout v3
    • actions/create-release v1
    • actions/checkout v3
    • actions-rs/toolchain v1
    • actions/upload-release-asset v1.0.2
    .github/workflows/rust-clippy.yml
    • actions/checkout v3
    • actions-rs/toolchain v1@16499b5e05bf2e26879000db0c1d13f7e13fa3af
    • github/codeql-action v2

    • [ ] Check this box to trigger a request for Renovate to run again on this repository
    opened by renovate[bot] 0
  • revoke if privileges on db are not in configuration

    revoke if privileges on db are not in configuration

    https://github.com/duyet/grant.rs/blob/e2e906349670f296decb30efe859dd3c1d06672d/src/apply.rs#L130-L135


    This issue was generated by todo based on a TODO comment in e2e906349670f296decb30efe859dd3c1d06672d. It's been assigned to @duyet because they committed the code.
    todo :spiral_notepad: 
    opened by todo[bot] 0
Releases(0.0.1-beta.5)
  • 0.0.1-beta.5(May 29, 2022)

  • 0.0.1-beta.4(Jan 20, 2022)

    What's Changed

    • chore: add test, refactor trait by @duyet in https://github.com/duyet/grant-rs/pull/17
    • feat: inspect perms from current db, schemas, tables by @duyet in https://github.com/duyet/grant-rs/pull/18
    • chore(inspect): refactor to improve performance by @duyet in https://github.com/duyet/grant-rs/pull/19
    • feat: gen-pass support --no-special (no special characters) by @duyet in https://github.com/duyet/grant-rs/pull/20
    • feat: support flag users[*].update_password to force update password by @duyet in https://github.com/duyet/grant-rs/pull/21

    Full Changelog: https://github.com/duyet/grant-rs/compare/0.0.1-beta.3...0.0.1-beta.4

    Installation

    Install via Homebrew:

    brew tap duyet/tap
    brew install grant
    

    Install via Cargo:

    cargo install grant
    
    Source code(tar.gz)
    Source code(zip)
    grant-0.0.1-beta.4-x86_64-apple-darwin.tar.gz(1.43 MB)
  • 0.0.1-beta.3(Dec 13, 2021)

    What's Changed

    • feat: support connection from environment variables.
    • feat: generate password and md5(pass + user).
    • chore: improve performance and stability.
    • chore(deps): update dependencies.

    Full Changelog: https://github.com/duyet/grant.rs/compare/0.0.1-beta.2...0.0.1-beta.3

    Installation

    Install via Homebrew:

    brew tap duyet/tap
    brew install grant
    

    Install via Cargo:

    cargo install grant
    
    Source code(tar.gz)
    Source code(zip)
    grant-0.0.1-beta.3-x86_64-apple-darwin.tar.gz(1.41 MB)
  • 0.0.1-beta.2(Dec 7, 2021)

Owner
Duyet Le
Data Engineer @ Fossil (Web, Data Engineering, NLP, Cloud)
Duyet Le
cogo rust coroutine database driver (Mysql,Postgres,Sqlite)

cdbc Coroutine Database driver Connectivity.based on cogo High concurrency,based on coroutine No Future<'q,Output=*>,No async fn, No .await , no Poll*

co-rs 10 Nov 13, 2022
rust-postgres support library for the r2d2 connection pool

r2d2-postgres Documentation rust-postgres support library for the r2d2 connection pool. Example use std::thread; use r2d2_postgres::{postgres::NoTls,

Steven Fackler 128 Dec 26, 2022
A Rust application that inserts Discogs data dumps into Postgres

Discogs-load A Rust application that inserts Discogs data dumps into Postgres. Discogs-load uses a simple state machine with the quick-xml Rust librar

Dylan 7 Dec 9, 2022
Command-line tool to make Rust source code entities from Postgres tables.

pg2rs Command-line tool to make Rust source code entities from Postgres tables. Generates: enums structs which can be then used like mod structs; use

Stanislav 10 May 20, 2022
A Pub/Sub library for Rust backed by Postgres

Unisub Unisub is a Pub/Sub library for Rust, using Postgres as the backend. It offers a convenient way to publish and subscribe to messages across dif

Nick Rempel 12 Oct 6, 2023
Rust library and daemon for easily starting postgres databases per-test without Docker

pgtemp pgtemp is a Rust library and cli tool that allows you to easily create temporary PostgreSQL servers for testing without using Docker. The pgtem

Harry Stern 165 Mar 22, 2024
Making Postgres and Elasticsearch work together like it's 2021

Making Postgres and Elasticsearch work together like it's 2021 Readme ZomboDB brings powerful text-search and analytics features to Postgres by using

ZomboDB 4.2k Jan 2, 2023
Distributed, version controlled, SQL database with cryptographically verifiable storage, queries and results. Think git for postgres.

SDB - SignatureDB Distributed, version controlled, SQL database with cryptographically verifiable storage, queries and results. Think git for postgres

Fremantle Industries 5 Apr 26, 2022
An easy-to-use, zero-downtime schema migration tool for Postgres

Reshape is an easy-to-use, zero-downtime schema migration tool for Postgres. It automatically handles complex migrations that would normally require downtime or manual multi-step changes.

Fabian Lindfors 1.4k Dec 25, 2022
postgres-ical - a PostgreSQL extension that adds features related to parsing RFC-5545 « iCalendar » data from within a PostgreSQL database

postgres-ical - a PostgreSQL extension that adds features related to parsing RFC-5545 « iCalendar » data from within a PostgreSQL database

Edgar Onghena 1 Feb 23, 2022
The simplest implementation of LLM-backed vector search on Postgres.

pg_vectorize under development The simplest implementation of LLM-backed vector search on Postgres. -- initialize an existing table select vectorize.i

Tembo 5 Jul 25, 2023
Postgres Foreign Data Wrapper for Clerk.com API

Pre-requisites Postgres-15 Rust pgrx Getting Started To run the program locally, clone the repository git clone https://github.com/tembo-io/clerk_fdw.

Tembo 3 Aug 22, 2023
Rust API to manage user accounts 🦦

Autha Autha, pronounced Otter ?? , is the service that manages user accounts and the associated delegation. ☄️ Autha is an OAuth2 server designed with

Gravitalia 14 Dec 22, 2022
Query is a Rust server for your remote SQLite databases and a CLI to manage them.

Query Query is a Rust server for your remote SQLite databases and a CLI to manage them. Table Of Contents Run A Query Server CLI Install Use The Insta

Víctor García 6 Oct 6, 2023
rust_arango enables you to connect with ArangoDB server, access to database, execute AQL query, manage ArangoDB in an easy and intuitive way, both async and plain synchronous code with any HTTP ecosystem you love.

rust_arango enables you to connect with ArangoDB server, access to database, execute AQL query, manage ArangoDB in an easy and intuitive way, both async and plain synchronous code with any HTTP ecosystem you love.

Foretag 3 Mar 24, 2022
Cassandra DB native client written in Rust language. Find 1.x versions on https://github.com/AlexPikalov/cdrs/tree/v.1.x Looking for an async version? - Check WIP https://github.com/AlexPikalov/cdrs-async

CDRS CDRS is looking for maintainers CDRS is Apache Cassandra driver written in pure Rust. ?? Looking for an async version? async-std https://github.c

Alex Pikalov 338 Jan 1, 2023
A highly scalable MySQL Proxy framework written in Rust

mysql-proxy-rs An implementation of a MySQL proxy server built on top of tokio-core. Overview This crate provides a MySQL proxy server that you can ex

AgilData 175 Dec 19, 2022
A user crud written in Rust, designed to connect to a MySQL database with full integration test coverage.

SQLX User CRUD Purpose This application demonstrates the how to implement a common design for CRUDs in, potentially, a system of microservices. The de

null 78 Nov 27, 2022
An API Wrapper for https://paste.myst.rs written in rust

PasteMyst.RS pastemyst-rs is an api wrapper for pastemyst written in Rust. ⚠ This package is under development ⚠ Sample usage To get a paste from past

ANF Studios 14 Nov 28, 2021