Ldap2pg Versions Save

Changelog

• ed97f57 New version 6.1-alpha2
• 0540249 Update goreleaser

6.0 is a major release including a complete rewrite of ldap2pg in Go.

Please carefully test before upgrading on production system.

Breaking changes

• Command line options have changed.
• New format version: 6. ldap2pg refuses version 5 files.
• LDAPUSER env var is now LDAPSASL_AUTHCID.
• Dropped support for PostgreSQL 9.4.
• Dropped case renaming of role. e.g. from alice to ALICE. ldap2pg is still case sensitive.
• Dropped owners_query for a new dynamic owner inspection.
• Non implemented features:
  • role_match condition.
  • allowed_missing_attributes and LDAP attribute typo detection.
  • on_unexpected_dn. ldap2pg always warn and skip.
  • configuring PostgreSQL connexion through postgres:dsn. Use PG* env var.
  • configuring LDAP connexion through ldap dict. Use LDAP* env vars and ldaprc.
• A single sub-search is supported per main LDAP search.
• No custom privileges inspection.
• Docker image is now based on Alpine Linux 3.18.
• Docker image tag latest points to last stable image.
• Docker image tag nightly points to last commit on master.
• Refuse to grant privilege on unmanaged role.

Unimplemented feature may be reimplemented depending on feedback!

New features and behaviour

• logfmt output.
• New role:config section allowing to set per role PostgreSQL parameter. For all databases only.
• Managed roles can now inherit local role.
• New --skip-privilege option. Ignore privileges and grant from configuration.
• New owner field of grant rule, default to __auto__.
• New __auto__ owner value.
• Inspect object owners after CREATE privilege is synchronized. It's the set of all managed roles having CREATE privilege on the target schema of the grant.
• Default database inspection restricted to those running user can reassign objects to owner.
• Default schema inspection restricted to usable ones by running user.
• New privilege managed: LANGUAGE.
• New expressive declaration of privilege in configuration.
• Use a single database connexion at a time. ldap2pg scales better with the number of databases.
• Synchronize privileges one at a time, saving a lot of memory.
• 40 times less memory consumed for usual scenario.
• up to 3 times less CPU consumed for usual scenario.
• Debian and Alpine packages alongside RPM.
• Docker image sizes now 17MB instead of 126MB.

Changelog

• 130e0e5 Don't import workspace in release
• 0ded7fb Mark prerelease on github
• fdc969f Reuse build cache when releasing
• 03483c2 Version v6.0-alpha5

Changelog

• 1b63b86 Fix requiring build job to release
• 2e28f1a Version v6.0-alpha4