Draft Script of syncing user between ldap and gitlab CE

1. # Imports
2. from gitlab3 import GitLab, ACCESS_LEVEL_DEVELOPER
3. import simpleldap, ldap
4.  
5. # Connect to LDAP and get members of a specific LDAP group
6. conn = simpleldap.Connection('ldap-example.com',dn='cn=binduser,dc=example,dc=com',password='****')
7. conn.set_search_defaults(base_dn='dc=example,dc=com',scope=ldap.SCOPE_SUBTREE)
8. inldap = conn.get('cn=admincloud')['memberuid']
9.  
10. # Connect to Gitlab and list existing users
11. gl = GitLab('http://localhost')
12. gl.login('root','*****')
13. users = gl.users()
14. ingitlab = [ str(user.username) for user in users ]
15.  
16. # Get the GitLab Group
17. g = gl.get_group('admincloud')
18.  
19. # List members of Git Lab group (except standard users)
20. ingroup = [ user.id for user in g.members() ]
21. ingroup = map(lambda x: gl.user(x), ingroup)
22. ingroup = [ user for user in ingroup if len(user.identities) > 0 ]
23. ingroup = map(lambda x: str(x.username), ingroup)
24.  
25. # List users which are in ldap but not in Gitlab and create them
26. tocreate = [ user for user in inldap if user not in ingitlab ]
27. for user in tocreate:
28.     usr = conn.get('uid=%s' % user)
29.     u = gl.add_user(usr['mail'][0],'123456789',usr['uid'][0],usr['cn'][0],extern_uid=usr.dn,provider='ldapmain')
30.  
31. # List users which are in Gitlab group but not in the ldap Group
32. toremove = [ user for user in ingroup if user not in inldap ]
33. for user in toremove:
34.     g.delete_member(g.find_member(username=user))
35.  
36. # List users which are in ldap group but not in the Gitlab group
37. toadd = [ user for user in inldap if user not in ingroup ]
38. for user in toadd:
39.     g.add_member(gl.find_user(username=user).id,ACCESS_LEVEL_DEVELOPER)