Initial commit

2025-08-06 14:14:22 -07:00 · 2020-03-09 09:11:07 +00:00 · 2020-03-09 09:11:07 +00:00 · aebc1b03fd
commit aebc1b03fd
4861 changed files with 812621 additions and 0 deletions
--- a/tests/integration/targets/postgresql_schema/aliases
+++ b/tests/integration/targets/postgresql_schema/aliases
@ -0,0 +1,4 @@
+destructive
+shippable/posix/group4
+skip/aix
+skip/osx
--- a/tests/integration/targets/postgresql_schema/defaults/main.yml
+++ b/tests/integration/targets/postgresql_schema/defaults/main.yml
@ -0,0 +1,6 @@
+---
+db_name: 'ansible_db'
+db_user1: 'ansible_db_user1'
+db_user2: 'ansible_db_user2'
+db_session_role1: 'session_role1'
+db_session_role2: 'session_role2'
--- a/tests/integration/targets/postgresql_schema/meta/main.yml
+++ b/tests/integration/targets/postgresql_schema/meta/main.yml
@ -0,0 +1,2 @@
+dependencies:
+  - setup_postgresql_db
--- a/tests/integration/targets/postgresql_schema/tasks/main.yml
+++ b/tests/integration/targets/postgresql_schema/tasks/main.yml
@ -0,0 +1,4 @@
+- import_tasks: postgresql_schema_session_role.yml
+
+# Initial CI tests of postgresql_schema module
+- import_tasks: postgresql_schema_initial.yml
--- a/tests/integration/targets/postgresql_schema/tasks/postgresql_schema_initial.yml
+++ b/tests/integration/targets/postgresql_schema/tasks/postgresql_schema_initial.yml
@ -0,0 +1,311 @@
+---
+
+# Setup
+- name: Create test roles
+  postgresql_user:
+    name: "{{ item }}"
+    state: present
+    encrypted: yes
+    password: password
+    role_attr_flags: LOGIN
+    db: postgres
+    login_user: "{{ pg_user }}"
+  loop:
+  - "{{ db_user1 }}"
+  - "{{ db_user2 }}"
+
+- name: Create DB
+  become_user: "{{ pg_user }}"
+  become: yes
+  postgresql_db:
+    state: present
+    name: "{{ db_name }}"
+    owner: "{{ db_user1 }}"
+    login_user: "{{ pg_user }}"
+
+# Test: CREATE SCHEMA in checkmode
+- name: Create a new schema with name "acme" in check_mode
+  become_user: "{{ pg_user }}"
+  become: yes
+  check_mode: yes
+  postgresql_schema:
+    database: "{{ db_name }}"
+    name: acme
+    login_user: "{{ pg_user }}"
+  register: result
+
+# Checks
+- assert:
+    that:
+      - result is changed
+      - result.schema == 'acme'
+
+- name: Check that the new schema "acme" not exists
+  become: yes
+  become_user: "{{ pg_user }}"
+  postgresql_query:
+    db: "{{ db_name }}"
+    login_user: "{{ pg_user }}"
+    query: "SELECT schema_name FROM information_schema.schemata WHERE schema_name = 'acme'"
+  register: result
+
+- assert:
+    that:
+      - result.rowcount == 0
+
+# Test: CREATE SCHEMA
+- name: Create a new schema with name "acme"
+  become_user: "{{ pg_user }}"
+  become: yes
+  postgresql_schema:
+    database: "{{ db_name }}"
+    name: acme
+    login_user: "{{ pg_user }}"
+  register: result
+
+# Checks
+- assert:
+    that:
+      - result is changed
+      - result.schema == 'acme'
+      - result.queries == [ 'CREATE SCHEMA "acme"' ]
+
+- name: Check that the new schema "acme" exists
+  become: yes
+  become_user: "{{ pg_user }}"
+  postgresql_query:
+    db: "{{ db_name }}"
+    login_user: "{{ pg_user }}"
+    query: "SELECT schema_name FROM information_schema.schemata WHERE schema_name = 'acme'"
+  register: result
+
+- assert:
+    that:
+      - result.rowcount == 1
+
+# Test: DROP SCHEMA in checkmode
+- name: Drop schema "acme" in check_mode
+  become_user: "{{ pg_user }}"
+  become: yes
+  check_mode: yes
+  postgresql_schema:
+    database: "{{ db_name }}"
+    name: acme
+    state: absent
+    login_user: "{{ pg_user }}"
+  register: result
+
+# Checks
+- assert:
+    that:
+      - result is not changed
+
+- name: Check that the new schema "acme" still exists
+  become: yes
+  become_user: "{{ pg_user }}"
+  postgresql_query:
+    db: "{{ db_name }}"
+    login_user: "{{ pg_user }}"
+    query: "SELECT schema_name FROM information_schema.schemata WHERE schema_name = 'acme'"
+  register: result
+
+- assert:
+    that:
+      - result.rowcount == 1
+
+# Test: DROP SCHEMA
+- name: Drop schema "acme"
+  become_user: "{{ pg_user }}"
+  become: yes
+  postgresql_schema:
+    database: "{{ db_name }}"
+    name: acme
+    state: absent
+    login_user: "{{ pg_user }}"
+  register: result
+
+# Checks
+- assert:
+    that:
+      - result is changed
+      - result.queries == [ 'DROP SCHEMA "acme"' ]
+
+- name: Check that no schema "acme" exists
+  become: yes
+  become_user: "{{ pg_user }}"
+  postgresql_query:
+    db: "{{ db_name }}"
+    login_user: "{{ pg_user }}"
+    query: "SELECT schema_name FROM information_schema.schemata WHERE schema_name = 'acme'"
+  register: result
+  ignore_errors: yes
+
+- assert:
+    that:
+      - result.rowcount == 0
+
+# Test: CREATE SCHEMA; WITH TABLE for DROP CASCADE test
+- name: Create a new schema "acme"
+  become_user: "{{ pg_user }}"
+  become: yes
+  postgresql_schema:
+    database: "{{ db_name }}"
+    name: acme
+    login_user: "{{ pg_user }}"
+  register: result
+
+- name: Create table in schema for DROP CASCADE check
+  become_user: "{{ pg_user }}"
+  become: yes
+  postgresql_query:
+    db: "{{ db_name }}"
+    login_user: "{{ pg_user }}"
+    query: "CREATE TABLE acme.table1()"
+  register: result2
+
+# Checks
+- assert:
+    that:
+      - result is changed
+      - result.schema == 'acme'
+      - result.queries == [ 'CREATE SCHEMA "acme"' ]
+      - result2.changed == true
+      - result2.statusmessage == 'CREATE TABLE'
+
+- name: Check that the new schema "acme" exists
+  become: yes
+  become_user: "{{ pg_user }}"
+  postgresql_query:
+    db: "{{ db_name }}"
+    login_user: "{{ pg_user }}"
+    query: "SELECT schema_name,schema_owner FROM information_schema.schemata WHERE schema_name = 'acme'"
+  register: result
+
+- assert:
+    that:
+      - result.rowcount == 1
+
+- name: Check that the new table "table1" in schema 'acme' exists
+  become: yes
+  become_user: "{{ pg_user }}"
+  postgresql_query:
+    db: "{{ db_name }}"
+    login_user: "{{ pg_user }}"
+    query: "SELECT EXISTS (SELECT 1 FROM pg_tables WHERE schemaname = 'acme' AND tablename = 'table1')"
+  register: result
+
+- assert:
+    that:
+      - result.rowcount == 1
+
+# Test: DROP SCHEMA ... CASCADE;
+- name: Drop schema "acme" with cascade
+  become_user: "{{ pg_user }}"
+  become: yes
+  postgresql_schema:
+    database: "{{ db_name }}"
+    name: acme
+    state: absent
+    cascade_drop: yes
+    login_user: "{{ pg_user }}"
+  register: result
+
+# Checks
+- assert:
+    that:
+      - result is changed
+      - result.queries == [ 'DROP SCHEMA "acme" CASCADE' ]
+
+- name: Check that no schema "acme" exists
+  become: yes
+  become_user: "{{ pg_user }}"
+  postgresql_query:
+    db: "{{ db_name }}"
+    login_user: "{{ pg_user }}"
+    query: "SELECT schema_name FROM information_schema.schemata WHERE schema_name = 'acme'"
+  register: result
+  ignore_errors: yes
+
+- assert:
+    that:
+      - result.rowcount == 0
+
+# Test: CREATE SCHEMA WITH OWNER ...;
+- name: Create a new schema "acme" with a user "{{ db_user2 }}" who will own it
+  become_user: "{{ pg_user }}"
+  become: yes
+  postgresql_schema:
+    database: "{{ db_name }}"
+    name: acme
+    owner: "{{ db_user2 }}"
+    login_user: "{{ pg_user }}"
+  register: result
+
+# Checks
+- assert:
+    that:
+      - result is changed
+      - result.schema == 'acme'
+      - result.queries == [ 'CREATE SCHEMA "acme" AUTHORIZATION "{{ db_user2 }}"' ]
+
+- name: Check that the new schema "acme" exists and "{{ db_user2 }}" own it
+  become: yes
+  become_user: "{{ pg_user }}"
+  postgresql_query:
+    db: "{{ db_name }}"
+    login_user: "{{ pg_user }}"
+    query: "SELECT schema_name,schema_owner FROM information_schema.schemata WHERE schema_name = 'acme' AND schema_owner = '{{ db_user2 }}'"
+  register: result
+  ignore_errors: yes
+
+- assert:
+    that:
+      - result.rowcount == 1
+
+# Test: DROP SCHEMA
+- name: Drop schema "acme"
+  become_user: "{{ pg_user }}"
+  become: yes
+  postgresql_schema:
+    database: "{{ db_name }}"
+    name: acme
+    state: absent
+    login_user: "{{ pg_user }}"
+  register: result
+
+# Checks
+- assert:
+    that:
+      - result is changed
+      - result.queries == [ 'DROP SCHEMA "acme"' ]
+
+- name: Check that no schema "acme" exists
+  become: yes
+  become_user: "{{ pg_user }}"
+  postgresql_query:
+    db: "{{ db_name }}"
+    login_user: "{{ pg_user }}"
+    query: "SELECT schema_name FROM information_schema.schemata WHERE schema_name = 'acme'"
+  register: result
+  ignore_errors: yes
+
+- assert:
+    that:
+      - result.rowcount == 0
+
+
+# Cleanup
+- name: Remove user
+  postgresql_user:
+    name: "{{ db_user2 }}"
+    state: absent
+    db: "{{ db_name }}"
+    login_user: "{{ pg_user }}"
+
+- name: Destroy DB
+  become_user: "{{ pg_user }}"
+  become: yes
+  postgresql_db:
+    state: absent
+    name: "{{ db_name }}"
+    login_user: "{{ pg_user }}"
--- a/tests/integration/targets/postgresql_schema/tasks/postgresql_schema_session_role.yml
+++ b/tests/integration/targets/postgresql_schema/tasks/postgresql_schema_session_role.yml
@ -0,0 +1,78 @@
+- name: Create a high privileged user
+  become: yes
+  become_user: "{{ pg_user }}"
+  postgresql_user:
+    name: "{{ db_session_role1 }}"
+    state: "present"
+    password: "password"
+    role_attr_flags: "CREATEDB,LOGIN,CREATEROLE"
+    login_user: "{{ pg_user }}"
+    db: postgres
+
+- name: Create DB as session_role
+  become_user: "{{ pg_user }}"
+  become: yes
+  postgresql_db:
+    state: present
+    name: "{{ db_session_role1 }}"
+    login_user: "{{ pg_user }}"
+    session_role: "{{ db_session_role1 }}"
+  register: result
+
+- name: Create schema in own database
+  become_user: "{{ pg_user }}"
+  become: yes
+  postgresql_schema:
+    database: "{{ db_session_role1 }}"
+    login_user: "{{ pg_user }}"
+    name: "{{ db_session_role1 }}"
+    session_role: "{{ db_session_role1 }}"
+
+- name: Create schema in own database, should be owned by session_role
+  become_user: "{{ pg_user }}"
+  become: yes
+  postgresql_schema:
+    database: "{{ db_session_role1 }}"
+    login_user: "{{ pg_user }}"
+    name: "{{ db_session_role1 }}"
+    owner: "{{ db_session_role1 }}"
+  register: result
+
+- assert:
+    that:
+      - result is not changed
+
+- name: Fail when creating schema in postgres database as a regular user
+  become_user: "{{ pg_user }}"
+  become: yes
+  postgresql_schema:
+    database: postgres
+    login_user: "{{ pg_user }}"
+    name: "{{ db_session_role1 }}"
+    session_role: "{{ db_session_role1 }}"
+  ignore_errors: yes
+  register: result
+
+- assert:
+    that:
+      - result is failed
+
+- name: Drop test db
+  become_user: "{{ pg_user }}"
+  become: yes
+  postgresql_db:
+    state: absent
+    name: "{{ db_session_role1 }}"
+    login_user: "{{ pg_user }}"
+
+- name: Drop test users
+  become: yes
+  become_user: "{{ pg_user }}"
+  postgresql_user:
+    name: "{{ item }}"
+    state: absent
+    login_user: "{{ pg_user }}"
+    db: postgres
+  with_items:
+    - "{{ db_session_role1 }}"
+    - "{{ db_session_role2 }}"