From 1b061131dd5f65f13e25b7985deae71e9e656518 Mon Sep 17 00:00:00 2001 From: "R.Sicart" Date: Tue, 14 Dec 2021 09:30:46 +0100 Subject: [PATCH] Feature/mariadb integration ci (#246) * Replace matrix.mysql by matrix.db_engine_version * Specify db flavor * Upgrade dbdeployer to 1.56.0 See https://github.com/datacharmer/dbdeployer/issues/120 * Fix: github workflow syntax * Fix: mysql version file for mariadb engine * Do not test mysql_variables modes persist and persist_only on mariadb Those modes do not exist on mariadb. See https://mariadb.com/kb/en/set/ * Exclude integration tests for mariadb_10.5.4 with pymysql==0.7.10 * TLS on mariadb is disabled by default * Configure mariadb supported versions in matrix As discussed in https://github.com/ansible-collections/community.mysql/discussions/141#discussioncomment-643657 * Fix: test_mysql_db : assert that databases does not exist "assertion": "database1 not in mysql_result.stdout" * Fix: assertion mysql_version in result.version.full * Fix: test_mysql_user : Check that the module made a change and that the expected plugin type is set 'mysql_native_password' in show_create_user.stdout * Fix: test_mysql_replication : Create user for replication ERROR 1064 (42000) at line 1: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'BY 'replication_pass'' at line 1 https://dev.mysql.com/doc/mysql-replication-excerpt/5.7/en/replication-howto-repuser.html https://dev.mysql.com/doc/mysql-replication-excerpt/8.0/en/replication-howto-repuser.html https://mariadb.com/kb/en/setting-up-replication/#example-enabling-replication-for-mariadb Create user syntax compatible with auth plugin and password on both mysql and mariadb. https://dev.mysql.com/doc/refman/8.0/en/create-user.html https://mariadb.com/kb/en/create-user/ * Fix: test_mysql_replication: replica_status 'dict object' has no attribute 'Source_Host' * Do not test mysql_replication_channel.yml on mariadb * Do not test target 'test_mysql_role' with mariadb, too much errors to fix * Setup mysql_version_parts depending on install type (mysql or mariadb) * Install mariadb-client when install_type is mariadb To use the same client tools as the database engine. And to use a more updated mysqldump version, in order to fix this error: ERROR 1556 (HY000) at line 776: You can't use locks with log tables * Fix: mysql auth plugin is set on mariadb >10.2 * Fix: skip assertion on mariadb 10.2 * Do not execute test_user_plugin_auth.yml tests on mariadb, create/update useer sql syntax not compatible * Fix: test_mysql_user : assert user1 TLS requirements Remove test for oldd versions * Fix: typo * Fix: test_mysql_user : Test idempotency (expect ok) ignore mariadb 10.5 * [ci skip] Add changelog fragment * Delete changelog fragment --- .github/workflows/ansible-test-plugins.yml | 27 +++++++--- .../targets/setup_mysql/defaults/main.yml | 11 ++-- .../targets/setup_mysql/tasks/config.yml | 4 +- .../targets/setup_mysql/tasks/install.yml | 18 ++++++- .../targets/setup_mysql/tasks/setvars.yml | 7 ++- .../targets/setup_mysql/vars/main.yml | 6 +-- .../targets/test_mysql_db/tasks/issue-28.yml | 8 ++- .../tasks/multi_db_create_delete.yml | 12 +++++ .../test_mysql_info/tasks/issue-28.yml | 12 ++++- .../targets/test_mysql_info/tasks/main.yml | 2 +- .../test_mysql_query/tasks/issue-28.yml | 12 ++++- .../test_mysql_replication/tasks/issue-28.yml | 12 ++++- .../test_mysql_replication/tasks/main.yml | 2 + .../tasks/mysql_replication_initial.yml | 8 ++- .../tasks/mysql_role_initial.yml | 4 +- .../test_mysql_user/tasks/create_user.yml | 6 +++ .../test_mysql_user/tasks/issue-28.yml | 8 ++- .../targets/test_mysql_user/tasks/main.yml | 2 + .../test_mysql_user/tasks/test_privs.yml | 2 + .../tasks/test_user_plugin_auth.yml | 50 +++++++++++++++---- .../tasks/tls_requirements.yml | 28 ++++------- .../test_mysql_variables/tasks/issue-28.yml | 8 ++- .../tasks/mysql_variables.yml | 4 +- 23 files changed, 195 insertions(+), 58 deletions(-) diff --git a/.github/workflows/ansible-test-plugins.yml b/.github/workflows/ansible-test-plugins.yml index 64435cd..f39e171 100644 --- a/.github/workflows/ansible-test-plugins.yml +++ b/.github/workflows/ansible-test-plugins.yml @@ -50,14 +50,16 @@ jobs: working-directory: ./ansible_collections/community/mysql integration: - name: "Integration (Python: ${{ matrix.python }}, Ansible: ${{ matrix.ansible }}, MySQL: ${{ matrix.mysql }}, Connector: ${{ matrix.connector }})" + name: "Integration (Python: ${{ matrix.python }}, Ansible: ${{ matrix.ansible }}, MySQL: ${{ matrix.db_engine_version }}, Connector: ${{ matrix.connector }})" runs-on: ubuntu-latest strategy: fail-fast: false matrix: - mysql: - - 5.7.31 - - 8.0.22 + db_engine_version: + - mysql_5.7.31 + - mysql_8.0.22 + - mariadb_10.2.37 + - mariadb_10.5.9 ansible: - stable-2.9 - stable-2.10 @@ -72,7 +74,9 @@ jobs: - pymysql==0.9.3 - mysqlclient==2.0.1 exclude: - - mysql: 8.0.22 + - db_engine_version: mysql_8.0.22 + connector: pymysql==0.7.10 + - db_engine_version: mariadb_10.5.9 connector: pymysql==0.7.10 - python: 3.8 ansible: stable-2.9 @@ -100,8 +104,17 @@ jobs: - name: Install ansible-base (${{ matrix.ansible }}) run: pip install https://github.com/ansible/ansible/archive/${{ matrix.ansible }}.tar.gz --disable-pip-version-check - - name: Set MySQL version (${{ matrix.mysql }}) - run: "sed -i 's/^mysql_version:.*/mysql_version: \"${{ matrix.mysql }}\"/g' ${{ env.mysql_version_file }}" + - name: Set MySQL version (${{ matrix.db_engine_version }}) + run: | + export DB_VERSION=$(echo "${{ matrix.db_engine_version }}" | awk -F_ '{print $2}') + sed -i "s/^mysql_version:.*/mysql_version: $DB_VERSION/g" ${{ env.mysql_version_file }} + if: ${{ startsWith(matrix.db_engine_version, 'mysql') }} + + - name: Set MariaDB version (${{ matrix.db_engine_version }}) + run: | + export DB_VERSION=$(echo "${{ matrix.db_engine_version }}" | awk -F_ '{print $2}') + sed -i -e "s/^mariadb_version:.*/mariadb_version: $DB_VERSION/g" -e 's/^mariadb_install: false/mariadb_install: true/g' ${{ env.mysql_version_file }} + if: ${{ startsWith(matrix.db_engine_version, 'mariadb') }} - name: Set Connector version (${{ matrix.connector }}) run: "sed -i 's/^python_packages:.*/python_packages: [${{ matrix.connector }}]/' ${{ env.connector_version_file }}" diff --git a/tests/integration/targets/setup_mysql/defaults/main.yml b/tests/integration/targets/setup_mysql/defaults/main.yml index 7bcb2d2..68c60bc 100644 --- a/tests/integration/targets/setup_mysql/defaults/main.yml +++ b/tests/integration/targets/setup_mysql/defaults/main.yml @@ -1,13 +1,18 @@ -dbdeployer_version: 1.52.0 +dbdeployer_version: 1.56.0 dbdeployer_home_dir: /opt/dbdeployer home_dir: /root -percona_client_version: 5.7 - mariadb_install: false mysql_version: 8.0.22 mariadb_version: 10.5.4 mysql_base_port: 3306 + +percona_client_package: >- + {%- if mariadb_install -%} + mariadb-client + {%- else -%} + percona-server-client-5.7 + {%- endif -%} diff --git a/tests/integration/targets/setup_mysql/tasks/config.yml b/tests/integration/targets/setup_mysql/tasks/config.yml index 57be29a..2b27e27 100644 --- a/tests/integration/targets/setup_mysql/tasks/config.yml +++ b/tests/integration/targets/setup_mysql/tasks/config.yml @@ -6,10 +6,10 @@ - name: "{{ role_name }} | config | run unpack tarball" shell: - cmd: "dbdeployer unpack {{ dbdeployer_sandbox_download_dir }}/{{ install_tarball }}" + cmd: "dbdeployer unpack {{ dbdeployer_sandbox_download_dir }}/{{ install_tarball }} --flavor {{ install_type }}" creates: "{{ dbdeployer_sandbox_binary_dir }}/{{ install_version }}" - name: "{{ role_name }} | config | setup replication topology" shell: - cmd: "dbdeployer deploy multiple {{ install_version }} --base-port {{ mysql_base_port }} --my-cnf-options=\"master_info_repository='TABLE'\" --my-cnf-options=\"relay_log_info_repository='TABLE'\"" + cmd: "dbdeployer deploy multiple {{ install_version }} --flavor {{ install_type }} --base-port {{ mysql_base_port }} --my-cnf-options=\"master_info_repository='TABLE'\" --my-cnf-options=\"relay_log_info_repository='TABLE'\"" creates: "{{ dbdeployer_sandbox_home_dir }}/multi_msb_{{ install_version|replace('.','_') }}" diff --git a/tests/integration/targets/setup_mysql/tasks/install.yml b/tests/integration/targets/setup_mysql/tasks/install.yml index 57e4b31..b64af25 100644 --- a/tests/integration/targets/setup_mysql/tasks/install.yml +++ b/tests/integration/targets/setup_mysql/tasks/install.yml @@ -4,12 +4,26 @@ keyserver: keyserver.ubuntu.com id: 4D1BB29D63D98E422B2113B19334A25F8507EFA5 state: present + when: install_type == 'mysql' - name: "{{ role_name }} | install | add percona repositories" apt_repository: - repo: "{{ item }}" + repo: deb http://repo.percona.com/percona/apt {{ ansible_lsb.codename }} main state: present - loop: "{{ percona_mysql_repos }}" + when: install_type == 'mysql' + +- name: "{{ role_name }} | install | add apt signing key for mariadb" + apt_key: + keyserver: keyserver.ubuntu.com + id: F1656F24C74CD1D8 + state: present + when: install_type == 'mariadb' + +- name: "{{ role_name }} | install | add mariadb repositories" + apt_repository: + repo: "deb [arch=amd64,arm64] https://downloads.mariadb.com/MariaDB/mariadb-{{ mysql_major_version }}/repo/ubuntu {{ ansible_lsb.codename }} main" + state: present + when: install_type == 'mariadb' - name: "{{ role_name }} | install | install packages required by percona" apt: diff --git a/tests/integration/targets/setup_mysql/tasks/setvars.yml b/tests/integration/targets/setup_mysql/tasks/setvars.yml index 14a2c54..cfc90c1 100644 --- a/tests/integration/targets/setup_mysql/tasks/setvars.yml +++ b/tests/integration/targets/setup_mysql/tasks/setvars.yml @@ -1,7 +1,12 @@ --- - name: "{{ role_name }} | setvars | split mysql version in parts" set_fact: - mysql_version_parts: "{{ mysql_version.split('.') }}" + mysql_version_parts: >- + {%- if mariadb_install -%} + {{ mariadb_version.split('.') }} + {%- else -%} + {{ mysql_version.split('.') }} + {%- endif -%} - name: "{{ role_name }} | setvars | get mysql major version" set_fact: diff --git a/tests/integration/targets/setup_mysql/vars/main.yml b/tests/integration/targets/setup_mysql/vars/main.yml index e267307..db17f1e 100644 --- a/tests/integration/targets/setup_mysql/vars/main.yml +++ b/tests/integration/targets/setup_mysql/vars/main.yml @@ -7,12 +7,8 @@ dbdeployer_sandbox_download_dir: "{{ home_dir }}/downloads" dbdeployer_sandbox_binary_dir: "{{ home_dir }}/opt/mysql" dbdeployer_sandbox_home_dir: "{{ home_dir }}/sandboxes" -percona_mysql_repos: - - deb http://repo.percona.com/apt {{ ansible_lsb.codename }} main - - deb-src http://repo.percona.com/apt {{ ansible_lsb.codename }} main - percona_mysql_packages: - - percona-server-client-{{ percona_client_version }} + - "{{ percona_client_package }}" python_packages: [pymysql == 0.9.3] diff --git a/tests/integration/targets/test_mysql_db/tasks/issue-28.yml b/tests/integration/targets/test_mysql_db/tasks/issue-28.yml index a0b037f..74071e2 100644 --- a/tests/integration/targets/test_mysql_db/tasks/issue-28.yml +++ b/tests/integration/targets/test_mysql_db/tasks/issue-28.yml @@ -1,11 +1,17 @@ --- +- name: set fact tls_enabled + command: "{{ mysql_command }} \"-e SHOW VARIABLES LIKE 'have_ssl';\"" + register: result +- set_fact: + tls_enabled: "{{ 'YES' in result.stdout | bool | default('false', true) }}" + - vars: mysql_parameters: &mysql_params login_user: '{{ mysql_user }}' login_password: '{{ mysql_password }}' login_host: 127.0.0.1 login_port: '{{ mysql_primary_port }}' - + when: tls_enabled block: # ============================================================ diff --git a/tests/integration/targets/test_mysql_db/tasks/multi_db_create_delete.yml b/tests/integration/targets/test_mysql_db/tasks/multi_db_create_delete.yml index 6bada1c..cb91d32 100644 --- a/tests/integration/targets/test_mysql_db/tasks/multi_db_create_delete.yml +++ b/tests/integration/targets/test_mysql_db/tasks/multi_db_create_delete.yml @@ -14,6 +14,18 @@ # # ========================================================================== # Initial check - To confirm that database does not exist before executing check mode tasks +- name: Drop databases before test + mysql_db: + login_user: '{{ mysql_user }}' + login_password: '{{ mysql_password }}' + login_host: 127.0.0.1 + login_port: '{{ mysql_primary_port }}' + name: + - '{{ db1_name }}' + - '{{ db2_name }}' + - '{{ db3_name }}' + state: absent + - name: run command to list databases like specified database name command: "{{ mysql_command }} \"-e show databases like 'database%'\"" register: mysql_result diff --git a/tests/integration/targets/test_mysql_info/tasks/issue-28.yml b/tests/integration/targets/test_mysql_info/tasks/issue-28.yml index 289b8b3..ec2b493 100644 --- a/tests/integration/targets/test_mysql_info/tasks/issue-28.yml +++ b/tests/integration/targets/test_mysql_info/tasks/issue-28.yml @@ -1,11 +1,21 @@ --- +- name: alias mysql command to include default options + set_fact: + mysql_command: "mysql -u{{ mysql_user }} -p{{ mysql_password }} -P{{ mysql_primary_port }} --protocol=tcp" + +- name: set fact tls_enabled + command: "{{ mysql_command }} \"-e SHOW VARIABLES LIKE 'have_ssl';\"" + register: result +- set_fact: + tls_enabled: "{{ 'YES' in result.stdout | bool | default('false', true) }}" + - vars: mysql_parameters: &mysql_params login_user: '{{ mysql_user }}' login_password: '{{ mysql_password }}' login_host: 127.0.0.1 login_port: '{{ mysql_primary_port }}' - + when: tls_enabled block: # ============================================================ diff --git a/tests/integration/targets/test_mysql_info/tasks/main.yml b/tests/integration/targets/test_mysql_info/tasks/main.yml index 0ed2af9..c3d601d 100644 --- a/tests/integration/targets/test_mysql_info/tasks/main.yml +++ b/tests/integration/targets/test_mysql_info/tasks/main.yml @@ -48,7 +48,7 @@ - assert: that: - result.changed == false - - "mysql_version in result.version.full" + - "mysql_version in result.version.full or mariadb_version in result.version.full" - result.settings != {} - result.global_status != {} - result.databases != {} diff --git a/tests/integration/targets/test_mysql_query/tasks/issue-28.yml b/tests/integration/targets/test_mysql_query/tasks/issue-28.yml index 0363834..61f086e 100644 --- a/tests/integration/targets/test_mysql_query/tasks/issue-28.yml +++ b/tests/integration/targets/test_mysql_query/tasks/issue-28.yml @@ -1,11 +1,21 @@ --- +- name: alias mysql command to include default options + set_fact: + mysql_command: "mysql -u{{ mysql_user }} -p{{ mysql_password }} -P{{ mysql_primary_port }} --protocol=tcp" + +- name: set fact tls_enabled + command: "{{ mysql_command }} \"-e SHOW VARIABLES LIKE 'have_ssl';\"" + register: result +- set_fact: + tls_enabled: "{{ 'YES' in result.stdout | bool | default('false', true) }}" + - vars: mysql_parameters: &mysql_params login_user: '{{ mysql_user }}' login_password: '{{ mysql_password }}' login_host: 127.0.0.1 login_port: '{{ mysql_primary_port }}' - + when: tls_enabled block: # ============================================================ diff --git a/tests/integration/targets/test_mysql_replication/tasks/issue-28.yml b/tests/integration/targets/test_mysql_replication/tasks/issue-28.yml index 5baa384..11e457b 100644 --- a/tests/integration/targets/test_mysql_replication/tasks/issue-28.yml +++ b/tests/integration/targets/test_mysql_replication/tasks/issue-28.yml @@ -1,11 +1,21 @@ --- +- name: alias mysql command to include default options + set_fact: + mysql_command: "mysql -u{{ mysql_user }} -p{{ mysql_password }} -P{{ mysql_primary_port }} --protocol=tcp" + +- name: set fact tls_enabled + command: "{{ mysql_command }} \"-e SHOW VARIABLES LIKE 'have_ssl';\"" + register: result +- set_fact: + tls_enabled: "{{ 'YES' in result.stdout | bool | default('false', true) }}" + - vars: mysql_parameters: &mysql_params login_user: '{{ mysql_user }}' login_password: '{{ mysql_password }}' login_host: 127.0.0.1 login_port: '{{ mysql_primary_port }}' - + when: tls_enabled block: # ============================================================ diff --git a/tests/integration/targets/test_mysql_replication/tasks/main.yml b/tests/integration/targets/test_mysql_replication/tasks/main.yml index d4c7150..32b59be 100644 --- a/tests/integration/targets/test_mysql_replication/tasks/main.yml +++ b/tests/integration/targets/test_mysql_replication/tasks/main.yml @@ -14,6 +14,8 @@ # Tests of channel parameter: - import_tasks: mysql_replication_channel.yml + when: + - install_type == 'mysql' # FIXME: mariadb introduces FOR CHANNEL in 10.7 # Tests of resetprimary mode: - import_tasks: mysql_replication_resetprimary_mode.yml diff --git a/tests/integration/targets/test_mysql_replication/tasks/mysql_replication_initial.yml b/tests/integration/targets/test_mysql_replication/tasks/mysql_replication_initial.yml index 3ff1d2a..050e952 100644 --- a/tests/integration/targets/test_mysql_replication/tasks/mysql_replication_initial.yml +++ b/tests/integration/targets/test_mysql_replication/tasks/mysql_replication_initial.yml @@ -24,14 +24,20 @@ mysql8022_and_higher: true when: - db.version.major > 8 or (db.version.major == 8 and db.version.minor > 0) or (db.version.major == 8 and db.version.minor == 0 and db.version.release >= 22) + - install_type == 'mysql' - name: alias mysql command to include default options set_fact: mysql_command: "mysql -u{{ mysql_user }} -p{{ mysql_password }} --protocol=tcp" # Preparation: - - name: Create user for replication + - name: Create user for mysql replication shell: "echo \"CREATE USER '{{ replication_user }}'@'localhost' IDENTIFIED WITH mysql_native_password BY '{{ replication_pass }}'; GRANT REPLICATION SLAVE ON *.* TO '{{ replication_user }}'@'localhost';\" | {{ mysql_command }} -P{{ mysql_primary_port }}" + when: install_type == 'mysql' + + - name: Create user for mariadb replication + shell: "echo \"CREATE USER '{{ replication_user }}'@'localhost' IDENTIFIED BY '{{ replication_pass }}'; GRANT REPLICATION SLAVE ON *.* TO '{{ replication_user }}'@'localhost';\" | {{ mysql_command }} -P{{ mysql_primary_port }}" + when: install_type == 'mariadb' - name: Create test database mysql_db: diff --git a/tests/integration/targets/test_mysql_role/tasks/mysql_role_initial.yml b/tests/integration/targets/test_mysql_role/tasks/mysql_role_initial.yml index ba3125c..5f47e7a 100644 --- a/tests/integration/targets/test_mysql_role/tasks/mysql_role_initial.yml +++ b/tests/integration/targets/test_mysql_role/tasks/mysql_role_initial.yml @@ -32,10 +32,10 @@ when: - srv['version']['major'] < 8 + # FIXME: tests should pass for both mysql >= 8 and mariadb # Skip unsupported versions - meta: end_play - when: - - srv['version']['major'] < 8 + when: srv['version']['major'] < 8 or install_type == 'mariadb' ######### # Prepare diff --git a/tests/integration/targets/test_mysql_user/tasks/create_user.yml b/tests/integration/targets/test_mysql_user/tasks/create_user.yml index 790d9bb..78c253d 100644 --- a/tests/integration/targets/test_mysql_user/tasks/create_user.yml +++ b/tests/integration/targets/test_mysql_user/tasks/create_user.yml @@ -24,6 +24,12 @@ login_port: '{{ mysql_primary_port }}' block: + - name: Drop mysql user if exists + mysql_user: + <<: *mysql_params + name: '{{ user_name_1 }}' + state: absent + ignore_errors: yes # ============================================================ - name: create mysql user {{user_name}} diff --git a/tests/integration/targets/test_mysql_user/tasks/issue-28.yml b/tests/integration/targets/test_mysql_user/tasks/issue-28.yml index 16eb47d..ae15865 100644 --- a/tests/integration/targets/test_mysql_user/tasks/issue-28.yml +++ b/tests/integration/targets/test_mysql_user/tasks/issue-28.yml @@ -1,11 +1,17 @@ --- +- name: set fact tls_enabled + command: "{{ mysql_command }} \"-e SHOW VARIABLES LIKE 'have_ssl';\"" + register: result +- set_fact: + tls_enabled: "{{ 'YES' in result.stdout | bool | default('false', true) }}" + - vars: mysql_parameters: &mysql_params login_user: '{{ mysql_user }}' login_password: '{{ mysql_password }}' login_host: 127.0.0.1 login_port: '{{ mysql_primary_port }}' - + when: tls_enabled block: # ============================================================ diff --git a/tests/integration/targets/test_mysql_user/tasks/main.yml b/tests/integration/targets/test_mysql_user/tasks/main.yml index 93cb12d..9fd5ccd 100644 --- a/tests/integration/targets/test_mysql_user/tasks/main.yml +++ b/tests/integration/targets/test_mysql_user/tasks/main.yml @@ -242,7 +242,9 @@ # ============================================================ # Test plugin authentication scenarios. # + # FIXME: mariadb sql syntax for create/update user is not compatible - include: test_user_plugin_auth.yml + when: install_type == 'mysql' # ============================================================ # Assert create user with SELECT privileges, attempt to create database and update privileges to create database diff --git a/tests/integration/targets/test_mysql_user/tasks/test_privs.yml b/tests/integration/targets/test_mysql_user/tasks/test_privs.yml index 27beb77..89d9358 100644 --- a/tests/integration/targets/test_mysql_user/tasks/test_privs.yml +++ b/tests/integration/targets/test_mysql_user/tasks/test_privs.yml @@ -173,10 +173,12 @@ state: present register: result + # FIXME: on mariadb 10.5 there's always a change - name: Assert that priv did not change assert: that: - "result.changed == false" + when: install_type == 'mysql' or (install_type == 'mariadb' and mariadb_version is version('10.2', '==')) # ============================================================ - name: update user with invalid privileges diff --git a/tests/integration/targets/test_mysql_user/tasks/test_user_plugin_auth.yml b/tests/integration/targets/test_mysql_user/tasks/test_user_plugin_auth.yml index 3ce9f1b..3b95d17 100644 --- a/tests/integration/targets/test_mysql_user/tasks/test_user_plugin_auth.yml +++ b/tests/integration/targets/test_mysql_user/tasks/test_user_plugin_auth.yml @@ -31,14 +31,19 @@ register: result - name: Get user information - command: "{{ mysql_command }} -e \"SHOW CREATE USER '{{ test_user_name }}'@'localhost'\"" + command: "{{ mysql_command }} -e \"SELECT user, host, plugin FROM mysql.user WHERE user = '{{ test_user_name }}' and host = 'localhost'\"" register: show_create_user - - name: Check that the module made a change and that the expected plugin type is set + - name: Check that the module made a change assert: that: - "result.changed == true" + + - name: Check that the expected plugin type is set + assert: + that: - "'{{ test_plugin_type }}' in show_create_user.stdout" + when: install_type == 'mysql' or (install_type == 'mariadb' and mariadb_version is version('10.3', '>=')) - include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }} @@ -102,14 +107,19 @@ register: result - name: Get user information - command: "{{ mysql_command }} -e \"SHOW CREATE USER '{{ test_user_name }}'@'localhost'\"" + command: "{{ mysql_command }} -e \"SELECT user, host, plugin FROM mysql.user WHERE user = '{{ test_user_name }}' and host = 'localhost'\"" register: show_create_user - - name: Check that the module made a change and that the expected plugin type is set + - name: Check that the module made a change assert: that: - "result.changed == true" + + - name: Check that the expected plugin type is set + assert: + that: - "'{{ test_plugin_type }}' in show_create_user.stdout" + when: install_type == 'mysql' or (install_type == 'mariadb' and mariadb_version is version('10.3', '>=')) - include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }} @@ -135,10 +145,12 @@ plugin_hash_string: '{{ test_plugin_hash }}' register: result + # FIXME: on mariadb 10.2 there's always a change - name: Check that the module doesn't make a change when the same hash is passed in assert: that: - "result.changed == false" + when: install_type == 'mysql' or (install_type == 'mariadb' and mariadb_version is version('10.3', '>=')) - include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }} @@ -190,11 +202,16 @@ command: "{{ mysql_command }} -e \"SHOW CREATE USER '{{ test_user_name }}'@'localhost'\"" register: show_create_user - - name: Check that the module made a change and that the expected plugin type is set + - name: Check that the module made a change assert: that: - "result.changed == true" + + - name: Check that the expected plugin type is set + assert: + that: - "'{{ test_plugin_type }}' in show_create_user.stdout" + when: install_type == 'mysql' or (install_type == 'mariadb' and mariadb_version is version('10.3', '>=')) - include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }} @@ -275,11 +292,16 @@ command: "{{ mysql_command }} -e \"SHOW CREATE USER '{{ test_user_name }}'@'localhost'\"" register: show_create_user - - name: Check that the module made a change and that the expected plugin type is set + - name: Check that the module made a change assert: that: - "result.changed == true" + + - name: Check that the expected plugin type is set + assert: + that: - "'{{ test_plugin_type }}' in show_create_user.stdout" + when: install_type == 'mysql' or (install_type == 'mariadb' and mariadb_version is version('10.3', '>=')) - include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }} @@ -354,11 +376,16 @@ command: "{{ mysql_command }} -e \"SHOW CREATE USER '{{ test_user_name }}'@'localhost'\"" register: show_create_user - - name: Check that the module made a change and that the expected plugin type is set + - name: Check that the module made a change assert: that: - "result.changed == true" + + - name: Check that the expected plugin type is set + assert: + that: - "'{{ test_plugin_type }}' in show_create_user.stdout" + when: install_type == 'mysql' or (install_type == 'mariadb' and mariadb_version is version('10.3', '>=')) - include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }} @@ -374,11 +401,16 @@ command: "{{ mysql_command }} -e \"SHOW CREATE USER '{{ test_user_name }}'@'localhost'\"" register: show_create_user - - name: Check that the module made a change and that the expected plugin type is set + - name: Check that the module made a change assert: that: - "result.changed == true" - - "'sha256_password' in show_create_user.stdout" + + - name: Check that the expected plugin type is set + assert: + that: + - "'sha256_password' in show_create_user.stdout" + when: install_type == 'mysql' or (install_type == 'mariadb' and mariadb_version is version('10.3', '>=')) - include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }} diff --git a/tests/integration/targets/test_mysql_user/tasks/tls_requirements.yml b/tests/integration/targets/test_mysql_user/tasks/tls_requirements.yml index 8de9401..7bf142e 100644 --- a/tests/integration/targets/test_mysql_user/tasks/tls_requirements.yml +++ b/tests/integration/targets/test_mysql_user/tasks/tls_requirements.yml @@ -55,7 +55,7 @@ issuer: '/CN=org/O=MyDom, Inc./C=US/ST=Oregon/L=Portland' - block: - - name: retrieve TLS requiremets for users in old database version + - name: retrieve TLS requirements for users in old database version command: "{{ mysql_command }} -L -N -s -e \"SHOW GRANTS for '{{ item }}'@'localhost'\"" register: old_result with_items: ['{{ user_name_1 }}', '{{ user_name_2 }}', '{{ user_name_3 }}'] @@ -67,7 +67,7 @@ when: db_version.version.major <= 5 and db_version.version.minor <= 6 or db_version.version.major == 10 and db_version.version.minor < 2 - block: - - name: retrieve TLS requiremets for users in new database version + - name: retrieve TLS requirements for users in new database version command: "{{ mysql_command }} -L -N -s -e \"SHOW CREATE USER '{{ item }}'@'localhost'\"" register: new_result with_items: ['{{ user_name_1 }}', '{{ user_name_2 }}', '{{ user_name_3 }}'] @@ -119,12 +119,12 @@ that: - result is changed - - name: retrieve TLS requiremets for users in old database version + - name: retrieve TLS requirements for users in old database version command: "{{ mysql_command }} -L -N -s -e \"SHOW GRANTS for '{{ user_name_1 }}'@'localhost'\"" register: old_result when: db_version.version.major <= 5 and db_version.version.minor <= 6 or db_version.version.major == 10 and db_version.version.minor < 2 - - name: retrieve TLS requiremets for users in new database version + - name: retrieve TLS requirements for users in new database version command: "{{ mysql_command }} -L -N -s -e \"SHOW CREATE USER '{{ user_name_1 }}'@'localhost'\"" register: new_result when: db_version.version.major == 5 and db_version.version.minor >= 7 or db_version.version.major > 5 and db_version.version.major < 10 or db_version.version.major == 10 and db_version.version.minor >= 2 @@ -143,12 +143,12 @@ tls_requires: X509: - - name: retrieve TLS requiremets for users in old database version + - name: retrieve TLS requirements for users in old database version command: "{{ mysql_command }} -L -N -s -e \"SHOW GRANTS for '{{ user_name_1 }}'@'localhost'\"" register: old_result when: db_version.version.major <= 5 and db_version.version.minor <= 6 or db_version.version.major == 10 and db_version.version.minor < 2 - - name: retrieve TLS requiremets for users in new database version + - name: retrieve TLS requirements for users in new database version command: "{{ mysql_command }} -L -N -s -e \"SHOW CREATE USER '{{ user_name_1 }}'@'localhost'\"" register: new_result when: db_version.version.major == 5 and db_version.version.minor >= 7 or db_version.version.major > 5 and db_version.version.major < 10 or db_version.version.major == 10 and db_version.version.minor >= 2 @@ -159,28 +159,20 @@ vars: - reqs: "{{(old_result is skipped | ternary(new_result, old_result)).stdout.split('REQUIRE')[1].split(separator)[0].strip()}}" - - name: remove TLS requiremets from user (expect changed=true) + - name: remove TLS requirements from user (expect changed=true) mysql_user: <<: *mysql_params name: '{{ user_name_1 }}' password: '{{ user_password_1 }}' tls_requires: - - name: retrieve TLS requiremets for users in old database version - command: "{{ mysql_command }} -L -N -s -e \"SHOW GRANTS for '{{ user_name_1 }}'@'localhost'\"" - register: old_result - when: db_version.version.major <= 5 and db_version.version.minor <= 6 or db_version.version.major == 10 and db_version.version.minor < 2 - - - name: retrieve TLS requiremets for users in new database version + - name: retrieve TLS requirements for users command: "{{ mysql_command }} -L -N -s -e \"SHOW CREATE USER '{{ user_name_1 }}'@'localhost'\"" - register: new_result - when: db_version.version.major == 5 and db_version.version.minor >= 7 or db_version.version.major > 5 and db_version.version.major < 10 or db_version.version.major == 10 and db_version.version.minor >= 2 + register: result - name: assert user1 TLS requirements assert: - that: "'NONE' in reqs" - vars: - - reqs: "{{(old_result is skipped | ternary(new_result, old_result)).stdout.split('REQUIRE')[1].split(separator)[0].strip() | default('NONE') }}" + that: "'REQUIRE ' not in result.stdout or 'REQUIRE NONE' in result.stdout" - include: remove_user.yml user_name={{user_name_1}} user_password={{ user_password_1 }} diff --git a/tests/integration/targets/test_mysql_variables/tasks/issue-28.yml b/tests/integration/targets/test_mysql_variables/tasks/issue-28.yml index c33c52d..93c2125 100644 --- a/tests/integration/targets/test_mysql_variables/tasks/issue-28.yml +++ b/tests/integration/targets/test_mysql_variables/tasks/issue-28.yml @@ -1,11 +1,17 @@ --- +- name: set fact tls_enabled + command: "{{ mysql_command }} \"-e SHOW VARIABLES LIKE 'have_ssl';\"" + register: result +- set_fact: + tls_enabled: "{{ 'YES' in result.stdout | bool | default('false', true) }}" + - vars: mysql_parameters: &mysql_params login_user: '{{ mysql_user }}' login_password: '{{ mysql_password }}' login_host: 127.0.0.1 login_port: '{{ mysql_primary_port }}' - + when: tls_enabled block: # ============================================================ diff --git a/tests/integration/targets/test_mysql_variables/tasks/mysql_variables.yml b/tests/integration/targets/test_mysql_variables/tasks/mysql_variables.yml index 390bc69..a857f12 100644 --- a/tests/integration/targets/test_mysql_variables/tasks/mysql_variables.yml +++ b/tests/integration/targets/test_mysql_variables/tasks/mysql_variables.yml @@ -359,7 +359,9 @@ - include: assert_var.yml changed=true output={{ result }} var_name={{ set_name }} var_value='{{ def_val }}' - when: mysql_version is not version('8.0', '<') + when: + - mysql_version is version('8.0', '>=') + - install_type == 'mysql' # Bugfix of https://github.com/ansible/ansible/issues/54239 # - name: set variable containing dot