Merge branch 'main' into lie_tests_using_containers

CHANGELOG.rst

@@ -6,6 +6,33 @@ Community MySQL Collection Release Notes
 
 This changelog describes changes after version 2.0.0.
 
+v3.6.0
+======
+
+Release Summary
+---------------
+
+This is the minor release of the ``community.mysql`` collection.
+This changelog contains all changes to the modules and plugins in this collection
+that have been made after the previous release.
+
+Minor Changes
+-------------
+
+- mysql_info - add ``connector_name`` and ``connector_version`` to returned values (https://github.com/ansible-collections/community.mysql/pull/497).
+- mysql_role - enable auto_commit to avoid MySQL metadata table lock (https://github.com/ansible-collections/community.mysql/issues/479).
+- mysql_user - add plugin_auth_string as optional parameter to use a specific pam service if pam/auth_pam plugin is used (https://github.com/ansible-collections/community.mysql/pull/445).
+- mysql_user - add the ``session_vars`` argument to set session variables at the beginning of module execution (https://github.com/ansible-collections/community.mysql/issues/478).
+- mysql_user - display a more informative invalid privilege exception. Changes the exception handling of the granting permission logic to show the query executed , params and the exception message granting privileges fails` (https://github.com/ansible-collections/community.mysql/issues/465).
+- mysql_user - enable auto_commit to avoid MySQL metadata table lock (https://github.com/ansible-collections/community.mysql/issues/479).
+- setup_mysql - update MySQL tarball URL (https://github.com/ansible-collections/community.mysql/pull/491).
+
+Bugfixes
+--------
+
+- mysql_user - when revoke privs consists only of ``GRANT``, a 2nd revoke query is executed with empty privs to revoke that ended in an SQL exception (https://github.com/ansible-collections/community.mysql/pull/503).
+- mysql_variables - add uppercase character pattern to regex to allow GLOBAL variables containing uppercase characters. This recognizes variable names used in Galera, for example, ``wsrep_OSU_method``, which breaks the normal pattern of all lowercase characters (https://github.com/ansible-collections/community.mysql/pull/501).
+
 v3.5.1
 ======
 
@@ -216,7 +243,7 @@ that have been added after the release of ``community.mysql`` 2.3.2.
 Breaking Changes / Porting Guide
 --------------------------------
 
-- mysql_replication - remove ``Is_Slave`` and ``Is_Master`` return values (were replaced with ``Is_Primary`` and ``Is_Replica`` (https://github.com/ansible-collections    /community.mysql/issues/145).
+- mysql_replication - remove ``Is_Slave`` and ``Is_Master`` return values (were replaced with ``Is_Primary`` and ``Is_Replica`` (https://github.com/ansible-collections/community.mysql/issues/145).
 - mysql_replication - remove the mode options values containing ``master``/``slave`` and the master_use_gtid option ``slave_pos`` (were replaced with corresponding ``primary``/``replica`` values) (https://github.com/ansible-collections/community.mysql/issues/145).
 - mysql_user - remove support for the `REQUIRESSL` special privilege as it has ben superseded by the `tls_requires` option (https://github.com/ansible-collections/community.mysql/discussions/121).
 - mysql_user - validate privileges using database engine directly (https://github.com/ansible-collections/community.mysql/issues/234 https://github.com/ansible-collections/community.mysql/pull/243). Do not validate privileges in this module anymore.

changelogs/changelog.yaml

@@ -261,3 +261,42 @@ releases:
     - 3.5.1.yml
     - 438-fix-privilege-changing-everytime.yml
     release_date: '2022-09-09'
+  3.6.0:
+    changes:
+      bugfixes:
+      - mysql_user - when revoke privs consists only of ``GRANT``, a 2nd revoke query
+        is executed with empty privs to revoke that ended in an SQL exception (https://github.com/ansible-collections/community.mysql/pull/503).
+      - mysql_variables - add uppercase character pattern to regex to allow GLOBAL
+        variables containing uppercase characters. This recognizes variable names
+        used in Galera, for example, ``wsrep_OSU_method``, which breaks the normal
+        pattern of all lowercase characters (https://github.com/ansible-collections/community.mysql/pull/501).
+      minor_changes:
+      - mysql_info - add ``connector_name`` and ``connector_version`` to returned
+        values (https://github.com/ansible-collections/community.mysql/pull/497).
+      - mysql_role - enable auto_commit to avoid MySQL metadata table lock (https://github.com/ansible-collections/community.mysql/issues/479).
+      - mysql_user - add plugin_auth_string as optional parameter to use a specific
+        pam service if pam/auth_pam plugin is used (https://github.com/ansible-collections/community.mysql/pull/445).
+      - mysql_user - add the ``session_vars`` argument to set session variables at
+        the beginning of module execution (https://github.com/ansible-collections/community.mysql/issues/478).
+      - mysql_user - display a more informative invalid privilege exception. Changes
+        the exception handling of the granting permission logic to show the query
+        executed , params and the exception message granting privileges fails` (https://github.com/ansible-collections/community.mysql/issues/465).
+      - mysql_user - enable auto_commit to avoid MySQL metadata table lock (https://github.com/ansible-collections/community.mysql/issues/479).
+      - setup_mysql - update MySQL tarball URL (https://github.com/ansible-collections/community.mysql/pull/491).
+      release_summary: 'This is the minor release of the ``community.mysql`` collection.
+
+        This changelog contains all changes to the modules and plugins in this collection
+
+        that have been made after the previous release.'
+    fragments:
+    - 0_mysql_user_session_vars.yml
+    - 3.6.0.yml
+    - 445_add_service_name_to_plugin_pam_auth_pam_usage.yml
+    - 465-display_more_informative_invalid_priv_exceptiion.yml
+    - 479_enable_auto_commit.yml
+    - 479_enable_auto_commit_part2.yml
+    - 491_fix_download_url.yaml
+    - 497_mysql_info_returns_connector_name_and_version.yml
+    - 503-fix-revoke-grant-only.yml
+    - mysql_variables_allow_uppercase_identifiers.yml
+    release_date: '2023-02-08'

changelogs/fragments/0_mysql_user_session_vars.yml

@@ -1,2 +0,0 @@
-minor_changes:
-- mysql_user - add the ``session_vars`` argument to set session variables at the beginning of module execution (https://github.com/ansible-collections/community.mysql/issues/478).

changelogs/fragments/177-change_deprecated_connection_parameters.yml

@@ -0,0 +1,2 @@
+minor_changes:
+- mysql module utils - change deprecated connection parameters ``passwd`` and ``db`` to ``password`` and ``database`` (https://github.com/ansible-collections/community.mysql/pull/177).

changelogs/fragments/445_add_service_name_to_plugin_pam_auth_pam_usage.yml

@@ -1,3 +0,0 @@
----
-minor_changes:
-  - mysql_user - add plugin_auth_string as optional parameter to use a specific pam service if pam/auth_pam plugin is used (https://github.com/ansible-collections/community.mysql/pull/445).

changelogs/fragments/465-display_more_informative_invalid_priv_exceptiion.yml

@@ -1,5 +0,0 @@
----
-minor_changes:
-  - mysql_user - display a more informative invalid privilege exception.
-    Changes the exception handling of the granting permission logic to show the query executed , params
-    and the exception message granting privileges fails` (https://github.com/ansible-collections/community.mysql/issues/465).

changelogs/fragments/479_enable_auto_commit.yml

@@ -1,3 +0,0 @@
----
-minor_changes:
-  - mysql_user - enable auto_commit to avoid MySQL metadata table lock (https://github.com/ansible-collections/community.mysql/issues/479).

changelogs/fragments/491_fix_download_url.yaml

@@ -1,3 +0,0 @@
----
-minor_changes:
-  - setup_mysql - update MySQL tarball URL (https://github.com/ansible-collections/community.mysql/pull/491).

changelogs/fragments/497_mysql_info_returns_connector_name_and_version.yml

@@ -1,3 +0,0 @@
----
-minor_changes:
-  - mysql_info - add ``connector_name`` and ``connector_version`` to returned values (https://github.com/ansible-collections/community.mysql/pull/497).

galaxy.yml

@@ -1,6 +1,6 @@
 namespace: community
 name: mysql
-version: 3.5.1
+version: 3.6.0
 readme: README.md
 authors:
   - Ansible community

plugins/module_utils/mysql.py

@@ -122,7 +122,7 @@ def mysql_connect(module, login_user=None, login_password=None, config_file='',
     if login_user is not None:
         config['user'] = login_user
     if login_password is not None:
-        config['passwd'] = login_password
+        config['password'] = login_password
     if ssl_cert is not None:
         config['ssl']['cert'] = ssl_cert
     if ssl_key is not None:
@@ -130,7 +130,7 @@ def mysql_connect(module, login_user=None, login_password=None, config_file='',
     if ssl_ca is not None:
         config['ssl']['ca'] = ssl_ca
     if db is not None:
-        config['db'] = db
+        config['database'] = db
     if connect_timeout is not None:
         config['connect_timeout'] = connect_timeout
     if check_hostname is not None:

plugins/module_utils/user.py

@@ -692,6 +692,8 @@ def privileges_revoke(cursor, user, host, db_table, priv, grant_option, maria_ro
         query = ' '.join(query)
         cursor.execute(query, (user, host))
     priv_string = ",".join([p for p in priv if p not in ('GRANT', )])
+
+    if priv_string != "":
         query = ["REVOKE %s ON %s" % (priv_string, db_table)]
 
         if not maria_role:

plugins/modules/mysql_replication.py

@@ -292,7 +292,6 @@ from ansible_collections.community.mysql.plugins.module_utils.mysql import (
     mysql_common_argument_spec,
 )
 from ansible.module_utils._text import to_native
-from ansible_collections.community.mysql.plugins.module_utils.version import LooseVersion
 
 executed_queries = []
 

plugins/modules/mysql_role.py

@@ -1008,7 +1008,8 @@ def main():
                 cursor, db_conn = mysql_connect(module, 'root', '', config_file,
                                                 ssl_cert, ssl_key, ssl_ca, db,
                                                 connect_timeout=connect_timeout,
-                                                check_hostname=check_hostname)
+                                                check_hostname=check_hostname,
+                                                autocommit=True)
             except Exception:
                 pass
 
@@ -1016,7 +1017,8 @@ def main():
             cursor, db_conn = mysql_connect(module, login_user, login_password,
                                             config_file, ssl_cert, ssl_key,
                                             ssl_ca, db, connect_timeout=connect_timeout,
-                                            check_hostname=check_hostname)
+                                            check_hostname=check_hostname,
+                                            autocommit=True)
 
     except Exception as e:
         module.fail_json(msg='unable to connect to database, '

plugins/modules/mysql_variables.py

@@ -199,7 +199,7 @@ def main():
 
     if mysqlvar is None:
         module.fail_json(msg="Cannot run without variable to operate with")
-    if match('^[0-9a-z_.]+$', mysqlvar) is None:
+    if match('^[0-9A-Za-z_.]+$', mysqlvar) is None:
         module.fail_json(msg="invalid variable name \"%s\"" % mysqlvar)
     if mysql_driver is None:
         module.fail_json(msg=mysql_driver_fail_msg)

tests/integration/targets/test_mysql_user/tasks/main.yml

@@ -240,3 +240,5 @@
 
     # https://github.com/ansible-collections/community.mysql/issues/231
     - include: test_user_grants_with_roles_applied.yml
+
+    - include: revoke_only_grant.yml

tests/integration/targets/test_mysql_user/tasks/revoke_only_grant.yml

@@ -0,0 +1,58 @@
+---
+- vars:
+    mysql_parameters: &mysql_params
+      login_user: '{{ mysql_user }}'
+      login_password: '{{ mysql_password }}'
+      login_host: 127.0.0.1
+      login_port: '{{ mysql_primary_port }}'
+  block:
+    - name: Drop mysql user if exists
+      mysql_user:
+        <<: *mysql_params
+        name: '{{ user_name_1 }}'
+        state: absent
+      ignore_errors: true
+
+    - name: create user with two grants
+      mysql_user:
+        <<: *mysql_params
+        name: "{{ user_name_1 }}"
+        password: "{{ user_password_1 }}"
+        update_password: on_create
+        priv: '*.*:SELECT,GRANT'
+
+    - name: user must have only on priv, grant priv must be dropped
+      register: result
+      mysql_user:
+        <<: *mysql_params
+        name: "{{ user_name_1 }}"
+        password: "{{ user_password_1 }}"
+        update_password: on_create
+        priv: '*.*:SELECT'
+
+    - assert:
+        that:
+          - result is not failed
+          - result is changed
+
+    - name: immutable - user must have only on priv, grant priv must be dropped
+      register: result
+      mysql_user:
+        <<: *mysql_params
+        name: "{{ user_name_1 }}"
+        password: "{{ user_password_1 }}"
+        update_password: on_create
+        priv: '*.*:SELECT'
+
+    - assert:
+        that:
+          - result is not failed
+          - result is not changed
+
+  always:
+    - name: drop user
+      mysql_user:
+        <<: *mysql_params
+        name: '{{ user_name_1 }}'
+        state: absent
+      ignore_errors: true

tests/sanity/ignore-2.10.txt

@@ -1,8 +0,0 @@
-plugins/modules/mysql_db.py validate-modules:doc-elements-mismatch
-plugins/modules/mysql_db.py validate-modules:parameter-list-no-elements
-plugins/modules/mysql_db.py validate-modules:use-run-command-not-popen
-plugins/modules/mysql_info.py validate-modules:doc-elements-mismatch
-plugins/modules/mysql_info.py validate-modules:parameter-list-no-elements
-plugins/modules/mysql_query.py validate-modules:parameter-list-no-elements
-plugins/modules/mysql_user.py validate-modules:undocumented-parameter
-plugins/modules/mysql_variables.py validate-modules:doc-required-mismatch

tests/sanity/ignore-2.11.txt

@@ -1,8 +0,0 @@
-plugins/modules/mysql_db.py validate-modules:doc-elements-mismatch
-plugins/modules/mysql_db.py validate-modules:parameter-list-no-elements
-plugins/modules/mysql_db.py validate-modules:use-run-command-not-popen
-plugins/modules/mysql_info.py validate-modules:doc-elements-mismatch
-plugins/modules/mysql_info.py validate-modules:parameter-list-no-elements
-plugins/modules/mysql_query.py validate-modules:parameter-list-no-elements
-plugins/modules/mysql_user.py validate-modules:undocumented-parameter
-plugins/modules/mysql_variables.py validate-modules:doc-required-mismatch

tests/sanity/ignore-2.15.txt

@@ -6,3 +6,5 @@ plugins/modules/mysql_info.py validate-modules:parameter-list-no-elements
 plugins/modules/mysql_query.py validate-modules:parameter-list-no-elements
 plugins/modules/mysql_user.py validate-modules:undocumented-parameter
 plugins/modules/mysql_variables.py validate-modules:doc-required-mismatch
+plugins/module_utils/mysql.py pylint:unused-import
+plugins/module_utils/version.py pylint:unused-import

tests/sanity/ignore-2.9.txt

@@ -1,3 +0,0 @@
-plugins/modules/mysql_db.py validate-modules:use-run-command-not-popen
-plugins/modules/mysql_user.py validate-modules:parameter-type-not-in-doc
-plugins/modules/mysql_user.py validate-modules:undocumented-parameter

tests/unit/plugins/module_utils/test_mysql_user.py

@@ -4,10 +4,6 @@ from __future__ import (absolute_import, division, print_function)
 __metaclass__ = type
 
 import pytest
-try:
-    from unittest.mock import MagicMock
-except ImportError:
-    from mock import MagicMock
 
 from ansible_collections.community.mysql.plugins.module_utils.user import (
     handle_grant_on_col,
@@ -15,7 +11,6 @@ from ansible_collections.community.mysql.plugins.module_utils.user import (
     normalize_col_grants,
     sort_column_order
 )
-from ..utils import dummy_cursor_class
 
 
 @pytest.mark.parametrize(