ansible-collections/community.mysql
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.mysql.git synced 2025-04-09 12:10:31 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions1

[PR #427/0a68bb27 backport][stable-2] CI is changed ()

Browse source 
* Is changed ()

* Refactor tests to use "is" and "is not" changed

* Refactor tests to use is succeeded or is failed

* Reformat indentation

* Add filter "bool" to prevent issues

(cherry picked from commit 0a68bb270f)

* Fix error message verification

I don't know why this works on main, but in stable-1, the error message
is "invalid privileges string: Invalid privileges specified:
frozenset({'INVALID'})"

* Add filter for test that won't work with mariadb

* Add test databases cleanup

* Backport small diff from main
This commit is contained in:
Laurent Indermühle 2022-08-29 10:20:13 +02:00 committed by GitHub
parent 4aa166ec13
commit 58b850f217
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
20 changed files with 457 additions and 193 deletions

42
tests/integration/targets/test_mysql_db/tasks/multi_db_create_delete.yml
View file

@ -14,6 +14,18 @@
#
# ==========================================================================
# Initial check - To confirm that database does not exist before executing check mode tasks
- name: Drop databases before test
mysql_db:
login_user: '{{ mysql_user }}'
login_password: '{{ mysql_password }}'
login_host: 127.0.0.1
login_port: '{{ mysql_primary_port }}'
name:
- '{{ db1_name }}'
- '{{ db2_name }}'
- '{{ db3_name }}'
state: absent
- name: run command to list databases like specified database name
command: "{{ mysql_command }} \"-e show databases like 'database%'\""
register: mysql_result
@ -44,7 +56,7 @@
- name: assert successful completion of create database using check_mode since databases does not exist prior
assert:
that:
- check_mode_result.changed == true
- check_mode_result is changed
- name: run command to list databases like specified database name
command: "{{ mysql_command }} \"-e show databases like 'database%'\""
@ -75,7 +87,7 @@
- name: assert successful completion of create database
assert:
that:
- result.changed == true
- result is changed
- result.db_list == ['{{ db1_name }}', '{{ db2_name }}', '{{ db3_name }}']
- name: run command to list databases like specified database name
@ -108,7 +120,7 @@
- name: assert that recreation of existing databases does not make change (since recreated using check mode)
assert:
that:
- check_mode_result.changed == false
- check_mode_result is not changed
- name: run command to list databases like specified database name
command: "{{ mysql_command }} \"-e show databases like 'database%'\""
@ -139,7 +151,7 @@
- name: assert that recreation of existing databases does not make change
assert:
that:
- result.changed == false
- result is not changed
- name: run command to list databases like specified database name
command: "{{ mysql_command }} \"-e show databases like 'database%'\""
@ -168,7 +180,7 @@
- name: assert successful completion of deleting database
assert:
that:
- result.changed == true
- result is changed
- name: run command to list databases like specified database name
command: "{{ mysql_command }} \"-e show databases like 'database%'\""
@ -200,7 +212,7 @@
- name: assert successful completion of recreation of partially existing database using check mode
assert:
that:
- check_mode_result.changed == true
- check_mode_result is changed
- name: run command to list databases like specified database name
command: "{{ mysql_command }} \"-e show databases like 'database%'\""
@ -231,7 +243,7 @@
- name: assert successful completion of create database
assert:
that:
- result.changed == true
- result is changed
- name: run command to list databases like specified database name
command: "{{ mysql_command }} \"-e show databases like 'database%'\""
@ -272,7 +284,7 @@
- name: assert successful completion of dump operation using check mode
assert:
that:
- check_mode_dump_result.changed == true
- check_mode_dump_result is changed
- name: run command to list databases like specified database name
command: "{{ mysql_command }} \"-e show databases like 'database%'\""
@ -389,7 +401,7 @@
- name: assert successful completion of dump operation
assert:
that:
- dump_result.changed == true
- dump_result is changed
- dump_result.db_list == ['{{ db1_name }}', '{{ db2_name }}', '{{ db3_name }}']
- name: run command to list databases like specified database name
@ -439,7 +451,7 @@
- name: assert successful completion of dump operation
assert:
that:
- dump_result.changed == true
- dump_result is changed
- name: run command to list databases like specified database name
command: "{{ mysql_command }} \"-e show databases like 'database%'\""
@ -479,7 +491,7 @@
- name: assert successful completion of delete databases which already exists using check mode
assert:
that:
- check_mode_result.changed == true
- check_mode_result is changed
- name: run command to test state=absent for a database name
command: "{{ mysql_command }} \"-e show databases like 'database%'\""
@ -508,7 +520,7 @@
- name: assert successful completion of deleting database
assert:
that:
- result.changed == true
- result is changed
- result.db_list == ['{{ db2_name }}', '{{ db3_name }}']
- name: run command to list databases like specified database name
@ -539,7 +551,7 @@
- name: assert that deletion of non existing databases does not make change (using check mode)
assert:
that:
- check_mode_result.changed == false
- check_mode_result is not changed
- name: run command to test state=absent for a database name
command: "{{ mysql_command }} \"-e show databases like 'database%'\""
@ -568,7 +580,7 @@
- name: assert that deletion of non existing databases does not make change
assert:
that:
- result.changed == false
- result is not changed
- name: run command to list databases like specified database name
command: "{{ mysql_command }} \"-e show databases like 'database%'\""
@ -600,7 +612,7 @@
- name: assert successful completion of deleting database
assert:
that:
- result.changed == true
- result is changed
- name: run command to list databases like specified database name
command: "{{ mysql_command }} \"-e show databases like 'database%'\""

16
tests/integration/targets/test_mysql_db/tasks/state_dump_import.yml
View file

@ -159,7 +159,7 @@
- name: assert successful completion of dump operation (with multiple databases in list form) via check mode
assert:
that:
- "dump_result.changed == true"
- dump_result is changed
- name: database dump file2 should not exist
stat:
@ -187,7 +187,7 @@
- name: assert successful completion of dump operation (with multiple databases in list form)
assert:
that:
- "dump_result2.changed == true"
- dump_result2 is changed
- name: state dump - dump file2 should exist
file:
@ -249,7 +249,7 @@
- name: assert output message restored a database from dump file1
assert:
that:
- "import_result.changed == true"
- import_result is changed
- name: remove database
mysql_db:
@ -284,7 +284,7 @@
- name: assert output message restored a database from dump file2 (check mode)
assert:
that:
- "check_import_result.changed == true"
- check_import_result is changed
- name: run command to list databases
command: "{{ mysql_command }} \"-e show databases like 'data%'\""
@ -309,7 +309,7 @@
- name: assert output message restored a database from dump file2
assert:
that:
- import_result2.changed == true
- import_result2 is changed
- import_result2.db_list == ['{{ db_name2 }}']
- name: run command to list databases
@ -335,7 +335,7 @@
- name: assert output message backup the database
assert:
that:
- "result.changed == true"
- result is changed
- "result.db =='{{ db_name }}'"
# - name: assert database was backed up successfully
@ -364,7 +364,7 @@
- name: assert output message restore the database
assert:
that:
- "result.changed == true"
- result is changed
- name: select data from table employee
command: "{{ mysql_command }} {{ db_name }} \"-e select * from employee\""
@ -398,7 +398,7 @@
- assert:
that:
- result.failed == true
- result is failed
- name: try to import with force parameter
mysql_db:

12
tests/integration/targets/test_mysql_db/tasks/state_present_absent.yml
View file

@ -18,8 +18,8 @@
# ============================================================
- name: remove database if it exists
command: >
"{{ mysql_command }} -sse 'drop database {{ db_name }}'"
ignore_errors: True
"{{ mysql_command }} -sse 'DROP DATABASE IF EXISTS {{ db_name }}'"
ignore_errors: true
- name: make sure the test database is not there
command: "{{ mysql_command }} {{ db_name }}"
@ -95,7 +95,7 @@
- name: assert test mysql_db encoding param not valid - issue 8075 (failed=true)
assert:
that:
- "result.failed == true"
- result is failed
- "'Traceback' not in result.msg"
- "'Unknown character set' in result.msg"
@ -196,7 +196,7 @@
- name: assert output message that database was created
assert:
that:
- "result.changed == true"
- result is changed
- name: run command to test database was created using user1
command: "{{ mysql_command }} -e \"show databases like '{{ db_user1 | regex_replace(\"([%_\\\\])\", \"\\\\\\1\") }}'\""
@ -233,7 +233,7 @@
- name: assert output message that database was not created using dbuser2
assert:
that:
- "result.failed == true"
- result is failed
- "'Access denied' in result.msg"
- name: run command to test that database was not created
@ -260,7 +260,7 @@
- name: assert output message that database was not deleted using dbuser2
assert:
that:
- "result.failed == true"
- result is failed
- "'Access denied' in result.msg"
- name: run command to test database was not deleted

58
tests/integration/targets/test_mysql_info/tasks/main.yml
View file

@ -47,8 +47,8 @@
- assert:
that:
- result.changed == false
- "mysql_version in result.version.full"
- result is not changed
- "mysql_version in result.version.full or mariadb_version in result.version.full"
- result.settings != {}
- result.global_status != {}
- result.databases != {}
@ -66,7 +66,7 @@
- assert:
that:
- result.changed == false
- result is not changed
- result.version != {}
# Remove cred files
@ -86,8 +86,8 @@
- assert:
that:
- result.changed == false
- result.version != {}
- result is not changed
- result.version != {}
# Test excluding
- name: Collect all info except settings and users
@ -98,13 +98,13 @@
- assert:
that:
- result.changed == false
- result.version != {}
- result.global_status != {}
- result.databases != {}
- result.engines != {}
- result.settings is not defined
- result.users is not defined
- result is not changed
- result.version != {}
- result.global_status != {}
- result.databases != {}
- result.engines != {}
- result.settings is not defined
- result.users is not defined
# Test including
- name: Collect info only about version and databases
@ -117,13 +117,13 @@
- assert:
that:
- result.changed == false
- result.version != {}
- result.databases != {}
- result.engines is not defined
- result.settings is not defined
- result.global_status is not defined
- result.users is not defined
- result is not changed
- result.version != {}
- result.databases != {}
- result.engines is not defined
- result.settings is not defined
- result.global_status is not defined
- result.users is not defined
# Test exclude_fields: db_size
# 'unsupported' element is passed to check that an unsupported value
@ -140,9 +140,9 @@
- assert:
that:
- result.changed == false
- result.databases != {}
- result.databases.mysql == {}
- result is not changed
- result.databases != {}
- result.databases.mysql == {}
########################################################
# Issue #65727, empty databases must be in returned dict
@ -163,9 +163,9 @@
# Check acme is in returned dict
- assert:
that:
- result.changed == false
- result.databases.acme.size == 0
- result.databases.mysql != {}
- result is not changed
- result.databases.acme.size == 0
- result.databases.mysql != {}
- name: Collect info about databases excluding their sizes
mysql_info:
@ -180,9 +180,9 @@
# Check acme is in returned dict
- assert:
that:
- result.changed == false
- result.databases.acme == {}
- result.databases.mysql == {}
- result is not changed
- result.databases.acme == {}
- result.databases.mysql == {}
- name: Remove acme database
mysql_db:
@ -212,4 +212,4 @@
- name: Check
assert:
that:
result.databases.allviews.size == 0
- result.databases.allviews.size == 0

128
tests/integration/targets/test_mysql_query/tasks/mysql_query_initial.yml
View file

@ -18,8 +18,8 @@
- assert:
that:
- result is changed
- result.executed_queries == ['CREATE DATABASE {{ test_db }}']
- result is changed
- result.executed_queries == ['CREATE DATABASE {{ test_db }}']
- name: Create {{ test_table1 }}
mysql_query:
@ -30,8 +30,8 @@
- assert:
that:
- result is changed
- result.executed_queries == ['CREATE TABLE {{ test_table1 }} (id int)']
- result is changed
- result.executed_queries == ['CREATE TABLE {{ test_table1 }} (id int)']
- name: Insert test data
mysql_query:
@ -45,9 +45,9 @@
- assert:
that:
- result is changed
- result.rowcount == [2, 1]
- result.executed_queries == ['INSERT INTO {{ test_table1 }} VALUES (1), (2)', 'INSERT INTO {{ test_table1 }} VALUES (3)']
- result is changed
- result.rowcount == [2, 1]
- result.executed_queries == ['INSERT INTO {{ test_table1 }} VALUES (1), (2)', 'INSERT INTO {{ test_table1 }} VALUES (3)']
- name: Check data in {{ test_table1 }}
mysql_query:
@ -58,12 +58,12 @@
- assert:
that:
- result is not changed
- result.executed_queries == ['SELECT * FROM {{ test_table1 }}']
- result.rowcount == [3]
- result.query_result[0][0].id == 1
- result.query_result[0][1].id == 2
- result.query_result[0][2].id == 3
- result is not changed
- result.executed_queries == ['SELECT * FROM {{ test_table1 }}']
- result.rowcount == [3]
- result.query_result[0][0].id == 1
- result.query_result[0][1].id == 2
- result.query_result[0][2].id == 3
- name: Check data in {{ test_table1 }} using positional args
mysql_query:
@ -76,10 +76,10 @@
- assert:
that:
- result is not changed
- result.executed_queries == ["SELECT * FROM {{ test_table1 }} WHERE id = 1"]
- result.rowcount == [1]
- result.query_result[0][0].id == 1
- result is not changed
- result.executed_queries == ["SELECT * FROM {{ test_table1 }} WHERE id = 1"]
- result.rowcount == [1]
- result.query_result[0][0].id == 1
- name: Check data in {{ test_table1 }} using named args
mysql_query:
@ -92,10 +92,10 @@
- assert:
that:
- result is not changed
- result.executed_queries == ["SELECT * FROM {{ test_table1 }} WHERE id = 1"]
- result.rowcount == [1]
- result.query_result[0][0].id == 1
- result is not changed
- result.executed_queries == ["SELECT * FROM {{ test_table1 }} WHERE id = 1"]
- result.rowcount == [1]
- result.query_result[0][0].id == 1
- name: Update data in {{ test_table1 }}
mysql_query:
@ -109,9 +109,9 @@
- assert:
that:
- result is changed
- result.executed_queries == ['UPDATE {{ test_table1 }} SET id = 0 WHERE id = 1']
- result.rowcount == [1]
- result is changed
- result.executed_queries == ['UPDATE {{ test_table1 }} SET id = 0 WHERE id = 1']
- result.rowcount == [1]
- name: Check the prev update - row with value 1 does not exist anymore
mysql_query:
@ -124,9 +124,9 @@
- assert:
that:
- result is not changed
- result.executed_queries == ['SELECT * FROM {{ test_table1 }} WHERE id = 1']
- result.rowcount == [0]
- result is not changed
- result.executed_queries == ['SELECT * FROM {{ test_table1 }} WHERE id = 1']
- result.rowcount == [0]
- name: Check the prev update - row with value - exist
mysql_query:
@ -139,9 +139,9 @@
- assert:
that:
- result is not changed
- result.executed_queries == ['SELECT * FROM {{ test_table1 }} WHERE id = 0']
- result.rowcount == [1]
- result is not changed
- result.executed_queries == ['SELECT * FROM {{ test_table1 }} WHERE id = 0']
- result.rowcount == [1]
- name: Update data in {{ test_table1 }} again
mysql_query:
@ -155,9 +155,9 @@
- assert:
that:
- result is not changed
- result.executed_queries == ['UPDATE {{ test_table1 }} SET id = 0 WHERE id = 1']
- result.rowcount == [0]
- result is not changed
- result.executed_queries == ['UPDATE {{ test_table1 }} SET id = 0 WHERE id = 1']
- result.rowcount == [0]
- name: Delete data from {{ test_table1 }}
mysql_query:
@ -170,9 +170,9 @@
- assert:
that:
- result is changed
- result.executed_queries == ['DELETE FROM {{ test_table1 }} WHERE id = 0', 'SELECT * FROM {{ test_table1 }} WHERE id = 0']
- result.rowcount == [1, 0]
- result is changed
- result.executed_queries == ['DELETE FROM {{ test_table1 }} WHERE id = 0', 'SELECT * FROM {{ test_table1 }} WHERE id = 0']
- result.rowcount == [1, 0]
- name: Delete data from {{ test_table1 }} again
mysql_query:
@ -183,9 +183,9 @@
- assert:
that:
- result is not changed
- result.executed_queries == ['DELETE FROM {{ test_table1 }} WHERE id = 0']
- result.rowcount == [0]
- result is not changed
- result.executed_queries == ['DELETE FROM {{ test_table1 }} WHERE id = 0']
- result.rowcount == [0]
- name: Truncate {{ test_table1 }}
mysql_query:
@ -198,9 +198,9 @@
- assert:
that:
- result is changed
- result.executed_queries == ['TRUNCATE {{ test_table1 }}', 'SELECT * FROM {{ test_table1 }}']
- result.rowcount == [0, 0]
- result is changed
- result.executed_queries == ['TRUNCATE {{ test_table1 }}', 'SELECT * FROM {{ test_table1 }}']
- result.rowcount == [0, 0]
- name: Rename {{ test_table1 }}
mysql_query:
@ -211,9 +211,9 @@
- assert:
that:
- result is changed
- result.executed_queries == ['RENAME TABLE {{ test_table1 }} TO {{ test_table2 }}']
- result.rowcount == [0]
- result is changed
- result.executed_queries == ['RENAME TABLE {{ test_table1 }} TO {{ test_table2 }}']
- result.rowcount == [0]
- name: Check the prev rename
mysql_query:
@ -225,7 +225,7 @@
- assert:
that:
- result.failed == true
- result is failed
- name: Check the prev rename
mysql_query:
@ -236,7 +236,7 @@
- assert:
that:
- result.rowcount == [0]
- result.rowcount == [0]
- name: Create {{ test_table3 }}
mysql_query:
@ -259,7 +259,7 @@
- assert:
that:
- result.rowcount == [2]
- result.rowcount == [2]
- name: Pass wrong query type
mysql_query:
@ -271,8 +271,8 @@
- assert:
that:
- result is failed
- result.msg is search('the query option value must be a string or list')
- result is failed
- result.msg is search('the query option value must be a string or list')
- name: Pass wrong query element
mysql_query:
@ -286,8 +286,8 @@
- assert:
that:
- result is failed
- result.msg is search('the elements in query list must be strings')
- result is failed
- result.msg is search('the elements in query list must be strings')
- name: Create {{ test_table4 }}
mysql_query:
@ -305,8 +305,8 @@
- assert:
that:
- result is changed
- result.rowcount == [1]
- result is changed
- result.rowcount == [1]
- name: Replace test data
mysql_query:
@ -318,8 +318,8 @@
- assert:
that:
- result is changed
- result.rowcount == [2]
- result is changed
- result.rowcount == [2]
# Issue https://github.com/ansible-collections/community.mysql/issues/268
- name: Create table
@ -341,17 +341,17 @@
# Issue https://github.com/ansible-collections/community.mysql/issues/268
- assert:
that:
# PyMySQL driver throws a warning, so the following is correct
- result is not changed
# PyMySQL driver throws a warning, so the following is correct
- result is not changed
when: connector_name is search('pymysql')
# Issue https://github.com/ansible-collections/community.mysql/issues/268
- assert:
that:
# mysqlclient driver throws nothing, so it's impossible to figure out
# if the state was changed or not.
# We assume that it was for DDL queryes by default in the code
- result is changed
# mysqlclient driver throws nothing, so it's impossible to figure out
# if the state was changed or not.
# We assume that it was for DDL queryes by default in the code
- result is changed
when: connector_name is search('mysqlclient')
- name: Drop db {{ test_db }}
@ -362,5 +362,5 @@
- assert:
that:
- result is changed
- result.executed_queries == ['DROP DATABASE {{ test_db }}']
- result is changed
- result.executed_queries == ['DROP DATABASE {{ test_db }}']

168
tests/integration/targets/test_mysql_role/tasks/test_priv_subtract.yml Normal file
View file

@ -0,0 +1,168 @@
# Test code to ensure that subtracting privileges will not result in unnecessary changes.
- vars:
mysql_parameters: &mysql_params
login_user: '{{ mysql_user }}'
login_password: '{{ mysql_password }}'
login_host: 127.0.0.1
login_port: '{{ mysql_primary_port }}'
block:
- name: Create test databases
mysql_db:
<<: *mysql_params
name: '{{ item }}'
state: present
loop:
- data1
- name: Create a role with an initial set of privileges
mysql_role:
<<: *mysql_params
name: '{{ role2 }}'
priv: 'data1.*:SELECT,INSERT'
state: present
- name: Run command to show privileges for role (expect privileges in stdout)
command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ role2 }}'\""
register: result
- name: Assert that the initial set of privileges matches what is expected
assert:
that:
- "'GRANT SELECT, INSERT ON `data1`.*' in result.stdout"
- name: Subtract privileges that are not in the current privileges, which should be a no-op
mysql_role:
<<: *mysql_params
name: '{{ role2 }}'
priv: 'data1.*:DELETE'
subtract_privs: yes
state: present
check_mode: '{{ enable_check_mode }}'
register: result
- name: Assert that there wasn't a change in permissions
assert:
that:
- result is not changed
- name: Run command to show privileges for role (expect privileges in stdout)
command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ role2 }}'\""
register: result
- name: Assert that the permissions still match what was originally granted
assert:
that:
- "'GRANT SELECT, INSERT ON `data1`.*' in result.stdout"
- name: Subtract existing and not-existing privileges, but not all
mysql_role:
<<: *mysql_params
name: '{{ role2 }}'
priv: 'data1.*:INSERT,DELETE'
subtract_privs: yes
state: present
check_mode: '{{ enable_check_mode }}'
register: result
- name: Assert that there was a change because permissions were/would be revoked on data1.*
assert:
that:
- result is changed
- name: Run command to show privileges for role (expect privileges in stdout)
command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ role2 }}'\""
register: result
- name: Assert that the permissions were not changed if check_mode is set to 'yes'
assert:
that:
- "'GRANT SELECT, INSERT ON `data1`.*' in result.stdout"
when: enable_check_mode == 'yes'
- name: Assert that only DELETE was revoked if check_mode is set to 'no'
assert:
that:
- "'GRANT SELECT ON `data1`.*' in result.stdout"
when: enable_check_mode == 'no'
- name: Try to subtract invalid privileges
mysql_role:
<<: *mysql_params
name: '{{ role2 }}'
priv: 'data1.*:INVALID'
subtract_privs: yes
state: present
check_mode: '{{ enable_check_mode }}'
register: result
- name: Assert that there was no change because invalid permissions are ignored
assert:
that:
- result is not changed
- name: Run command to show privileges for role (expect privileges in stdout)
command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ role2 }}'\""
register: result
- name: Assert that the permissions were not changed with check_mode=='yes'
assert:
that:
- "'GRANT SELECT, INSERT ON `data1`.*' in result.stdout"
when: enable_check_mode == 'yes'
- name: Assert that the permissions were not changed with check_mode=='no'
assert:
that:
- "'GRANT SELECT ON `data1`.*' in result.stdout"
when: enable_check_mode == 'no'
- name: trigger failure by trying to subtract and append privileges at the same time
mysql_role:
<<: *mysql_params
name: '{{ role2 }}'
priv: 'data1.*:SELECT'
subtract_privs: yes
append_privs: yes
state: present
check_mode: '{{ enable_check_mode }}'
register: result
ignore_errors: true
- name: Assert the previous execution failed
assert:
that:
- result is failed
- name: Run command to show privileges for role (expect privileges in stdout)
command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ role2 }}'\""
register: result
- name: Assert that the permissions stayed the same, with check_mode=='yes'
assert:
that:
- "'GRANT SELECT, INSERT ON `data1`.*' in result.stdout"
when: enable_check_mode == 'yes'
- name: Assert that the permissions stayed the same, with check_mode=='no'
assert:
that:
- "'GRANT SELECT ON `data1`.*' in result.stdout"
when: enable_check_mode == 'no'
##########
# Clean up
- name: Drop test databases
mysql_db:
<<: *mysql_params
name: '{{ item }}'
state: present
loop:
- data1
- name: Drop test role
mysql_role:
<<: *mysql_params
name: '{{ role2 }}'
state: absent

24
tests/integration/targets/test_mysql_user/tasks/assert_user_password.yml Normal file
View file

@ -0,0 +1,24 @@
- name: "applying user {{ username }}@{{ host }} with update_password={{ update_password }}"
mysql_user:
login_user: '{{ mysql_parameters.login_user }}'
login_password: '{{ mysql_parameters.login_password }}'
login_host: '{{ mysql_parameters.login_host }}'
login_port: '{{ mysql_parameters.login_port }}'
state: present
name: "{{ username }}"
host: "{{ host }}"
password: "{{ password }}"
update_password: "{{ update_password }}"
register: result
- name: assert a change occurred
assert:
that:
- "result.changed | bool == {{ expect_change }} | bool"
- "result.password_changed == {{ expect_password_change }}"
- name: query the user
command: "{{ mysql_command }} -BNe \"SELECT plugin, authentication_string FROM mysql.user where user='{{ username }}' and host='{{ host }}'\""
register: existing_user
- name: assert the password is as set to expect_hash
assert:
that:
- "'mysql_native_password\t{{ expect_password_hash }}' in existing_user.stdout_lines"

2
tests/integration/targets/test_mysql_user/tasks/create_user.yml
View file

@ -37,4 +37,4 @@
- name: assert output message mysql user was created
assert:
that:
- "result.changed == true"
- result is changed

8
tests/integration/targets/test_mysql_user/tasks/issue-64560.yaml
View file

@ -17,7 +17,9 @@
register: result
- name: assert root password is changed
assert: { that: "result.changed == true" }
assert:
that:
- result is changed
- name: Set root password again
mysql_user:
@ -31,7 +33,9 @@
register: result
- name: Assert root password is not changed
assert: { that: "result.changed == false" }
assert:
that:
- result is not changed
- name: Set root password again
mysql_user:

10
tests/integration/targets/test_mysql_user/tasks/main.yml
View file

@ -65,7 +65,9 @@
register: result
- name: assert output message mysql user was not created
assert: { that: "result.changed == false" }
assert:
that:
- result is not changed
# ============================================================
# remove mysql user and verify user is removed from mysql database
@ -81,7 +83,7 @@
- name: assert output message mysql user was removed
assert:
that:
- "result.changed == true"
- result is changed
- include: assert_no_user.yml user_name={{user_name_1}}
@ -99,7 +101,7 @@
- name: assert output message mysql user that does not exist
assert:
that:
- "result.changed == false"
- result is not changed
- include: assert_no_user.yml user_name={{user_name_1}}
@ -242,7 +244,9 @@
# ============================================================
# Test plugin authentication scenarios.
#
# FIXME: mariadb sql syntax for create/update user is not compatible
- include: test_user_plugin_auth.yml
when: install_type == 'mysql'
# ============================================================
# Assert create user with SELECT privileges, attempt to create database and update privileges to create database

6
tests/integration/targets/test_mysql_user/tasks/remove_user.yml
View file

@ -37,7 +37,7 @@
- name: assert output message mysql user was removed
assert:
that:
- "result.changed == true"
- result is changed
# ============================================================
- name: create blank mysql user to be removed later
@ -58,7 +58,7 @@
- name: assert changed is true for removing all blank users
assert:
that:
- "result.changed == true"
- result is changed
- name: remove blank mysql user with hosts=all (expect ok)
mysql_user:
@ -71,4 +71,4 @@
- name: assert changed is true for removing all blank users
assert:
that:
- "result.changed == false"
- result is not changed

4
tests/integration/targets/test_mysql_user/tasks/test_priv_append.yml
View file

@ -50,7 +50,7 @@
- name: Assert that there wasn't a change in permissions
assert:
that:
- "result.changed == false"
- result is not changed
- name: Run command to show privileges for user (expect privileges in stdout)
command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'localhost'\""
@ -76,7 +76,7 @@
- name: Assert that there was a change because permissions were added to data1.*
assert:
that:
- "result.changed == true"
- result is changed
- name: Run command to show privileges for user (expect privileges in stdout)
command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'localhost'\""

28
tests/integration/targets/test_mysql_user/tasks/test_privs.yml
View file

@ -51,7 +51,7 @@
- name: assert output message for current privileges
assert:
that:
- "result.changed == true"
- result is changed
- name: run command to show privileges for user (expect privileges in stdout)
command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{user_name_2}}'@'localhost'\""
@ -101,7 +101,7 @@
- name: Assert that priv changed
assert:
that:
- "result.changed == true"
- result is changed
- name: Add privs to a specific table (expect ok)
mysql_user:
@ -115,7 +115,7 @@
- name: Assert that priv did not change
assert:
that:
- "result.changed == false"
- result is not changed
# ============================================================
- name: update user with all privileges
@ -162,7 +162,7 @@
- name: Assert that priv changed
assert:
that:
- "result.changed == true"
- result is changed
- name: Test idempotency (expect ok)
mysql_user:
@ -173,10 +173,28 @@
state: present
register: result
# FIXME: on mariadb >=10.5.2 there's always a change because the REPLICATION CLIENT privilege was renamed to BINLOG MONITOR
- name: Assert that priv did not change
assert:
that:
- "result.changed == false"
- result is not changed
when: install_type == 'mysql' or (install_type == 'mariadb' and mariadb_version is version('10.2', '=='))
# ============================================================
- name: update user with invalid privileges
mysql_user:
<<: *mysql_params
name: '{{ user_name_2 }}'
password: '{{ user_password_2 }}'
priv: '*.*:INVALID'
state: present
register: result
ignore_errors: yes
- name: Assert that priv did not change
assert:
that:
- result is failed
- name: remove username
mysql_user:

30
tests/integration/targets/test_mysql_user/tasks/test_user_password.yml
View file

@ -32,7 +32,7 @@
- name: Assert that a change occurred because the user was added
assert:
that:
- "result.changed == true"
- result is changed
- include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
@ -49,7 +49,7 @@
- name: Assert that mysql_info was successful
assert:
that:
- "result.failed == false"
- result is succeeded
- name: Run mysql_user again without any changes
mysql_user:
@ -63,7 +63,7 @@
- name: Assert that there weren't any changes because username/password didn't change
assert:
that:
- "result.changed == false"
- result is not changed
- include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
@ -78,7 +78,7 @@
- name: Assert that a change occurred because the password was updated
assert:
that:
- "result.changed == true"
- result is changed
- include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
@ -95,7 +95,7 @@
- name: Assert that the mysql_info module failed because we used the old password
assert:
that:
- "result.failed == true"
- result is failed
- name: Get the MySQL version data using the new password (should work)
mysql_info:
@ -110,7 +110,7 @@
- name: Assert that the mysql_info module succeeded because we used the new password
assert:
that:
- "result.failed == false"
- result is succeeded
# Cleanup
- include: remove_user.yml user_name={{ test_user_name }} user_password={{ new_password }}
@ -131,7 +131,7 @@
- name: Assert that a change occurred because the user was added
assert:
that:
- "result.changed == true"
- result is changed
- include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
@ -148,7 +148,7 @@
- name: Assert that there weren't any changes because username/password didn't change
assert:
that:
- "result.changed == false"
- result is not changed
# Cleanup
- include: remove_user.yml user_name={{ test_user_name }} user_password={{ new_password }}
@ -170,7 +170,7 @@
- name: Assert that a change occurred because the user was added
assert:
that:
- "result.changed == true"
- result is changed
- include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
@ -187,7 +187,7 @@
- name: Assert that the mysql_info module succeeded because we used the new password
assert:
that:
- "result.failed == false"
- result is succeeded
- name: Pass in the same password as before, but in the encrypted form (no change expected)
mysql_user:
@ -200,7 +200,7 @@
- name: Assert that there weren't any changes because username/password didn't change
assert:
that:
- "result.changed == false"
- result is not changed
# Cleanup
- include: remove_user.yml user_name={{ test_user_name }} user_password={{ new_password }}
@ -220,7 +220,7 @@
- name: Assert that a change occurred because the user was added
assert:
that:
- "result.changed == true"
- result is changed
- name: Get the MySQL version using an empty password for the newly created user
mysql_info:
@ -235,7 +235,7 @@
- name: Assert that mysql_info was successful
assert:
that:
- "result.failed == false"
- result is succeeded
- name: Get the MySQL version using an non-empty password (should fail)
mysql_info:
@ -250,7 +250,7 @@
- name: Assert that mysql_info failed
assert:
that:
- "result.failed == true"
- result is failed
- name: Update the user without changing the password
mysql_user:
@ -263,7 +263,7 @@
- name: Assert that the user wasn't changed because the password is still empty
assert:
that:
- "result.changed == false"
- result is not changed
# Cleanup
- include: remove_user.yml user_name={{ test_user_name }} user_password=''

86
tests/integration/targets/test_mysql_user/tasks/test_user_plugin_auth.yml
View file

@ -37,8 +37,13 @@
- name: Check that the module made a change and that the expected plugin type is set
assert:
that:
- "result.changed == true"
- result is changed
- name: Check that the expected plugin type is set
assert:
that:
- "'{{ test_plugin_type }}' in show_create_user.stdout"
when: install_type == 'mysql' or (install_type == 'mariadb' and mariadb_version is version('10.3', '>='))
- include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
@ -54,7 +59,7 @@
- name: Assert that mysql_info was successful
assert:
that:
- "result.failed == false"
- result is succeeded
- name: Update the user with a different hash
mysql_user:
@ -67,7 +72,7 @@
- name: Check that the module makes the change because the hash changed
assert:
that:
- "result.changed == true"
- result is changed
- include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
@ -83,7 +88,7 @@
- name: Assert that mysql_info was successful
assert:
that:
- "result.failed == false"
- result is succeeded
# Cleanup
- include: remove_user.yml user_name={{ test_user_name }} user_password={{ test_plugin_new_auth_string }}
@ -102,14 +107,19 @@
register: result
- name: Get user information
command: "{{ mysql_command }} -e \"SHOW CREATE USER '{{ test_user_name }}'@'localhost'\""
command: "{{ mysql_command }} -e \"SELECT user, host, plugin FROM mysql.user WHERE user = '{{ test_user_name }}' and host = 'localhost'\""
register: show_create_user
- name: Check that the module made a change and that the expected plugin type is set
- name: Check that the module made a change
assert:
that:
- result is changed
- name: Check that the expected plugin type is set
assert:
that:
- "result.changed == true"
- "'{{ test_plugin_type }}' in show_create_user.stdout"
when: install_type == 'mysql' or (install_type == 'mariadb' and mariadb_version is version('10.3', '>='))
- include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
@ -125,7 +135,7 @@
- name: Assert that mysql_info was successful
assert:
that:
- "result.failed == false"
- result is succeeded
- name: Update the user with the same hash (no change expected)
mysql_user:
@ -135,10 +145,12 @@
plugin_hash_string: '{{ test_plugin_hash }}'
register: result
# FIXME: on mariadb 10.2 there's always a change
- name: Check that the module doesn't make a change when the same hash is passed in
assert:
that:
- "result.changed == false"
- result is not changed
when: install_type == 'mysql' or (install_type == 'mariadb' and mariadb_version is version('10.3', '>='))
- include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
@ -154,7 +166,7 @@
- name: Check that the module did not change the password
assert:
that:
- "result.changed == true"
- result is changed
- name: Getting the MySQL info should still work
mysql_info:
@ -168,7 +180,7 @@
- name: Assert that mysql_info was successful
assert:
that:
- "result.failed == false"
- result is succeeded
# Cleanup
- include: remove_user.yml user_name={{ test_user_name }} user_password={{ test_plugin_auth_string }}
@ -190,11 +202,16 @@
command: "{{ mysql_command }} -e \"SHOW CREATE USER '{{ test_user_name }}'@'localhost'\""
register: show_create_user
- name: Check that the module made a change and that the expected plugin type is set
- name: Check that the module made a change
assert:
that:
- result is changed
- name: Check that the expected plugin type is set
assert:
that:
- "result.changed == true"
- "'{{ test_plugin_type }}' in show_create_user.stdout"
when: install_type == 'mysql' or (install_type == 'mariadb' and mariadb_version is version('10.3', '>='))
- include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
@ -210,7 +227,7 @@
- name: Assert that mysql_info was successful
assert:
that:
- "result.failed == false"
- result is succeeded
- name: Update the user with the same auth string
mysql_user:
@ -225,7 +242,7 @@
- name: The module should detect a change even though the password is the same
assert:
that:
- "result.changed == true"
- result is changed
- include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
@ -240,7 +257,7 @@
- name: Check that the module did not change the password
assert:
that:
- "result.changed == false"
- result is not changed
- name: Get the MySQL version using the newly created creds
mysql_info:
@ -254,7 +271,7 @@
- name: Assert that mysql_info was successful
assert:
that:
- "result.failed == false"
- result is succeeded
# Cleanup
- include: remove_user.yml user_name={{ test_user_name }} user_password={{ test_plugin_auth_string }}
@ -275,11 +292,16 @@
command: "{{ mysql_command }} -e \"SHOW CREATE USER '{{ test_user_name }}'@'localhost'\""
register: show_create_user
- name: Check that the module made a change and that the expected plugin type is set
- name: Check that the module made a change
assert:
that:
- result is changed
- name: Check that the expected plugin type is set
assert:
that:
- "result.changed == true"
- "'{{ test_plugin_type }}' in show_create_user.stdout"
when: install_type == 'mysql' or (install_type == 'mariadb' and mariadb_version is version('10.3', '>='))
- include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
@ -296,7 +318,7 @@
- name: Assert that mysql_info was successful
assert:
that:
- "result.failed == false"
- result is succeeded
- name: Get the MySQL version using an non-empty password (should fail)
mysql_info:
@ -311,7 +333,7 @@
- name: Assert that mysql_info failed
assert:
that:
- "result.failed == true"
- result is failed
- name: Update the user without changing the auth mechanism
mysql_user:
@ -324,7 +346,7 @@
- name: Assert that the user wasn't changed because the auth string is still empty
assert:
that:
- "result.changed == false"
- result is not changed
# Cleanup
- include: remove_user.yml user_name={{ test_user_name }} user_password={{ test_plugin_auth_string }}
@ -356,11 +378,16 @@
command: "{{ mysql_command }} -e \"SHOW CREATE USER '{{ test_user_name }}'@'localhost'\""
register: show_create_user
- name: Check that the module made a change and that the expected plugin type is set
- name: Check that the module made a change
assert:
that:
- result is changed
- name: Check that the expected plugin type is set
assert:
that:
- "result.changed == true"
- "'{{ test_plugin_type }}' in show_create_user.stdout"
when: install_type == 'mysql' or (install_type == 'mariadb' and mariadb_version is version('10.3', '>='))
- include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
@ -376,11 +403,16 @@
command: "{{ mysql_command }} -e \"SHOW CREATE USER '{{ test_user_name }}'@'localhost'\""
register: show_create_user
- name: Check that the module made a change and that the expected plugin type is set
- name: Check that the module made a change
assert:
that:
- "result.changed == true"
- "'sha256_password' in show_create_user.stdout"
- result is changed
- name: Check that the expected plugin type is set
assert:
that:
- "'sha256_password' in show_create_user.stdout"
when: install_type == 'mysql' or (install_type == 'mariadb' and mariadb_version is version('10.3', '>='))
- include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}

18
tests/integration/targets/test_mysql_user/tasks/tls_requirements.yml
View file

@ -55,7 +55,7 @@
issuer: '/CN=org/O=MyDom, Inc./C=US/ST=Oregon/L=Portland'
- block:
- name: retrieve TLS requiremets for users in old database version
- name: retrieve TLS requirements for users in old database version
command: "{{ mysql_command }} -L -N -s -e \"SHOW GRANTS for '{{ item }}'@'localhost'\""
register: old_result
with_items: ['{{ user_name_1 }}', '{{ user_name_2 }}', '{{ user_name_3 }}']
@ -67,7 +67,7 @@
when: db_version.version.major <= 5 and db_version.version.minor <= 6 or db_version.version.major == 10 and db_version.version.minor < 2
- block:
- name: retrieve TLS requiremets for users in new database version
- name: retrieve TLS requirements for users in new database version
command: "{{ mysql_command }} -L -N -s -e \"SHOW CREATE USER '{{ item }}'@'localhost'\""
register: new_result
with_items: ['{{ user_name_1 }}', '{{ user_name_2 }}', '{{ user_name_3 }}']
@ -119,12 +119,12 @@
that:
- result is changed
- name: retrieve TLS requiremets for users in old database version
- name: retrieve TLS requirements for users in old database version
command: "{{ mysql_command }} -L -N -s -e \"SHOW GRANTS for '{{ user_name_1 }}'@'localhost'\""
register: old_result
when: db_version.version.major <= 5 and db_version.version.minor <= 6 or db_version.version.major == 10 and db_version.version.minor < 2
- name: retrieve TLS requiremets for users in new database version
- name: retrieve TLS requirements for users in new database version
command: "{{ mysql_command }} -L -N -s -e \"SHOW CREATE USER '{{ user_name_1 }}'@'localhost'\""
register: new_result
when: db_version.version.major == 5 and db_version.version.minor >= 7 or db_version.version.major > 5 and db_version.version.major < 10 or db_version.version.major == 10 and db_version.version.minor >= 2
@ -143,12 +143,12 @@
tls_requires:
X509:
- name: retrieve TLS requiremets for users in old database version
- name: retrieve TLS requirements for users in old database version
command: "{{ mysql_command }} -L -N -s -e \"SHOW GRANTS for '{{ user_name_1 }}'@'localhost'\""
register: old_result
when: db_version.version.major <= 5 and db_version.version.minor <= 6 or db_version.version.major == 10 and db_version.version.minor < 2
- name: retrieve TLS requiremets for users in new database version
- name: retrieve TLS requirements for users in new database version
command: "{{ mysql_command }} -L -N -s -e \"SHOW CREATE USER '{{ user_name_1 }}'@'localhost'\""
register: new_result
when: db_version.version.major == 5 and db_version.version.minor >= 7 or db_version.version.major > 5 and db_version.version.major < 10 or db_version.version.major == 10 and db_version.version.minor >= 2
@ -159,19 +159,19 @@
vars:
- reqs: "{{(old_result is skipped | ternary(new_result, old_result)).stdout.split('REQUIRE')[1].split(separator)[0].strip()}}"
- name: remove TLS requiremets from user (expect changed=true)
- name: remove TLS requirements from user (expect changed=true)
mysql_user:
<<: *mysql_params
name: '{{ user_name_1 }}'
password: '{{ user_password_1 }}'
tls_requires:
- name: retrieve TLS requiremets for users in old database version
- name: retrieve TLS requirements for users in old database version
command: "{{ mysql_command }} -L -N -s -e \"SHOW GRANTS for '{{ user_name_1 }}'@'localhost'\""
register: old_result
when: db_version.version.major <= 5 and db_version.version.minor <= 6 or db_version.version.major == 10 and db_version.version.minor < 2
- name: retrieve TLS requiremets for users in new database version
- name: retrieve TLS requirements for users in new database version
command: "{{ mysql_command }} -L -N -s -e \"SHOW CREATE USER '{{ user_name_1 }}'@'localhost'\""
register: new_result
when: db_version.version.major == 5 and db_version.version.minor >= 7 or db_version.version.major > 5 and db_version.version.major < 10 or db_version.version.major == 10 and db_version.version.minor >= 2

2
tests/integration/targets/test_mysql_variables/tasks/assert_fail_msg.yml
View file

@ -22,4 +22,4 @@
- name: assert message failure (expect failed=true)
assert:
that:
- "output.failed | bool == true"
- output is failed

2
tests/integration/targets/test_mysql_variables/tasks/assert_var.yml
View file

@ -31,6 +31,6 @@
- name: assert output mysql variable name and value
assert:
that:
- "result.changed | bool == true"
- result is changed
- "'{{ var_name }}' in result.stdout"
- "'{{ var_value }}' in result.stdout"

2
tests/integration/targets/test_mysql_variables/tasks/assert_var_output.yml
View file

@ -35,6 +35,6 @@
- name: assert output variable info match mysql variable info
assert:
that:
- "result.changed | bool == true"
- result is changed
- "key_name in result.stdout"
- "key_value in result.stdout"

4
tests/integration/targets/test_mysql_variables/tasks/mysql_variables.yml
View file

@ -359,7 +359,9 @@
- include: assert_var.yml changed=true output={{ result }} var_name={{ set_name }} var_value='{{ def_val }}'
when: mysql_version is not version('8.0', '<')
when:
- mysql_version is version('8.0', '>=')
- install_type == 'mysql'
# Bugfix of https://github.com/ansible/ansible/issues/54239
# - name: set variable containing dot