ansible-collections/community.mysql
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.mysql.git synced 2025-04-05 02:00:31 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge 0cbebb88a4 into b26235b7d7

Browse source
This commit is contained in:
Laurent Indermühle 2025-04-03 13:11:12 +00:00 committed by GitHub
commit 6a35d331ad
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 58 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
changelogs/fragments/707-source_ssl_verify_server_cert.yml Normal file
View file

@ -0,0 +1,3 @@
---
bugfixes:
- mysql_replication - fixed an issue where setting primary_ssl_verify_server_cert to false had no effect.

16
plugins/modules/mysql_replication.py
View file

@ -493,7 +493,7 @@ def main():
primary_ssl_cert=dict(type='str', aliases=['master_ssl_cert']),
primary_ssl_key=dict(type='str', no_log=False, aliases=['master_ssl_key']),
primary_ssl_cipher=dict(type='str', aliases=['master_ssl_cipher']),
primary_ssl_verify_server_cert=dict(type='bool', default=False),
primary_ssl_verify_server_cert=dict(type='bool'),
primary_use_gtid=dict(type='str', choices=[
'current_pos', 'replica_pos', 'disabled'], aliases=['master_use_gtid']),
primary_delay=dict(type='int', aliases=['master_delay']),
@ -641,8 +641,11 @@ def main():
chm.append("%s='%s'" % (command_resolver.resolve_command('MASTER_SSL_KEY'), primary_ssl_key))
if primary_ssl_cipher is not None:
chm.append("%s='%s'" % (command_resolver.resolve_command('MASTER_SSL_CIPHER'), primary_ssl_cipher))
if primary_ssl_verify_server_cert:
chm.append("%s=1" % command_resolver.resolve_command('MASTER_SSL_VERIFY_SERVER_CERT'))
if primary_ssl_verify_server_cert is not None:
if primary_ssl_verify_server_cert:
chm.append("%s=1" % command_resolver.resolve_command('MASTER_SSL_VERIFY_SERVER_CERT'))
else:
chm.append("%s=0" % command_resolver.resolve_command('MASTER_SSL_VERIFY_SERVER_CERT'))
if primary_auto_position:
chm.append("%s=1" % command_resolver.resolve_command('MASTER_AUTO_POSITION'))
if primary_use_gtid is not None:
@ -723,8 +726,11 @@ def main():
chm.append("SOURCE_SSL_KEY='%s'" % primary_ssl_key)
if primary_ssl_cipher is not None:
chm.append("SOURCE_SSL_CIPHER='%s'" % primary_ssl_cipher)
if primary_ssl_verify_server_cert:
chm.append("SOURCE_SSL_VERIFY_SERVER_CERT=1")
if primary_ssl_verify_server_cert is not None:
if primary_ssl_verify_server_cert:
chm.append("%s=1" % command_resolver.resolve_command('MASTER_SSL_VERIFY_SERVER_CERT'))
else:
chm.append("%s=0" % command_resolver.resolve_command('MASTER_SSL_VERIFY_SERVER_CERT'))
if primary_auto_position:
chm.append("SOURCE_AUTO_POSITION=1")
try:

40
tests/integration/targets/test_mysql_replication/tasks/issue-689.yml Normal file
View file

@ -0,0 +1,40 @@
---
- vars:
mysql_parameters: &mysql_params
login_user: '{{ mysql_user }}'
login_password: '{{ mysql_password }}'
login_host: '{{ mysql_host }}'
login_port: '{{ mysql_primary_port }}'
block:
- name: Disable ssl verification
community.mysql.mysql_replication:
<<: *mysql_params
login_port: '{{ mysql_replica1_port }}'
mode: changeprimary
primary_ssl_verify_server_cert: false
register: result
- name: Assert that changeprimmary is changed and return expected query for MariaDB and MySQL < 8.0.23
ansible.builtin.assert:
that:
- result is changed
- result.queries == expected_queries
when:
- >
db_engine == 'mariadb' or
(db_engine == 'mysql' and db_version is version('8.0.23', '<'))
vars:
expected_queries: ["CHANGE MASTER TO MASTER_SSL_VERIFY_SERVER_CERT=0"]
- name: Assert that changeprimmary is changed and return expected query for MySQL > 8.0.23
ansible.builtin.assert:
that:
- result is changed
- result.queries == expected_queries
when:
- db_engine == 'mysql'
- db_version is version('8.0.23', '>=')
vars:
expected_queries: ["CHANGE REPLICATION SOURCE TO SOURCE_SSL_VERIFY_SERVER_CERT=0"]

4
tests/integration/targets/test_mysql_replication/tasks/main.yml
View file

@ -13,6 +13,10 @@
# Tests of replication filters and force_context
- include_tasks: issue-265.yml
# primary_ssl_verify_server_cert
# Must run before mysql add channels in mysql_replication_channel.yml
- import_tasks: issue-689.yml
# Tests of primary_delay parameter:
- import_tasks: mysql_replication_primary_delay.yml