Disable hostname check (#38)

* Add changelog fragment

* Add check_hostname option

* Propagate check_hostname option across the collection

* Update documentation fragment

* Propagate test to all other plugins

* Remove stray line

* Give test user privileges to run test operations

* Extend integration tests job matrix

* Add caution note to documentation fragment.

* Update matrix job name

* Rearrange job matrix

* Fix sanity issues

* Fix issue with mysqldb silently failing to update out of range variables

* Fix variable overwrite

* Ignore `check_hostname` when using MySQLdb

* Update plugins/doc_fragments/mysql.py

Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>

* Update plugins/doc_fragments/mysql.py

Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>

* Update changelogs/fragments/35-disable-hostname-check.yml

Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>

Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>

tests/integration/targets/test_mysql_variables/defaults/main.yml

@@ -3,3 +3,6 @@
 mysql_user: root
 mysql_password: msandbox
 mysql_primary_port: 3307
+
+user_name_1: 'db_user1'
+user_password_1: 'gadfFDSdtTU^Sdfuj'

tests/integration/targets/test_mysql_variables/tasks/issue-28.yml

@@ -0,0 +1,79 @@
+---
+- vars:
+    mysql_parameters: &mysql_params
+      login_user: '{{ mysql_user }}'
+      login_password: '{{ mysql_password }}'
+      login_host: 127.0.0.1
+      login_port: '{{ mysql_primary_port }}'
+
+  block:
+
+    # ============================================================
+    - shell: pip show pymysql | awk '/Version/ {print $2}'
+      register: pymysql_version
+
+    - name: get server certificate
+      copy:
+        content: "{{ lookup('pipe', \"openssl s_client -starttls mysql -connect localhost:3307 -showcerts 2>/dev/null </dev/null |  sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'\") }}"
+        dest: /tmp/cert.pem
+      delegate_to: localhost
+
+    - name: Drop mysql user if exists
+      mysql_user:
+        <<: *mysql_params
+        name: '{{ user_name_1 }}'
+        state: absent
+      ignore_errors: yes
+
+    - name: create user with ssl requirement
+      mysql_user:
+        <<: *mysql_params
+        name: "{{ user_name_1 }}"
+        password: "{{ user_password_1 }}"
+        priv: '*.*:ALL,GRANT'
+        tls_requires:
+          SSL:
+
+    - name: attempt connection with newly created user (expect failure)
+      mysql_variables:
+        variable: '{{ set_name }}'
+        login_user: '{{ user_name_1 }}'
+        login_password: '{{ user_password_1 }}'
+        login_host: 127.0.0.1
+        login_port: '{{ mysql_primary_port }}'
+        ca_cert: /tmp/cert.pem
+      register: result
+      ignore_errors: yes
+
+    - assert:
+        that:
+          - result is failed
+      when: pymysql_version.stdout != ""
+
+    - assert:
+        that:
+          - result is succeeded
+      when: pymysql_version.stdout == ""
+
+    - name: attempt connection with newly created user ignoring hostname
+      mysql_variables:
+        variable: '{{ set_name }}'
+        login_user: '{{ user_name_1 }}'
+        login_password: '{{ user_password_1 }}'
+        login_host: 127.0.0.1
+        login_port: '{{ mysql_primary_port }}'
+        ca_cert: /tmp/cert.pem
+        check_hostname: no
+      register: result
+      ignore_errors: yes
+
+    - assert:
+        that:
+          - result is succeeded or 'pymysql >= 0.7.11 is required' in result.msg
+
+    - name: Drop mysql user
+      mysql_user:
+        <<: *mysql_params
+        name: '{{ user_name_1 }}'
+        host: 127.0.0.1
+        state: absent

tests/integration/targets/test_mysql_variables/tasks/main.yml

@@ -4,3 +4,5 @@
 ####################################################################
 
 - import_tasks: mysql_variables.yml
+
+- include: issue-28.yml

tests/integration/targets/test_mysql_variables/tasks/mysql_variables.yml

@@ -141,7 +141,7 @@
     - name: set mysql variable value to an expression
       mysql_variables:
         <<: *mysql_params
-        variable: max_tmp_tables
+        variable: max_connect_errors
         value: "1024*4"
       register: result
       ignore_errors: true
@@ -151,15 +151,22 @@
     # ============================================================
     # Verify mysql_variable fails when setting an incorrect value (out of range)
     #
+    - shell: pip show pymysql | awk '/Version/ {print $2}'
+      register: pymysql_version
+
     - name: set mysql variable value to a number out of range
       mysql_variables:
         <<: *mysql_params
-        variable: max_tmp_tables
+        variable: max_connect_errors
         value: -1
-      register: result
+      register: oor_result
       ignore_errors: true
 
-    - include: assert_fail_msg.yml output={{ result }}  msg='Truncated incorrect'
+    - include: assert_var.yml changed=true output={{ oor_result }} var_name=max_connect_errors var_value=1
+      when: pymysql_version.stdout == ""
+
+    - include: assert_fail_msg.yml output={{ oor_result }}  msg='Truncated incorrect'
+      when: pymysql_version.stdout != ""
 
     # ============================================================
     # Verify mysql_variable fails when setting an incorrect value (incorrect type)
@@ -167,12 +174,12 @@
     - name: set mysql variable value to a non-valid value number
       mysql_variables:
         <<: *mysql_params
-        variable: max_tmp_tables
+        variable: max_connect_errors
         value: TEST
-      register: result
+      register: nvv_result
       ignore_errors: true
 
-    - include: assert_fail_msg.yml output={{ result }}  msg='Incorrect argument type to variable'
+    - include: assert_fail_msg.yml output={{ nvv_result }}  msg='Incorrect argument type to variable'
 
     # ============================================================
     # Verify mysql_variable fails when setting an unknown variable