Refactor test_mysql_user to work with other host than localhost

2025-08-03 04:34:27 -07:00 · 2023-01-05 18:04:12 +01:00 · 2023-01-05 18:04:12 +01:00 · 9da866a7bf
commit 9da866a7bf
parent 978676a6dc
27 changed files with 675 additions and 758 deletions
--- a/tests/integration/targets/test_mysql_user/tasks/assert_no_user.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/assert_no_user.yml
@ -1,27 +0,0 @@
 ---
 # test code to assert no mysql user
 # (c) 2014,  Wayne Rosario <wrosario@ansible.com>
 # This file is part of Ansible
 #
 # Ansible is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
 #
 # Ansible is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with Ansible.  If not, see <http://www.gnu.org/licenses/>.
 # ============================================================
 - name: run command to query for mysql user
  command: "{{ mysql_command }} -e \"SELECT User FROM mysql.user where user='{{ user_name }}'\""
  register: result
 - name: assert mysql user is not present
  assert:
    that: "'{{ user_name }}' not in result.stdout"
--- a/tests/integration/targets/test_mysql_user/tasks/assert_user.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/assert_user.yml
@ -1,39 +0,0 @@
 ---
 # test code to assert mysql user
 # (c) 2014,  Wayne Rosario <wrosario@ansible.com>
 # This file is part of Ansible
 #
 # Ansible is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
 #
 # Ansible is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with Ansible.  If not, see <http://www.gnu.org/licenses/>.
 # ============================================================
 - name: run command to query for mysql user
  command: "{{ mysql_command }} -e \"SELECT User FROM mysql.user where user='{{ user_name }}'\""
  register: result
 - name: assert mysql user is present
  assert:
    that:
      - "'{{ user_name }}' in result.stdout"
 - name: run command to show privileges for user (expect privileges in stdout)
  command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name }}'@'localhost'\""
  register: result
  when: priv is defined
 - name: assert user has giving privileges
  assert:
    that:
      - "'GRANT {{priv}} ON *.*' in result.stdout"
  when: priv is defined
--- a/tests/integration/targets/test_mysql_user/tasks/create_user.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/create_user.yml
@ -1,47 +0,0 @@
 ---
 # test code to create mysql user
 # (c) 2014,  Wayne Rosario <wrosario@ansible.com>
 # This file is part of Ansible
 #
 # Ansible is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
 #
 # Ansible is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with Ansible.  If not, see <http://www.gnu.org/licenses/>.
 - vars:
    mysql_parameters: &mysql_params
      login_user: "{{ mysql_user }}"
      login_password: "{{ mysql_password }}"
      login_host: "{{ gateway_addr }}"
      login_port: "{{ mysql_primary_port }}"
  block:
    - name: Drop mysql user if exists
      mysql_user:
        <<: *mysql_params
        name: "{{ user_name_1 }}"
        state: absent
      ignore_errors: yes
    # ============================================================
    - name: create mysql user {{user_name}}
      mysql_user:
        <<: *mysql_params
        name: "{{ user_name }}"
        password: "{{ user_password }}"
        state: present
      register: result
    - name: assert output message mysql user was created
      assert:
        that:
          - result is changed
--- a/tests/integration/targets/test_mysql_user/tasks/issue-121.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/issue-121.yml
@ -1,75 +1,73 @@
 ---
 - vars:
    mysql_parameters: &mysql_params
      login_user: '{{ mysql_user }}'
      login_password: '{{ mysql_password }}'
-      login_host: '{{ gateway_addr }}'
+      login_host: '{{ mysql_host }}'
      login_port: '{{ mysql_primary_port }}'
  block:
-    # ============================================================
+    - name: Issue-121 | Setup | Get server certificate
    - name: get server certificate
      copy:
-        content: "{{ lookup('pipe', \"openssl s_client -starttls mysql -connect localhost:3307 -showcerts 2>/dev/null </dev/null |  sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'\") }}"
+        content: "{{ lookup('pipe', \"openssl s_client -starttls mysql -connect {{ mysql_host }}:3307 -showcerts 2>/dev/null </dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'\") }}"
        dest: /tmp/cert.pem
      delegate_to: localhost
-    - name: get server version
+    - name: Issue-121 | Drop mysql user if exists
      mysql_info:
        <<: *mysql_params
        filter: version
      register: db_version
    - set_fact:
        old_user_mgmt: "{{ db_version.version.major <= 5 and db_version.version.minor <= 6 or db_version.version.major == 10 and db_version.version.minor < 2 | bool }}"
    - name: Drop mysql user if exists
      mysql_user:
        <<: *mysql_params
        name: '{{ item }}'
        host_all: true
        state: absent
-      ignore_errors: yes
+      ignore_errors: true
-      with_items:
+      loop:
        - "{{ user_name_1 }}"
        - "{{ user_name_2 }}"
-    - name: create user with REQUIRESSL privilege (expect failure)
+    - name: Issue-121 | Create user with REQUIRESSL privilege (expect failure)
      mysql_user:
        <<: *mysql_params
        name: "{{ user_name_1 }}"
        password: "{{ user_password_1 }}"
        priv: '*.*:SELECT,CREATE USER,REQUIRESSL,GRANT'
      register: result
-      ignore_errors: yes
+      ignore_errors: true
-    - assert:
+    - name: Issue-121 | Assert error granting privileges
      assert:
        that:
          - result is failed
          - result.msg is search('Error granting privileges')
-    - name: create user with both REQUIRESSL privilege and an incompatible tls_requires option
+    - name: >-
        Issue-121 | Create user with both REQUIRESSL privilege and an incompatible
        tls_requires option
      mysql_user:
        <<: *mysql_params
        name: "{{ user_name_1 }}"
        host: '{{ gateway_addr }}'
        password: "{{ user_password_1 }}"
        priv: '*.*:SELECT,CREATE USER,REQUIRESSL,GRANT'
        tls_requires:
          X509:
      register: result
-      ignore_errors: yes
+      ignore_errors: true
-    - assert:
+    - name: >-
        Issue-121 | Assert error granting privileges with incompatible tls_requires
        option
      assert:
        that:
          - result is failed
          - result.msg is search('Error granting privileges')
-    - name: Drop mysql user
+    - name: Issue-121 | Teardown | Drop mysql user
      mysql_user:
        <<: *mysql_params
        name: '{{ item }}'
-        host: '{{ gateway_addr }}'
+        host_all: true
        state: absent
      with_items:
        - "{{ user_name_1 }}"
--- a/tests/integration/targets/test_mysql_user/tasks/issue-265.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/issue-265.yml
@ -3,20 +3,21 @@
    mysql_parameters: &mysql_params
      login_user: '{{ mysql_user }}'
      login_password: '{{ mysql_password }}'
-      login_host: '{{ gateway_addr }}'
+      login_host: '{{ mysql_host }}'
      login_port: '{{ mysql_primary_port }}'
  block:
-    - name: Drop mysql user if exists
+    - name: Issue-265 | Drop mysql user if exists
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_1 }}'
        host_all: true
        state: absent
      ignore_errors: yes
    # Tests with force_context: yes
    # Test user creation
-    - name: create mysql user {{ user_name_1 }}
+    - name: Issue-265 | Create mysql user {{ user_name_1 }}
      mysql_user:
        <<: *mysql_params
        name: "{{ user_name_1 }}"
@ -25,30 +26,31 @@
        force_context: yes
      register: result
-    - name: assert output message mysql user was created
+    - name: Issue-265 | Assert user was created
      assert:
        that:
          - result is changed
-    - include: assert_user.yml user_name={{user_name_1}}
+    - include: utils_assert_user.yml user_name={{ user_name_1 }} user_host=localhost
    # Test user removal
-    - name: remove mysql user {{user_name_1}}
+    - name: Issue-265 | remove mysql user {{ user_name_1 }}
      mysql_user:
        <<: *mysql_params
-        name: '{{user_name_1}}'
+        name: "{{ user_name_1 }}"
-        password: '{{user_password_1}}'
+        host_all: true
        password: "{{ user_password_1 }}"
        state: absent
        force_context: yes
      register: result
-    - name: assert output message mysql user was removed
+    - name: Issue-265 | Assert user was removed
      assert:
        that:
          - result is changed
    # Test blank user removal
-    - name: create blank mysql user to be removed later
+    - name: Issue-265 | Create blank mysql user to be removed later
      mysql_user:
        <<: *mysql_params
        name: ""
@ -56,7 +58,7 @@
        force_context: yes
        password: 'KJFDY&D*Sfuydsgf'
-    - name: remove blank mysql user with hosts=all (expect changed)
+    - name: Issue-265 | Remove blank mysql user with hosts=all (expect changed)
      mysql_user:
        <<: *mysql_params
        user: ""
@ -65,12 +67,12 @@
        force_context: yes
      register: result
-    - name: assert changed is true for removing all blank users
+    - name: Issue-265 | Assert changed is true for removing all blank users
      assert:
        that:
          - result is changed
-    - name: remove blank mysql user with hosts=all (expect ok)
+    - name: Issue-265 | Remove blank mysql user with hosts=all (expect ok)
      mysql_user:
        <<: *mysql_params
        user: ""
@ -79,57 +81,57 @@
        state: absent
      register: result
-    - name: assert changed is true for removing all blank users
+    - name: Issue-265 | Assert changed is true for removing all blank users
      assert:
        that:
          - result is not changed
-    - include: assert_no_user.yml user_name={{user_name_1}}
+    - include: utils_assert_no_user.yml user_name={{user_name_1}}
    # Tests with force_context: no
    # Test user creation
-    - name: Drop mysql user if exists
+    - name: Issue-265 | Drop mysql user if exists
      mysql_user:
        <<: *mysql_params
-        name: '{{ user_name_1 }}'
+        name: "{{ user_name_1 }}"
        state: absent
      ignore_errors: yes
    # Tests with force_context: yes
    # Test user creation
-    - name: create mysql user {{user_name_1}}
+    - name: Issue-265 | Create mysql user {{user_name_1}}
      mysql_user:
        <<: *mysql_params
-        name: '{{ user_name_1 }}'
+        name: "{{ user_name_1 }}"
-        password: '{{ user_password_1 }}'
+        password: "{{ user_password_1 }}"
        state: present
        force_context: yes
      register: result
-    - name: assert output message mysql user was created
+    - name: Issue-265 | Assert output message mysql user was created
      assert:
        that:
          - result is changed
-    - include: assert_user.yml user_name={{user_name_1}}
+    - include: utils_assert_user.yml user_name={{ user_name_1 }} user_host=localhost
    # Test user removal
-    - name: remove mysql user {{user_name_1}}
+    - name: Issue-265 | Remove mysql user {{ user_name_1 }}
      mysql_user:
        <<: *mysql_params
-        name: '{{user_name_1}}'
+        name: "{{ user_name_1 }}"
-        password: '{{user_password_1}}'
+        password: "{{ user_password_1 }}"
        state: absent
        force_context: no
      register: result
-    - name: assert output message mysql user was removed
+    - name: Issue-265 | Assert output message mysql user was removed
      assert:
        that:
          - result is changed
    # Test blank user removal
-    - name: create blank mysql user to be removed later
+    - name: Issue-265 | Create blank mysql user to be removed later
      mysql_user:
        <<: *mysql_params
        name: ""
@ -137,7 +139,7 @@
        force_context: no
        password: 'KJFDY&D*Sfuydsgf'
-    - name: remove blank mysql user with hosts=all (expect changed)
+    - name: Issue-265 | Remove blank mysql user with hosts=all (expect changed)
      mysql_user:
        <<: *mysql_params
        user: ""
@ -146,12 +148,12 @@
        force_context: no
      register: result
-    - name: assert changed is true for removing all blank users
+    - name: Issue-265 | Assert changed is true for removing all blank users
      assert:
        that:
          - result is changed
-    - name: remove blank mysql user with hosts=all (expect ok)
+    - name: Issue-265 | Remove blank mysql user with hosts=all (expect ok)
      mysql_user:
        <<: *mysql_params
        user: ""
@ -160,9 +162,9 @@
        state: absent
      register: result
-    - name: assert changed is true for removing all blank users
+    - name: Issue-265 | Assert changed is true for removing all blank users
      assert:
        that:
          - result is not changed
-    - include: assert_no_user.yml user_name={{ user_name_1 }}
+    - include: utils_assert_no_user.yml user_name={{ user_name_1 }}
--- a/tests/integration/targets/test_mysql_user/tasks/issue-28.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/issue-28.yml
@ -9,35 +9,37 @@
    mysql_parameters: &mysql_params
      login_user: '{{ mysql_user }}'
      login_password: '{{ mysql_password }}'
-      login_host: '{{ gateway_addr }}'
+      login_host: '{{ mysql_host }}'
      login_port: '{{ mysql_primary_port }}'
  when: tls_enabled
  block:
    # ============================================================
-    - name: get server certificate
+    - name: Issue-28 | Setup | Get server certificate
      copy:
-        content: "{{ lookup('pipe', \"openssl s_client -starttls mysql -connect localhost:3307 -showcerts 2>/dev/null </dev/null |  sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'\") }}"
+        content: "{{ lookup('pipe', \"openssl s_client -starttls mysql -connect {{ mysql_host }}:3307 -showcerts 2>/dev/null </dev/null |  sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'\") }}"
        dest: /tmp/cert.pem
      delegate_to: localhost
-    - name: Drop mysql user if exists
+    - name: Issue-28 | Setup | Drop mysql user if exists
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_1 }}'
        host_all: true
        state: absent
-      ignore_errors: yes
+      ignore_errors: true
-    - name: create user with ssl requirement
+    - name: Issue-28 | Create user with ssl requirement
      mysql_user:
        <<: *mysql_params
        name: "{{ user_name_1 }}"
        host: '{{ gateway_addr }}'
        password: "{{ user_password_1 }}"
        priv: '*.*:ALL,GRANT'
        tls_requires:
          SSL:
-    - name: attempt connection with newly created user (expect failure)
+    - name: Issue-28 | Attempt connection with newly created user (expect failure)
      mysql_user:
        name: "{{ user_name_2 }}"
        password: "{{ user_password_2 }}"
@ -48,19 +50,21 @@
        login_port: '{{ mysql_primary_port }}'
        ca_cert: /tmp/cert.pem
      register: result
-      ignore_errors: yes
+      ignore_errors: true
-    - assert:
+    - name: Issue-28 | Assert connection failed
      assert:
        that:
          - result is failed
      when: connector_name is search('pymysql')
-    - assert:
+    - name: Issue-28 | Assert connection succeeded
      assert:
        that:
          - result is succeeded
      when: connector_name is not search('pymysql')
-    - name: attempt connection with newly created user ignoring hostname
+    - name: Issue-28 | Attempt connection with newly created user ignoring hostname
      mysql_user:
        name: "{{ user_name_2 }}"
        password: "{{ user_password_2 }}"
@ -70,15 +74,16 @@
        login_host: '{{ gateway_addr }}'
        login_port: '{{ mysql_primary_port }}'
        ca_cert: /tmp/cert.pem
-        check_hostname: no
+        check_hostname: false
      register: result
-      ignore_errors: yes
+      ignore_errors: true
-    - assert:
+    - name: Issue-28 | Assert connection succeeded
      assert:
        that:
          - result is succeeded or 'pymysql >= 0.7.11 is required' in result.msg
-    - name: Drop mysql user
+    - name: Issue-28 | Drop mysql user
      mysql_user:
        <<: *mysql_params
        name: '{{ item }}'
--- a/tests/integration/targets/test_mysql_user/tasks/issue-29511.yaml
+++ b/tests/integration/targets/test_mysql_user/tasks/issue-29511.yaml
@ -3,12 +3,12 @@
    mysql_parameters: &mysql_params
      login_user: '{{ mysql_user }}'
      login_password: '{{ mysql_password }}'
-      login_host: '{{ gateway_addr }}'
+      login_host: '{{ mysql_host }}'
      login_port: '{{ mysql_primary_port }}'
  block:
-    - name: Issue test setup - drop database
+    - name: Issue-29511 | test setup | drop database
      mysql_db:
        <<: *mysql_params
        name: "{{ item }}"
@ -17,7 +17,7 @@
        - foo
        - bar
-    - name: Issue test setup - create database
+    - name: Issue-29511 | test setup | create database
      mysql_db:
        <<: *mysql_params
        name: "{{ item }}"
@ -26,7 +26,7 @@
        - foo
        - bar
-    - name: Copy SQL scripts to remote
+    - name: Issue-29511 | Copy SQL scripts to remote
      copy:
        src: "{{ item }}"
        dest: "{{ remote_tmp_dir }}/{{ item | basename }}"
@ -34,13 +34,13 @@
        - create-function.sql
        - create-procedure.sql
-    - name: Create function for test
+    - name: Issue-29511 | Create function for test
      shell: "{{ mysql_command }} < {{ remote_tmp_dir }}/create-function.sql"
-    - name: Create procedure for test
+    - name: Issue-29511 | Create procedure for test
      shell: "{{ mysql_command }} < {{ remote_tmp_dir }}/create-procedure.sql"
-    - name: Create user with FUNCTION and PROCEDURE privileges
+    - name: Issue-29511 | Create user with FUNCTION and PROCEDURE privileges
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_2 }}'
@ -49,13 +49,13 @@
        priv: 'FUNCTION foo.function:EXECUTE/foo.*:SELECT/PROCEDURE bar.procedure:EXECUTE'
      register: result
-    - name: Assert Create user with FUNCTION and PROCEDURE privileges
+    - name: Issue-29511 | Assert Create user with FUNCTION and PROCEDURE privileges
      assert:
        that:
          - result is success
          - result is changed
-    - name: Create user with FUNCTION and PROCEDURE privileges - Idempotent check
+    - name: Issue-29511 | Create user with FUNCTION and PROCEDURE privileges - Idempotent check
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_2 }}'
@ -64,19 +64,13 @@
        priv: 'FUNCTION foo.function:EXECUTE/foo.*:SELECT/PROCEDURE bar.procedure:EXECUTE'
      register: result
-    - name: Assert Create user with FUNCTION and PROCEDURE privileges
+    - name: Issue-29511 | Assert Create user with FUNCTION and PROCEDURE privileges
      assert:
        that:
          - result is success
          - result is not changed
-    - name: Remove user
+    - name: Issue-29511 | Test teardown | cleanup databases
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_2 }}'
        state: absent
    - name: Issue test teardown - cleanup databases
      mysql_db:
        <<: *mysql_params
        name: "{{ item }}"
@ -84,3 +78,5 @@
      loop:
        - foo
        - bar
    - include: utils_remove_user.yml user_name="{{ user_name_2 }}"
--- a/tests/integration/targets/test_mysql_user/tasks/issue-64560.yaml
+++ b/tests/integration/targets/test_mysql_user/tasks/issue-64560.yaml
@ -3,47 +3,50 @@
    mysql_parameters: &mysql_params
      login_user: '{{ mysql_user }}'
      login_password: '{{ mysql_password }}'
-      login_host: '{{ gateway_addr }}'
+      login_host: '{{ mysql_host }}'
      login_port: '{{ mysql_primary_port }}'
  block:
-    - name: Set root password
+    - name: Issue-64560 | Set root password
      mysql_user:
        <<: *mysql_params
        name: root
        host: '%'
        password: '{{ root_password }}'
        check_implicit_admin: yes
      register: result
-    - name: assert root password is changed
+    - name: Issue-64560 | Assert root password is changed
      assert:
        that:
          - result is changed
-    - name: Set root password again
+    - name: Issue-64560 | Set root password again
      mysql_user:
        login_user: '{{ mysql_user }}'
        login_password: '{{ root_password }}'
-        login_host: '{{ gateway_addr }}'
+        login_host: '{{ mysql_host }}'
        login_port: '{{ mysql_primary_port }}'
        name: root
        host: '%'
        password: '{{ root_password }}'
        check_implicit_admin: yes
      register: result
-    - name: Assert root password is not changed
+    - name: Issue-64560 | Assert root password is not changed
      assert:
        that:
          - result is not changed
-    - name: Set root password again
+    - name: Issue-64560 | Set root password again
      mysql_user:
        login_user: '{{ mysql_user }}'
        login_password: '{{ root_password }}'
-        login_host: '{{ gateway_addr }}'
+        login_host: '{{ mysql_host }}'
        login_port: '{{ mysql_primary_port }}'
        name: root
        host: '%'
        password: '{{ mysql_password }}'
        check_implicit_admin: yes
      register: result
--- a/tests/integration/targets/test_mysql_user/tasks/main.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/main.yml
@ -1,3 +1,4 @@
 ---
 ####################################################################
 # WARNING: These are designed specifically for Ansible tests       #
 # and should not be used as examples of how to write Ansible roles #
@ -29,7 +30,7 @@
    mysql_parameters: &mysql_params
      login_user: '{{ mysql_user }}'
      login_password: '{{ mysql_password }}'
-      login_host: '{{ gateway_addr }}'
+      login_host: '{{ mysql_host }}'
      login_port: '{{ mysql_primary_port }}'
  block:
@ -38,74 +39,14 @@
    - include: issue-28.yml
-    - include: create_user.yml user_name={{ user_name_1 }} user_password={{ user_password_1 }}
+    - include: test_resource_limits.yml
-    - include: resource_limits.yml
+    - include: test_idempotency.yml
    - include: assert_user.yml user_name={{ user_name_1 }}
    - include: remove_user.yml user_name={{ user_name_1 }} user_password={{ user_password_1 }}
    - include: assert_no_user.yml user_name={{ user_name_1 }}
    # ============================================================
    # Create mysql user that already exist on mysql database
    #
    - include: create_user.yml user_name={{ user_name_1 }} user_password={{ user_password_1 }}
    - name: create mysql user that already exist (expect changed=false)
      mysql_user:
        <<: *mysql_params
        name: "{{ user_name_1 }}"
        password: "{{ user_password_1 }}"
        state: present
      register: result
    - name: assert output message mysql user was not created
      assert:
        that:
          - result is not changed
    # ============================================================
    # remove mysql user and verify user is removed from mysql database
    #
    - name: remove mysql user state=absent (expect changed=true)
      mysql_user:
        <<: *mysql_params
        name: "{{ user_name_1 }}"
        password: "{{ user_password_1 }}"
        state: absent
      register: result
    - name: assert output message mysql user was removed
      assert:
        that:
          - result is changed
    - include: assert_no_user.yml user_name={{ user_name_1 }}
    # ============================================================
    # remove mysql user that does not exist on mysql database
    #
    - name: remove mysql user that does not exist state=absent (expect changed=false)
      mysql_user:
        <<: *mysql_params
        name: "{{ user_name_1 }}"
        password: "{{ user_password_1 }}"
        state: absent
      register: result
    - name: assert output message mysql user that does not exist
      assert:
        that:
          - result is not changed
    - include: assert_no_user.yml user_name={{user_name_1}}
    # ============================================================
    # Create user with no privileges and verify default privileges are assign
    #
-    - name: create user with select privilege state=present (expect changed=true)
+    - name: create user with DEFAULT privilege state=present (expect changed=true)
      mysql_user:
        <<: *mysql_params
        name: "{{ user_name_1 }}"
@ -113,16 +54,16 @@
        state: present
      register: result
-    - include: assert_user.yml user_name={{ user_name_1 }} priv=USAGE
+    - include: utils_assert_user.yml user_name={{ user_name_1 }} user_host=localhost priv=USAGE
-    - include: remove_user.yml user_name={{ user_name_1 }} user_password={{ user_password_1 }}
+    - include: utils_remove_user.yml user_name={{ user_name_1 }}
-    - include: assert_no_user.yml user_name={{ user_name_1 }}
+    - include: utils_assert_no_user.yml user_name={{ user_name_1 }}
    # ============================================================
    # Create user with select privileges and verify select privileges are assign
    #
-    - name: create user with select privilege state=present (expect changed=true)
+    - name: Create user with SELECT privilege state=present (expect changed=true)
      mysql_user:
        <<: *mysql_params
        name: "{{ user_name_2 }}"
@ -131,16 +72,16 @@
        priv: '*.*:SELECT'
      register: result
-    - include: assert_user.yml user_name={{user_name_2}} priv=SELECT
+    - include: utils_assert_user.yml user_name={{ user_name_2 }} user_host=localhost priv=SELECT
-    - include: remove_user.yml user_name={{ user_name_2 }} user_password={{ user_password_2 }}
+    - include: utils_remove_user.yml user_name={{ user_name_2 }}
-    - include: assert_no_user.yml user_name={{ user_name_2 }}
+    - include: utils_assert_no_user.yml user_name={{ user_name_2 }}
    # ============================================================
    # Assert user has access to multiple databases
    #
-    - name: give users access to multiple databases
+    - name: Give users access to multiple databases
      mysql_user:
        <<: *mysql_params
        name: '{{ item[0] }}'
@ -148,34 +89,34 @@
        append_privs: yes
        password: '{{ user_password_1 }}'
      with_nested:
-        - [ '{{ user_name_1 }}', '{{ user_name_2 }}']
+        - ['{{ user_name_1 }}', '{{ user_name_2 }}']
        - "{{db_names}}"
-    - name: show grants access for user1 on multiple database
+    - name: Show grants access for user1 on multiple database
      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_1 }}'@'localhost'\""
      register: result
-    - name: assert grant access for user1 on multiple database
+    - name: Assert grant access for user1 on multiple database
      assert:
        that:
          - "'{{ item }}' in result.stdout"
-      with_items: "{{db_names}}"
+      with_items: "{{ db_names }}"
-    - name: show grants access for user2 on multiple database
+    - name: Show grants access for user2 on multiple database
      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_2 }}'@'localhost'\""
      register: result
-    - name: assert grant access for user2 on multiple database
+    - name: Assert grant access for user2 on multiple database
      assert:
        that:
          - "'{{ item }}' in result.stdout"
      with_items: "{{db_names}}"
-    - include: remove_user.yml user_name={{user_name_1}} user_password={{ user_password_1 }}
+    - include: utils_remove_user.yml user_name={{ user_name_1 }}
-    - include: remove_user.yml user_name={{user_name_2}} user_password={{ user_password_1 }}
+    - include: utils_remove_user.yml user_name={{ user_name_2 }}
-    - name: give user access to database via wildcard
+    - name: Give user SELECT access to database via wildcard
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_1 }}'
@ -183,7 +124,7 @@
        append_privs: yes
        password: '{{ user_password_1 }}'
-    - name: show grants access for user1 on multiple database
+    - name: show grants access for user1 on database via wildcard
      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_1 }}'@'localhost'\""
      register: result
@ -198,8 +139,8 @@
        <<: *mysql_params
        name: '{{ user_name_1 }}'
        priv:
-        - unsuitable
+          - unsuitable
-        - type
+          - type
        append_privs: yes
        host_all: yes
        password: '{{ user_password_1 }}'
@ -212,7 +153,7 @@
          - result is failed
          - result.msg is search('priv parameter must be str or dict')
-    - name: change user access to database via wildcard
+    - name: Change SELECT to INSERT for user access to database via wildcard
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_1 }}'
@ -221,7 +162,7 @@
        host_all: yes
        password: '{{ user_password_1 }}'
-    - name: show grants access for user1 on multiple database
+    - name: show grants access for user1 on database via wildcard
      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_1 }}'@'localhost'\""
      register: result
@ -231,7 +172,7 @@
          - "'%db' in result.stdout"
          - "'INSERT' in result.stdout"
-    - include: remove_user.yml user_name={{user_name_1}} user_password={{ user_password_1 }}
+    - include: utils_remove_user.yml user_name={{user_name_1}}
    # ============================================================
    # Test plaintext and encrypted password scenarios.
@ -283,7 +224,7 @@
        - issue_465
    # Tests for the TLS requires dictionary
-    - include: tls_requirements.yml
+    - include: test_tls_requirements.yml
    - import_tasks: issue-29511.yaml
      tags:
--- a/tests/integration/targets/test_mysql_user/tasks/remove_user.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/remove_user.yml
@ -1,75 +0,0 @@
 ---
 # test code to remove mysql user
 # (c) 2014,  Wayne Rosario <wrosario@ansible.com>
 # This file is part of Ansible
 #
 # Ansible is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
 #
 # Ansible is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with Ansible.  If not, see <http://www.gnu.org/licenses/>.
 - vars:
    mysql_parameters: &mysql_params
      login_user: '{{ mysql_user }}'
      login_password: '{{ mysql_password }}'
      login_host: '{{ gateway_addr }}'
      login_port: '{{ mysql_primary_port }}'
  block:
    # ============================================================
    - name: remove mysql user {{ user_name }}
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name }}'
        password: '{{ user_password }}'
        state: absent
      register: result
    - name: assert output message mysql user was removed
      assert:
        that:
          - result is changed
    # ============================================================
    - name: create blank mysql user to be removed later
      mysql_user:
        <<: *mysql_params
        name: ""
        state: present
        password: 'KJFDY&D*Sfuydsgf'
    - name: remove blank mysql user with hosts=all (expect changed)
      mysql_user:
        <<: *mysql_params
        user: ""
        host_all: true
        state: absent
      register: result
    - name: assert changed is true for removing all blank users
      assert:
        that:
          - result is changed
    - name: remove blank mysql user with hosts=all (expect ok)
      mysql_user:
        <<: *mysql_params
        user: ""
        host_all: true
        state: absent
      register: result
    - name: assert changed is true for removing all blank users
      assert:
        that:
          - result is not changed
--- a/tests/integration/targets/test_mysql_user/tasks/test_idempotency.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/test_idempotency.yml
@ -0,0 +1,84 @@
 ---
 - vars:
    mysql_parameters: &mysql_params
      login_user: '{{ mysql_user }}'
      login_password: '{{ mysql_password }}'
      login_host: '{{ mysql_host }}'
      login_port: '{{ mysql_primary_port }}'
  block:
    # ========================================================================
    # Creation
    # ========================================================================
    - include: utils_create_user.yml user_name={{ user_name_1 }} user_password={{ user_password_1 }}
    - name: Idempotency | Create user that already exist (expect changed=false)
      mysql_user:
        <<: *mysql_params
        name: "{{ user_name_1 }}"
        password: "{{ user_password_1 }}"
        state: present
      register: result
    - name: Idempotency | Assert create user task is not changed
      assert: {that: [result is not changed]}
    # ========================================================================
    # Removal
    # ========================================================================
    - name: Idempotency | Remove user (expect changed=true)
      mysql_user:
        <<: *mysql_params
        name: "{{ user_name_1 }}"
        state: absent
      register: result
    - name: Idempotency | Assert remove user task is changed
      ansible.builtin.assert:
        that:
          - result is changed
    - name: Idempotency | Remove user that doesn't exists (expect changed=false)
      mysql_user:
        <<: *mysql_params
        name: "{{ user_name_1 }}"
        state: absent
      register: result
    - name: Idempotency | Assert remove user task is not changed
      ansible.builtin.assert:
        that:
          - result is not changed
    # ========================================================================
    # Removal with host_all
    # ========================================================================
    # Create blank  user to be removed later
    - include: utils_create_user.yml user_name="" user_password='KJFDY&D*Sfuysf'
    - name: Idempotency | Remove blank  user with hosts=all (expect changed)
      mysql_user:
        <<: *mysql_params
        user: ""
        host_all: true
        state: absent
      register: result
    - name: Idempotency | Assert removing all blank users is changed
      ansible.builtin.assert:
        that:
          - result is changed
    - name: Idempotency | Remove blank user with hosts=all (expect ok)
      mysql_user:
        <<: *mysql_params
        user: ""
        host_all: true
        state: absent
      register: result
    - name: Idempotency | Assert removing all blank users is not changed
      ansible.builtin.assert:
        that:
          - result is not changed
--- a/tests/integration/targets/test_mysql_user/tasks/test_priv_append.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/test_priv_append.yml
@ -5,12 +5,12 @@
    mysql_parameters: &mysql_params
      login_user: '{{ mysql_user }}'
      login_password: '{{ mysql_password }}'
-      login_host: '{{ gateway_addr }}'
+      login_host: '{{ mysql_host }}'
      login_port: '{{ mysql_primary_port }}'
  block:
-    - name: Create test databases
+    - name: Priv append | Create test databases
      mysql_db:
        <<: *mysql_params
        name: '{{ item }}'
@ -19,28 +19,30 @@
        - data1
        - data2
-    - name: Create a user with an initial set of privileges
+    - name: Priv append | Create a user with an initial set of privileges
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_4 }}'
        host: '%'
        password: '{{ user_password_4 }}'
        priv: 'data1.*:SELECT,INSERT/data2.*:SELECT,DELETE'
        state: present
-    - name: Run command to show privileges for user (expect privileges in stdout)
+    - name: Priv append | Run command to show privileges for user (expect privileges in stdout)
-      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'localhost'\""
+      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'%'\""
      register: result
-    - name: Assert that the initial set of privileges matches what is expected
+    - name: Priv append | Assert that the initial set of privileges matches what is expected
      assert:
        that:
          - "'GRANT SELECT, INSERT ON `data1`.*' in result.stdout"
          - "'GRANT SELECT, DELETE ON `data2`.*' in result.stdout"
-    - name: Append privileges that are a subset of the current privileges, which should be a no-op
+    - name: Priv append | Append privileges that are a subset of the current privileges, which should be a no-op
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_4 }}'
        host: '%'
        password: '{{ user_password_4 }}'
        priv: 'data1.*:SELECT/data2.*:SELECT'
        append_privs: yes
@ -48,25 +50,26 @@
      check_mode: '{{ enable_check_mode }}'
      register: result
-    - name: Assert that there wasn't a change in permissions
+    - name: Priv append | Assert that there wasn't a change in permissions
      assert:
        that:
          - result is not changed
-    - name: Run command to show privileges for user (expect privileges in stdout)
+    - name: Priv append | Run command to show privileges for user (expect privileges in stdout)
-      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'localhost'\""
+      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'%'\""
      register: result
-    - name: Assert that the permissions still match what was originally granted
+    - name: Priv append | Assert that the permissions still match what was originally granted
      assert:
        that:
          - "'GRANT SELECT, INSERT ON `data1`.*' in result.stdout"
          - "'GRANT SELECT, DELETE ON `data2`.*' in result.stdout"
-    - name: Append privileges that are not included in the current set of privileges to test that privileges are updated
+    - name: Priv append | Append privileges that are not included in the current set of privileges to test that privileges are updated
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_4 }}'
        host: '%'
        password: '{{ user_password_4 }}'
        priv: 'data1.*:DELETE/data2.*:SELECT'
        append_privs: yes
@ -74,33 +77,34 @@
      check_mode: '{{ enable_check_mode }}'
      register: result
-    - name: Assert that there was a change because permissions were added to data1.*
+    - name: Priv append | Assert that there was a change because permissions were added to data1.*
      assert:
        that:
          - result is changed
-    - name: Run command to show privileges for user (expect privileges in stdout)
+    - name: Priv append | Run command to show privileges for user (expect privileges in stdout)
-      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'localhost'\""
+      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'%'\""
      register: result
-    - name: Assert that the permissions were changed as expected if check_mode is set to 'no'
+    - name: Priv append | Assert that the permissions were changed as expected if check_mode is set to 'no'
      assert:
        that:
          - "'GRANT SELECT, INSERT, DELETE ON `data1`.*' in result.stdout"
          - "'GRANT SELECT, DELETE ON `data2`.*' in result.stdout"
      when: enable_check_mode == 'no'
-    - name: Assert that the permissions were not actually changed if check_mode is set to 'yes'
+    - name: Priv append | Assert that the permissions were not actually changed if check_mode is set to 'yes'
      assert:
        that:
          - "'GRANT SELECT, INSERT ON `data1`.*' in result.stdout"
          - "'GRANT SELECT, DELETE ON `data2`.*' in result.stdout"
      when: enable_check_mode == 'yes'
-    - name: Try to append invalid privileges
+    - name: Priv append | Try to append invalid privileges
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_4 }}'
        host: '%'
        password: '{{ user_password_4 }}'
        priv: 'data1.*:INVALID/data2.*:SELECT'
        append_privs: yes
@ -109,7 +113,7 @@
      register: result
      ignore_errors: true
-    - name: Assert that there wasn't a change in privileges if check_mode is set to 'no'
+    - name: Priv append | Assert that there wasn't a change in privileges if check_mode is set to 'no'
      assert:
        that:
          - result is failed
@ -127,8 +131,4 @@
        - data1
        - data2
-    - name: Drop test user
+    - include: utils_remove_user.yml user_name={{ user_name_4 }}
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_4 }}'
        state: absent
--- a/tests/integration/targets/test_mysql_user/tasks/test_priv_dict.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/test_priv_dict.yml
@ -1,14 +1,15 @@
 ---
 - vars:
    mysql_parameters: &mysql_params
      login_user: '{{ mysql_user }}'
      login_password: '{{ mysql_password }}'
-      login_host: '{{ gateway_addr }}'
+      login_host: '{{ mysql_host }}'
      login_port: '{{ mysql_primary_port }}'
  block:
    # Tests for priv parameter value passed as a dict
-    - name: Create test databases
+    - name: Priv dict | Create test databases
      mysql_db:
        <<: *mysql_params
        name: '{{ item }}'
@ -18,7 +19,7 @@
        - data2
        - data3
-    - name: Create user with privileges
+    - name: Priv dict | Create user with privileges
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_3 }}'
@ -28,7 +29,7 @@
          "data2.*": "SELECT"
        state: present
-    - name: Run command to show privileges for user (expect privileges in stdout)
+    - name: Priv dict | Run command to show privileges for user (expect privileges in stdout)
      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_3 }}'@'localhost'\""
      register: result
@ -39,12 +40,12 @@
          - "'GRANT SELECT ON `data2`.*' in result.stdout"
    # Issue https://github.com/ansible-collections/community.mysql/issues/99
-    - name: Create test table test_table_issue99
+    - name: Priv dict | Create test table test_table_issue99
      mysql_query:
        <<: *mysql_params
        query: "CREATE TABLE IF NOT EXISTS data3.test_table_issue99 (a INT, b INT, c INT)"
-    - name: Grant select on a column
+    - name: Priv dict | Grant select on a column
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_3 }}'
@ -52,11 +53,12 @@
          'data3.test_table_issue99': 'SELECT (a)'
      register: result
-    - assert:
+    - name: Priv dict | Assert that select on a column is changed
      assert:
        that:
          - result is changed
-    - name: Grant select on the column again
+    - name: Priv dict | Grant select on the column again
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_3 }}'
@ -64,12 +66,12 @@
          'data3.test_table_issue99': 'SELECT (a)'
      register: result
-    - assert:
+    - name: Priv dict | Assert that select on the column is not changed
      assert:
        that:
          - result is not changed
-
+    - name: Priv dict | Grant select on columns
    - name: Grant select on columns
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_3 }}'
@ -77,11 +79,12 @@
          'data3.test_table_issue99': 'SELECT (a, b),INSERT'
      register: result
-    - assert:
+    - name: Priv dict | Assert select on columns is changed
      assert:
        that:
          - result is changed
-    - name: Grant select on columns again
+    - name: Priv dict | Grant select on columns again
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_3 }}'
@ -89,11 +92,12 @@
          'data3.test_table_issue99': 'SELECT (a, b),INSERT'
      register: result
-    - assert:
+    - name: Priv dict | Assert that select on columns again is not changed
      assert:
        that:
          - result is not changed
-    - name: Grant privs on columns
+    - name: Priv dict | Grant privs on columns
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_3 }}'
@ -101,11 +105,12 @@
          'data3.test_table_issue99': 'SELECT (a, b), INSERT (a, b), UPDATE'
      register: result
-    - assert:
+    - name: Priv dict | Assert that grant privs on columns is changed
      assert:
        that:
          - result is changed
-    - name: Grant same privs on columns again, note that the column order is different
+    - name: Priv dict | Grant same privs on columns again, note that the column order is different
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_3 }}'
@ -113,21 +118,22 @@
          'data3.test_table_issue99': 'SELECT (a, b), UPDATE, INSERT (b, a)'
      register: result
-    - assert:
+    - name: Priv dict | Assert that grants same privs with different order is not changed
      assert:
        that:
          - result is not changed
-    - name: Run command to show privileges for user (expect privileges in stdout)
+    - name: Priv dict | Run command to show privileges for user (expect privileges in stdout)
      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_3 }}'@'localhost'\""
      register: result
-    - name: Assert user has giving privileges
+    - name: Priv dict | Assert user has giving privileges
      assert:
        that:
          - "'GRANT SELECT (`A`, `B`), INSERT (`A`, `B`), UPDATE' in result.stdout"
      when: "'(`A`, `B`)' in result.stdout"
-    - name: Assert user has giving privileges
+    - name: Priv dict | Assert user has giving privileges
      assert:
        that:
          - "'GRANT SELECT (A, B), INSERT (A, B), UPDATE' in result.stdout"
@ -135,7 +141,7 @@
    ##########
    # Clean up
-    - name: Drop test databases
+    - name: Priv dict | Drop test databases
      mysql_db:
        <<: *mysql_params
        name: '{{ item }}'
@ -145,8 +151,4 @@
        - data2
        - data3
-    - name: Drop test user
+    - include: utils_remove_user.yml user_name="{{ user_name_3 }}"
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_3 }}'
        state: absent
--- a/tests/integration/targets/test_mysql_user/tasks/test_priv_subtract.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/test_priv_subtract.yml
@ -4,12 +4,12 @@
    mysql_parameters: &mysql_params
      login_user: '{{ mysql_user }}'
      login_password: '{{ mysql_password }}'
-      login_host: '{{ gateway_addr }}'
+      login_host: '{{ mysql_host }}'
      login_port: '{{ mysql_primary_port }}'
  block:
-    - name: Create test databases
+    - name: Priv substract | Create test databases
      mysql_db:
        <<: *mysql_params
        name: '{{ item }}'
@ -17,27 +17,29 @@
      loop:
        - data1
-    - name: Create a user with an initial set of privileges
+    - name: Priv substract | Create a user with an initial set of privileges
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_4 }}'
        host: '%'
        password: '{{ user_password_4 }}'
        priv: 'data1.*:SELECT,INSERT'
        state: present
-    - name: Run command to show privileges for user (expect privileges in stdout)
+    - name: Priv substract | Run command to show privileges for user (expect privileges in stdout)
-      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'localhost'\""
+      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'%'\""
      register: result
-    - name: Assert that the initial set of privileges matches what is expected
+    - name: Priv substract | Assert that the initial set of privileges matches what is expected
      assert:
        that:
          - "'GRANT SELECT, INSERT ON `data1`.*' in result.stdout"
-    - name: Subtract privileges that are not in the current privileges, which should be a no-op
+    - name: Priv substract | Subtract privileges that are not in the current privileges, which should be a no-op
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_4 }}'
        host: '%'
        password: '{{ user_password_4 }}'
        priv: 'data1.*:DELETE'
        subtract_privs: yes
@ -45,24 +47,25 @@
      check_mode: '{{ enable_check_mode }}'
      register: result
-    - name: Assert that there wasn't a change in permissions
+    - name: Priv substract | Assert that there wasn't a change in permissions
      assert:
        that:
          - result is not changed
-    - name: Run command to show privileges for user (expect privileges in stdout)
+    - name: Priv substract | Run command to show privileges for user (expect privileges in stdout)
-      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'localhost'\""
+      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'%'\""
      register: result
-    - name: Assert that the permissions still match what was originally granted
+    - name: Priv substract | Assert that the permissions still match what was originally granted
      assert:
        that:
          - "'GRANT SELECT, INSERT ON `data1`.*' in result.stdout"
-    - name: Subtract existing and not-existing privileges, but not all
+    - name: Priv substract | Subtract existing and not-existing privileges, but not all
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_4 }}'
        host: '%'
        password: '{{ user_password_4 }}'
        priv: 'data1.*:INSERT,DELETE'
        subtract_privs: yes
@ -70,31 +73,32 @@
      check_mode: '{{ enable_check_mode }}'
      register: result
-    - name: Assert that there was a change because permissions were/would be revoked on data1.*
+    - name: Priv substract | Assert that there was a change because permissions were/would be revoked on data1.*
      assert:
        that:
          - result is changed
-    - name: Run command to show privileges for user (expect privileges in stdout)
+    - name: Priv substract | Run command to show privileges for user (expect privileges in stdout)
-      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'localhost'\""
+      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'%'\""
      register: result
-    - name: Assert that the permissions were not changed if check_mode is set to 'yes'
+    - name: Priv substract | Assert that the permissions were not changed if check_mode is set to 'yes'
      assert:
        that:
          - "'GRANT SELECT, INSERT ON `data1`.*' in result.stdout"
      when: enable_check_mode == 'yes'
-    - name: Assert that only DELETE was revoked if check_mode is set to 'no'
+    - name: Priv substract | Assert that only DELETE was revoked if check_mode is set to 'no'
      assert:
        that:
          - "'GRANT SELECT ON `data1`.*' in result.stdout"
      when: enable_check_mode == 'no'
-    - name: Try to subtract invalid privileges
+    - name: Priv substract | Try to subtract invalid privileges
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_4 }}'
        host: '%'
        password: '{{ user_password_4 }}'
        priv: 'data1.*:INVALID'
        subtract_privs: yes
@ -102,31 +106,32 @@
      check_mode: '{{ enable_check_mode }}'
      register: result
-    - name: Assert that there was no change because invalid permissions are ignored
+    - name: Priv substract | Assert that there was no change because invalid permissions are ignored
      assert:
        that:
          - result is not changed
-    - name: Run command to show privileges for user (expect privileges in stdout)
+    - name: Priv substract | Run command to show privileges for user (expect privileges in stdout)
-      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'localhost'\""
+      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'%'\""
      register: result
-    - name: Assert that the permissions were not changed with check_mode=='yes'
+    - name: Priv substract | Assert that the permissions were not changed with check_mode=='yes'
      assert:
        that:
          - "'GRANT SELECT, INSERT ON `data1`.*' in result.stdout"
      when: enable_check_mode == 'yes'
-    - name: Assert that the permissions were not changed with check_mode=='no'
+    - name: Priv substract | Assert that the permissions were not changed with check_mode=='no'
      assert:
        that:
          - "'GRANT SELECT ON `data1`.*' in result.stdout"
      when: enable_check_mode == 'no'
-    - name: trigger failure by trying to subtract and append privileges at the same time
+    - name: Priv substract | Trigger failure by trying to subtract and append privileges at the same time
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_4 }}'
        host: '%'
        password: '{{ user_password_4 }}'
        priv: 'data1.*:SELECT'
        subtract_privs: yes
@ -136,22 +141,22 @@
      register: result
      ignore_errors: true
-    - name: Assert the previous execution failed
+    - name: Priv substract | Assert the previous execution failed
      assert:
        that:
          - result is failed
-    - name: Run command to show privileges for user (expect privileges in stdout)
+    - name: Priv substract | Run command to show privileges for user (expect privileges in stdout)
-      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'localhost'\""
+      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_4 }}'@'%'\""
      register: result
-    - name: Assert that the permissions stayed the same, with check_mode=='yes'
+    - name: Priv substract | Assert that the permissions stayed the same, with check_mode=='yes'
      assert:
        that:
          - "'GRANT SELECT, INSERT ON `data1`.*' in result.stdout"
      when: enable_check_mode == 'yes'
-    - name: Assert that the permissions stayed the same, with check_mode=='no'
+    - name: Priv substract | Assert that the permissions stayed the same, with check_mode=='no'
      assert:
        that:
          - "'GRANT SELECT ON `data1`.*' in result.stdout"
@ -159,7 +164,7 @@
    ##########
    # Clean up
-    - name: Drop test databases
+    - name: Priv substract | Drop test databases
      mysql_db:
        <<: *mysql_params
        name: '{{ item }}'
@ -167,8 +172,4 @@
      loop:
        - data1
-    - name: Drop test user
+    - include: utils_remove_user.yml user_name="{{ user_name_4 }}"
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_4 }}'
        state: absent
--- a/tests/integration/targets/test_mysql_user/tasks/test_privs.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/test_privs.yml
@ -21,56 +21,58 @@
    mysql_parameters: &mysql_params
      login_user: '{{ mysql_user }}'
      login_password: '{{ mysql_password }}'
-      login_host: '{{ gateway_addr }}'
+      login_host: '{{ mysql_host }}'
      login_port: '{{ mysql_primary_port }}'
  block:
    # ============================================================
-    - name: create user with basic select privileges
+    - name: Privs | Create user with basic select privileges
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_2 }}'
        host: '%'
        password: '{{ user_password_2 }}'
        priv: '*.*:SELECT'
        state: present
      when: current_append_privs ==  "yes"
-    - include: assert_user.yml user_name={{user_name_2}} priv='SELECT'
+    - include: utils_assert_user.yml user_name={{ user_name_2 }} user_host=% priv='SELECT'
      when: current_append_privs ==  "yes"
-    - name: create user with current privileges (expect changed=true)
+    - name: Privs | Create user with current privileges (expect changed=true)
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_2 }}'
        host: '%'
        password: '{{ user_password_2 }}'
-        priv: '*.*:{{current_privilege}}'
+        priv: '*.*:{{ current_privilege }}'
-        append_privs: '{{current_append_privs}}'
+        append_privs: '{{ current_append_privs }}'
        state: present
      register: result
-    - name: assert output message for current privileges
+    - name: Privs | Assert output message for current privileges
      assert:
        that:
          - result is changed
-    - name: run command to show privileges for user (expect privileges in stdout)
+    - name: Privs | Run command to show privileges for user (expect privileges in stdout)
-      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{user_name_2}}'@'localhost'\""
+      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{user_name_2}}'@'%'\""
      register: result
-    - name: assert user has correct privileges
+    - name: Privs | Assert user has correct privileges
      assert:
        that:
-          - "'GRANT {{current_privilege | replace(',', ', ')}} ON *.*' in result.stdout"
+          - "'GRANT {{ current_privilege | replace(',', ', ') }} ON *.*' in result.stdout"
      when: current_append_privs ==  "no"
-    - name: assert user has correct privileges
+    - name: Privs | Assert user has correct privileges
      assert:
        that:
-          - "'GRANT SELECT, {{current_privilege | replace(',', ', ')}} ON *.*' in result.stdout"
+          - "'GRANT SELECT, {{ current_privilege | replace(',', ', ') }} ON *.*' in result.stdout"
      when: current_append_privs ==  "yes"
-    - name: create database using user current privileges
+    - name: Privs | Create database using user current privileges
      mysql_db:
        login_user: '{{ user_name_2 }}'
        login_password: '{{ user_password_2 }}'
@ -80,56 +82,59 @@
        state: present
      ignore_errors: true
-    - name: run command to test that database was not created
+    - name: Privs | Run command to test that database was not created
      command: "{{ mysql_command }} -e \"show databases like '{{ db_name }}'\""
      register: result
-    - name: assert database was not created
+    - name: Privs | Assert database was not created
      assert:
        that:
-          - "'{{ db_name }}' not in result.stdout"
+          - db_name not in result.stdout
    # ============================================================
-    - name: Add privs to a specific table (expect changed)
+    - name: Privs | Add privs to a specific table (expect changed)
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_2 }}'
        host: '%'
        password: '{{ user_password_2 }}'
        priv: 'jmainguy.jmainguy:ALL'
        state: present
      register: result
-    - name: Assert that priv changed
+    - name: Privs | Assert that priv changed
      assert:
        that:
          - result is changed
-    - name: Add privs to a specific table (expect ok)
+    - name: Privs | Add privs to a specific table (expect ok)
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_2 }}'
        host: '%'
        password: '{{ user_password_2 }}'
        priv: 'jmainguy.jmainguy:ALL'
        state: present
      register: result
-    - name: Assert that priv did not change
+    - name: Privs | Assert that priv did not change
      assert:
        that:
          - result is not changed
    # ============================================================
-    - name: update user with all privileges
+    - name: Privs | Grant ALL to user {{ user_name_2 }}
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_2 }}'
        host: '%'
        password: '{{ user_password_2 }}'
        priv: '*.*:ALL'
        state: present
-    # - include: assert_user.yml user_name={{user_name_2}} priv='ALL PRIVILEGES'
+    # - include: utils_assert_user.yml user_name={{user_name_2}} user_host=% priv='ALL PRIVILEGES'
-    - name: create database using user
+    - name: Privs | Create database using user {{ user_name_2 }}
      mysql_db:
        login_user: '{{ user_name_2 }}'
        login_password: '{{ user_password_2 }}'
@ -138,10 +143,10 @@
        name: '{{ db_name }}'
        state: present
-    - name: run command to test database was created using user new privileges
+    - name: Privs | Run command to test database was created using user new privileges
      command: "{{ mysql_command }} -e \"SHOW CREATE DATABASE {{ db_name }}\""
-    - name: drop database using user
+    - name: Privs | Drop database using user {{ user_name_2 }}
      mysql_db:
        login_user: '{{ user_name_2 }}'
        login_password: '{{ user_password_2 }}'
@ -151,24 +156,26 @@
        state: absent
    # ============================================================
-    - name: update user with a long privileges list (mysql has a special multiline grant output)
+    - name: Privs | Update user with a long privileges list (mysql has a special multiline grant output)
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_2 }}'
        host: '%'
        password: '{{ user_password_2 }}'
        priv: '*.*:CREATE USER,FILE,PROCESS,RELOAD,REPLICATION CLIENT,REPLICATION SLAVE,SHOW DATABASES,SHUTDOWN,SUPER,CREATE,DROP,EVENT,LOCK TABLES,INSERT,UPDATE,DELETE,SELECT,SHOW VIEW,GRANT'
        state: present
      register: result
-    - name: Assert that priv changed
+    - name: Privs | Assert that priv changed
      assert:
        that:
          - result is changed
-    - name: Test idempotency with a long privileges list (expect ok)
+    - name: Privs | Test idempotency with a long privileges list (expect ok)
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_2 }}'
        host: '%'
        password: '{{ user_password_2 }}'
        priv: '*.*:CREATE USER,FILE,PROCESS,RELOAD,REPLICATION CLIENT,REPLICATION SLAVE,SHOW DATABASES,SHUTDOWN,SUPER,CREATE,DROP,EVENT,LOCK TABLES,INSERT,UPDATE,DELETE,SELECT,SHOW VIEW,GRANT'
        state: present
@ -176,20 +183,15 @@
    # FIXME: on mysql >=8 and mariadb >=10.5.2 there's always a change because
    # the REPLICATION CLIENT privilege was renamed to BINLOG MONITOR
-    - name: Assert that priv did not change
+    - name: Privs | Assert that priv did not change
      assert:
        that:
          - result is not changed
-    - name: remove username
+    - include: utils_remove_user.yml user_name="{{ user_name_2 }}"
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_2 }}'
        password: '{{ user_password_2 }}'
        state: absent
    # ============================================================
-    - name: grant all privileges with grant option
+    - name: Privs | Grant all privileges with grant option
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_2 }}'
@ -198,23 +200,23 @@
        state: present
      register: result
-    - name: Assert that priv changed
+    - name: Privs | Assert that priv changed
      assert:
        that:
          - result is changed
-    - name: Collect user info by host
+    - name: Privs | Collect user info by host
      community.mysql.mysql_info:
        <<: *mysql_params
        filter: "users"
      register: mysql_info_about_users
-    - name: Assert that 'GRANT' permission is present
+    - name: Privs | Assert that 'GRANT' permission is present
      assert:
        that:
          - mysql_info_about_users.users.localhost.{{ user_name_2 }}.Grant_priv == 'Y'
-    - name: Test idempotency (expect ok)
+    - name: Privs | Test idempotency (expect ok)
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_2 }}'
@ -224,24 +226,24 @@
      register: result
    # FIXME: on mysql >=8 there's always a change (ALL PRIVILEGES -> specific privileges)
-    - name: Assert that priv did not change
+    - name: Privs | Assert that priv did not change
      assert:
        that:
          - result is not changed
-    - name: Collect user info by host
+    - name: Privs | Collect user info by host
      community.mysql.mysql_info:
        <<: *mysql_params
        filter: "users"
      register: mysql_info_about_users
-    - name: Assert that 'GRANT' permission is present
+    - name: Privs | Assert that 'GRANT' permission is present (by host)
      assert:
        that:
          - mysql_info_about_users.users.localhost.{{ user_name_2 }}.Grant_priv == 'Y'
    # ============================================================
-    - name: update user with invalid privileges
+    - name: Privs | Update user with invalid privileges
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_2 }}'
@ -251,15 +253,10 @@
      register: result
      ignore_errors: yes
-    - name: Assert that priv did not change
+    - name: Privs | Assert that priv did not change
      assert:
        that:
          - result is failed
          - "'Error granting privileges' in result.msg"
-    - name: remove username
+    - include: utils_remove_user.yml user_name="{{ user_name_2 }}"
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_2 }}'
        password: '{{ user_password_2 }}'
        state: absent
--- a/tests/integration/targets/test_mysql_user/tasks/test_privs_issue_465.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/test_privs_issue_465.yml
@ -5,13 +5,13 @@
    mysql_parameters: &mysql_params
      login_user: '{{ mysql_user }}'
      login_password: '{{ mysql_password }}'
-      login_host: '{{ gateway_addr }}'
+      login_host: '{{ mysql_host }}'
      login_port: '{{ mysql_primary_port }}'
  block:
    # ============================================================
-    - name: create a user with parameters that will always cause an exception
+    - name: Privs issue 465 | Create a user with parameters that will always cause an exception
      mysql_user:
        <<: *mysql_params
        name: user_issue_465
@ -21,7 +21,7 @@
      ignore_errors: true
      register: result
-    - name: assert output message for current privileges
+    - name: Privs issue 465 | Assert output message for current privileges
      assert:
        that:
          - result is failed
--- a/tests/integration/targets/test_mysql_user/tasks/test_resource_limits.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/test_resource_limits.yml
@ -4,18 +4,18 @@
    mysql_parameters: &mysql_params
      login_user: '{{ mysql_user }}'
      login_password: '{{ mysql_password }}'
      login_host: '{{ gateway_addr }}'
      login_port: '{{ mysql_primary_port }}'
  block:
-    - name: Drop mysql user {{ user_name_1 }} if exists
+    - name: Resource limits | Drop mysql user {{ user_name_1 }} if exists
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_1 }}'
        host_all: true
        state: absent
-    - name: Create mysql user {{ user_name_1 }} with resource limits in check_mode
+    - name: Resource limits | Create mysql user {{ user_name_1 }} with resource limits in check_mode
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_1 }}'
@ -27,11 +27,12 @@
      check_mode: yes
      register: result
-    - assert:
+    - name: Resource limits | Assert that create user with resource limits is changed
      assert:
        that:
          - result is changed
-    - name: Create mysql user {{ user_name_1 }} with resource limits in actual mode
+    - name: Resource limits | Create mysql user {{ user_name_1 }} with resource limits in actual mode
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_1 }}'
@ -46,19 +47,23 @@
        that:
          - result is changed
-    - name: Check
+    - name: Resource limits | Check
      mysql_query:
        <<: *mysql_params
        query: >
-          SELECT User FROM mysql.user WHERE User = '{{ user_name_1 }}' AND Host = 'localhost'
+          SELECT User FROM mysql.user
-          AND max_questions = 10 AND max_connections = 5
+          WHERE User = '{{ user_name_1 }}'
          AND Host = 'localhost'
          AND max_questions = 10
          AND max_connections = 5
      register: result
-    - assert:
+    - name: Resource limits | Assert that rowcount is 1
      assert:
        that:
-        - result.rowcount[0] == 1
+          - result.rowcount[0] == 1
-    - name: Try to set the same limits again in check mode
+    - name: Resource limits | Try to set the same limits again in check mode
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_1 }}'
@ -70,11 +75,12 @@
      check_mode: yes
      register: result
-    - assert:
+    - name: Resource limits | Assert that set same limits again is not changed
      assert:
        that:
          - result is not changed
-    - name: Try to set the same limits again in actual mode
+    - name: Resource limits | Try to set the same limits again in actual mode
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_1 }}'
@ -85,11 +91,12 @@
          MAX_CONNECTIONS_PER_HOUR: 5
      register: result
-    - assert:
+    - name: Resource limits | Assert that set same limits again in actual mode is not changed
      assert:
        that:
          - result is not changed
-    - name: Change limits
+    - name: Resource limits | Change limits
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_1 }}'
@ -100,19 +107,24 @@
          MAX_CONNECTIONS_PER_HOUR: 5
      register: result
-    - assert:
+    - name: Resource limits | Assert limits changed
      assert:
        that:
          - result is changed
-    - name: Check
+    - name: Resource limits | Get user limits
      mysql_query:
        <<: *mysql_params
        query: >
-          SELECT User FROM mysql.user WHERE User = '{{ user_name_1 }}' AND Host = 'localhost'
+          SELECT User FROM mysql.user
-          AND max_questions = 5 AND max_connections = 5
+          WHERE User = '{{ user_name_1 }}'
          AND Host = 'localhost'
          AND max_questions = 5
          AND max_connections = 5
      register: result
-    - assert:
+    - name: Resource limits | Assert limit row count
      assert:
        that:
          - result.rowcount[0] == 1
--- a/tests/integration/targets/test_mysql_user/tasks/test_tls_requirements.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/test_tls_requirements.yml
@ -3,26 +3,26 @@
    mysql_parameters: &mysql_params
      login_user: '{{ mysql_user }}'
      login_password: '{{ mysql_password }}'
-      login_host: '{{ gateway_addr }}'
+      login_host: '{{ mysql_host }}'
      login_port: '{{ mysql_primary_port }}'
  block:
    # ============================================================
-    - name: find out the database version
+    - name: Tls reqs | find out the database version
      mysql_info:
        <<: *mysql_params
        filter: version
      register: db_version
-    - name: Drop mysql user {{ item }} if exists
+    - name: Tls reqs | Drop mysql user {{ item }} if exists
      mysql_user:
        <<: *mysql_params
        name: '{{ item }}'
        state: absent
      with_items: ['{{ user_name_1 }}', '{{ user_name_2 }}', '{{ user_name_3 }}']
-    - name: create user with TLS requirements in check mode (expect changed=true)
+    - name: Tls reqs | Create user with TLS requirements in check mode (expect changed=true)
      mysql_user:
        <<: *mysql_params
        name: "{{ user_name_1 }}"
@ -32,14 +32,14 @@
      check_mode: yes
      register: result
-    - name: Assert check mode user create reports changed state
+    - name: Tls reqs | Assert check mode user create reports changed state
      assert:
        that:
          - result is changed
-    - include: assert_no_user.yml user_name={{user_name_1}}
+    - include: utils_assert_no_user.yml user_name={{user_name_1}}
-    - name: create user with TLS requirements state=present (expect changed=true)
+    - name: Tls reqs | Create user with TLS requirements state=present (expect changed=true)
      mysql_user:
        <<: *mysql_params
        name: '{{ item[0] }}'
@ -55,45 +55,45 @@
            issuer: '/CN=org/O=MyDom, Inc./C=US/ST=Oregon/L=Portland'
    - block:
-      - name: retrieve TLS requirements for users in old database version
+      - name: Tls reqs | Retrieve TLS requirements for users in old database version
        command: "{{ mysql_command }} -L -N -s -e \"SHOW GRANTS for '{{ item }}'@'localhost'\""
        register: old_result
        with_items: ['{{ user_name_1 }}', '{{ user_name_2 }}', '{{ user_name_3 }}']
-      - name: set old database separator
+      - name: Tls reqs | Set old database separator
        set_fact:
          separator: '\n'
      # Semantically: when mysql version <= 5.6 or MariaDB version <= 10.1
      when: db_version.version.major <= 5 and db_version.version.minor <= 6 or db_version.version.major == 10 and db_version.version.minor < 2
    - block:
-      - name: retrieve TLS requirements for users in new database version
+      - name: Tls reqs | Retrieve TLS requirements for users in new database version
        command: "{{ mysql_command }} -L -N -s -e \"SHOW CREATE USER '{{ item }}'@'localhost'\""
        register: new_result
        with_items: ['{{ user_name_1 }}', '{{ user_name_2 }}', '{{ user_name_3 }}']
-      - name: set new database separator
+      - name: Tls reqs | Set new database separator
        set_fact:
          separator: 'PASSWORD'
      # Semantically: when mysql version >= 5.7 or MariaDB version >= 10.2
      when: db_version.version.major == 5 and db_version.version.minor >= 7 or db_version.version.major > 5 and db_version.version.major < 10  or db_version.version.major == 10 and db_version.version.minor >= 2
    - block:
-      - name: assert user1 TLS requirements
+      - name: Tls reqs | Assert user1 TLS requirements
        assert:
          that:
            - "'SSL' in reqs"
        vars:
          - reqs: "{{((old_result.results[0] is skipped | ternary(new_result, old_result)).results | selectattr('item', 'contains', user_name_1) | first).stdout.split('REQUIRE')[1].split(separator)[0].strip()}}"
-      - name: assert user2 TLS requirements
+      - name: Tls reqs | Assert user2 TLS requirements
        assert:
          that:
            - "'X509' in reqs"
        vars:
          - reqs: "{{((old_result.results[0] is skipped | ternary(new_result, old_result)).results | selectattr('item', 'contains', user_name_2) | first).stdout.split('REQUIRE')[1].split(separator)[0].strip()}}"
-      - name: assert user3 TLS requirements
+      - name: Tls reqs | Assert user3 TLS requirements
        assert:
          that:
            - "'/CN=alice/O=MyDom, Inc./C=US/ST=Oregon/L=Portland' in (reqs | select('contains', 'SUBJECT') | first)"
@ -104,7 +104,7 @@
      # CentOS 6 uses an older version of jinja that does not provide the selectattr filter.
      when: ansible_distribution != 'CentOS' or ansible_distribution_major_version != '6'
-    - name: modify user with TLS requirements state=present in check mode (expect changed=true)
+    - name: Tls reqs | Modify user with TLS requirements state=present in check mode (expect changed=true)
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_1 }}'
@ -114,28 +114,28 @@
      check_mode: yes
      register: result
-    - name: Assert check mode user update reports changed state
+    - name: Tls reqs | Assert check mode user update reports changed state
      assert:
        that:
          - result is changed
-    - name: retrieve TLS requirements for users in old database version
+    - name: Tls reqs | Retrieve TLS requirements for users in old database version
      command: "{{ mysql_command }} -L -N -s -e \"SHOW GRANTS for '{{ user_name_1 }}'@'localhost'\""
      register: old_result
      when: db_version.version.major <= 5 and db_version.version.minor <= 6 or db_version.version.major == 10 and db_version.version.minor < 2
-    - name: retrieve TLS requirements for users in new database version
+    - name: Tls reqs | Retrieve TLS requirements for users in new database version
      command: "{{ mysql_command }} -L -N -s -e \"SHOW CREATE USER '{{ user_name_1 }}'@'localhost'\""
      register: new_result
      when: db_version.version.major == 5 and db_version.version.minor >= 7 or db_version.version.major > 5 and db_version.version.major < 10  or db_version.version.major == 10 and db_version.version.minor >= 2
-    - name: assert user1 TLS requirements was not changed
+    - name: Tls reqs | Assert user1 TLS requirements was not changed
      assert:
        that: "'SSL' in reqs"
      vars:
        - reqs: "{{(old_result is skipped | ternary(new_result, old_result)).stdout.split('REQUIRE')[1].split(separator)[0].strip()}}"
-    - name: modify user with TLS requirements state=present (expect changed=true)
+    - name: Tls reqs | Modify user with TLS requirements state=present (expect changed=true)
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_1 }}'
@ -143,45 +143,45 @@
        tls_requires:
          X509:
-    - name: retrieve TLS requirements for users in old database version
+    - name: Tls reqs | Retrieve TLS requirements for users in old database version
      command: "{{ mysql_command }} -L -N -s -e \"SHOW GRANTS for '{{ user_name_1 }}'@'localhost'\""
      register: old_result
      when: db_version.version.major <= 5 and db_version.version.minor <= 6 or db_version.version.major == 10 and db_version.version.minor < 2
-    - name: retrieve TLS requirements for users in new database version
+    - name: Tls reqs | Retrieve TLS requirements for users in new database version
      command: "{{ mysql_command }} -L -N -s -e \"SHOW CREATE USER '{{ user_name_1 }}'@'localhost'\""
      register: new_result
      when: db_version.version.major == 5 and db_version.version.minor >= 7 or db_version.version.major > 5 and db_version.version.major < 10  or db_version.version.major == 10 and db_version.version.minor >= 2
-    - name: assert user1 TLS requirements
+    - name: Tls reqs | Assert user1 TLS requirements
      assert:
        that: "'X509' in reqs"
      vars:
        - reqs: "{{(old_result is skipped | ternary(new_result, old_result)).stdout.split('REQUIRE')[1].split(separator)[0].strip()}}"
-    - name: remove TLS requirements from user (expect changed=true)
+    - name: Tls reqs | Remove TLS requirements from user (expect changed=true)
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_1 }}'
        password: '{{ user_password_1 }}'
        tls_requires:
-    - name: retrieve TLS requirements for users
+    - name: Tls reqs | Retrieve TLS requirements for users
      command: "{{ mysql_command }} -L -N -s -e \"SHOW CREATE USER '{{ user_name_1 }}'@'localhost'\""
      register: result
-    - name: assert user1 TLS requirements
+    - name: Tls reqs | Assert user1 TLS requirements
      assert:
        that: "'REQUIRE ' not in result.stdout or 'REQUIRE NONE' in result.stdout"
-    - include: remove_user.yml user_name={{user_name_1}} user_password={{ user_password_1 }}
+    - include: utils_remove_user.yml user_name={{user_name_1}}
-    - include: remove_user.yml user_name={{user_name_2}} user_password={{ user_password_1 }}
+    - include: utils_remove_user.yml user_name={{user_name_2}}
-    - include: remove_user.yml user_name={{user_name_3}} user_password={{ user_password_1 }}
+    - include: utils_remove_user.yml user_name={{user_name_3}}
-    - include: assert_no_user.yml user_name={{user_name_1}}
+    - include: utils_assert_no_user.yml user_name={{user_name_1}}
-    - include: assert_no_user.yml user_name={{user_name_2}}
+    - include: utils_assert_no_user.yml user_name={{user_name_2}}
-    - include: assert_no_user.yml user_name={{user_name_3}}
+    - include: utils_assert_no_user.yml user_name={{user_name_3}}
--- a/tests/integration/targets/test_mysql_user/tasks/test_update_password.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/test_update_password.yml
@ -5,7 +5,7 @@
    mysql_parameters:
      login_user: '{{ mysql_user }}'
      login_password: '{{ mysql_password }}'
-      login_host: '{{ gateway_addr }}'
+      login_host: '{{ mysql_host }}'
      login_port: '{{ mysql_primary_port }}'
    test_password1: kbB9tcx5WOGVGfzV
    test_password1_hash: '*AF6A7F9D038475C17EE46564F154104877EE5037'
@ -16,10 +16,10 @@
  block:
-    - include_tasks: assert_user_password.yml
+    - include_tasks: utils_assert_user_password.yml
      vars:
        username: "{{ item.username }}"
-        host: ''{{ gateway_addr }}''
+        host: "%"
        update_password: "{{ item.update_password }}"
        password: "{{ test_password1 }}"
        expect_change: "{{ item.expect_change }}"
@ -49,10 +49,10 @@
          expect_change: false
    # same user, new password
-    - include_tasks: assert_user_password.yml
+    - include_tasks: utils_assert_user_password.yml
      vars:
        username: "{{ item.username }}"
-        host: ''{{ gateway_addr }}''
+        host: "%"
        update_password: "{{ item.update_password }}"
        password: "{{ test_password2 }}"
        expect_change: "{{ item.expect_change }}"
@ -73,7 +73,7 @@
          expect_password_hash: "{{ test_password1_hash }}"
    # new user, new password
-    - include_tasks: assert_user_password.yml
+    - include_tasks: utils_assert_user_password.yml
      vars:
        username: "{{ item.username }}"
        host: '::1'
@ -111,7 +111,7 @@
          expect_password_hash: "{{ test_password2_hash }}"
    # another new user, another new password and multiple existing users with varying passwords
-    - include_tasks: assert_user_password.yml
+    - include_tasks: utils_assert_user_password.yml
      vars:
        username: "{{ item.username }}"
        host: '2001:db8::1'
--- a/tests/integration/targets/test_mysql_user/tasks/test_user_grants_with_roles_applied.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/test_user_grants_with_roles_applied.yml
@ -4,20 +4,18 @@
    mysql_parameters: &mysql_params
      login_user: '{{ mysql_user }}'
      login_password: '{{ mysql_password }}'
-      login_host: '{{ gateway_addr }}'
+      login_host: '{{ mysql_host }}'
      login_port: '{{ mysql_primary_port }}'
  block:
    - name: Get server version
      mysql_info:
        <<: *mysql_params
      register: srv
-    # Skip unsupported versions
+    - name: User grants with roles applied | Skip unsupported versions
-    - meta: end_play
+      meta: end_play
-      when: srv['version']['major'] < 8
+      when:
        - db_engine == 'mysql'
        - db_version is version('8.0.0', '<')
-    - name: Create test databases
+    - name: User grants with roles applied | Create test databases
      mysql_db:
        <<: *mysql_params
        name: '{{ item }}'
@ -26,7 +24,7 @@
        - data1
        - data2
-    - name: Create user with privileges
+    - name: User grants with roles applied | Create user with privileges
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_3 }}'
@ -36,7 +34,7 @@
          "data2.*": "SELECT"
        state: present
-    - name: Run command to show privileges for user (expect privileges in stdout)
+    - name: User grants with roles applied | Run command to show privileges for user (expect privileges in stdout)
      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_3 }}'@'localhost'\""
      register: result
@ -46,14 +44,14 @@
          - "'GRANT SELECT ON `data1`.*' in result.stdout"
          - "'GRANT SELECT ON `data2`.*' in result.stdout"
-    - name: Create role
+    - name: User grants with roles applied | Create role
      mysql_role:
        <<: *mysql_params
        name: test231
        members:
          - '{{ user_name_3 }}@localhost'
-    - name: Try to change privs
+    - name: User grants with roles applied | Try to change privs
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_3 }}'
@ -62,11 +60,11 @@
          "data2.*": "INSERT"
        state: present
-    - name: Run command to show privileges for user (expect privileges in stdout)
+    - name: User grants with roles applied | Run command to show privileges for user (expect privileges in stdout)
      command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_3 }}'@'localhost'\""
      register: result
-    - name: Assert user has giving privileges
+    - name: User grants with roles applied | Assert user has giving privileges
      assert:
        that:
          - "'GRANT INSERT ON `data1`.*' in result.stdout"
@ -74,7 +72,7 @@
    ##########
    # Clean up
-    - name: Drop test databases
+    - name: User grants with roles applied | Drop test databases
      mysql_db:
        <<: *mysql_params
        name: '{{ item }}'
@ -83,13 +81,9 @@
        - data1
        - data2
-    - name: Drop test user
+    - include: utils_remove_user.yml user_name="{{ user_name_3 }}"
      mysql_user:
        <<: *mysql_params
        name: '{{ user_name_3 }}'
        state: absent
-    - name: Drop test role
+    - name: User grants with roles applied | Drop test role
      mysql_role:
        <<: *mysql_params
        name: test231
--- a/tests/integration/targets/test_mysql_user/tasks/test_user_password.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/test_user_password.yml
@ -5,7 +5,7 @@
    mysql_parameters: &mysql_params
      login_user: '{{ mysql_user }}'
      login_password: '{{ mysql_password }}'
-      login_host: '{{ gateway_addr }}'
+      login_host: '{{ mysql_host }}'
      login_port: '{{ mysql_primary_port }}'
    test_user_name: 'test_user_password'
    initial_password: 'a5C8SN*DBa0%a75sGz'
@ -21,7 +21,7 @@
    # Test setting plaintext password and changing it.
    #
-    - name: Create user with initial password
+    - name: Password | Create user with initial password
      mysql_user:
        <<: *mysql_params
        name: '{{ test_user_name }}'
@ -31,14 +31,14 @@
        state: present
      register: result
-    - name: Assert that a change occurred because the user was added
+    - name: Password | Assert that a change occurred because the user was added
      assert:
        that:
          - result is changed
-    - include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
+    - include: utils_assert_user.yml user_name={{ test_user_name }} user_host=% priv={{ test_default_priv_type }}
-    - name: Get the MySQL version using the newly created used creds
+    - name: Password | Get the MySQL version using the newly created used creds
      mysql_info:
        login_user: '{{ test_user_name }}'
        login_password: '{{ initial_password }}'
@ -48,43 +48,45 @@
      register: result
      ignore_errors: true
-    - name: Assert that mysql_info was successful
+    - name: Password | Assert that mysql_info was successful
      assert:
        that:
          - result is succeeded
-    - name: Run mysql_user again without any changes
+    - name: Password | Run mysql_user again without any changes
      mysql_user:
        <<: *mysql_params
-        name: '{{ test_user_name }}'
+        name: "{{ test_user_name }}"
-        password: '{{ initial_password }}'
+        host: "%"
-        priv: '{{ test_default_priv }}'
+        password: "{{ initial_password }}"
        priv: "{{ test_default_priv }}"
        state: present
      register: result
-    - name: Assert that there weren't any changes because username/password didn't change
+    - name: Password | Assert that there weren't any changes because username/password didn't change
      assert:
        that:
          - result is not changed
-    - include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
+    - include: utils_assert_user.yml user_name={{ test_user_name }} user_host=% priv={{ test_default_priv_type }}
-    - name: Update the user password
+    - name: Password | Update the user password
      mysql_user:
        <<: *mysql_params
-        name: '{{ test_user_name }}'
+        name: "{{ test_user_name }}"
-        password: '{{ new_password }}'
+        host: "%"
        password: "{{ new_password }}"
        state: present
      register: result
-    - name: Assert that a change occurred because the password was updated
+    - name: Password | Assert that a change occurred because the password was updated
      assert:
        that:
          - result is changed
-    - include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
+    - include: utils_assert_user.yml user_name={{ test_user_name }} user_host=% priv={{ test_default_priv_type }}
-    - name: Get the MySQL version data using the original password (should fail)
+    - name: Password | Get the MySQL version data using the original password (should fail)
      mysql_info:
        login_user: '{{ test_user_name }}'
        login_password: '{{ initial_password }}'
@ -94,12 +96,12 @@
      register: result
      ignore_errors: true
-    - name: Assert that the mysql_info module failed because we used the old password
+    - name: Password | Assert that the mysql_info module failed because we used the old password
      assert:
        that:
          - result is failed
-    - name: Get the MySQL version data using the new password (should work)
+    - name: Password | Get the MySQL version data using the new password (should work)
      mysql_info:
        login_user: '{{ test_user_name }}'
        login_password: '{{ new_password }}'
@ -109,19 +111,19 @@
      register: result
      ignore_errors: true
-    - name: Assert that the mysql_info module succeeded because we used the new password
+    - name: Password | Assert that the mysql_info module succeeded because we used the new password
      assert:
        that:
          - result is succeeded
    # Cleanup
-    - include: remove_user.yml user_name={{ test_user_name }} user_password={{ new_password }}
+    - include: utils_remove_user.yml user_name={{ test_user_name }}
    # ============================================================
    # Test setting a plaintext password and then the same password encrypted to ensure there isn't a change detected.
    #
-    - name: Create user with initial password
+    - name: Password | Create user with initial password
      mysql_user:
        <<: *mysql_params
        name: '{{ test_user_name }}'
@ -130,14 +132,14 @@
        state: present
      register: result
-    - name: Assert that a change occurred because the user was added
+    - name: Password | Assert that a change occurred because the user was added
      assert:
        that:
          - result is changed
-    - include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
+    - include: utils_assert_user.yml user_name={{ test_user_name }} user_host=localhost priv={{ test_default_priv_type }}
-    - name: Pass in the same password as before, but in the encrypted form (no change expected)
+    - name: Password | Pass in the same password as before, but in the encrypted form (no change expected)
      mysql_user:
        <<: *mysql_params
        name: '{{ test_user_name }}'
@ -147,36 +149,37 @@
        state: present
      register: result
-    - name: Assert that there weren't any changes because username/password didn't change
+    - name: Password | Assert that there weren't any changes because username/password didn't change
      assert:
        that:
          - result is not changed
    # Cleanup
-    - include: remove_user.yml user_name={{ test_user_name }} user_password={{ new_password }}
+    - include: utils_remove_user.yml user_name={{ test_user_name }}
    # ============================================================
    # Test setting an encrypted password and then the same password in plaintext to ensure there isn't a change.
    #
-    - name: Create user with initial password
+    - name: Password | Create user with initial password
      mysql_user:
        <<: *mysql_params
        name: '{{ test_user_name }}'
        host: "%"
        password: '{{ initial_password_encrypted }}'
        encrypted: yes
        priv: '{{ test_default_priv }}'
        state: present
      register: result
-    - name: Assert that a change occurred because the user was added
+    - name: Password | Assert that a change occurred because the user was added
      assert:
        that:
          - result is changed
-    - include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
+    - include: utils_assert_user.yml user_name={{ test_user_name }} user_host=% priv={{ test_default_priv_type }}
-    - name: Get the MySQL version data using the new creds
+    - name: Password | Get the MySQL version data using the new creds
      mysql_info:
        login_user: '{{ test_user_name }}'
        login_password: '{{ initial_password }}'
@ -186,60 +189,62 @@
      register: result
      ignore_errors: true
-    - name: Assert that the mysql_info module succeeded because we used the new password
+    - name: Password | Assert that the mysql_info module succeeded because we used the new password
      assert:
        that:
          - result is succeeded
-    - name: Pass in the same password as before, but in the encrypted form (no change expected)
+    - name: Password | Pass in the same password as before, but in the encrypted form (no change expected)
      mysql_user:
        <<: *mysql_params
        name: '{{ test_user_name }}'
        host: "%"
        password: '{{ initial_password }}'
        state: present
      register: result
-    - name: Assert that there weren't any changes because username/password didn't change
+    - name: Password | Assert that there weren't any changes because username/password didn't change
      assert:
        that:
          - result is not changed
    # Cleanup
-    - include: remove_user.yml user_name={{ test_user_name }} user_password={{ new_password }}
+    - include: utils_remove_user.yml user_name={{ test_user_name }}
    # ============================================================
    # Test setting an empty password.
    #
-    - name: Create user with empty password
+    - name: Password | Create user with empty password
      mysql_user:
        <<: *mysql_params
-        name: '{{ test_user_name }}'
+        name: "{{ test_user_name }}"
-        priv: '{{ test_default_priv }}'
+        host: "%"
        priv: "{{ test_default_priv }}"
        state: present
      register: result
-    - name: Assert that a change occurred because the user was added
+    - name: Password | Assert that a change occurred because the user was added
      assert:
        that:
          - result is changed
-    - name: Get the MySQL version using an empty password for the newly created user
+    - name: Password | Get the MySQL version using an empty password for the newly created user
      mysql_info:
-        login_user: '{{ test_user_name }}'
+        login_user: "{{ test_user_name }}"
-        login_password: ''
+        login_password: ""
-        login_host: '{{ mysql_host }}'
+        login_host: "{{ mysql_host }}"
-        login_port: '{{ mysql_primary_port }}'
+        login_port: "{{ mysql_primary_port }}"
        filter: version
      register: result
      ignore_errors: true
-    - name: Assert that mysql_info was successful
+    - name: Password | Assert that mysql_info was successful
      assert:
        that:
          - result is succeeded
-    - name: Get the MySQL version using an non-empty password (should fail)
+    - name: Password | Get the MySQL version using an non-empty password (should fail)
      mysql_info:
        login_user: '{{ test_user_name }}'
        login_password: 'some_password'
@ -249,23 +254,24 @@
      register: result
      ignore_errors: true
-    - name: Assert that mysql_info failed
+    - name: Password | Assert that mysql_info failed
      assert:
        that:
          - result is failed
-    - name: Update the user without changing the password
+    - name: Password | Update the user without changing the password
      mysql_user:
        <<: *mysql_params
        name: '{{ test_user_name }}'
        host: "%"
        priv: '{{ test_default_priv }}'
        state: present
      register: result
-    - name: Assert that the user wasn't changed because the password is still empty
+    - name: Password | Assert that the user wasn't changed because the password is still empty
      assert:
        that:
          - result is not changed
    # Cleanup
-    - include: remove_user.yml user_name={{ test_user_name }} user_password=''
+    - include: utils_remove_user.yml user_name={{ test_user_name }}
--- a/tests/integration/targets/test_mysql_user/tasks/test_user_plugin_auth.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/test_user_plugin_auth.yml
@ -1,10 +1,11 @@
 ---
 # Test user plugin auth scenarios.
 - vars:
    mysql_parameters: &mysql_params
      login_user: '{{ mysql_user }}'
      login_password: '{{ mysql_password }}'
-      login_host: '{{ gateway_addr }}'
+      login_host: '{{ mysql_host }}'
      login_port: '{{ mysql_primary_port }}'
    test_user_name: 'test_user_plugin_auth'
    test_plugin_type: 'mysql_native_password'
@ -21,33 +22,34 @@
    # Test plugin auth initially setting a hash and then changing to a different hash.
    #
-    - name: Create user with plugin auth (with hash string)
+    - name: Plugin auth | Create user with plugin auth (with hash string)
      mysql_user:
        <<: *mysql_params
        name: '{{ test_user_name }}'
        host: '%'
        plugin: '{{ test_plugin_type }}'
        plugin_hash_string: '{{ test_plugin_hash }}'
        priv: '{{ test_default_priv }}'
      register: result
-    - name: Get user information
+    - name: Plugin auth | Get user information (with hash string)
-      command: "{{ mysql_command }} -e \"SELECT user, host, plugin FROM mysql.user WHERE user = '{{ test_user_name }}' and host = 'localhost'\""
+      command: "{{ mysql_command }} -e \"SELECT user, host, plugin FROM mysql.user WHERE user = '{{ test_user_name }}' and host = '%'\""
      register: show_create_user
-    - name: Check that the module made a change
+    - name: Plugin auth | Check that the module made a change (with hash string)
      assert:
        that:
          - result is changed
-    - name: Check that the expected plugin type is set
+    - name: Plugin auth | Check that the expected plugin type is set (with hash string)
      assert:
        that:
          - "'{{ test_plugin_type }}' in show_create_user.stdout"
-      when: db_engine == 'mysql' or (db_engine == 'mariadb' and mariadb_version is version('10.3', '>='))
+      when: db_engine == 'mysql' or (db_engine == 'mariadb' and db_version is version('10.3', '>='))
-    - include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
+    - include: utils_assert_user.yml user_name={{ test_user_name }} user_host=% priv={{ test_default_priv_type }}
-    - name: Get the MySQL version using the newly created creds
+    - name: Plugin auth | Get the MySQL version using the newly created creds
      mysql_info:
        login_user: '{{ test_user_name }}'
        login_password: '{{ test_plugin_auth_string }}'
@ -56,27 +58,28 @@
        filter: version
      register: result
-    - name: Assert that mysql_info was successful
+    - name: Plugin auth | Assert that mysql_info was successful
      assert:
        that:
          - result is succeeded
-    - name: Update the user with a different hash
+    - name: Plugin auth | Update the user with a different hash
      mysql_user:
        <<: *mysql_params
        name: '{{ test_user_name }}'
        host: '%'
        plugin: '{{ test_plugin_type }}'
        plugin_hash_string: '{{ test_plugin_new_hash }}'
      register: result
-    - name: Check that the module makes the change because the hash changed
+    - name: Plugin auth | Check that the module makes the change because the hash changed
      assert:
        that:
          - result is changed
-    - include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
+    - include: utils_assert_user.yml user_name={{ test_user_name }} user_host=% priv={{ test_default_priv_type }}
-    - name: Getting the MySQL info with the new password should work
+    - name: Plugin auth | Getting the MySQL info with the new password should work
      mysql_info:
        login_user: '{{ test_user_name }}'
        login_password: '{{ test_plugin_new_auth_string }}'
@ -85,45 +88,46 @@
        filter: version
      register: result
-    - name: Assert that mysql_info was successful
+    - name: Plugin auth | Assert that mysql_info was successful
      assert:
        that:
          - result is succeeded
    # Cleanup
-    - include: remove_user.yml user_name={{ test_user_name }} user_password={{ test_plugin_new_auth_string }}
+    - include: utils_remove_user.yml user_name={{ test_user_name }}
    # ============================================================
    # Test plugin auth initially setting a hash and then switching to a plaintext auth string.
    #
-    - name: Create user with plugin auth (with hash string)
+    - name: Plugin auth | Create user with plugin auth (with hash string)
      mysql_user:
        <<: *mysql_params
        name: '{{ test_user_name }}'
        host: '%'
        plugin: '{{ test_plugin_type }}'
        plugin_hash_string: '{{ test_plugin_hash }}'
        priv: '{{ test_default_priv }}'
      register: result
-    - name: Get user information
+    - name: Plugin auth | Get user information
-      command: "{{ mysql_command }} -e \"SELECT user, host, plugin FROM mysql.user WHERE user = '{{ test_user_name }}' and host = 'localhost'\""
+      command: "{{ mysql_command }} -e \"SELECT user, host, plugin FROM mysql.user WHERE user = '{{ test_user_name }}' and host = '%'\""
      register: show_create_user
-    - name: Check that the module made a change
+    - name: Plugin auth | Check that the module made a change (with hash string)
      assert:
        that:
          - result is changed
-    - name: Check that the expected plugin type is set
+    - name: Plugin auth | Check that the expected plugin type is set (with hash string)
      assert:
        that:
          - "'{{ test_plugin_type }}' in show_create_user.stdout"
-      when: db_engine == 'mysql' or (db_engine == 'mariadb' and mariadb_version is version('10.3', '>='))
+      when: db_engine == 'mysql' or (db_engine == 'mariadb' and db_version is version('10.3', '>='))
-    - include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
+    - include: utils_assert_user.yml user_name={{ test_user_name }} user_host=% priv={{ test_default_priv_type }}
-    - name: Get the MySQL version using the newly created creds
+    - name: Plugin auth | Get the MySQL version using the newly created creds
      mysql_info:
        login_user: '{{ test_user_name }}'
        login_password: '{{ test_plugin_auth_string }}'
@ -132,43 +136,45 @@
        filter: version
      register: result
-    - name: Assert that mysql_info was successful
+    - name: Plugin auth | Assert that mysql_info was successful
      assert:
        that:
          - result is succeeded
-    - name: Update the user with the same hash (no change expected)
+    - name: Plugin auth | Update the user with the same hash (no change expected)
      mysql_user:
        <<: *mysql_params
        name: '{{ test_user_name }}'
        host: '%'
        plugin: '{{ test_plugin_type }}'
        plugin_hash_string: '{{ test_plugin_hash }}'
      register: result
    # FIXME: on mariadb 10.2 there's always a change
-    - name: Check that the module doesn't make a change when the same hash is passed in
+    - name: Plugin auth | Check that the module doesn't make a change when the same hash is passed in
      assert:
        that:
          - result is not changed
-      when: db_engine == 'mysql' or (db_engine == 'mariadb' and mariadb_version is version('10.3', '>='))
+      when: db_engine == 'mysql' or (db_engine == 'mariadb' and db_version is version('10.3', '>='))
-    - include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
+    - include: utils_assert_user.yml user_name={{ test_user_name }} user_host=% priv={{ test_default_priv_type }}
-    - name: Change the user using the same plugin, but switch to the same auth string in plaintext form
+    - name: Plugin auth | Change the user using the same plugin, but switch to the same auth string in plaintext form
      mysql_user:
        <<: *mysql_params
        name: '{{ test_user_name }}'
        host: '%'
        plugin: '{{ test_plugin_type }}'
        plugin_auth_string: '{{ test_plugin_auth_string }}'
      register: result
    # Expecting a change is currently by design (see comment in source).
-    - name: Check that the module did not change the password
+    - name: Plugin auth | Check that the module did not change the password
      assert:
        that:
          - result is changed
-    - name: Getting the MySQL info should still work
+    - name: Plugin auth | Getting the MySQL info should still work
      mysql_info:
        login_user: '{{ test_user_name }}'
        login_password: '{{ test_plugin_auth_string }}'
@ -177,45 +183,46 @@
        filter: version
      register: result
-    - name: Assert that mysql_info was successful
+    - name: Plugin auth | Assert that mysql_info was successful
      assert:
        that:
          - result is succeeded
    # Cleanup
-    - include: remove_user.yml user_name={{ test_user_name }} user_password={{ test_plugin_auth_string }}
+    - include: utils_remove_user.yml user_name={{ test_user_name }}
    # ============================================================
    # Test plugin auth initially setting a plaintext auth string and then switching to a hash.
    #
-    - name: Create user with plugin auth (with auth string)
+    - name: Plugin auth | Create user with plugin auth (with auth string)
      mysql_user:
        <<: *mysql_params
        name: '{{ test_user_name }}'
        host: '%'
        plugin: '{{ test_plugin_type }}'
        plugin_auth_string: '{{ test_plugin_auth_string }}'
        priv: '{{ test_default_priv }}'
      register: result
-    - name: Get user information
+    - name: Plugin auth | Get user information(with auth string)
-      command: "{{ mysql_command }} -e \"SHOW CREATE USER '{{ test_user_name }}'@'localhost'\""
+      command: "{{ mysql_command }} -e \"SHOW CREATE USER '{{ test_user_name }}'@'%'\""
      register: show_create_user
-    - name: Check that the module made a change
+    - name: Plugin auth | Check that the module made a change (with auth string)
      assert:
        that:
          - result is changed
-    - name: Check that the expected plugin type is set
+    - name: Plugin auth | Check that the expected plugin type is set (with auth string)
      assert:
        that:
-          - "'{{ test_plugin_type }}' in show_create_user.stdout"
+          - test_plugin_type in show_create_user.stdout
-      when: db_engine == 'mysql' or (db_engine == 'mariadb' and mariadb_version is version('10.3', '>='))
+      when: db_engine == 'mysql' or (db_engine == 'mariadb' and db_version is version('10.3', '>='))
-    - include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
+    - include: utils_assert_user.yml user_name={{ test_user_name }} user_host=% priv={{ test_default_priv_type }}
-    - name: Get the MySQL version using the newly created creds
+    - name: Plugin auth | Get the MySQL version using the newly created creds
      mysql_info:
        login_user: '{{ test_user_name }}'
        login_password: '{{ test_plugin_auth_string }}'
@ -224,42 +231,44 @@
        filter: version
      register: result
-    - name: Assert that mysql_info was successful
+    - name: Plugin auth | Assert that mysql_info was successful
      assert:
        that:
          - result is succeeded
-    - name: Update the user with the same auth string
+    - name: Plugin auth | Update the user with the same auth string
      mysql_user:
        <<: *mysql_params
        name: '{{ test_user_name }}'
        host: '%'
        plugin: '{{ test_plugin_type }}'
        plugin_auth_string: '{{ test_plugin_auth_string }}'
      register: result
    # This is the current expected behavior because there isn't a reliable way to hash the password in the mysql_user
    # module in order to be able to compare this password with the stored hash. See the source for more info.
-    - name: The module should detect a change even though the password is the same
+    - name: Plugin auth | The module should detect a change even though the password is the same
      assert:
        that:
          - result is changed
-    - include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
+    - include: utils_assert_user.yml user_name={{ test_user_name }} user_host=% priv={{ test_default_priv_type }}
-    - name: Change the user using the same plugin, but switch to the same auth string in hash form
+    - name: Plugin auth | Change the user using the same plugin, but switch to the same auth string in hash form
      mysql_user:
        <<: *mysql_params
        name: '{{ test_user_name }}'
        host: '%'
        plugin: '{{ test_plugin_type }}'
        plugin_hash_string: '{{ test_plugin_hash }}'
      register: result
-    - name: Check that the module did not change the password
+    - name: Plugin auth | Check that the module did not change the password
      assert:
        that:
          - result is not changed
-    - name: Get the MySQL version using the newly created creds
+    - name: Plugin auth | Get the MySQL version using the newly created creds
      mysql_info:
        login_user: '{{ test_user_name }}'
        login_password: '{{ test_plugin_auth_string }}'
@ -268,44 +277,45 @@
        filter: version
      register: result
-    - name: Assert that mysql_info was successful
+    - name: Plugin auth | Assert that mysql_info was successful
      assert:
        that:
          - result is succeeded
    # Cleanup
-    - include: remove_user.yml user_name={{ test_user_name }} user_password={{ test_plugin_auth_string }}
+    - include: utils_remove_user.yml user_name={{ test_user_name }}
    # ============================================================
    # Test plugin auth with an empty auth string.
    #
-    - name: Create user with plugin auth (empty auth string)
+    - name: Plugin auth | Create user with plugin auth (empty auth string)
      mysql_user:
        <<: *mysql_params
        name: '{{ test_user_name }}'
        host: '%'
        plugin: '{{ test_plugin_type }}'
        priv: '{{ test_default_priv }}'
      register: result
-    - name: Get user information
+    - name: Plugin auth | Get user information (empty auth string)
-      command: "{{ mysql_command }} -e \"SHOW CREATE USER '{{ test_user_name }}'@'localhost'\""
+      command: "{{ mysql_command }} -e \"SHOW CREATE USER '{{ test_user_name }}'@'%'\""
      register: show_create_user
-    - name: Check that the module made a change
+    - name: Plugin auth | Check that the module made a change (empty auth string)
      assert:
        that:
          - result is changed
-    - name: Check that the expected plugin type is set
+    - name: Plugin auth | Check that the expected plugin type is set (empty auth string)
      assert:
        that:
          - "'{{ test_plugin_type }}' in show_create_user.stdout"
-      when: db_engine == 'mysql' or (db_engine == 'mariadb' and mariadb_version is version('10.3', '>='))
+      when: db_engine == 'mysql' or (db_engine == 'mariadb' and db_version is version('10.3', '>='))
-    - include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
+    - include: utils_assert_user.yml user_name={{ test_user_name }} user_host=% priv={{ test_default_priv_type }}
-    - name: Get the MySQL version using an empty password for the newly created user
+    - name: Plugin auth | Get the MySQL version using an empty password for the newly created user
      mysql_info:
        login_user: '{{ test_user_name }}'
        login_password: ''
@ -315,12 +325,12 @@
      register: result
      ignore_errors: true
-    - name: Assert that mysql_info was successful
+    - name: Plugin auth | Assert that mysql_info was successful
      assert:
        that:
          - result is succeeded
-    - name: Get the MySQL version using an non-empty password (should fail)
+    - name: Plugin auth | Get the MySQL version using an non-empty password (should fail)
      mysql_info:
        login_user: '{{ test_user_name }}'
        login_password: 'some_password'
@ -330,33 +340,34 @@
      register: result
      ignore_errors: true
-    - name: Assert that mysql_info failed
+    - name: Plugin auth | Assert that mysql_info failed
      assert:
        that:
          - result is failed
-    - name: Update the user without changing the auth mechanism
+    - name: Plugin auth | Update the user without changing the auth mechanism
      mysql_user:
        <<: *mysql_params
        name: '{{ test_user_name }}'
        host: '%'
        plugin: '{{ test_plugin_type }}'
        state: present
      register: result
-    - name: Assert that the user wasn't changed because the auth string is still empty
+    - name: Plugin auth | Assert that the user wasn't changed because the auth string is still empty
      assert:
        that:
          - result is not changed
    # Cleanup
-    - include: remove_user.yml user_name={{ test_user_name }} user_password={{ test_plugin_auth_string }}
+    - include: utils_remove_user.yml user_name={{ test_user_name }}
    # ============================================================
    # Test plugin auth switching from one type of plugin to another without an auth string or hash. The only other
    # plugins that are loaded by default are sha2*, but these aren't compatible with pymysql < 0.9, so skip these tests
    # for those versions.
    #
-    - name: Test plugin auth switching which doesn't work on pymysql < 0.9
+    - name: Plugin auth | Test plugin auth switching which doesn't work on pymysql < 0.9
      when:
        - >
          connector_name is not search('pymysql')
@ -366,55 +377,55 @@
          )
      block:
-      - name: Create user with plugin auth (empty auth string)
+        - name: Plugin auth | Create user with plugin auth (empty auth string)
-        mysql_user:
+          mysql_user:
-          <<: *mysql_params
+            <<: *mysql_params
-          name: '{{ test_user_name }}'
+            name: '{{ test_user_name }}'
-          plugin: '{{ test_plugin_type }}'
+            plugin: '{{ test_plugin_type }}'
-          priv: '{{ test_default_priv }}'
+            priv: '{{ test_default_priv }}'
-        register: result
+          register: result
-      - name: Get user information
+        - name: Plugin auth | Get user information (empty auth string)
-        command: "{{ mysql_command }} -e \"SHOW CREATE USER '{{ test_user_name }}'@'localhost'\""
+          command: "{{ mysql_command }} -e \"SHOW CREATE USER '{{ test_user_name }}'@'localhost'\""
-        register: show_create_user
+          register: show_create_user
-      - name: Check that the module made a change
+        - name: Plugin auth | Check that the module made a change (empty auth string)
-        assert:
+          assert:
-          that:
+            that:
-            - result is changed
+              - result is changed
-      - name: Check that the expected plugin type is set
+        - name: Plugin auth | Check that the expected plugin type is set (empty auth string)
-        assert:
+          assert:
-          that:
+            that:
-            - "'{{ test_plugin_type }}' in show_create_user.stdout"
+              - test_plugin_type in show_create_user.stdout
-        when: db_engine == 'mysql' or (db_engine == 'mariadb' and mariadb_version is version('10.3', '>='))
+          when: db_engine == 'mysql' or (db_engine == 'mariadb' and db_version is version('10.3', '>='))
-      - include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
+        - include: utils_assert_user.yml user_name={{ test_user_name }} user_host=localhost priv={{ test_default_priv_type }}
-      - name: Switch user to sha256_password auth plugin
+        - name: Plugin auth | Switch user to sha256_password auth plugin
-        mysql_user:
+          mysql_user:
-          <<: *mysql_params
+            <<: *mysql_params
-          name: '{{ test_user_name }}'
+            name: '{{ test_user_name }}'
-          plugin: sha256_password
+            plugin: sha256_password
-          priv: '{{ test_default_priv }}'
+            priv: '{{ test_default_priv }}'
-        register: result
+          register: result
-      - name: Get user information
+        - name: Plugin auth | Get user information (sha256_password)
-        command: "{{ mysql_command }} -e \"SHOW CREATE USER '{{ test_user_name }}'@'localhost'\""
+          command: "{{ mysql_command }} -e \"SHOW CREATE USER '{{ test_user_name }}'@'localhost'\""
-        register: show_create_user
+          register: show_create_user
-      - name: Check that the module made a change
+        - name: Plugin auth | Check that the module made a change (sha256_password)
-        assert:
+          assert:
-          that:
+            that:
-            - result is changed
+              - result is changed
-      - name: Check that the expected plugin type is set
+        - name: Plugin auth | Check that the expected plugin type is set (sha256_password)
-        assert:
+          assert:
-          that:
+            that:
              - "'sha256_password' in show_create_user.stdout"
-        when: db_engine == 'mysql' or (db_engine == 'mariadb' and mariadb_version is version('10.3', '>='))
+          when: db_engine == 'mysql' or (db_engine == 'mariadb' and db_version is version('10.3', '>='))
-      - include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }}
+        - include: utils_assert_user.yml user_name={{ test_user_name }} user_host=localhost priv={{ test_default_priv_type }}
-      # Cleanup
+        # Cleanup
-      - include: remove_user.yml user_name={{ test_user_name }} user_password={{ test_plugin_auth_string }}
+        - include: utils_remove_user.yml user_name={{ test_user_name }}
--- a/tests/integration/targets/test_mysql_user/tasks/utils_assert_no_user.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/utils_assert_no_user.yml
@ -0,0 +1,8 @@
 ---
 - name: Utils | Assert no user | Query for user {{ user_name }}
  command: "{{ mysql_command }} -e \"SELECT User FROM mysql.user where user='{{ user_name }}'\""
  register: result
 - name: Utils | Assert no user | Assert mysql user is not present
  assert:
    that: user_name not in result.stdout
--- a/tests/integration/targets/test_mysql_user/tasks/utils_assert_user.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/utils_assert_user.yml
@ -0,0 +1,21 @@
 ---
 - name: Utils | Assert user | Query for user {{ user_name }}
  command: "{{ mysql_command }} -e \"SELECT user FROM mysql.user where user='{{ user_name }}'\""
  register: result
 - name: Utils | Assert user | Assert user is present
  assert:
    that:
      - user_name in result.stdout
 - name: Utils | Assert user | Query for privileges of user {{ user_name }}
  command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name }}'@'{{ user_host }}'\""
  register: result
  when: priv is defined
 - name: Utils | Assert user | Assert user has given privileges
  ansible.builtin.assert:
    that:
      - "'GRANT {{ priv }} ON *.*' in result.stdout"
  when: priv is defined
--- a/tests/integration/targets/test_mysql_user/tasks/utils_assert_user_password.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/utils_assert_user_password.yml
@ -1,5 +1,5 @@
 ---
- name: "applying user {{ username }}@{{ host }} with update_password={{ update_password }}"
+- name: Utils | Assert user password | Apply update_password to {{ username }}
  mysql_user:
    login_user: '{{ mysql_parameters.login_user }}'
    login_password: '{{ mysql_parameters.login_password }}'
@ -12,17 +12,17 @@
    update_password: "{{ update_password }}"
  register: result
- name: assert a change occurred
+- name: Utils | Assert user password | Assert a change occurred
  assert:
    that:
      - "result.changed | bool == {{ expect_change }} | bool"
      - "result.password_changed == {{ expect_password_change }}"
- name: query the user
+- name: Utils | Assert user password | Query user {{ username }}
  command: "{{ mysql_command }} -BNe \"SELECT plugin, authentication_string FROM mysql.user where user='{{ username }}' and host='{{ host }}'\""
  register: existing_user
- name: assert the password is as set to expect_hash
+- name: Utils | Assert user password | Assert expect_hash is in user stdout
  assert:
    that:
      - "'mysql_native_password\t{{ expect_password_hash }}' in existing_user.stdout_lines"
--- a/tests/integration/targets/test_mysql_user/tasks/utils_create_user.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/utils_create_user.yml
@ -0,0 +1,12 @@
 ---
 - name: Utils | Create user {{ user_name }}
  mysql_user:
    login_user: "{{ mysql_user }}"
    login_password: "{{ mysql_password }}"
    login_host: "{{ mysql_host }}"
    login_port: "{{ mysql_primary_port }}"
    name: "{{ user_name }}"
    host: "{{ user_host | default(omit) }}"
    password: "{{ user_password }}"
    state: present
--- a/tests/integration/targets/test_mysql_user/tasks/utils_remove_user.yml
+++ b/tests/integration/targets/test_mysql_user/tasks/utils_remove_user.yml
@ -0,0 +1,12 @@
 ---
 - name: Utils | Remove user {{ user_name }}
  mysql_user:
    login_user: "{{ mysql_user }}"
    login_password: "{{ mysql_password }}"
    login_host: "{{ mysql_host }}"
    login_port: "{{ mysql_primary_port }}"
    name: "{{ user_name }}"
    host_all: true
    state: absent
  ignore_errors: true