Fix assertions

This commit is contained in:
Jorge-Rodriguez 2020-11-17 12:58:20 +02:00
commit 9ffdeb0be3
No known key found for this signature in database
GPG key ID: 43153D1EFD8F7D90
5 changed files with 185 additions and 7 deletions

View file

@ -37,4 +37,4 @@
- name: assert output message mysql user was created
assert:
that:
- "result.changed == true"
- result is changed

View file

@ -80,7 +80,7 @@
- name: assert output message mysql user was removed
assert:
that:
- "result.changed == true"
- result is changed
- include: assert_no_user.yml user_name={{user_name_1}}

View file

@ -37,7 +37,7 @@
- name: assert output message mysql user was removed
assert:
that:
- "result.changed == true"
- result is changed
# ============================================================
- name: create blank mysql user to be removed later
@ -58,7 +58,7 @@
- name: assert changed is true for removing all blank users
assert:
that:
- "result.changed == true"
- result is changed
- name: remove blank mysql user with hosts=all (expect ok)
mysql_user:

View file

@ -51,7 +51,7 @@
- name: assert output message for current privileges
assert:
that:
- "result.changed == true"
- result is changed
- name: run command to show privileges for user (expect privileges in stdout)
command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{user_name_2}}'@'localhost'\""
@ -101,7 +101,7 @@
- name: Assert that priv changed
assert:
that:
- "result.changed == true"
- result is changed
- name: Add privs to a specific table (expect ok)
mysql_user:
@ -162,7 +162,7 @@
- name: Assert that priv changed
assert:
that:
- "result.changed == true"
- result is changed
- name: Test idempotency (expect ok)
mysql_user:

View file

@ -0,0 +1,178 @@
# test code update password for the mysql_user module
# (c) 2014, Wayne Rosario <wrosario@ansible.com>
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 dof the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
- vars:
mysql_parameters: &mysql_params
login_user: '{{ mysql_user }}'
login_password: '{{ mysql_password }}'
login_host: 127.0.0.1
login_port: '{{ mysql_primary_port }}'
block:
# ============================================================
# Update user password for a user.
# Assert the user password is updated and old password can no longer be used.
#
- name: create user1 state=present with a password
mysql_user:
<<: *mysql_params
name: '{{ user_name_1 }}'
password: '{{ user_password_1 }}'
priv: '*.*:ALL'
state: present
- name: create user2 state=present with a password
mysql_user:
<<: *mysql_params
name: '{{ user_name_2 }}'
password: '{{ user_password_2 }}'
priv: '*.*:ALL'
state: present
- name: store user2 grants with old password (mysql 5.7.6 and newer)
command: "{{ mysql_command }} -e \"SHOW CREATE USER '{{ user_name_2 }}'@'localhost'\""
register: user_password_old_create
ignore_errors: yes
- name: store user2 grants with old password (mysql 5.7.5 and older)
command: "{{ mysql_command }} -e \"SHOW GRANTS FOR '{{ user_name_2 }}'@'localhost'\""
register: user_password_old
when: user_password_old_create is failed
- name: update user2 state=present with same password (expect changed=false)
mysql_user:
<<: *mysql_params
name: '{{ user_name_2 }}'
password: '{{ user_password_2 }}'
priv: '*.*:ALL'
state: present
register: result
- name: assert output user2 was not updated
assert:
that:
- "result.changed == false"
- include: assert_user.yml user_name={{user_name_2}} priv='ALL PRIVILEGES'
- name: update user2 state=present with a new password (expect changed=true)
mysql_user:
<<: *mysql_params
name: '{{ user_name_2 }}'
password: '{{ user_password_1 }}'
state: present
register: result
- include: assert_user.yml user_name={{user_name_2}} priv='ALL PRIVILEGES'
- name: store user2 grants with old password (mysql 5.7.6 and newer)
command: "{{ mysql_command }} -e \"SHOW CREATE USER '{{ user_name_2 }}'@'localhost'\""
register: user_password_new_create
ignore_errors: yes
- name: store user2 grants with new password
command: "{{ mysql_command }} -e SHOW GRANTS FOR '{{ user_name_2 }}'@'localhost'\""
register: user_password_new
when: user_password_new_create is failed
- name: assert output message password was update for user2 (mysql 5.7.6 and newer)
assert:
that:
- "user_password_old_create.stdout != user_password_new_create.stdout"
when: user_password_new_create is not failed
- name: assert output message password was update for user2 (mysql 5.7.5 and older)
assert:
that:
- "user_password_old.stdout != user_password_new.stdout"
when: user_password_new_create is failed
- name: create database using user2 and old password
mysql_db:
login_user: '{{ user_name_2 }}'
login_password: '{{ user_password_2 }}'
login_host: '{{ mysql_host }}'
login_port: '{{ mysql_primary_port }}'
name: '{{ db_name }}'
state: present
ignore_errors: true
register: result
- debug: var=result.msg
- name: assert output message that database not create with old password
assert:
that:
- "result.failed == true"
- name: create database using user2 and new password
mysql_db:
login_user: '{{ user_name_2 }}'
login_password: '{{ user_password_1 }}'
login_host: '{{ mysql_host }}'
login_port: '{{ mysql_primary_port }}'
name: '{{ db_name }}'
state: present
register: result
- name: assert output message that database is created with new password
assert:
that:
- result is changed
- name: remove database
mysql_db:
<<: *mysql_params
name: '{{ db_name }}'
state: absent
login_unix_socket: '{{ mysql_socket }}'
- include: remove_user.yml user_name={{user_name_1}} user_password={{ user_password_1 }}
- include: remove_user.yml user_name={{user_name_2}} user_password={{ user_password_1 }}
- name: Create user with Fdt8fd^34ds using hash. (expect changed=true)
mysql_user:
<<: *mysql_params
name: jmainguy
password: '*0cb5b86f23fdc24db19a29b8854eb860cbc47793'
encrypted: yes
register: encrypt_result
- name: Check that the module made a change
assert:
that:
- "encrypt_result.changed == True"
- name: See if the password needs to be updated. (expect changed=false)
mysql_user:
<<: *mysql_params
name: jmainguy
password: 'Fdt8fd^34ds'
register: plain_result
- name: Check that the module did not change the password
assert:
that:
- "plain_result.changed == False"
- name: Remove user (cleanup)
mysql_user:
<<: *mysql_params
name: jmainguy
state: absent