From fa3dad6a45fa0ff2ec54fa7ae5c73e0733f93805 Mon Sep 17 00:00:00 2001 From: Laurent Indermuehle Date: Fri, 26 Aug 2022 17:20:09 +0200 Subject: [PATCH] Backport small diff from main --- .../tasks/test_user_plugin_auth.yml | 16 ++++++----- .../tasks/tls_requirements.yml | 27 +++++++------------ .../tasks/mysql_variables.yml | 5 ++-- 3 files changed, 22 insertions(+), 26 deletions(-) diff --git a/tests/integration/targets/test_mysql_user/tasks/test_user_plugin_auth.yml b/tests/integration/targets/test_mysql_user/tasks/test_user_plugin_auth.yml index 65db50b..264d8bd 100644 --- a/tests/integration/targets/test_mysql_user/tasks/test_user_plugin_auth.yml +++ b/tests/integration/targets/test_mysql_user/tasks/test_user_plugin_auth.yml @@ -31,10 +31,10 @@ register: result - name: Get user information - command: "{{ mysql_command }} -e \"SHOW CREATE USER '{{ test_user_name }}'@'localhost'\"" + command: "{{ mysql_command }} -e \"SELECT user, host, plugin FROM mysql.user WHERE user = '{{ test_user_name }}' and host = 'localhost'\"" register: show_create_user - - name: Check that the module made a change and that the expected plugin type is set + - name: Check that the module made a change assert: that: - result is changed @@ -107,10 +107,10 @@ register: result - name: Get user information - command: "{{ mysql_command }} -e \"SHOW CREATE USER '{{ test_user_name }}'@'localhost'\"" + command: "{{ mysql_command }} -e \"SELECT user, host, plugin FROM mysql.user WHERE user = '{{ test_user_name }}' and host = 'localhost'\"" register: show_create_user - - name: Check that the module made a change and that the expected plugin type is set + - name: Check that the module made a change assert: that: - result is changed @@ -145,6 +145,7 @@ plugin_hash_string: '{{ test_plugin_hash }}' register: result + # FIXME: on mariadb 10.2 there's always a change - name: Check that the module doesn't make a change when the same hash is passed in assert: that: @@ -201,7 +202,7 @@ command: "{{ mysql_command }} -e \"SHOW CREATE USER '{{ test_user_name }}'@'localhost'\"" register: show_create_user - - name: Check that the module made a change and that the expected plugin type is set + - name: Check that the module made a change assert: that: - result is changed @@ -210,6 +211,7 @@ assert: that: - "'{{ test_plugin_type }}' in show_create_user.stdout" + when: install_type == 'mysql' or (install_type == 'mariadb' and mariadb_version is version('10.3', '>=')) - include: assert_user.yml user_name={{ test_user_name }} priv={{ test_default_priv_type }} @@ -290,7 +292,7 @@ command: "{{ mysql_command }} -e \"SHOW CREATE USER '{{ test_user_name }}'@'localhost'\"" register: show_create_user - - name: Check that the module made a change and that the expected plugin type is set + - name: Check that the module made a change assert: that: - result is changed @@ -401,7 +403,7 @@ command: "{{ mysql_command }} -e \"SHOW CREATE USER '{{ test_user_name }}'@'localhost'\"" register: show_create_user - - name: Check that the module made a change and that the expected plugin type is set + - name: Check that the module made a change assert: that: - result is changed diff --git a/tests/integration/targets/test_mysql_user/tasks/tls_requirements.yml b/tests/integration/targets/test_mysql_user/tasks/tls_requirements.yml index 8de9401..73cab1b 100644 --- a/tests/integration/targets/test_mysql_user/tasks/tls_requirements.yml +++ b/tests/integration/targets/test_mysql_user/tasks/tls_requirements.yml @@ -55,7 +55,7 @@ issuer: '/CN=org/O=MyDom, Inc./C=US/ST=Oregon/L=Portland' - block: - - name: retrieve TLS requiremets for users in old database version + - name: retrieve TLS requirements for users in old database version command: "{{ mysql_command }} -L -N -s -e \"SHOW GRANTS for '{{ item }}'@'localhost'\"" register: old_result with_items: ['{{ user_name_1 }}', '{{ user_name_2 }}', '{{ user_name_3 }}'] @@ -67,7 +67,7 @@ when: db_version.version.major <= 5 and db_version.version.minor <= 6 or db_version.version.major == 10 and db_version.version.minor < 2 - block: - - name: retrieve TLS requiremets for users in new database version + - name: retrieve TLS requirements for users in new database version command: "{{ mysql_command }} -L -N -s -e \"SHOW CREATE USER '{{ item }}'@'localhost'\"" register: new_result with_items: ['{{ user_name_1 }}', '{{ user_name_2 }}', '{{ user_name_3 }}'] @@ -119,12 +119,12 @@ that: - result is changed - - name: retrieve TLS requiremets for users in old database version + - name: retrieve TLS requirements for users in old database version command: "{{ mysql_command }} -L -N -s -e \"SHOW GRANTS for '{{ user_name_1 }}'@'localhost'\"" register: old_result when: db_version.version.major <= 5 and db_version.version.minor <= 6 or db_version.version.major == 10 and db_version.version.minor < 2 - - name: retrieve TLS requiremets for users in new database version + - name: retrieve TLS requirements for users in new database version command: "{{ mysql_command }} -L -N -s -e \"SHOW CREATE USER '{{ user_name_1 }}'@'localhost'\"" register: new_result when: db_version.version.major == 5 and db_version.version.minor >= 7 or db_version.version.major > 5 and db_version.version.major < 10 or db_version.version.major == 10 and db_version.version.minor >= 2 @@ -143,12 +143,12 @@ tls_requires: X509: - - name: retrieve TLS requiremets for users in old database version + - name: retrieve TLS requirements for users in old database version command: "{{ mysql_command }} -L -N -s -e \"SHOW GRANTS for '{{ user_name_1 }}'@'localhost'\"" register: old_result when: db_version.version.major <= 5 and db_version.version.minor <= 6 or db_version.version.major == 10 and db_version.version.minor < 2 - - name: retrieve TLS requiremets for users in new database version + - name: retrieve TLS requirements for users in new database version command: "{{ mysql_command }} -L -N -s -e \"SHOW CREATE USER '{{ user_name_1 }}'@'localhost'\"" register: new_result when: db_version.version.major == 5 and db_version.version.minor >= 7 or db_version.version.major > 5 and db_version.version.major < 10 or db_version.version.major == 10 and db_version.version.minor >= 2 @@ -159,28 +159,21 @@ vars: - reqs: "{{(old_result is skipped | ternary(new_result, old_result)).stdout.split('REQUIRE')[1].split(separator)[0].strip()}}" - - name: remove TLS requiremets from user (expect changed=true) + - name: remove TLS requirements from user (expect changed=true) mysql_user: <<: *mysql_params name: '{{ user_name_1 }}' password: '{{ user_password_1 }}' tls_requires: - - name: retrieve TLS requiremets for users in old database version + - name: retrieve TLS requirements for users command: "{{ mysql_command }} -L -N -s -e \"SHOW GRANTS for '{{ user_name_1 }}'@'localhost'\"" - register: old_result - when: db_version.version.major <= 5 and db_version.version.minor <= 6 or db_version.version.major == 10 and db_version.version.minor < 2 + register: result - - name: retrieve TLS requiremets for users in new database version - command: "{{ mysql_command }} -L -N -s -e \"SHOW CREATE USER '{{ user_name_1 }}'@'localhost'\"" - register: new_result - when: db_version.version.major == 5 and db_version.version.minor >= 7 or db_version.version.major > 5 and db_version.version.major < 10 or db_version.version.major == 10 and db_version.version.minor >= 2 - name: assert user1 TLS requirements assert: - that: "'NONE' in reqs" - vars: - - reqs: "{{(old_result is skipped | ternary(new_result, old_result)).stdout.split('REQUIRE')[1].split(separator)[0].strip() | default('NONE') }}" + that: "'REQUIRE ' not in result.stdout or 'REQUIRE NONE' in result.stdout" - include: remove_user.yml user_name={{user_name_1}} user_password={{ user_password_1 }} diff --git a/tests/integration/targets/test_mysql_variables/tasks/mysql_variables.yml b/tests/integration/targets/test_mysql_variables/tasks/mysql_variables.yml index 3ef3c3a..ed34966 100644 --- a/tests/integration/targets/test_mysql_variables/tasks/mysql_variables.yml +++ b/tests/integration/targets/test_mysql_variables/tasks/mysql_variables.yml @@ -151,7 +151,6 @@ # ============================================================ # Verify mysql_variable fails when setting an incorrect value (out of range) # - - name: set mysql variable value to a number out of range mysql_variables: <<: *mysql_params @@ -360,7 +359,9 @@ - include: assert_var.yml changed=true output={{ result }} var_name={{ set_name }} var_value='{{ def_val }}' - when: mysql_version is not version('8.0', '<') + when: + - mysql_version is version('8.0', '>=') + - install_type == 'mysql' # Bugfix of https://github.com/ansible/ansible/issues/54239 # - name: set variable containing dot