Add test users for MySQL auth plugins (sha256 and cache_sha2)

2025-04-06 10:40:36 -07:00 · 2023-09-15 10:40:17 +02:00 · 2023-09-15 10:40:17 +02:00 · fcb2d49b24
commit fcb2d49b24
parent 83ad999038
1 changed files with 86 additions and 37 deletions
--- a/tests/integration/targets/test_mysql_info/tasks/filter_users_privs.yml
+++ b/tests/integration/targets/test_mysql_info/tasks/filter_users_privs.yml
@ -41,11 +41,45 @@
        state: import
        target: /root/create_procedure.sql

-    - name: Mysql_info users_privs | Prepare tests users
+    - name: Mysql_info users_privs | Prepare common tests users
+      community.mysql.mysql_user:
+        name: "{{ item.user }}"
+        host: "users_privs.com"
+        password: '*6C387FC3893DBA1E3BA155E74754DA6682D04747'
+        encrypted: true
+        priv: "{{ item.privs }}"
+        resource_limits: "{{ item.resource_limits | default(omit) }}"
+        state: present
+      loop:
+        - user: users_privs_adm
+          privs:
+            '*.*': 'ALL,GRANT'
+        - user: users_privs_schema
+          privs:
+            'users_privs_db.*': 'SELECT,INSERT,UPDATE,DELETE'
+        - user: users_privs_table
+          privs:
+            'users_privs_db.t1': 'SELECT,INSERT,UPDATE'
+        - user: users_privs_col
+          privs:
+            'users_privs_db.t1': 'SELECT (id)'
+          resource_limits:
+            MAX_USER_CONNECTIONS: 100
+        - user: users_privs_proc
+          privs:
+            'PROCEDURE users_privs_db.get_all_items': 'EXECUTE'
+          resource_limits:
+            MAX_USER_CONNECTIONS: 2
+            MAX_CONNECTIONS_PER_HOUR: 60
+        - user: users_privs_multi
+          privs:
+            'mysql.*': 'SELECT'
+            'users_privs_db.*': 'SELECT'
+
+    - name: Mysql_info users_privs | Prepare tests users for MariaDB
      community.mysql.mysql_user:
        name: "{{ item.user }}"
        host: "users_privs.com"
-        password: "{{ item.password | default(omit) }}"
        plugin: "{{ item.plugin | default(omit) }}"
        plugin_auth_string: "{{ item.plugin_auth_string | default(omit) }}"
        plugin_hash_string: "{{ item.plugin_hash_string | default(omit) }}"
@ -54,44 +88,59 @@
        resource_limits: "{{ item.resource_limits | default(omit) }}"
        state: present
      loop:
-        - user: users_privs_adm
+        - user: users_privs_socket  # Only for MariaDB
          privs:
-            '*.*': 'ALL,GRANT'
-          password: 'msandbox'
-        - user: users_privs_schema
+            '*.*': 'ALL'
+          plugin: 'unix_socket'
+      when:
+        - db_engine == 'mariadb'
+
+    - name: Mysql_info users_privs | Prepare tests users for MySQL
+      community.mysql.mysql_user:
+        name: "{{ item.user }}"
+        host: "users_privs.com"
+        password: "{{ item.password | default(omit) }}"
+        encrypted: true
+        plugin: "{{ item.plugin | default(omit) }}"
+        plugin_auth_string: "{{ item.plugin_auth_string | default(omit) }}"
+        plugin_hash_string: "{{ item.plugin_hash_string | default(omit) }}"
+        tls_require: "{{ item.tls_require | default(omit) }}"
+        priv: "{{ item.privs }}"
+        resource_limits: "{{ item.resource_limits | default(omit) }}"
+        state: present
+      loop:
+        - user: users_privs_sha256  # Only for MySQL
          privs:
-            'users_privs_db.*': 'SELECT,INSERT,UPDATE,DELETE'
-          password: 'msandbox'
-        - user: users_privs_table
+            '*.*': 'ALL'
+          plugin_auth_string:
+            '$5$/<w*D`L4\"F$WQiI1Pev.7atAh8udYs3wqlzgdfV8LXoy7rqSEC7NF2'
+          plugin: 'sha256_password'
+      when:
+        - db_engine == 'mysql'
+
+    - name: Mysql_info users_privs | Prepare tests users for MySQL 8+
+      community.mysql.mysql_user:
+        name: "{{ item.user }}"
+        host: "users_privs.com"
+        password: "{{ item.password | default(omit) }}"
+        encrypted: true
+        plugin: "{{ item.plugin | default(omit) }}"
+        plugin_auth_string: "{{ item.plugin_auth_string | default(omit) }}"
+        plugin_hash_string: "{{ item.plugin_hash_string | default(omit) }}"
+        tls_require: "{{ item.tls_require | default(omit) }}"
+        priv: "{{ item.privs }}"
+        resource_limits: "{{ item.resource_limits | default(omit) }}"
+        state: present
+      loop:
+        - user: users_privs_caching_sha2  # Only for MySQL 8+
          privs:
-            'users_privs_db.t1': 'SELECT,INSERT,UPDATE'
-        - user: users_privs_col
-          privs:
-            'users_privs_db.t1': 'SELECT (id)'
-          password: 'msandbox'
-          resource_limits:
-            MAX_USER_CONNECTIONS: 100
-        - user: users_privs_proc
-          privs:
-            'PROCEDURE users_privs_db.get_all_items': 'EXECUTE'
-          password: 'msandbox'
-          resource_limits:
-            MAX_USER_CONNECTIONS: 2
-            MAX_CONNECTIONS_PER_HOUR: 60
-        - user: users_privs_multi
-          privs:
-            'mysql.*': 'SELECT'
-            'users_privs_db.*': 'SELECT'
-          password: 'msandbox'
-        # - user: users_privs_socket  # Only for MariaDB
-        #   privs:
-        #     '*.*': 'ALL'
-        #   plugin: 'unix_socket'
-        # - user: users_privs_socket  # Only for MySQL
-        #   privs:
-        #     '*.*': 'ALL'
-        #   plugin_auth_string: 'msandbox'
-        #   plugin: 'sha256_password'
+            '*.*': 'ALL'
+          plugin_auth_string:
+            '$A$005$61j/uF%Qb4-=O2xkeO82u2HNkF.lxDq0liO4U3xqi7bDUCbWM6HayRXWn1'
+          plugin: 'caching_sha2_password'
+      when:
+        - db_engine == 'mysql'
+        - db_version is version('8.0', '>=')

    # ================================== Tests ==============================