openstack
/
puppet-openstacklib
Code Issues Proposed changes

Merge "mysql: allow specifying the authentication method"

This commit is contained in:
Zuul 2020-04-02 00:20:16 +00:00 committed by Gerrit Code Review
parent 60b6455598 f4e9903458
commit c08a4daa08
4 changed files with 74 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
manifests/db/mysql.pp
View File

@ -8,6 +8,10 @@
# Password hash to use for the database user for this service;
# string; required
#
# [*plugin*]
# Authentication plugin to use when connecting to the MySQL server;
# string; optional; default to 'undef'
#
# [*dbname*]
# The name of the database
# string; optional; default to the $title of the resource, i.e. 'nova'
@ -52,6 +56,7 @@
#
define openstacklib::db::mysql (
$password_hash,
$plugin = undef,
$dbname = $title,
$user = $title,
$host = '127.0.0.1',
@ -82,6 +87,7 @@ define openstacklib::db::mysql (
openstacklib::db::mysql::host_access { $real_allowed_hosts:
user => $user,
plugin => $plugin,
password_hash => $password_hash,
database => $dbname,
privileges => $privileges,

6
manifests/db/mysql/host_access.pp
View File

@ -17,6 +17,10 @@
# [*privileges*]
# the privileges to grant to this user
#
# [*plugin*]
# Authentication plugin to use when connecting to the MySQL server;
# Defaults to undef
#
# [*create_user*]
# Flag to allow for the skipping of the user as part of the database setup.
# Set to false to skip the user creation.
@ -36,6 +40,7 @@ define openstacklib::db::mysql::host_access (
$password_hash,
$database,
$privileges,
$plugin = undef,
$create_user = true,
$create_grant = true,
$tls_options = ['NONE'],
@ -48,6 +53,7 @@ define openstacklib::db::mysql::host_access (
if $create_user {
mysql_user { "${user}@${host}":
plugin => $plugin,
password_hash => $password_hash,
tls_options => $tls_options,
}

28
spec/defines/openstacklib_db_mysql_host_access_spec.rb
View File

@ -21,6 +21,33 @@ describe 'openstacklib::db::mysql::host_access' do
end
it { should contain_mysql_user("#{params[:user]}@10.0.0.1").with(
:plugin => nil,
:password_hash => params[:password_hash],
:tls_options => ['NONE']
)}
it { should contain_mysql_grant("#{params[:user]}@10.0.0.1/#{params[:database]}.*").with(
:user => "#{params[:user]}@10.0.0.1",
:privileges => 'ALL',
:table => "#{params[:database]}.*"
)}
end
context 'with overriding authentication plugin' do
let (:title) { 'nova_10.0.0.1' }
let :params do
{
:user => 'foobar',
:plugin => 'mysql_native_password',
:password_hash => 'AA1420F182E88B9E5F874F6FBE7459291E8F4601',
:database => 'nova',
:privileges => 'ALL'
}
end
it { should contain_mysql_user("#{params[:user]}@10.0.0.1").with(
:plugin => params[:plugin],
:password_hash => params[:password_hash],
:tls_options => ['NONE']
)}
@ -68,6 +95,7 @@ describe 'openstacklib::db::mysql::host_access' do
end
it { should contain_mysql_user("#{params[:user]}@10.0.0.1").with(
:plugin => nil,
:password_hash => params[:password_hash]
)}

34
spec/defines/openstacklib_db_mysql_spec.rb
View File

@ -26,6 +26,7 @@ describe 'openstacklib::db::mysql' do
it { should contain_openstacklib__db__mysql__host_access("#{title}_127.0.0.1").with(
:user => title,
:plugin => nil,
:database => title,
:privileges => 'ALL',
:tls_options => ['NONE'],
@ -44,6 +45,7 @@ describe 'openstacklib::db::mysql' do
it { should contain_openstacklib__db__mysql__host_access("#{params[:dbname]}_127.0.0.1").with(
:user => title,
:plugin => nil,
:database => params[:dbname],
:privileges => 'ALL',
:create_user => true,
@ -64,6 +66,7 @@ describe 'openstacklib::db::mysql' do
it { should contain_openstacklib__db__mysql__host_access("#{title}_127.0.0.1").with(
:user => params[:user],
:plugin => nil,
:database => title,
:privileges => 'ALL',
:create_user => true,
@ -72,6 +75,30 @@ describe 'openstacklib::db::mysql' do
)}
end
context 'with overriding authentication plugin' do
let :params do
required_params.merge!(
:plugin => 'mysql_native_password',
)
end
it { should contain_mysql_database(title).with(
:charset => 'utf8',
:collate => 'utf8_general_ci'
)}
it { should contain_openstacklib__db__mysql__host_access("#{title}_127.0.0.1").with(
:user => title,
:plugin => params[:plugin],
:password_hash => params[:password_hash],
:database => title,
:privileges => 'ALL',
:create_user => true,
:create_grant => true,
:tls_options => ['NONE'],
)}
end
context 'when overriding charset parameter' do
let :params do
required_params.merge!( :charset => 'latin1' )
@ -123,12 +150,14 @@ describe 'openstacklib::db::mysql' do
it { should contain_openstacklib__db__mysql__host_access("#{title}_127.0.0.1").with(
:user => title,
:plugin => nil,
:password_hash => params[:password_hash],
:database => title
)}
it { should contain_openstacklib__db__mysql__host_access("#{title}_%").with(
:user => title,
:plugin => nil,
:password_hash => params[:password_hash],
:database => title
)}
@ -141,6 +170,7 @@ describe 'openstacklib::db::mysql' do
it { should contain_openstacklib__db__mysql__host_access("#{title}_192.168.1.1").with(
:user => title,
:plugin => nil,
:password_hash => params[:password_hash],
:database => title
)}
@ -153,6 +183,7 @@ describe 'openstacklib::db::mysql' do
it { should contain_openstacklib__db__mysql__host_access("#{title}_127.0.0.1").with(
:user => title,
:plugin => nil,
:password_hash => params[:password_hash],
:database => title
)}
@ -170,6 +201,7 @@ describe 'openstacklib::db::mysql' do
it { should contain_openstacklib__db__mysql__host_access("#{title}_127.0.0.1").with(
:user => title,
:plugin => nil,
:database => title,
:privileges => 'ALL',
:create_user => false,
@ -189,6 +221,7 @@ describe 'openstacklib::db::mysql' do
it { should contain_openstacklib__db__mysql__host_access("#{title}_127.0.0.1").with(
:user => title,
:plugin => nil,
:database => title,
:privileges => 'ALL',
:create_user => true,
@ -217,6 +250,7 @@ describe 'openstacklib::db::mysql' do
it { should contain_openstacklib__db__mysql__host_access("#{title}_127.0.0.1").with(
:user => title,
:plugin => nil,
:password_hash => params[:password_hash],
:database => title,
:tls_options => ['SSL'],