Mercurial > repos > other > Puppet
changeset 389:668df4711671
Update MySQL modules
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/modules/mysql/.geppetto-rc.json Mon Jan 03 17:16:21 2022 +0000 @@ -0,0 +1,9 @@ +{ + "excludes": [ + "**/contrib/**", + "**/examples/**", + "**/tests/**", + "**/spec/**", + "**/pkg/**" + ] +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/modules/mysql/.github/workflows/auto_release.yml Mon Jan 03 17:16:21 2022 +0000 @@ -0,0 +1,90 @@ +name: "Auto release" + +on: + workflow_dispatch: + +env: + HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 + HONEYCOMB_DATASET: litmus tests + CHANGELOG_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + +jobs: + auto_release: + name: "Automatic release prep" + runs-on: ubuntu-20.04 + + steps: + - name: "Honeycomb: Start recording" + uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 + with: + apikey: ${{ env.HONEYCOMB_WRITEKEY }} + dataset: ${{ env.HONEYCOMB_DATASET }} + job-status: ${{ job.status }} + + - name: "Honeycomb: start first step" + run: | + echo STEP_ID="auto-release" >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: "Checkout Source" + if: ${{ github.repository_owner == 'puppetlabs' }} + uses: actions/checkout@v2 + with: + fetch-depth: 0 + persist-credentials: false + + - name: "PDK Release prep" + uses: docker://puppet/iac_release:ci + with: + args: 'release prep --force' + env: + CHANGELOG_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: "Get Version" + if: ${{ github.repository_owner == 'puppetlabs' }} + id: gv + run: | + echo "::set-output name=ver::$(jq --raw-output .version metadata.json)" + + - name: "Check if a release is necessary" + if: ${{ github.repository_owner == 'puppetlabs' }} + id: check + run: | + git diff --quiet CHANGELOG.md && echo "::set-output name=release::false" || echo "::set-output name=release::true" + + - name: "Commit changes" + if: ${{ github.repository_owner == 'puppetlabs' && steps.check.outputs.release == 'true' }} + run: | + git config --local user.email "${{ github.repository_owner }}@users.noreply.github.com" + git config --local user.name "GitHub Action" + git add . + git commit -m "Release prep v${{ steps.gv.outputs.ver }}" + + - name: Create Pull Request + id: cpr + uses: puppetlabs/peter-evans-create-pull-request@v3 + if: ${{ github.repository_owner == 'puppetlabs' && steps.check.outputs.release == 'true' }} + with: + token: ${{ secrets.GITHUB_TOKEN }} + commit-message: "Release prep v${{ steps.gv.outputs.ver }}" + branch: "release-prep" + delete-branch: true + title: "Release prep v${{ steps.gv.outputs.ver }}" + body: | + Automated release-prep through [pdk-templates](https://github.com/puppetlabs/pdk-templates/blob/main/moduleroot/.github/workflows/auto_release.yml.erb) from commit ${{ github.sha }}. + Please verify before merging: + - [ ] last [nightly](https://github.com/${{ github.repository }}/actions/workflows/nightly.yml) run is green + - [ ] [Changelog](https://github.com/${{ github.repository }}/blob/release-prep/CHANGELOG.md) is readable and has no unlabeled pull requests + - [ ] Ensure the [changelog](https://github.com/${{ github.repository }}/blob/release-prep/CHANGELOG.md) version and [metadata](https://github.com/${{ github.repository }}/blob/release-prep/metadata.json) version match + labels: "maintenance" + + - name: PR outputs + if: ${{ github.repository_owner == 'puppetlabs' && steps.check.outputs.release == 'true' }} + run: | + echo "Pull Request Number - ${{ steps.cpr.outputs.pull-request-number }}" + echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}" + + - name: "Honeycomb: Record finish step" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Finished auto release workflow'
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/modules/mysql/.github/workflows/nightly.yml Mon Jan 03 17:16:21 2022 +0000 @@ -0,0 +1,204 @@ +name: "nightly" + +on: + schedule: + - cron: '0 0 * * *' + +env: + HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 + HONEYCOMB_DATASET: litmus tests + +jobs: + setup_matrix: + name: "Setup Test Matrix" + runs-on: ubuntu-20.04 + outputs: + matrix: ${{ steps.get-matrix.outputs.matrix }} + + steps: + - name: "Honeycomb: Start recording" + uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 + with: + apikey: ${{ env.HONEYCOMB_WRITEKEY }} + dataset: ${{ env.HONEYCOMB_DATASET }} + job-status: ${{ job.status }} + + - name: "Honeycomb: Start first step" + run: | + echo STEP_ID=setup-environment >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Checkout Source + uses: actions/checkout@v2 + if: ${{ github.repository_owner == 'puppetlabs' }} + + - name: Activate Ruby 2.7 + uses: ruby/setup-ruby@v1 + if: ${{ github.repository_owner == 'puppetlabs' }} + with: + ruby-version: "2.7" + bundler-cache: true + + - name: Print bundle environment + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + echo ::group::bundler environment + buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env + echo ::endgroup:: + + - name: "Honeycomb: Record Setup Environment time" + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' + echo STEP_ID=Setup-Acceptance-Test-Matrix >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Setup Acceptance Test Matrix + id: get-matrix + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then + buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 + else + echo "::set-output name=matrix::{}" + fi + + - name: "Honeycomb: Record Setup Test Matrix time" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Test Matrix' + + Acceptance: + name: "${{matrix.platforms.label}}, ${{matrix.collection}}" + needs: + - setup_matrix + + runs-on: ubuntu-20.04 + strategy: + fail-fast: false + matrix: ${{fromJson(needs.setup_matrix.outputs.matrix)}} + + env: + BUILDEVENT_FILE: '../buildevents.txt' + + steps: + - run: | + echo 'platform=${{ matrix.platforms.image }}' >> $BUILDEVENT_FILE + echo 'collection=${{ matrix.collection }}' >> $BUILDEVENT_FILE + echo 'label=${{ matrix.platforms.label }}' >> $BUILDEVENT_FILE + + + - name: "Honeycomb: Start recording" + uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 + with: + apikey: ${{ env.HONEYCOMB_WRITEKEY }} + dataset: ${{ env.HONEYCOMB_DATASET }} + job-status: ${{ job.status }} + matrix-key: ${{ matrix.platforms.label }}-${{ matrix.collection }} + + - name: "Honeycomb: start first step" + run: | + echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-1 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Checkout Source + uses: actions/checkout@v2 + + - name: Activate Ruby 2.7 + uses: ruby/setup-ruby@v1 + with: + ruby-version: "2.7" + bundler-cache: true + + - name: Print bundle environment + run: | + echo ::group::bundler environment + buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env + echo ::endgroup:: + + - name: "Honeycomb: Record Setup Environment time" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' + echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-2 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Provision test environment + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:provision ${{ matrix.platforms.image }}' -- bundle exec rake 'litmus:provision[${{matrix.platforms.provider}},${{ matrix.platforms.image }}]' + echo ::group::=== REQUEST === + cat request.json || true + echo + echo ::endgroup:: + echo ::group::=== INVENTORY === + if [ -f 'spec/fixtures/litmus_inventory.yaml' ]; + then + FILE='spec/fixtures/litmus_inventory.yaml' + elif [ -f 'inventory.yaml' ]; + then + FILE='inventory.yaml' + fi + sed -e 's/password: .*/password: "[redacted]"/' < $FILE || true + echo ::endgroup:: + + - name: Install agent + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_agent ${{ matrix.collection }}' -- bundle exec rake 'litmus:install_agent[${{ matrix.collection }}]' + + - name: Install module + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_module' -- bundle exec rake 'litmus:install_module' + + - name: "Honeycomb: Record deployment times" + if: ${{ always() }} + run: | + echo ::group::honeycomb step + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Deploy test system' + echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-3 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + echo ::endgroup:: + + - name: Run acceptance tests + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:acceptance:parallel' -- bundle exec rake 'litmus:acceptance:parallel' + + - name: "Honeycomb: Record acceptance testing times" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Run acceptance tests' + echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-4 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Remove test environment + if: ${{ always() }} + continue-on-error: true + run: | + if [[ -f inventory.yaml || -f spec/fixtures/litmus_inventory.yaml ]]; then + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:tear_down' -- bundle exec rake 'litmus:tear_down' + echo ::group::=== REQUEST === + cat request.json || true + echo + echo ::endgroup:: + fi + + - name: "Honeycomb: Record removal times" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Remove test environment' + + slack-workflow-status: + if: always() + name: Post Workflow Status To Slack + needs: + - Acceptance + runs-on: ubuntu-20.04 + steps: + - name: Slack Workflow Notification + uses: puppetlabs/Gamesight-slack-workflow-status@pdk-templates-v1 + with: + # Required Input + repo_token: ${{ secrets.GITHUB_TOKEN }} + slack_webhook_url: ${{ secrets.SLACK_WEBHOOK }} + # Optional Input + channel: '#team-ia-bots' + name: 'GABot'
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/modules/mysql/.github/workflows/pr_test.yml Mon Jan 03 17:16:21 2022 +0000 @@ -0,0 +1,189 @@ +name: "PR Testing" + +on: [pull_request] + +env: + HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 + HONEYCOMB_DATASET: litmus tests + +jobs: + setup_matrix: + name: "Setup Test Matrix" + runs-on: ubuntu-20.04 + outputs: + matrix: ${{ steps.get-matrix.outputs.matrix }} + + steps: + - name: "Honeycomb: Start recording" + uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 + with: + apikey: ${{ env.HONEYCOMB_WRITEKEY }} + dataset: ${{ env.HONEYCOMB_DATASET }} + job-status: ${{ job.status }} + + - name: "Honeycomb: Start first step" + run: | + echo STEP_ID=setup-environment >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Checkout Source + uses: actions/checkout@v2 + if: ${{ github.repository_owner == 'puppetlabs' }} + + - name: Activate Ruby 2.7 + uses: ruby/setup-ruby@v1 + if: ${{ github.repository_owner == 'puppetlabs' }} + with: + ruby-version: "2.7" + bundler-cache: true + + - name: Print bundle environment + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + echo ::group::bundler environment + buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env + echo ::endgroup:: + + - name: "Honeycomb: Record Setup Environment time" + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' + echo STEP_ID=Setup-Acceptance-Test-Matrix >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Run validation steps + run: | + bundle exec rake validate + if: ${{ github.repository_owner == 'puppetlabs' }} + + - name: Setup Acceptance Test Matrix + id: get-matrix + run: | + if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then + buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 + else + echo "::set-output name=matrix::{}" + fi + + - name: "Honeycomb: Record Setup Test Matrix time" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Test Matrix' + + Acceptance: + name: "${{matrix.platforms.label}}, ${{matrix.collection}}" + needs: + - setup_matrix + if: ${{ needs.setup_matrix.outputs.matrix != '{}' }} + + runs-on: ubuntu-20.04 + strategy: + fail-fast: false + matrix: ${{fromJson(needs.setup_matrix.outputs.matrix)}} + + env: + BUILDEVENT_FILE: '../buildevents.txt' + + steps: + - run: | + echo 'platform=${{ matrix.platforms.image }}' >> $BUILDEVENT_FILE + echo 'collection=${{ matrix.collection }}' >> $BUILDEVENT_FILE + echo 'label=${{ matrix.platforms.label }}' >> $BUILDEVENT_FILE + + - name: "Honeycomb: Start recording" + uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 + with: + apikey: ${{ env.HONEYCOMB_WRITEKEY }} + dataset: ${{ env.HONEYCOMB_DATASET }} + job-status: ${{ job.status }} + matrix-key: ${{ matrix.platforms.label }}-${{ matrix.collection }} + + - name: "Honeycomb: start first step" + run: | + echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-1 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Checkout Source + uses: actions/checkout@v2 + + - name: Activate Ruby 2.7 + uses: ruby/setup-ruby@v1 + with: + ruby-version: "2.7" + bundler-cache: true + + - name: Print bundle environment + run: | + echo ::group::bundler environment + buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env + echo ::endgroup:: + + - name: "Honeycomb: Record Setup Environment time" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' + echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-2 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Provision test environment + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:provision ${{ matrix.platforms.image }}' -- bundle exec rake 'litmus:provision[${{matrix.platforms.provider}},${{ matrix.platforms.image }}]' + echo ::group::=== REQUEST === + cat request.json || true + echo + echo ::endgroup:: + echo ::group::=== INVENTORY === + if [ -f 'spec/fixtures/litmus_inventory.yaml' ]; + then + FILE='spec/fixtures/litmus_inventory.yaml' + elif [ -f 'inventory.yaml' ]; + then + FILE='inventory.yaml' + fi + sed -e 's/password: .*/password: "[redacted]"/' < $FILE || true + echo ::endgroup:: + + - name: Install agent + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_agent ${{ matrix.collection }}' -- bundle exec rake 'litmus:install_agent[${{ matrix.collection }}]' + + - name: Install module + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:install_module' -- bundle exec rake 'litmus:install_module' + + - name: "Honeycomb: Record deployment times" + if: ${{ always() }} + run: | + echo ::group::honeycomb step + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Deploy test system' + echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-3 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + echo ::endgroup:: + + - name: Run acceptance tests + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:acceptance:parallel' -- bundle exec rake 'litmus:acceptance:parallel' + + - name: "Honeycomb: Record acceptance testing times" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Run acceptance tests' + echo STEP_ID=${{ matrix.platforms.image }}-${{ matrix.collection }}-4 >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Remove test environment + if: ${{ always() }} + continue-on-error: true + run: | + if [[ -f inventory.yaml || -f spec/fixtures/litmus_inventory.yaml ]]; then + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:tear_down' -- bundle exec rake 'litmus:tear_down' + echo ::group::=== REQUEST === + cat request.json || true + echo + echo ::endgroup:: + fi + + - name: "Honeycomb: Record removal times" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Remove test environment'
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/modules/mysql/.github/workflows/release.yml Mon Jan 03 17:16:21 2022 +0000 @@ -0,0 +1,47 @@ +name: "Publish module" + +on: + workflow_dispatch: + +jobs: + create-github-release: + name: Deploy GitHub Release + runs-on: ubuntu-20.04 + steps: + - name: Checkout code + uses: actions/checkout@v2 + with: + ref: ${{ github.ref }} + clean: true + fetch-depth: 0 + - name: Get Version + id: gv + run: | + echo "::set-output name=ver::$(jq --raw-output .version metadata.json)" + - name: Create Release + uses: actions/create-release@v1 + id: create_release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + tag_name: "v${{ steps.gv.outputs.ver }}" + draft: false + prerelease: false + + deploy-forge: + name: Deploy to Forge + runs-on: ubuntu-20.04 + steps: + - name: Checkout code + uses: actions/checkout@v2 + with: + ref: ${{ github.ref }} + clean: true + - name: "PDK Build" + uses: docker://puppet/pdk:nightly + with: + args: 'build' + - name: "Push to Forge" + uses: docker://puppet/pdk:nightly + with: + args: 'release publish --forge-token ${{ secrets.FORGE_API_KEY }} --force'
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/modules/mysql/.github/workflows/spec.yml Mon Jan 03 17:16:21 2022 +0000 @@ -0,0 +1,130 @@ +name: "Spec Tests" + +on: + schedule: + - cron: '0 0 * * *' + workflow_dispatch: + pull_request: + +env: + HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 + HONEYCOMB_DATASET: litmus tests + +jobs: + setup_matrix: + name: "Setup Test Matrix" + runs-on: ubuntu-20.04 + outputs: + spec_matrix: ${{ steps.get-matrix.outputs.spec_matrix }} + + steps: + - name: "Honeycomb: Start recording" + uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 + with: + apikey: ${{ env.HONEYCOMB_WRITEKEY }} + dataset: ${{ env.HONEYCOMB_DATASET }} + job-status: ${{ job.status }} + + - name: "Honeycomb: Start first step" + run: | + echo STEP_ID=setup-environment >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Checkout Source + uses: actions/checkout@v2 + if: ${{ github.repository_owner == 'puppetlabs' }} + + - name: Activate Ruby 2.7 + uses: ruby/setup-ruby@v1 + if: ${{ github.repository_owner == 'puppetlabs' }} + with: + ruby-version: "2.7" + bundler-cache: true + + - name: Print bundle environment + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + echo ::group::bundler environment + buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env + echo ::endgroup:: + + - name: "Honeycomb: Record Setup Environment time" + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' + echo STEP_ID=Setup-Acceptance-Test-Matrix >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Run Static & Syntax Tests + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + buildevents cmd $TRACE_ID $STEP_ID 'static_syntax_checks' -- bundle exec rake syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop + + - name: Setup Spec Test Matrix + id: get-matrix + run: | + if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then + buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 + else + echo "::set-output name=spec_matrix::{}" + fi + + - name: "Honeycomb: Record Setup Test Matrix time" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Test Matrix' + + Spec: + name: "Spec Tests (Puppet: ${{matrix.puppet_version}}, Ruby Ver: ${{matrix.ruby_version}})" + needs: + - setup_matrix + if: ${{ needs.setup_matrix.outputs.spec_matrix != '{}' }} + + runs-on: ubuntu-20.04 + strategy: + fail-fast: false + matrix: ${{fromJson(needs.setup_matrix.outputs.spec_matrix)}} + + env: + BUILDEVENT_FILE: '../buildevents.txt' + PUPPET_GEM_VERSION: ${{ matrix.puppet_version }} + FACTER_GEM_VERSION: 'https://github.com/puppetlabs/facter#main' + + steps: + - run: | + echo "SANITIZED_PUPPET_VERSION=$(echo '${{ matrix.puppet_version }}' | sed 's/~> //g')" >> $GITHUB_ENV + + - run: | + echo 'puppet_version=${{ env.SANITIZED_PUPPET_VERSION }}' >> $BUILDEVENT_FILE + + - name: "Honeycomb: Start first step" + run: | + echo "STEP_ID=${{ env.SANITIZED_PUPPET_VERSION }}-spec" >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: "Honeycomb: Start recording" + uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 + with: + apikey: ${{ env.HONEYCOMB_WRITEKEY }} + dataset: ${{ env.HONEYCOMB_DATASET }} + job-status: ${{ job.status }} + matrix-key: ${{ env.SANITIZED_PUPPET_VERSION }} + + - name: Checkout Source + uses: actions/checkout@v2 + + - name: "Activate Ruby ${{ matrix.ruby_version }}" + uses: ruby/setup-ruby@v1 + with: + ruby-version: ${{matrix.ruby_version}} + bundler-cache: true + + - name: Print bundle environment + run: | + echo ::group::bundler environment + buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env + echo ::endgroup:: + + - name: Run parallel_spec tests + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake parallel_spec Puppet ${{ matrix.puppet_version }}, Ruby ${{ matrix.ruby_version }}' -- bundle exec rake parallel_spec
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/modules/mysql/.gitpod.Dockerfile Mon Jan 03 17:16:21 2022 +0000 @@ -0,0 +1,18 @@ +FROM gitpod/workspace-full +RUN sudo wget https://apt.puppet.com/puppet-tools-release-bionic.deb && \ + wget https://apt.puppetlabs.com/puppet6-release-bionic.deb && \ + sudo dpkg -i puppet6-release-bionic.deb && \ + sudo dpkg -i puppet-tools-release-bionic.deb && \ + sudo apt-get update && \ + sudo apt-get install -y pdk zsh puppet-agent && \ + sudo apt-get clean && \ + sudo rm -rf /var/lib/apt/lists/* +RUN sudo usermod -s $(which zsh) gitpod && \ + sh -c "$(curl -fsSL https://raw.github.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" && \ + echo "plugins=(git gitignore github gem pip bundler python ruby docker docker-compose)" >> /home/gitpod/.zshrc && \ + echo 'PATH="$PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/opt/puppetlabs/bin:/opt/puppetlabs/puppet/bin"' >> /home/gitpod/.zshrc && \ + sudo /opt/puppetlabs/puppet/bin/gem install puppet-debugger hub -N && \ + mkdir -p /home/gitpod/.config/puppet && \ + /opt/puppetlabs/puppet/bin/ruby -r yaml -e "puts ({'disabled' => true}).to_yaml" > /home/gitpod/.config/puppet/analytics.yml +RUN rm -f puppet6-release-bionic.deb puppet-tools-release-bionic.deb +ENTRYPOINT /usr/bin/zsh
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/modules/mysql/.gitpod.yml Mon Jan 03 17:16:21 2022 +0000 @@ -0,0 +1,9 @@ +image: + file: .gitpod.Dockerfile + +tasks: + - init: pdk bundle install + +vscode: + extensions: + - puppet.puppet-vscode@1.2.0:f5iEPbmOj6FoFTOV6q8LTg==
--- a/modules/mysql/CHANGELOG.md Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/CHANGELOG.md Mon Jan 03 17:16:21 2022 +0000 @@ -2,6 +2,186 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v12.0.1](https://github.com/puppetlabs/puppetlabs-mysql/tree/v12.0.1) (2021-08-26) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v12.0.0...v12.0.1) + +### Fixed + +- \(IAC-1741\) Allow stdlib v8.0.0 [\#1433](https://github.com/puppetlabs/puppetlabs-mysql/pull/1433) ([david22swan](https://github.com/david22swan)) +- MODULES-8373 Fix mysql\_grant resource to be idempodent on MySQL 8+ [\#1427](https://github.com/puppetlabs/puppetlabs-mysql/pull/1427) ([theq86](https://github.com/theq86)) + +## [v12.0.0](https://github.com/puppetlabs/puppetlabs-mysql/tree/v12.0.0) (2021-07-27) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v11.1.0...v12.0.0) + +### Changed + +- Deprecate mysql::server::mysqltuner and show it as an example [\#1409](https://github.com/puppetlabs/puppetlabs-mysql/pull/1409) ([ghoneycutt](https://github.com/ghoneycutt)) +- Deprecate mysql::server::monitor and show as an example [\#1408](https://github.com/puppetlabs/puppetlabs-mysql/pull/1408) ([ghoneycutt](https://github.com/ghoneycutt)) +- Remove EOL platforms Debian 8 and Ubuntu 14.04 [\#1406](https://github.com/puppetlabs/puppetlabs-mysql/pull/1406) ([ghoneycutt](https://github.com/ghoneycutt)) + +## [v11.1.0](https://github.com/puppetlabs/puppetlabs-mysql/tree/v11.1.0) (2021-07-05) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v11.0.3...v11.1.0) + +### Added + +- \(MODULES-11115\) add Rocky Linux 8 compatibility [\#1405](https://github.com/puppetlabs/puppetlabs-mysql/pull/1405) ([vchepkov](https://github.com/vchepkov)) +- Use Puppet-Datatype Sensitive [\#1400](https://github.com/puppetlabs/puppetlabs-mysql/pull/1400) ([cocker-cc](https://github.com/cocker-cc)) + +### Fixed + +- Fix mysql\_user parameters update on modern MySQL [\#1415](https://github.com/puppetlabs/puppetlabs-mysql/pull/1415) ([weastur](https://github.com/weastur)) +- \(IAC-1677\) Fix issue with deprecated rspec [\#1414](https://github.com/puppetlabs/puppetlabs-mysql/pull/1414) ([ghoneycutt](https://github.com/ghoneycutt)) +- Fix broken link and style in documentation [\#1403](https://github.com/puppetlabs/puppetlabs-mysql/pull/1403) ([ghoneycutt](https://github.com/ghoneycutt)) + +## v11.0.3 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v11.0.2...v11.0.3) + +### Fixed + +- \(IAC-1430\) - Minor docs updating [\#1401](https://github.com/puppetlabs/puppetlabs-mysql/pull/1401) ([pmcmaw](https://github.com/pmcmaw)) + +## [v11.0.2](https://github.com/puppetlabs/puppetlabs-mysql/tree/v11.0.2) (2021-06-07) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v11.0.1...v11.0.2) + +### Fixed + +- \(bugfix\) - Pull python3-mysqldb in Debian Bullseye [\#1396](https://github.com/puppetlabs/puppetlabs-mysql/pull/1396) ([thomasgoirand](https://github.com/thomasgoirand)) +- Update xtrabackup package name for Ubuntu 20.04 [\#1387](https://github.com/puppetlabs/puppetlabs-mysql/pull/1387) ([rsynnest](https://github.com/rsynnest)) + +## [v11.0.1](https://github.com/puppetlabs/puppetlabs-mysql/tree/v11.0.1) (2021-04-19) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v11.0.0...v11.0.1) + +### Fixed + +- Fix: Puppet Unknown variable: 'mysql::params::exec\_path' [\#1378](https://github.com/puppetlabs/puppetlabs-mysql/pull/1378) ([JvGinkel](https://github.com/JvGinkel)) +- \(IAC-1497\) - Removal of unsupported `translate` dependency [\#1375](https://github.com/puppetlabs/puppetlabs-mysql/pull/1375) ([david22swan](https://github.com/david22swan)) +- \(MODULES-10926\) Fix Java binding package for Ubuntu 20.04 [\#1373](https://github.com/puppetlabs/puppetlabs-mysql/pull/1373) ([treydock](https://github.com/treydock)) + +## [v11.0.0](https://github.com/puppetlabs/puppetlabs-mysql/tree/v11.0.0) (2021-03-01) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v10.10.0...v11.0.0) + +### Changed + +- pdksync - \(MAINT\) Remove SLES 11 support [\#1370](https://github.com/puppetlabs/puppetlabs-mysql/pull/1370) ([sanfrancrisko](https://github.com/sanfrancrisko)) +- pdksync - \(MAINT\) Remove RHEL 5 family support [\#1369](https://github.com/puppetlabs/puppetlabs-mysql/pull/1369) ([sanfrancrisko](https://github.com/sanfrancrisko)) +- pdksync - Remove Puppet 5 from testing and bump minimal version to 6.0.0 [\#1366](https://github.com/puppetlabs/puppetlabs-mysql/pull/1366) ([carabasdaniel](https://github.com/carabasdaniel)) + +### Added + +- Support compression command and extension [\#1363](https://github.com/puppetlabs/puppetlabs-mysql/pull/1363) ([dploeger](https://github.com/dploeger)) + +## [v10.10.0](https://github.com/puppetlabs/puppetlabs-mysql/tree/v10.10.0) (2021-02-11) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v10.9.1...v10.10.0) + +### Added + +- Set default MySQL version for FreeBSD [\#1360](https://github.com/puppetlabs/puppetlabs-mysql/pull/1360) ([olevole](https://github.com/olevole)) + +## [v10.9.1](https://github.com/puppetlabs/puppetlabs-mysql/tree/v10.9.1) (2021-01-06) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v10.9.0...v10.9.1) + +### Fixed + +- Repair check of logbindir [\#1348](https://github.com/puppetlabs/puppetlabs-mysql/pull/1348) ([qha](https://github.com/qha)) + +## [v10.9.0](https://github.com/puppetlabs/puppetlabs-mysql/tree/v10.9.0) (2020-12-16) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v10.8.0...v10.9.0) + +### Added + +- \(FEAT\) Add support for Puppet 7 [\#1347](https://github.com/puppetlabs/puppetlabs-mysql/pull/1347) ([daianamezdrea](https://github.com/daianamezdrea)) +- \(IAC-996\) Removal of inappropriate terminology [\#1340](https://github.com/puppetlabs/puppetlabs-mysql/pull/1340) ([pmcmaw](https://github.com/pmcmaw)) + +## [v10.8.0](https://github.com/puppetlabs/puppetlabs-mysql/tree/v10.8.0) (2020-11-03) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v10.7.1...v10.8.0) + +### Added + +- Add compatibility for Amazon Linux 2 [\#1328](https://github.com/puppetlabs/puppetlabs-mysql/pull/1328) ([greno2](https://github.com/greno2)) + +### Fixed + +- \(IAC-1137\) Ensure curl package is installed for xtrabackup tests [\#1338](https://github.com/puppetlabs/puppetlabs-mysql/pull/1338) ([pmcmaw](https://github.com/pmcmaw)) +- \(MODULES-10788\) - fix for password prompt when creating mysql\_login\_path resource [\#1334](https://github.com/puppetlabs/puppetlabs-mysql/pull/1334) ([andeman](https://github.com/andeman)) +- \(MODULES-10790\) - Setting logbin results in error Unknown variable: 'managed\_dirs\_path' [\#1325](https://github.com/puppetlabs/puppetlabs-mysql/pull/1325) ([pmcmaw](https://github.com/pmcmaw)) +- Fix package for python bindings on Ubuntu 20.04 [\#1323](https://github.com/puppetlabs/puppetlabs-mysql/pull/1323) ([tobias-urdin](https://github.com/tobias-urdin)) + +## [v10.7.1](https://github.com/puppetlabs/puppetlabs-mysql/tree/v10.7.1) (2020-09-25) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v10.7.0...v10.7.1) + +### Fixed + +- \(IAC-1175\) Pin percona-release to version 1.0-22 for Debian 8 [\#1329](https://github.com/puppetlabs/puppetlabs-mysql/pull/1329) ([pmcmaw](https://github.com/pmcmaw)) +- \[MODULES-10773\] Fix for rh-mysql80 [\#1322](https://github.com/puppetlabs/puppetlabs-mysql/pull/1322) ([carabasdaniel](https://github.com/carabasdaniel)) + +## [v10.7.0](https://github.com/puppetlabs/puppetlabs-mysql/tree/v10.7.0) (2020-08-12) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v10.6.0...v10.7.0) + +### Added + +- pdksync - \(IAC-973\) - Update travis/appveyor to run on new default branch `main` [\#1316](https://github.com/puppetlabs/puppetlabs-mysql/pull/1316) ([david22swan](https://github.com/david22swan)) +- add package provider and source [\#1314](https://github.com/puppetlabs/puppetlabs-mysql/pull/1314) ([fe80](https://github.com/fe80)) + +### Fixed + +- Remove non printable characters [\#1315](https://github.com/puppetlabs/puppetlabs-mysql/pull/1315) ([elmobp](https://github.com/elmobp)) +- Remove control character from manifests/server.pp [\#1312](https://github.com/puppetlabs/puppetlabs-mysql/pull/1312) ([tomkrouper](https://github.com/tomkrouper)) + +## [v10.6.0](https://github.com/puppetlabs/puppetlabs-mysql/tree/v10.6.0) (2020-06-23) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v10.5.0...v10.6.0) + +### Added + +- Handle cron package from different module [\#1306](https://github.com/puppetlabs/puppetlabs-mysql/pull/1306) ([ashish1099](https://github.com/ashish1099)) +- \(IAC-746\) - Add ubuntu 20.04 support [\#1303](https://github.com/puppetlabs/puppetlabs-mysql/pull/1303) ([david22swan](https://github.com/david22swan)) +- \(MODULES-1550\) add new Feature MySQL login paths [\#1295](https://github.com/puppetlabs/puppetlabs-mysql/pull/1295) ([andeman](https://github.com/andeman)) + +### Fixed + +- Add managed\_dirs parameter [\#1305](https://github.com/puppetlabs/puppetlabs-mysql/pull/1305) ([evgenkisel](https://github.com/evgenkisel)) +- change split on whitespace to split on tab in mysql\_user [\#1233](https://github.com/puppetlabs/puppetlabs-mysql/pull/1233) ([koshatul](https://github.com/koshatul)) + +## [v10.5.0](https://github.com/puppetlabs/puppetlabs-mysql/tree/v10.5.0) (2020-05-13) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v10.4.0...v10.5.0) + +### Added + +- Support mariadb's ed25519-based authentication [\#1292](https://github.com/puppetlabs/puppetlabs-mysql/pull/1292) ([dciabrin](https://github.com/dciabrin)) +- Allow changing the mysql-config-file group-ownership [\#1284](https://github.com/puppetlabs/puppetlabs-mysql/pull/1284) ([unki](https://github.com/unki)) + +### Fixed + +- Remove legacy \(old API\) `mysql_password` function [\#1299](https://github.com/puppetlabs/puppetlabs-mysql/pull/1299) ([alexjfisher](https://github.com/alexjfisher)) +- Improve differences between generated mysql service id values [\#1293](https://github.com/puppetlabs/puppetlabs-mysql/pull/1293) ([ryaner](https://github.com/ryaner)) +- \(MODULES-10023\) Fix multiple xtrabackup regressions [\#1245](https://github.com/puppetlabs/puppetlabs-mysql/pull/1245) ([fraenki](https://github.com/fraenki)) +- Fix binarylog by allowing users to specify managed directories [\#1194](https://github.com/puppetlabs/puppetlabs-mysql/pull/1194) ([elfranne](https://github.com/elfranne)) + +## [v10.4.0](https://github.com/puppetlabs/puppetlabs-mysql/tree/v10.4.0) (2020-03-02) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v10.3.0...v10.4.0) + +### Added + +- Allow adapting MySQL configuration file's permissions mode [\#1278](https://github.com/puppetlabs/puppetlabs-mysql/pull/1278) ([unki](https://github.com/unki)) +- pdksync - \(FM-8581\) - Debian 10 added to travis and provision file refactored [\#1275](https://github.com/puppetlabs/puppetlabs-mysql/pull/1275) ([david22swan](https://github.com/david22swan)) +- Allow backupcompress for xtrabackup profile [\#1196](https://github.com/puppetlabs/puppetlabs-mysql/pull/1196) ([Spuffnduff](https://github.com/Spuffnduff)) +- Enable module to not use default options [\#1192](https://github.com/puppetlabs/puppetlabs-mysql/pull/1192) ([morremeyer](https://github.com/morremeyer)) + ## [v10.3.0](https://github.com/puppetlabs/puppetlabs-mysql/tree/v10.3.0) (2019-12-11) [Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v10.2.1...v10.3.0) @@ -15,10 +195,6 @@ - Fix java and ruby binding packages for Debian 10 [\#1264](https://github.com/puppetlabs/puppetlabs-mysql/pull/1264) ([treydock](https://github.com/treydock)) - \(MODULES-10114\) Confine fact for only when mysql is in PATH [\#1256](https://github.com/puppetlabs/puppetlabs-mysql/pull/1256) ([bFekete](https://github.com/bFekete)) -# Change log - -All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). - ## [v10.2.1](https://github.com/puppetlabs/puppetlabs-mysql/tree/v10.2.1) (2019-10-30) [Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v10.2.0...v10.2.1) @@ -1110,4 +1286,4 @@ \* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)* -\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)* +\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)*
--- a/modules/mysql/CONTRIBUTING.md Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/CONTRIBUTING.md Mon Jan 03 17:16:21 2022 +0000 @@ -1,271 +1,3 @@ # Contributing to Puppet modules -So you want to contribute to a Puppet module: Great! Below are some instructions to get you started doing -that very thing while setting expectations around code quality as well as a few tips for making the -process as easy as possible. - -### Table of Contents - -1. [Getting Started](#getting-started) -1. [Commit Checklist](#commit-checklist) -1. [Submission](#submission) -1. [More about commits](#more-about-commits) -1. [Testing](#testing) - - [Running Tests](#running-tests) - - [Writing Tests](#writing-tests) -1. [Get Help](#get-help) - -## Getting Started - -- Fork the module repository on GitHub and clone to your workspace - -- Make your changes! - -## Commit Checklist - -### The Basics - -- [x] my commit is a single logical unit of work - -- [x] I have checked for unnecessary whitespace with "git diff --check" - -- [x] my commit does not include commented out code or unneeded files - -### The Content - -- [x] my commit includes tests for the bug I fixed or feature I added - -- [x] my commit includes appropriate documentation changes if it is introducing a new feature or changing existing functionality - -- [x] my code passes existing test suites - -### The Commit Message - -- [x] the first line of my commit message includes: - - - [x] an issue number (if applicable), e.g. "(MODULES-xxxx) This is the first line" - - - [x] a short description (50 characters is the soft limit, excluding ticket number(s)) - -- [x] the body of my commit message: - - - [x] is meaningful - - - [x] uses the imperative, present tense: "change", not "changed" or "changes" - - - [x] includes motivation for the change, and contrasts its implementation with the previous behavior - -## Submission - -### Pre-requisites - -- Make sure you have a [GitHub account](https://github.com/join) - -- [Create a ticket](https://tickets.puppet.com/secure/CreateIssue!default.jspa), or [watch the ticket](https://tickets.puppet.com/browse/) you are patching for. - -### Push and PR - -- Push your changes to your fork - -- [Open a Pull Request](https://help.github.com/articles/creating-a-pull-request-from-a-fork/) against the repository in the puppetlabs organization - -## More about commits - - 1. Make separate commits for logically separate changes. - - Please break your commits down into logically consistent units - which include new or changed tests relevant to the rest of the - change. The goal of doing this is to make the diff easier to - read for whoever is reviewing your code. In general, the easier - your diff is to read, the more likely someone will be happy to - review it and get it into the code base. - - If you are going to refactor a piece of code, please do so as a - separate commit from your feature or bug fix changes. - - We also really appreciate changes that include tests to make - sure the bug is not re-introduced, and that the feature is not - accidentally broken. - - Describe the technical detail of the change(s). If your - description starts to get too long, that is a good sign that you - probably need to split up your commit into more finely grained - pieces. - - Commits which plainly describe the things which help - reviewers check the patch and future developers understand the - code are much more likely to be merged in with a minimum of - bike-shedding or requested changes. Ideally, the commit message - would include information, and be in a form suitable for - inclusion in the release notes for the version of Puppet that - includes them. - - Please also check that you are not introducing any trailing - whitespace or other "whitespace errors". You can do this by - running "git diff --check" on your changes before you commit. - - 2. Sending your patches - - To submit your changes via a GitHub pull request, we _highly_ - recommend that you have them on a topic branch, instead of - directly on "master". - It makes things much easier to keep track of, especially if - you decide to work on another thing before your first change - is merged in. - - GitHub has some pretty good - [general documentation](http://help.github.com/) on using - their site. They also have documentation on - [creating pull requests](https://help.github.com/articles/creating-a-pull-request-from-a-fork/). - - In general, after pushing your topic branch up to your - repository on GitHub, you can switch to the branch in the - GitHub UI and click "Pull Request" towards the top of the page - in order to open a pull request. - - 3. Update the related JIRA issue. - - If there is a JIRA issue associated with the change you - submitted, then you should update the ticket to include the - location of your branch, along with any other commentary you - may wish to make. - -# Testing - -## Getting Started - -Our Puppet modules provide [`Gemfile`](./Gemfile)s, which can tell a Ruby package manager such as [bundler](http://bundler.io/) what Ruby packages, -or Gems, are required to build, develop, and test this software. - -Please make sure you have [bundler installed](http://bundler.io/#getting-started) on your system, and then use it to -install all dependencies needed for this project in the project root by running - -```shell -% bundle install --path .bundle/gems -Fetching gem metadata from https://rubygems.org/........ -Fetching gem metadata from https://rubygems.org/.. -Using rake (10.1.0) -Using builder (3.2.2) --- 8><-- many more --><8 -- -Using rspec-system-puppet (2.2.0) -Using serverspec (0.6.3) -Using rspec-system-serverspec (1.0.0) -Using bundler (1.3.5) -Your bundle is complete! -Use `bundle show [gemname]` to see where a bundled gem is installed. -``` - -NOTE: some systems may require you to run this command with sudo. - -If you already have those gems installed, make sure they are up-to-date: - -```shell -% bundle update -``` - -## Running Tests - -With all dependencies in place and up-to-date, run the tests: - -### Unit Tests - -```shell -% bundle exec rake spec -``` - -This executes all the [rspec tests](http://rspec-puppet.com/) in the directories defined [here](https://github.com/puppetlabs/puppetlabs_spec_helper/blob/699d9fbca1d2489bff1736bb254bb7b7edb32c74/lib/puppetlabs_spec_helper/rake_tasks.rb#L17) and so on. -rspec tests may have the same kind of dependencies as the module they are testing. Although the module defines these dependencies in its [metadata.json](./metadata.json), -rspec tests define them in [.fixtures.yml](./fixtures.yml). - -### Acceptance Tests - -Some Puppet modules also come with acceptance tests, which use [beaker][]. These tests spin up a virtual machine under -[VirtualBox](https://www.virtualbox.org/), controlled with [Vagrant](http://www.vagrantup.com/), to simulate scripted test -scenarios. In order to run these, you need both Virtualbox and Vagrant installed on your system. - -Run the tests by issuing the following command - -```shell -% bundle exec rake spec_clean -% bundle exec rspec spec/acceptance -``` - -This will now download a pre-fabricated image configured in the [default node-set](./spec/acceptance/nodesets/default.yml), -install Puppet, copy this module, and install its dependencies per [spec/spec_helper_acceptance.rb](./spec/spec_helper_acceptance.rb) -and then run all the tests under [spec/acceptance](./spec/acceptance). - -## Writing Tests - -### Unit Tests - -When writing unit tests for Puppet, [rspec-puppet][] is your best friend. It provides tons of helper methods for testing your manifests against a -catalog (e.g. contain_file, contain_package, with_params, etc). It would be ridiculous to try and top rspec-puppet's [documentation][rspec-puppet_docs] -but here's a tiny sample: - -Sample manifest: - -```puppet -file { "a test file": - ensure => present, - path => "/etc/sample", -} -``` - -Sample test: - -```ruby -it 'does a thing' do - expect(subject).to contain_file("a test file").with({:path => "/etc/sample"}) -end -``` - -### Acceptance Tests - -Writing acceptance tests for Puppet involves [beaker][] and its cousin [beaker-rspec][]. A common pattern for acceptance tests is to create a test manifest, apply it -twice to check for idempotency or errors, then run expectations. - -```ruby -it 'does an end-to-end thing' do - pp = <<-EOF - file { 'a test file': - ensure => present, - path => "/etc/sample", - content => "test string", - } - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - -end - -describe file("/etc/sample") do - it { is_expected.to contain "test string" } -end - -``` - -# If you have commit access to the repository - -Even if you have commit access to the repository, you still need to go through the process above, and have someone else review and merge -in your changes. The rule is that **all changes must be reviewed by a project developer that did not write the code to ensure that -all changes go through a code review process.** - -The record of someone performing the merge is the record that they performed the code review. Again, this should be someone other than the author of the topic branch. - -# Get Help - -### On the web -* [Puppet help messageboard](http://puppet.com/community/get-help) -* [Writing tests](https://docs.puppet.com/guides/module_guides/bgtm.html#step-three-module-testing) -* [General GitHub documentation](http://help.github.com/) -* [GitHub pull request documentation](http://help.github.com/send-pull-requests/) - -### On chat -* Slack (slack.puppet.com) #forge-modules, #puppet-dev, #windows, #voxpupuli -* IRC (freenode) #puppet-dev, #voxpupuli - - -[rspec-puppet]: http://rspec-puppet.com/ -[rspec-puppet_docs]: http://rspec-puppet.com/documentation/ -[beaker]: https://github.com/puppetlabs/beaker -[beaker-rspec]: https://github.com/puppetlabs/beaker-rspec +Check out our [Contributing to Supported Modules Blog Post](https://puppetlabs.github.io/iac/docs/contributing_to_a_module.html) to find all the information that you will need.
--- a/modules/mysql/Gemfile Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,74 +0,0 @@ -source ENV['GEM_SOURCE'] || 'https://rubygems.org' - -def location_for(place_or_version, fake_version = nil) - git_url_regex = %r{\A(?<url>(https?|git)[:@][^#]*)(#(?<branch>.*))?} - file_url_regex = %r{\Afile:\/\/(?<path>.*)} - - if place_or_version && (git_url = place_or_version.match(git_url_regex)) - [fake_version, { git: git_url[:url], branch: git_url[:branch], require: false }].compact - elsif place_or_version && (file_url = place_or_version.match(file_url_regex)) - ['>= 0', { path: File.expand_path(file_url[:path]), require: false }] - else - [place_or_version, { require: false }] - end -end - -ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments -minor_version = ruby_version_segments[0..1].join('.') - -group :development do - gem "fast_gettext", '1.1.0', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.1.0') - gem "fast_gettext", require: false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0') - gem "json_pure", '<= 2.0.1', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') - gem "json", '= 1.8.1', require: false if Gem::Version.new(RUBY_VERSION.dup) == Gem::Version.new('2.1.9') - gem "json", '= 2.0.4', require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "puppet-module-posix-default-r#{minor_version}", '~> 0.3', require: false, platforms: [:ruby] - gem "puppet-module-posix-dev-r#{minor_version}", '~> 0.3', require: false, platforms: [:ruby] - gem "puppet-module-win-default-r#{minor_version}", '~> 0.3', require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "puppet-module-win-dev-r#{minor_version}", '~> 0.3', require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "puppet-lint-i18n", require: false - gem "github_changelog_generator", require: false, git: 'https://github.com/skywinder/github-changelog-generator', ref: '20ee04ba1234e9e83eb2ffb5056e23d641c7a018' if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2') -end - -puppet_version = ENV['PUPPET_GEM_VERSION'] -facter_version = ENV['FACTER_GEM_VERSION'] -hiera_version = ENV['HIERA_GEM_VERSION'] - -gems = {} - -gems['puppet'] = location_for(puppet_version) - -# If facter or hiera versions have been specified via the environment -# variables - -gems['facter'] = location_for(facter_version) if facter_version -gems['hiera'] = location_for(hiera_version) if hiera_version - -if Gem.win_platform? && puppet_version =~ %r{^(file:///|git://)} - # If we're using a Puppet gem on Windows which handles its own win32-xxx gem - # dependencies (>= 3.5.0), set the maximum versions (see PUP-6445). - gems['win32-dir'] = ['<= 0.4.9', require: false] - gems['win32-eventlog'] = ['<= 0.6.5', require: false] - gems['win32-process'] = ['<= 0.7.5', require: false] - gems['win32-security'] = ['<= 0.2.5', require: false] - gems['win32-service'] = ['0.8.8', require: false] -end - -gems.each do |gem_name, gem_params| - gem gem_name, *gem_params -end - -# Evaluate Gemfile.local and ~/.gemfile if they exist -extra_gemfiles = [ - "#{__FILE__}.local", - File.join(Dir.home, '.gemfile'), -] - -extra_gemfiles.each do |gemfile| - if File.file?(gemfile) && File.readable?(gemfile) - eval(File.read(gemfile), binding) - end -end -# vim: syntax=ruby
--- a/modules/mysql/HISTORY.md Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/HISTORY.md Mon Jan 03 17:16:21 2022 +0000 @@ -1,6 +1,161 @@ -# Change log +## v11.0.3 + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v11.0.2...v11.0.3) + +### Fixed + +- \(IAC-1430\) - Minor docs updating [\#1401](https://github.com/puppetlabs/puppetlabs-mysql/pull/1401) ([pmcmaw](https://github.com/pmcmaw)) + +## [v11.0.2](https://github.com/puppetlabs/puppetlabs-mysql/tree/v11.0.2) (2021-06-07) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v11.0.1...v11.0.2) + +### Fixed + +- \(bugfix\) - Pull python3-mysqldb in Debian Bullseye [\#1396](https://github.com/puppetlabs/puppetlabs-mysql/pull/1396) ([thomasgoirand](https://github.com/thomasgoirand)) +- Update xtrabackup package name for Ubuntu 20.04 [\#1387](https://github.com/puppetlabs/puppetlabs-mysql/pull/1387) ([rsynnest](https://github.com/rsynnest)) + +## [v11.0.1](https://github.com/puppetlabs/puppetlabs-mysql/tree/v11.0.1) (2021-04-19) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v11.0.0...v11.0.1) + +### Fixed + +- Fix: Puppet Unknown variable: 'mysql::params::exec\_path' [\#1378](https://github.com/puppetlabs/puppetlabs-mysql/pull/1378) ([JvGinkel](https://github.com/JvGinkel)) +- \(IAC-1497\) - Removal of unsupported `translate` dependency [\#1375](https://github.com/puppetlabs/puppetlabs-mysql/pull/1375) ([david22swan](https://github.com/david22swan)) +- \(MODULES-10926\) Fix Java binding package for Ubuntu 20.04 [\#1373](https://github.com/puppetlabs/puppetlabs-mysql/pull/1373) ([treydock](https://github.com/treydock)) + +## [v11.0.0](https://github.com/puppetlabs/puppetlabs-mysql/tree/v11.0.0) (2021-03-01) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v10.10.0...v11.0.0) + +### Changed + +- pdksync - \(MAINT\) Remove SLES 11 support [\#1370](https://github.com/puppetlabs/puppetlabs-mysql/pull/1370) ([sanfrancrisko](https://github.com/sanfrancrisko)) +- pdksync - \(MAINT\) Remove RHEL 5 family support [\#1369](https://github.com/puppetlabs/puppetlabs-mysql/pull/1369) ([sanfrancrisko](https://github.com/sanfrancrisko)) +- pdksync - Remove Puppet 5 from testing and bump minimal version to 6.0.0 [\#1366](https://github.com/puppetlabs/puppetlabs-mysql/pull/1366) ([carabasdaniel](https://github.com/carabasdaniel)) + +### Added + +- Support compression command and extension [\#1363](https://github.com/puppetlabs/puppetlabs-mysql/pull/1363) ([dploeger](https://github.com/dploeger)) + +## [v10.10.0](https://github.com/puppetlabs/puppetlabs-mysql/tree/v10.10.0) (2021-02-11) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v10.9.1...v10.10.0) + +### Added + +- Set default MySQL version for FreeBSD [\#1360](https://github.com/puppetlabs/puppetlabs-mysql/pull/1360) ([olevole](https://github.com/olevole)) + +## [v10.9.1](https://github.com/puppetlabs/puppetlabs-mysql/tree/v10.9.1) (2021-01-06) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v10.9.0...v10.9.1) + +### Fixed + +- Repair check of logbindir [\#1348](https://github.com/puppetlabs/puppetlabs-mysql/pull/1348) ([qha](https://github.com/qha)) + +## [v10.9.0](https://github.com/puppetlabs/puppetlabs-mysql/tree/v10.9.0) (2020-12-16) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v10.8.0...v10.9.0) + +### Added + +- \(FEAT\) Add support for Puppet 7 [\#1347](https://github.com/puppetlabs/puppetlabs-mysql/pull/1347) ([daianamezdrea](https://github.com/daianamezdrea)) +- \(IAC-996\) Removal of inappropriate terminology [\#1340](https://github.com/puppetlabs/puppetlabs-mysql/pull/1340) ([pmcmaw](https://github.com/pmcmaw)) + +## [v10.8.0](https://github.com/puppetlabs/puppetlabs-mysql/tree/v10.8.0) (2020-11-03) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v10.7.1...v10.8.0) + +### Added + +- Add compatibility for Amazon Linux 2 [\#1328](https://github.com/puppetlabs/puppetlabs-mysql/pull/1328) ([greno2](https://github.com/greno2)) + +### Fixed -All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +- \(IAC-1137\) Ensure curl package is installed for xtrabackup tests [\#1338](https://github.com/puppetlabs/puppetlabs-mysql/pull/1338) ([pmcmaw](https://github.com/pmcmaw)) +- \(MODULES-10788\) - fix for password prompt when creating mysql\_login\_path resource [\#1334](https://github.com/puppetlabs/puppetlabs-mysql/pull/1334) ([andeman](https://github.com/andeman)) +- \(MODULES-10790\) - Setting logbin results in error Unknown variable: 'managed\_dirs\_path' [\#1325](https://github.com/puppetlabs/puppetlabs-mysql/pull/1325) ([pmcmaw](https://github.com/pmcmaw)) +- Fix package for python bindings on Ubuntu 20.04 [\#1323](https://github.com/puppetlabs/puppetlabs-mysql/pull/1323) ([tobias-urdin](https://github.com/tobias-urdin)) + +## [v10.7.1](https://github.com/puppetlabs/puppetlabs-mysql/tree/v10.7.1) (2020-09-25) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v10.7.0...v10.7.1) + +### Fixed + +- \(IAC-1175\) Pin percona-release to version 1.0-22 for Debian 8 [\#1329](https://github.com/puppetlabs/puppetlabs-mysql/pull/1329) ([pmcmaw](https://github.com/pmcmaw)) +- \[MODULES-10773\] Fix for rh-mysql80 [\#1322](https://github.com/puppetlabs/puppetlabs-mysql/pull/1322) ([carabasdaniel](https://github.com/carabasdaniel)) + +## [v10.7.0](https://github.com/puppetlabs/puppetlabs-mysql/tree/v10.7.0) (2020-08-12) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v10.6.0...v10.7.0) + +### Added + +- pdksync - \(IAC-973\) - Update travis/appveyor to run on new default branch `main` [\#1316](https://github.com/puppetlabs/puppetlabs-mysql/pull/1316) ([david22swan](https://github.com/david22swan)) +- add package provider and source [\#1314](https://github.com/puppetlabs/puppetlabs-mysql/pull/1314) ([fe80](https://github.com/fe80)) + +### Fixed + +- Remove non printable characters [\#1315](https://github.com/puppetlabs/puppetlabs-mysql/pull/1315) ([elmobp](https://github.com/elmobp)) +- Remove control character from manifests/server.pp [\#1312](https://github.com/puppetlabs/puppetlabs-mysql/pull/1312) ([tomkrouper](https://github.com/tomkrouper)) + +## [v10.6.0](https://github.com/puppetlabs/puppetlabs-mysql/tree/v10.6.0) (2020-06-23) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v10.5.0...v10.6.0) + +### Added + +- Handle cron package from different module [\#1306](https://github.com/puppetlabs/puppetlabs-mysql/pull/1306) ([ashish1099](https://github.com/ashish1099)) +- \(IAC-746\) - Add ubuntu 20.04 support [\#1303](https://github.com/puppetlabs/puppetlabs-mysql/pull/1303) ([david22swan](https://github.com/david22swan)) +- \(MODULES-1550\) add new Feature MySQL login paths [\#1295](https://github.com/puppetlabs/puppetlabs-mysql/pull/1295) ([andeman](https://github.com/andeman)) + +### Fixed + +- Add managed\_dirs parameter [\#1305](https://github.com/puppetlabs/puppetlabs-mysql/pull/1305) ([evgenkisel](https://github.com/evgenkisel)) +- change split on whitespace to split on tab in mysql\_user [\#1233](https://github.com/puppetlabs/puppetlabs-mysql/pull/1233) ([koshatul](https://github.com/koshatul)) + +## [v10.5.0](https://github.com/puppetlabs/puppetlabs-mysql/tree/v10.5.0) (2020-05-13) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v10.4.0...v10.5.0) + +### Added + +- Support mariadb's ed25519-based authentication [\#1292](https://github.com/puppetlabs/puppetlabs-mysql/pull/1292) ([dciabrin](https://github.com/dciabrin)) +- Allow changing the mysql-config-file group-ownership [\#1284](https://github.com/puppetlabs/puppetlabs-mysql/pull/1284) ([unki](https://github.com/unki)) + +### Fixed + +- Remove legacy \(old API\) `mysql_password` function [\#1299](https://github.com/puppetlabs/puppetlabs-mysql/pull/1299) ([alexjfisher](https://github.com/alexjfisher)) +- Improve differences between generated mysql service id values [\#1293](https://github.com/puppetlabs/puppetlabs-mysql/pull/1293) ([ryaner](https://github.com/ryaner)) +- \(MODULES-10023\) Fix multiple xtrabackup regressions [\#1245](https://github.com/puppetlabs/puppetlabs-mysql/pull/1245) ([fraenki](https://github.com/fraenki)) +- Fix binarylog by allowing users to specify managed directories [\#1194](https://github.com/puppetlabs/puppetlabs-mysql/pull/1194) ([elfranne](https://github.com/elfranne)) + +## [v10.4.0](https://github.com/puppetlabs/puppetlabs-mysql/tree/v10.4.0) (2020-03-02) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v10.3.0...v10.4.0) + +### Added + +- Allow adapting MySQL configuration file's permissions mode [\#1278](https://github.com/puppetlabs/puppetlabs-mysql/pull/1278) ([unki](https://github.com/unki)) +- pdksync - \(FM-8581\) - Debian 10 added to travis and provision file refactored [\#1275](https://github.com/puppetlabs/puppetlabs-mysql/pull/1275) ([david22swan](https://github.com/david22swan)) +- Allow backupcompress for xtrabackup profile [\#1196](https://github.com/puppetlabs/puppetlabs-mysql/pull/1196) ([Spuffnduff](https://github.com/Spuffnduff)) +- Enable module to not use default options [\#1192](https://github.com/puppetlabs/puppetlabs-mysql/pull/1192) ([morremeyer](https://github.com/morremeyer)) + +## [v10.3.0](https://github.com/puppetlabs/puppetlabs-mysql/tree/v10.3.0) (2019-12-11) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-mysql/compare/v10.2.1...v10.3.0) + +### Added + +- \(FM-8677\) - Support added for CentOS 8 [\#1254](https://github.com/puppetlabs/puppetlabs-mysql/pull/1254) ([david22swan](https://github.com/david22swan)) + +### Fixed + +- Fix java and ruby binding packages for Debian 10 [\#1264](https://github.com/puppetlabs/puppetlabs-mysql/pull/1264) ([treydock](https://github.com/treydock)) +- \(MODULES-10114\) Confine fact for only when mysql is in PATH [\#1256](https://github.com/puppetlabs/puppetlabs-mysql/pull/1256) ([bFekete](https://github.com/bFekete)) ## [v10.2.1](https://github.com/puppetlabs/puppetlabs-mysql/tree/v10.2.1) (2019-10-30) @@ -1091,3 +1246,6 @@ \* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)* + + +\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)*
--- a/modules/mysql/README.md Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/README.md Mon Jan 03 17:16:21 2022 +0000 @@ -14,6 +14,7 @@ * [Install Percona server on CentOS](#install-percona-server-on-centos) * [Install MariaDB on Ubuntu](#install-mariadb-on-ubuntu) * [Install Plugins](#install-plugins) + * [Use Percona XtraBackup](#use-percona-xtrabackup) 4. [Reference - An under-the-hood peek at what the module is doing and how](REFERENCE.md) 5. [Limitations - OS compatibility, etc.](#limitations) 6. [Development - Guide for contributing to the module](#development) @@ -30,16 +31,16 @@ To install a server with the default options: -`include '::mysql::server'`. +`include mysql::server`. To customize options, such as the root password or `/etc/my.cnf` settings, you must also pass in an override hash: ```puppet -class { '::mysql::server': +class { 'mysql::server': root_password => 'strongpassword', remove_default_accounts => true, restart => true, - override_options => $override_options + override_options => $override_options, } ``` @@ -60,13 +61,13 @@ $override_options = { 'section' => { 'item' => 'thing', - } + }, } ``` For options that you would traditionally represent in this format: -``` +```ini [section] thing = X ``` @@ -81,13 +82,13 @@ $override_options = { 'mysqld' => { 'replicate-do-db' => ['base1', 'base2'], - } + }, } ``` produces -```puppet +```ini [mysqld] replicate-do-db = base1 replicate-do-db = base2 @@ -95,6 +96,9 @@ To implement version specific parameters, specify the version, such as [mysqld-5.5]. This allows one config for different versions of MySQL. +If you don’t want to use the default configuration, you can also supply your options to the `$options` parameter instead of `$override_options`. +Please note that `$options` and `$override_options` are mutually exclusive, you can only use one of them. + ### Create a database To create a database with a user and some assigned privileges: @@ -135,14 +139,14 @@ ```puppet mysql::db { 'mydb': - user => 'myuser', - password => 'mypass', - host => 'localhost', - grant => ['SELECT', 'UPDATE'], - sql => '/path/to/sqlfile.gz', - import_cat_cmd => 'zcat', - import_timeout => 900, - mysql_exec_path => '/opt/rh/rh-myql57/root/bin' + user => 'myuser', + password => 'mypass', + host => 'localhost', + grant => ['SELECT', 'UPDATE'], + sql => '/path/to/sqlfile.gz', + import_cat_cmd => 'zcat', + import_timeout => 900, + mysql_exec_path => '/opt/rh/rh-myql57/root/bin', } ``` @@ -150,11 +154,29 @@ To add custom MySQL configuration, place additional files into `includedir`. This allows you to override settings or add additional ones, which is helpful if you don't use `override_options` in `mysql::server`. The `includedir` location is by default set to `/etc/mysql/conf.d`. +### Managing Root Passwords + +If you want the password managed by puppet for `127.0.0.1` and `::1` as an end user you would need to explicitly manage them with additional manifest entries. For example: + +```puppet +mysql_user { '[root@127.0.0.1]': + ensure => present, + password_hash => mysql::password($mysql::server::root_password), +} + +mysql_user { 'root@::1': + ensure => present, + password_hash => mysql::password($mysql::server::root_password), +} +``` + +**Note:** This module is not designed to carry out additional DNS and aliasing. + ### Work with an existing server To instantiate databases and users on an existing MySQL server, you need a `.my.cnf` file in `root`'s home directory. This file must specify the remote server address and credentials. For example: -```puppet +```ini [client] user=root host=localhost @@ -180,6 +202,37 @@ If required, the password can also be an empty string to allow connections without an password. +### Create login paths + +This feature works only for the MySQL Community Edition >= 5.6.6. + +A login path is a set of options (host, user, password, port and socket) that specify which MySQL server to connect to and which account to authenticate as. The authentication credentials and the other options are stored in an encrypted login file named .mylogin.cnf typically under the users home directory. + +More information about MySQL login paths: https://dev.mysql.com/doc/refman/8.0/en/mysql-config-editor.html. + +Some example for login paths: + +```puppet +mysql_login_path { 'client': + owner => root, + host => 'localhost', + user => 'root', + password => Sensitive('secure'), + socket => '/var/run/mysqld/mysqld.sock', + ensure => present, +} + +mysql_login_path { 'remote_db': + owner => root, + host => '10.0.0.1', + user => 'network', + password => Sensitive('secure'), + port => 3306, + ensure => present, +} +``` +See examples/mysql_login_path.pp for further examples. + ### Install Percona server on CentOS This example shows how to do a minimal installation of a Percona server on a @@ -199,7 +252,7 @@ gpgcheck => 1, } -class {'mysql::server': +class { 'mysql::server': package_name => 'Percona-Server-server-57', service_name => 'mysql', config_file => '/etc/my.cnf', @@ -213,26 +266,26 @@ mysqld_safe => { log-error => '/var/log/mysqld.log', }, - } + }, } # Note: Installing Percona-Server-server-57 also installs Percona-Server-client-57. # This shows how to install the Percona MySQL client on its own -class {'mysql::client': - package_name => 'Percona-Server-client-57' +class { 'mysql::client': + package_name => 'Percona-Server-client-57', } # These packages are normally installed along with Percona-Server-server-57 # If you needed to install the bindings, however, you could do so with this code class { 'mysql::bindings': - client_dev_package_name => 'Percona-Server-shared-57', - client_dev => true, - daemon_dev_package_name => 'Percona-Server-devel-57', - daemon_dev => true, - perl_enable => true, - perl_package_name => 'perl-DBD-MySQL', - python_enable => true, - python_package_name => 'MySQL-python', + client_dev_package_name => 'Percona-Server-shared-57', + client_dev => true, + daemon_dev_package_name => 'Percona-Server-devel-57', + daemon_dev => true, + perl_enable => true, + perl_package_name => 'perl-DBD-MySQL', + python_enable => true, + python_package_name => 'MySQL-python', } # Dependencies definition @@ -250,7 +303,7 @@ #### Optional: Install the MariaDB official repo -In this example, we'll use the latest stable (currently 10.1) from the official MariaDB repository, not the one from the distro repository. You could instead use the package from the Ubuntu repository. Make sure you use the repository corresponding to the version you want. +In this example, we'll use the latest stable (currently 10.3) from the official MariaDB repository, not the one from the distro repository. You could instead use the package from the Ubuntu repository. Make sure you use the repository corresponding to the version you want. **Note:** `sfo1.mirrors.digitalocean.com` is one of many mirrors available. You can use any official mirror. @@ -258,11 +311,11 @@ include apt apt::source { 'mariadb': - location => 'http://sfo1.mirrors.digitalocean.com/mariadb/repo/10.1/ubuntu', - release => $::lsbdistcodename, + location => 'http://sfo1.mirrors.digitalocean.com/mariadb/repo/10.3/ubuntu', + release => $::facts['os']['codename'], repos => 'main', key => { - id => '199369E5404BD5FC7D2FE43BCBCB082A1BB943DB', + id => '177F4010FE56CA3336300305F1656F24C74CD1D8', server => 'hkp://keyserver.ubuntu.com:80', }, include => { @@ -274,7 +327,7 @@ #### Install the MariaDB server -This example shows MariaDB server installation on Ubuntu Trusty. Adjust the version and the parameters of `my.cnf` as needed. All parameters of the `my.cnf` can be defined using the `override_options` parameter. +This example shows MariaDB server installation on Ubuntu Xenial. Adjust the version and the parameters of `my.cnf` as needed. All parameters of the `my.cnf` can be defined using the `override_options` parameter. The folders `/var/log/mysql` and `/var/run/mysqld` are created automatically, but if you are using other custom folders, they should exist as prerequisites for this code. @@ -283,10 +336,10 @@ Specify the version of the package you want with the `package_ensure` parameter. ```puppet -class {'::mysql::server': +class { 'mysql::server': package_name => 'mariadb-server', - package_ensure => '10.1.14+maria-1~trusty', - service_name => 'mysql', + package_ensure => '1:10.3.21+maria~xenial', + service_name => 'mysqld', root_password => 'AVeryStrongPasswordUShouldEncrypt!', override_options => { mysqld => { @@ -296,14 +349,14 @@ mysqld_safe => { 'log-error' => '/var/log/mysql/mariadb.log', }, - } + }, } # Dependency management. Only use that part if you are installing the repository # as shown in the Preliminary step of this example. Apt::Source['mariadb'] ~> Class['apt::update'] -> -Class['::mysql::server'] +Class['mysql::server'] ``` @@ -314,16 +367,16 @@ Specify the version of the package you want with the `package_ensure` parameter. ```puppet -class {'::mysql::client': +class { 'mysql::client': package_name => 'mariadb-client', - package_ensure => '10.1.14+maria-1~trusty', + package_ensure => '1:10.3.21+maria~xenial', bindings_enable => true, } # Dependency management. Only use that part if you are installing the repository as shown in the Preliminary step of this example. Apt::Source['mariadb'] ~> Class['apt::update'] -> -Class['::mysql::client'] +Class['mysql::client'] ``` ### Install MySQL Community server on CentOS @@ -338,7 +391,7 @@ In Puppet: ```puppet -include ::mysql::server +include mysql::server create_resources(yumrepo, hiera('yumrepo', {})) @@ -389,6 +442,69 @@ ### Install Plugins Plugins can be installed by using the `mysql_plugin` defined type. See `examples/mysql_plugin.pp` for futher examples. + +### Use Percona XtraBackup + +This example shows how to configure MySQL backups with Percona XtraBackup. This sets up a weekly cronjob to perform a full backup and additional daily cronjobs for incremental backups. Each backup will create a new directory. A cleanup job will automatically remove backups that are older than 15 days. + +```puppet +yumrepo { 'percona': + descr => 'CentOS $releasever - Percona', + baseurl => 'http://repo.percona.com/release/$releasever/RPMS/$basearch', + gpgkey => 'https://www.percona.com/downloads/RPM-GPG-KEY-percona https://repo.percona.com/yum/PERCONA-PACKAGING-KEY', + enabled => 1, + gpgcheck => 1, +} + +class { 'mysql::server::backup': + backupuser => 'myuser', + backuppassword => 'mypassword', + backupdir => '/tmp/backups', + provider => 'xtrabackup', + backuprotate => 15, + execpath => '/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin', + time => ['23', '15'], +} +``` + +If the daily or weekly backup was successful, then the empty file `/tmp/mysqlbackup_success` is created, which makes it easy to monitor the status of the database backup. + +After two weeks the backup directory should look similar to the example below. + +``` +/tmp/backups/2019-11-10_full +/tmp/backups/2019-11-11_23-15-01 +/tmp/backups/2019-11-13_23-15-01 +/tmp/backups/2019-11-13_23-15-02 +/tmp/backups/2019-11-14_23-15-01 +/tmp/backups/2019-11-15_23-15-02 +/tmp/backups/2019-11-16_23-15-01 +/tmp/backups/2019-11-17_full +/tmp/backups/2019-11-18_23-15-01 +/tmp/backups/2019-11-19_23-15-01 +/tmp/backups/2019-11-20_23-15-02 +/tmp/backups/2019-11-21_23-15-01 +/tmp/backups/2019-11-22_23-15-02 +/tmp/backups/2019-11-23_23-15-01 +``` + +A drawback of using incremental backups is the need to keep at least 7 days of backups, otherwise the full backups is removed early and consecutive incremental backups will fail. Furthermore an incremental backups becomes obsolete once the required full backup was removed. + +The next example uses XtraBackup with incremental backups disabled. In this case the daily cronjob will always perform a full backup. + +```puppet +class { 'mysql::server::backup': + backupuser => 'myuser', + backuppassword => 'mypassword', + backupdir => '/tmp/backups', + provider => 'xtrabackup', + incremental_backups => false, + backuprotate => 5, + execpath => '/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin', + time => ['23', '15'], +} +``` + ## Reference ### Classes @@ -396,8 +512,6 @@ #### Public classes * [`mysql::server`](#mysqlserver): Installs and configures MySQL. -* [`mysql::server::monitor`](#mysqlservermonitor): Sets up a monitoring user. -* [`mysql::server::mysqltuner`](#mysqlservermysqltuner): Installs MySQL tuner script. * [`mysql::server::backup`](#mysqlserverbackup): Sets up MySQL backups via cron. * [`mysql::bindings`](#mysqlbindings): Installs various MySQL language bindings. * [`mysql::client`](#mysqlclient): Installs MySQL client (for non-servers). @@ -486,11 +600,11 @@ This is required if `create_root_user` and `create_root_login_file` are true. If `root_password` is 'UNSET', then `create_root_user` and `create_root_login_file` are assumed to be false --- that is, the MySQL root user and `/root/.mylogin.cnf` are not created. ```puppet -class { '::mysql::server': -root_password => 'password', -create_root_my_cnf => false, -create_root_login_file => true, -login_file => "puppet:///modules/${module_name}/mylogin.cnf", +class { 'mysql::server': + root_password => 'password', + create_root_my_cnf => false, + create_root_login_file => true, + login_file => 'puppet:///modules/${module_name}/mylogin.cnf', } ``` @@ -516,13 +630,13 @@ ## Limitations -For an extensive list of supported operating systems, see [metadata.json](https://github.com/puppetlabs/puppetlabs-mysql/blob/master/metadata.json) +For an extensive list of supported operating systems, see [metadata.json](https://github.com/puppetlabs/puppetlabs-mysql/blob/main/metadata.json) **Note:** The mysqlbackup.sh does not work and is not supported on MySQL 5.7 and greater. ## Development -We are experimenting with a new tool for running acceptance tests. Its name is [puppet_litmus](https://github.com/puppetlabs/puppet_litmus) this replaces beaker as the test runner. To run the acceptance tests follow the instructions from this point [here](https://github.com/puppetlabs/puppet_litmus/wiki/Tutorial:-use-Litmus-to-execute-acceptance-tests-with-a-sample-module-(MoTD)#install-the-necessary-gems-for-the-module). +We are experimenting with a new tool for running acceptance tests. Its name is [puppet_litmus](https://github.com/puppetlabs/puppet_litmus) this replaces beaker as the test runner. To run the acceptance tests follow the [instructions](https://puppetlabs.github.io/litmus/Running-acceptance-tests.html) from the Litmus documentation. Puppet modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can't access the huge number of platforms and myriad of hardware, software, and deployment configurations that Puppet is intended to serve. @@ -532,17 +646,4 @@ ### Authors -This module is based on work by David Schmitt. The following contributors have contributed to this module (beyond Puppet Labs): - -* Larry Ludwig -* Christian G. Warden -* Daniel Black -* Justin Ellison -* Lowe Schmidt -* Matthias Pigulla -* William Van Hevelingen -* Michael Arnold -* Chris Weyl -* Daniël van Eeden -* Jan-Otto Kröpke -* Timothy Sven Nelson +This module is based on work by David Schmitt. Thank you to all of our [contributors](https://github.com/puppetlabs/puppetlabs-mysql/graphs/contributors).
--- a/modules/mysql/REFERENCE.md Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/REFERENCE.md Mon Jan 03 17:16:21 2022 +0000 @@ -1,20 +1,19 @@ # Reference + <!-- DO NOT EDIT: This document was generated by Puppet Strings --> ## Table of Contents -**Classes** - -_Public Classes_ +### Classes + +#### Public Classes * [`mysql::bindings`](#mysqlbindings): Parent class for MySQL bindings. * [`mysql::client`](#mysqlclient): Installs and configures the MySQL client. * [`mysql::server`](#mysqlserver): Installs and configures the MySQL server. * [`mysql::server::backup`](#mysqlserverbackup): Create and manage a MySQL backup. -* [`mysql::server::monitor`](#mysqlservermonitor): This is a helper class to add a monitoring user to the database -* [`mysql::server::mysqltuner`](#mysqlservermysqltuner): Manage the MySQLTuner package. - -_Private Classes_ + +#### Private Classes * `mysql::backup::mysqlbackup`: Manage the mysqlbackup client. * `mysql::backup::mysqldump`: "Provider" for mysqldump @@ -29,47 +28,51 @@ * `mysql::client::install`: Private class for MySQL client install. * `mysql::params`: Params class. * `mysql::server::account_security`: Private class for ensuring localhost accounts do not exist -* `mysql::server::binarylog`: Binary log configuration requires the mysql user to be present. This must be done after package install * `mysql::server::config`: Private class for MySQL server configuration. * `mysql::server::install`: Private class for managing MySQL package. * `mysql::server::installdb`: Builds initial databases on installation. +* `mysql::server::managed_dirs`: Binary log configuration requires the mysql user to be present. This must be done after package install. * `mysql::server::providers`: Convenience class to call each of the three providers with the corresponding hashes provided in mysql::server. * `mysql::server::root_password`: Private class for managing the root password * `mysql::server::service`: Private class for managing the MySQL service -**Defined types** +### Defined types * [`mysql::db`](#mysqldb): Create and configure a MySQL database. -**Resource types** - -_Public Resource types_ +### Resource types + +#### Public Resource types * [`mysql_grant`](#mysql_grant): @summary Manage a MySQL user's rights. +* [`mysql_login_path`](#mysql_login_path): Manage a MySQL login path. * [`mysql_plugin`](#mysql_plugin): Manage MySQL plugins. * [`mysql_user`](#mysql_user): @summary Manage a MySQL user. This includes management of users password as well as privileges. -_Private Resource types_ +#### Private Resource types * `mysql_database`: Manage a MySQL database. * `mysql_datadir`: Manage MySQL datadirs with mysql_install_db OR mysqld (5.7.6 and above). -**Functions** - -* [`mysql::normalise_and_deepmerge`](#mysqlnormalise_and_deepmerge): Recursively merges two or more hashes together, normalises keys with differing use of dashesh and underscores, -then returns the resulting hash. +### Functions + +* [`mysql::normalise_and_deepmerge`](#mysqlnormalise_and_deepmerge): Recursively merges two or more hashes together, normalises keys with differing use of dashes and underscores. * [`mysql::password`](#mysqlpassword): Hash a string as mysql's "PASSWORD()" function would do it * [`mysql::strip_hash`](#mysqlstrip_hash): When given a hash this function strips out all blank entries. -* [`mysql_password`](#mysql_password): Hash a string as mysql's "PASSWORD()" function would do it - -**Tasks** +* [`mysql_password`](#mysql_password): DEPRECATED. Use the namespaced function [`mysql::password`](#mysqlpassword) instead. + +### Data types + +* [`Mysql::Options`](#mysqloptions): A hash of options structured like the override_options, but not merged with the default options. + +### Tasks * [`export`](#export): Allows you to backup your database to local file. * [`sql`](#sql): Allows you to execute arbitary SQL ## Classes -### mysql::bindings +### <a name="mysqlbindings"></a>`mysql::bindings` Parent class for MySQL bindings. @@ -88,241 +91,271 @@ #### Parameters -The following parameters are available in the `mysql::bindings` class. - -##### `install_options` +The following parameters are available in the `mysql::bindings` class: + +* [`install_options`](#install_options) +* [`java_enable`](#java_enable) +* [`perl_enable`](#perl_enable) +* [`php_enable`](#php_enable) +* [`python_enable`](#python_enable) +* [`ruby_enable`](#ruby_enable) +* [`client_dev`](#client_dev) +* [`daemon_dev`](#daemon_dev) +* [`java_package_ensure`](#java_package_ensure) +* [`java_package_name`](#java_package_name) +* [`java_package_provider`](#java_package_provider) +* [`perl_package_ensure`](#perl_package_ensure) +* [`perl_package_name`](#perl_package_name) +* [`perl_package_provider`](#perl_package_provider) +* [`php_package_ensure`](#php_package_ensure) +* [`php_package_name`](#php_package_name) +* [`php_package_provider`](#php_package_provider) +* [`python_package_ensure`](#python_package_ensure) +* [`python_package_name`](#python_package_name) +* [`python_package_provider`](#python_package_provider) +* [`ruby_package_ensure`](#ruby_package_ensure) +* [`ruby_package_name`](#ruby_package_name) +* [`ruby_package_provider`](#ruby_package_provider) +* [`client_dev_package_ensure`](#client_dev_package_ensure) +* [`client_dev_package_name`](#client_dev_package_name) +* [`client_dev_package_provider`](#client_dev_package_provider) +* [`daemon_dev_package_ensure`](#daemon_dev_package_ensure) +* [`daemon_dev_package_name`](#daemon_dev_package_name) +* [`daemon_dev_package_provider`](#daemon_dev_package_provider) + +##### <a name="install_options"></a>`install_options` Data type: `Any` Passes `install_options` array to managed package resources. You must pass the [appropriate options](https://docs.puppetlabs.com/references/latest/type.html#package-attribute-install_options) for the package manager(s). -Default value: `undef` - -##### `java_enable` +Default value: ``undef`` + +##### <a name="java_enable"></a>`java_enable` Data type: `Any` Specifies whether `::mysql::bindings::java` should be included. Valid values are `true`, `false`. -Default value: `false` - -##### `perl_enable` +Default value: ``false`` + +##### <a name="perl_enable"></a>`perl_enable` Data type: `Any` Specifies whether `mysql::bindings::perl` should be included. Valid values are `true`, `false`. -Default value: `false` - -##### `php_enable` +Default value: ``false`` + +##### <a name="php_enable"></a>`php_enable` Data type: `Any` Specifies whether `mysql::bindings::php` should be included. Valid values are `true`, `false`. -Default value: `false` - -##### `python_enable` +Default value: ``false`` + +##### <a name="python_enable"></a>`python_enable` Data type: `Any` Specifies whether `mysql::bindings::python` should be included. Valid values are `true`, `false`. -Default value: `false` - -##### `ruby_enable` +Default value: ``false`` + +##### <a name="ruby_enable"></a>`ruby_enable` Data type: `Any` Specifies whether `mysql::bindings::ruby` should be included. Valid values are `true`, `false`. -Default value: `false` - -##### `client_dev` +Default value: ``false`` + +##### <a name="client_dev"></a>`client_dev` Data type: `Any` Specifies whether `::mysql::bindings::client_dev` should be included. Valid values are `true`', `false`. -Default value: `false` - -##### `daemon_dev` +Default value: ``false`` + +##### <a name="daemon_dev"></a>`daemon_dev` Data type: `Any` Specifies whether `::mysql::bindings::daemon_dev` should be included. Valid values are `true`, `false`. -Default value: `false` - -##### `java_package_ensure` +Default value: ``false`` + +##### <a name="java_package_ensure"></a>`java_package_ensure` Data type: `Any` Whether the package should be present, absent, or a specific version. Valid values are 'present', 'absent', or 'x.y.z'. Only applies if `java_enable => true`. -Default value: $mysql::params::java_package_ensure - -##### `java_package_name` +Default value: `$mysql::params::java_package_ensure` + +##### <a name="java_package_name"></a>`java_package_name` Data type: `Any` The name of the Java package to install. Only applies if `java_enable => true`. -Default value: $mysql::params::java_package_name - -##### `java_package_provider` +Default value: `$mysql::params::java_package_name` + +##### <a name="java_package_provider"></a>`java_package_provider` Data type: `Any` The provider to use to install the Java package. Only applies if `java_enable => true`. -Default value: $mysql::params::java_package_provider - -##### `perl_package_ensure` +Default value: `$mysql::params::java_package_provider` + +##### <a name="perl_package_ensure"></a>`perl_package_ensure` Data type: `Any` Whether the package should be present, absent, or a specific version. Valid values are 'present', 'absent', or 'x.y.z'. Only applies if `perl_enable => true`. -Default value: $mysql::params::perl_package_ensure - -##### `perl_package_name` +Default value: `$mysql::params::perl_package_ensure` + +##### <a name="perl_package_name"></a>`perl_package_name` Data type: `Any` The name of the Perl package to install. Only applies if `perl_enable => true`. -Default value: $mysql::params::perl_package_name - -##### `perl_package_provider` +Default value: `$mysql::params::perl_package_name` + +##### <a name="perl_package_provider"></a>`perl_package_provider` Data type: `Any` The provider to use to install the Perl package. Only applies if `perl_enable => true`. -Default value: $mysql::params::perl_package_provider - -##### `php_package_ensure` +Default value: `$mysql::params::perl_package_provider` + +##### <a name="php_package_ensure"></a>`php_package_ensure` Data type: `Any` Whether the package should be present, absent, or a specific version. Valid values are 'present', 'absent', or 'x.y.z'. Only applies if `php_enable => true`. -Default value: $mysql::params::php_package_ensure - -##### `php_package_name` +Default value: `$mysql::params::php_package_ensure` + +##### <a name="php_package_name"></a>`php_package_name` Data type: `Any` The name of the PHP package to install. Only applies if `php_enable => true`. -Default value: $mysql::params::php_package_name - -##### `php_package_provider` +Default value: `$mysql::params::php_package_name` + +##### <a name="php_package_provider"></a>`php_package_provider` Data type: `Any` The provider to use to install the PHP package. Only applies if `php_enable => true`. -Default value: $mysql::params::php_package_provider - -##### `python_package_ensure` +Default value: `$mysql::params::php_package_provider` + +##### <a name="python_package_ensure"></a>`python_package_ensure` Data type: `Any` Whether the package should be present, absent, or a specific version. Valid values are 'present', 'absent', or 'x.y.z'. Only applies if `python_enable => true`. -Default value: $mysql::params::python_package_ensure - -##### `python_package_name` +Default value: `$mysql::params::python_package_ensure` + +##### <a name="python_package_name"></a>`python_package_name` Data type: `Any` The name of the Python package to install. Only applies if `python_enable => true`. -Default value: $mysql::params::python_package_name - -##### `python_package_provider` +Default value: `$mysql::params::python_package_name` + +##### <a name="python_package_provider"></a>`python_package_provider` Data type: `Any` The provider to use to install the Python package. Only applies if `python_enable => true`. -Default value: $mysql::params::python_package_provider - -##### `ruby_package_ensure` +Default value: `$mysql::params::python_package_provider` + +##### <a name="ruby_package_ensure"></a>`ruby_package_ensure` Data type: `Any` Whether the package should be present, absent, or a specific version. Valid values are 'present', 'absent', or 'x.y.z'. Only applies if `ruby_enable => true`. -Default value: $mysql::params::ruby_package_ensure - -##### `ruby_package_name` +Default value: `$mysql::params::ruby_package_ensure` + +##### <a name="ruby_package_name"></a>`ruby_package_name` Data type: `Any` The name of the Ruby package to install. Only applies if `ruby_enable => true`. -Default value: $mysql::params::ruby_package_name - -##### `ruby_package_provider` +Default value: `$mysql::params::ruby_package_name` + +##### <a name="ruby_package_provider"></a>`ruby_package_provider` Data type: `Any` What provider should be used to install the package. -Default value: $mysql::params::ruby_package_provider - -##### `client_dev_package_ensure` +Default value: `$mysql::params::ruby_package_provider` + +##### <a name="client_dev_package_ensure"></a>`client_dev_package_ensure` Data type: `Any` Whether the package should be present, absent, or a specific version. Valid values are 'present', 'absent', or 'x.y.z'. Only applies if `client_dev => true`. -Default value: $mysql::params::client_dev_package_ensure - -##### `client_dev_package_name` +Default value: `$mysql::params::client_dev_package_ensure` + +##### <a name="client_dev_package_name"></a>`client_dev_package_name` Data type: `Any` The name of the client_dev package to install. Only applies if `client_dev => true`. -Default value: $mysql::params::client_dev_package_name - -##### `client_dev_package_provider` +Default value: `$mysql::params::client_dev_package_name` + +##### <a name="client_dev_package_provider"></a>`client_dev_package_provider` Data type: `Any` The provider to use to install the client_dev package. Only applies if `client_dev => true`. -Default value: $mysql::params::client_dev_package_provider - -##### `daemon_dev_package_ensure` +Default value: `$mysql::params::client_dev_package_provider` + +##### <a name="daemon_dev_package_ensure"></a>`daemon_dev_package_ensure` Data type: `Any` Whether the package should be present, absent, or a specific version. Valid values are 'present', 'absent', or 'x.y.z'. Only applies if `daemon_dev => true`. -Default value: $mysql::params::daemon_dev_package_ensure - -##### `daemon_dev_package_name` +Default value: `$mysql::params::daemon_dev_package_ensure` + +##### <a name="daemon_dev_package_name"></a>`daemon_dev_package_name` Data type: `Any` The name of the daemon_dev package to install. Only applies if `daemon_dev => true`. -Default value: $mysql::params::daemon_dev_package_name - -##### `daemon_dev_package_provider` +Default value: `$mysql::params::daemon_dev_package_name` + +##### <a name="daemon_dev_package_provider"></a>`daemon_dev_package_provider` Data type: `Any` The provider to use to install the daemon_dev package. Only applies if `daemon_dev => true`. -Default value: $mysql::params::daemon_dev_package_provider - -### mysql::client +Default value: `$mysql::params::daemon_dev_package_provider` + +### <a name="mysqlclient"></a>`mysql::client` Installs and configures the MySQL client. @@ -340,49 +373,73 @@ #### Parameters -The following parameters are available in the `mysql::client` class. - -##### `bindings_enable` +The following parameters are available in the `mysql::client` class: + +* [`bindings_enable`](#bindings_enable) +* [`install_options`](#install_options) +* [`package_ensure`](#package_ensure) +* [`package_manage`](#package_manage) +* [`package_name`](#package_name) +* [`package_provider`](#package_provider) +* [`package_source`](#package_source) + +##### <a name="bindings_enable"></a>`bindings_enable` Data type: `Any` Whether to automatically install all bindings. Valid values are `true`, `false`. Default to `false`. -Default value: $mysql::params::bindings_enable - -##### `install_options` +Default value: `$mysql::params::bindings_enable` + +##### <a name="install_options"></a>`install_options` Data type: `Any` Array of install options for managed package resources. You must pass the appropriate options for the package manager. -Default value: `undef` - -##### `package_ensure` +Default value: ``undef`` + +##### <a name="package_ensure"></a>`package_ensure` Data type: `Any` Whether the MySQL package should be present, absent, or a specific version. Valid values are 'present', 'absent', or 'x.y.z'. -Default value: $mysql::params::client_package_ensure - -##### `package_manage` +Default value: `$mysql::params::client_package_ensure` + +##### <a name="package_manage"></a>`package_manage` Data type: `Any` Whether to manage the MySQL client package. Defaults to `true`. -Default value: $mysql::params::client_package_manage - -##### `package_name` +Default value: `$mysql::params::client_package_manage` + +##### <a name="package_name"></a>`package_name` Data type: `Any` The name of the MySQL client package to install. -Default value: $mysql::params::client_package_name - -### mysql::server +Default value: `$mysql::params::client_package_name` + +##### <a name="package_provider"></a>`package_provider` + +Data type: `Any` + + + +Default value: ``undef`` + +##### <a name="package_source"></a>`package_source` + +Data type: `Any` + + + +Default value: ``undef`` + +### <a name="mysqlserver"></a>`mysql::server` Installs and configures the MySQL server. @@ -401,241 +458,334 @@ #### Parameters -The following parameters are available in the `mysql::server` class. - -##### `config_file` +The following parameters are available in the `mysql::server` class: + +* [`config_file`](#config_file) +* [`config_file_mode`](#config_file_mode) +* [`includedir`](#includedir) +* [`install_options`](#install_options) +* [`install_secret_file`](#install_secret_file) +* [`manage_config_file`](#manage_config_file) +* [`options`](#options) +* [`override_options`](#override_options) +* [`package_ensure`](#package_ensure) +* [`package_manage`](#package_manage) +* [`package_name`](#package_name) +* [`package_provider`](#package_provider) +* [`package_source`](#package_source) +* [`purge_conf_dir`](#purge_conf_dir) +* [`remove_default_accounts`](#remove_default_accounts) +* [`restart`](#restart) +* [`root_group`](#root_group) +* [`mysql_group`](#mysql_group) +* [`mycnf_owner`](#mycnf_owner) +* [`mycnf_group`](#mycnf_group) +* [`root_password`](#root_password) +* [`service_enabled`](#service_enabled) +* [`service_manage`](#service_manage) +* [`service_name`](#service_name) +* [`service_provider`](#service_provider) +* [`create_root_user`](#create_root_user) +* [`create_root_my_cnf`](#create_root_my_cnf) +* [`users`](#users) +* [`grants`](#grants) +* [`databases`](#databases) +* [`enabled`](#enabled) +* [`manage_service`](#manage_service) +* [`old_root_password`](#old_root_password) +* [`managed_dirs`](#managed_dirs) +* [`create_root_login_file`](#create_root_login_file) +* [`login_file`](#login_file) + +##### <a name="config_file"></a>`config_file` Data type: `Any` The location, as a path, of the MySQL configuration file. -Default value: $mysql::params::config_file - -##### `includedir` +Default value: `$mysql::params::config_file` + +##### <a name="config_file_mode"></a>`config_file_mode` + +Data type: `Any` + +The MySQL configuration file's permissions mode. + +Default value: `$mysql::params::config_file_mode` + +##### <a name="includedir"></a>`includedir` Data type: `Any` The location, as a path, of !includedir for custom configuration overrides. -Default value: $mysql::params::includedir - -##### `install_options` +Default value: `$mysql::params::includedir` + +##### <a name="install_options"></a>`install_options` Data type: `Any` Passes [install_options](https://docs.puppetlabs.com/references/latest/type.html#package-attribute-install_options) array to managed package resources. You must pass the appropriate options for the specified package manager -Default value: `undef` - -##### `install_secret_file` +Default value: ``undef`` + +##### <a name="install_secret_file"></a>`install_secret_file` Data type: `Any` Path to secret file containing temporary root password. -Default value: $mysql::params::install_secret_file - -##### `manage_config_file` +Default value: `$mysql::params::install_secret_file` + +##### <a name="manage_config_file"></a>`manage_config_file` Data type: `Any` Whether the MySQL configuration file should be managed. Valid values are `true`, `false`. Defaults to `true`. -Default value: $mysql::params::manage_config_file - -##### `override_options` +Default value: `$mysql::params::manage_config_file` + +##### <a name="options"></a>`options` + +Data type: `Mysql::Options` + +A hash of options structured like the override_options, but not merged with the default options. Use this if you don't want your options merged with the default options. + +Default value: `{}` + +##### <a name="override_options"></a>`override_options` Data type: `Any` Specifies override options to pass into MySQL. Structured like a hash in the my.cnf file: See above for usage details. -Default value: {} - -##### `package_ensure` +Default value: `{}` + +##### <a name="package_ensure"></a>`package_ensure` Data type: `Any` Whether the package exists or should be a specific version. Valid values are 'present', 'absent', or 'x.y.z'. Defaults to 'present'. -Default value: $mysql::params::server_package_ensure - -##### `package_manage` +Default value: `$mysql::params::server_package_ensure` + +##### <a name="package_manage"></a>`package_manage` Data type: `Any` Whether to manage the MySQL server package. Defaults to `true`. -Default value: $mysql::params::server_package_manage - -##### `package_name` +Default value: `$mysql::params::server_package_manage` + +##### <a name="package_name"></a>`package_name` Data type: `Any` The name of the MySQL server package to install. -Default value: $mysql::params::server_package_name - -##### `purge_conf_dir` +Default value: `$mysql::params::server_package_name` + +##### <a name="package_provider"></a>`package_provider` + +Data type: `Any` + +Define a specific provider for package install. + +Default value: ``undef`` + +##### <a name="package_source"></a>`package_source` + +Data type: `Any` + +The location of the package source (require for some package provider) + +Default value: ``undef`` + +##### <a name="purge_conf_dir"></a>`purge_conf_dir` Data type: `Any` Whether the `includedir` directory should be purged. Valid values are `true`, `false`. Defaults to `false`. -Default value: $mysql::params::purge_conf_dir - -##### `remove_default_accounts` +Default value: `$mysql::params::purge_conf_dir` + +##### <a name="remove_default_accounts"></a>`remove_default_accounts` Data type: `Any` Specifies whether to automatically include `mysql::server::account_security`. Valid values are `true`, `false`. Defaults to `false`. -Default value: `false` - -##### `restart` +Default value: ``false`` + +##### <a name="restart"></a>`restart` Data type: `Any` Whether the service should be restarted when things change. Valid values are `true`, `false`. Defaults to `false`. -Default value: $mysql::params::restart - -##### `root_group` +Default value: `$mysql::params::restart` + +##### <a name="root_group"></a>`root_group` Data type: `Any` The name of the group used for root. Can be a group name or a group ID. See more about the [group](https://docs.puppetlabs.com/references/latest/type.html#file-attribute-group). -Default value: $mysql::params::root_group - -##### `mysql_group` +Default value: `$mysql::params::root_group` + +##### <a name="mysql_group"></a>`mysql_group` Data type: `Any` The name of the group of the MySQL daemon user. Can be a group name or a group ID. See more about the [group](https://docs.puppetlabs.com/references/latest/type.html#file-attribute-group). -Default value: $mysql::params::mysql_group - -##### `root_password` +Default value: `$mysql::params::mysql_group` + +##### <a name="mycnf_owner"></a>`mycnf_owner` + +Data type: `Any` + +Name or user-id who owns the mysql-config-file. + +Default value: `$mysql::params::mycnf_owner` + +##### <a name="mycnf_group"></a>`mycnf_group` Data type: `Any` +Name or group-id which owns the mysql-config-file. + +Default value: `$mysql::params::mycnf_group` + +##### <a name="root_password"></a>`root_password` + +Data type: `Variant[String, Sensitive[String]]` + The MySQL root password. Puppet attempts to set the root password and update `/root/.my.cnf` with it. This is required if `create_root_user` or `create_root_my_cnf` are true. If `root_password` is 'UNSET', then `create_root_user` and `create_root_my_cnf` are assumed to be false --- that is, the MySQL root user and `/root/.my.cnf` are not created. Password changes are supported; however, the old password must be set in `/root/.my.cnf`. Effectively, Puppet uses the old password, configured in `/root/my.cnf`, to set the new password in MySQL, and then updates `/root/.my.cnf` with the new password. -Default value: $mysql::params::root_password - -##### `service_enabled` +Default value: `$mysql::params::root_password` + +##### <a name="service_enabled"></a>`service_enabled` Data type: `Any` Specifies whether the service should be enabled. Valid values are `true`, `false`. Defaults to `true`. -Default value: $mysql::params::server_service_enabled - -##### `service_manage` +Default value: `$mysql::params::server_service_enabled` + +##### <a name="service_manage"></a>`service_manage` Data type: `Any` Specifies whether the service should be managed. Valid values are `true`, `false`. Defaults to `true`. -Default value: $mysql::params::server_service_manage - -##### `service_name` +Default value: `$mysql::params::server_service_manage` + +##### <a name="service_name"></a>`service_name` Data type: `Any` The name of the MySQL server service. Defaults are OS dependent, defined in 'params.pp'. -Default value: $mysql::params::server_service_name - -##### `service_provider` +Default value: `$mysql::params::server_service_name` + +##### <a name="service_provider"></a>`service_provider` Data type: `Any` The provider to use to manage the service. For Ubuntu, defaults to 'upstart'; otherwise, default is undefined. -Default value: $mysql::params::server_service_provider - -##### `create_root_user` +Default value: `$mysql::params::server_service_provider` + +##### <a name="create_root_user"></a>`create_root_user` Data type: `Any` Whether root user should be created. Valid values are `true`, `false`. Defaults to `true`. This is useful for a cluster setup with Galera. The root user has to be created only once. You can set this parameter true on one node and set it to false on the remaining nodes. -Default value: $mysql::params::create_root_user - -##### `create_root_my_cnf` +Default value: `$mysql::params::create_root_user` + +##### <a name="create_root_my_cnf"></a>`create_root_my_cnf` Data type: `Any` Whether to create `/root/.my.cnf`. Valid values are `true`, `false`. Defaults to `true`. `create_root_my_cnf` allows creation of `/root/.my.cnf` independently of `create_root_user`. You can use this for a cluster setup with Galera where you want `/root/.my.cnf` to exist on all nodes. -Default value: $mysql::params::create_root_my_cnf - -##### `users` +Default value: `$mysql::params::create_root_my_cnf` + +##### <a name="users"></a>`users` Data type: `Any` Optional hash of users to create, which are passed to [mysql_user](#mysql_user). -Default value: {} - -##### `grants` +Default value: `{}` + +##### <a name="grants"></a>`grants` Data type: `Any` Optional hash of grants, which are passed to [mysql_grant](#mysql_grant). -Default value: {} - -##### `databases` +Default value: `{}` + +##### <a name="databases"></a>`databases` Data type: `Any` Optional hash of databases to create, which are passed to [mysql_database](#mysql_database). -Default value: {} - -##### `enabled` +Default value: `{}` + +##### <a name="enabled"></a>`enabled` Data type: `Any` _Deprecated_ -Default value: `undef` - -##### `manage_service` +Default value: ``undef`` + +##### <a name="manage_service"></a>`manage_service` Data type: `Any` _Deprecated_ -Default value: `undef` - -##### `old_root_password` +Default value: ``undef`` + +##### <a name="old_root_password"></a>`old_root_password` Data type: `Any` This parameter no longer does anything. It exists only for backwards compatibility. See the `root_password` parameter above for details on changing the root password. -Default value: `undef` - -##### `create_root_login_file` +Default value: ``undef`` + +##### <a name="managed_dirs"></a>`managed_dirs` + +Data type: `Any` + + + +Default value: `$mysql::params::managed_dirs` + +##### <a name="create_root_login_file"></a>`create_root_login_file` Data type: `Any` -Default value: $mysql::params::create_root_login_file - -##### `login_file` +Default value: `$mysql::params::create_root_login_file` + +##### <a name="login_file"></a>`login_file` Data type: `Any` -Default value: $mysql::params::login_file - -### mysql::server::backup +Default value: `$mysql::params::login_file` + +### <a name="mysqlserverbackup"></a>`mysql::server::backup` Create and manage a MySQL backup. @@ -661,275 +811,265 @@ #### Parameters -The following parameters are available in the `mysql::server::backup` class. - -##### `backupuser` +The following parameters are available in the `mysql::server::backup` class: + +* [`backupuser`](#backupuser) +* [`backuppassword`](#backuppassword) +* [`backupdir`](#backupdir) +* [`backupdirmode`](#backupdirmode) +* [`backupdirowner`](#backupdirowner) +* [`backupdirgroup`](#backupdirgroup) +* [`backupcompress`](#backupcompress) +* [`backupmethod`](#backupmethod) +* [`backup_success_file_path`](#backup_success_file_path) +* [`backuprotate`](#backuprotate) +* [`ignore_events`](#ignore_events) +* [`delete_before_dump`](#delete_before_dump) +* [`backupdatabases`](#backupdatabases) +* [`file_per_database`](#file_per_database) +* [`include_routines`](#include_routines) +* [`include_triggers`](#include_triggers) +* [`incremental_backups`](#incremental_backups) +* [`ensure`](#ensure) +* [`time`](#time) +* [`prescript`](#prescript) +* [`postscript`](#postscript) +* [`execpath`](#execpath) +* [`provider`](#provider) +* [`maxallowedpacket`](#maxallowedpacket) +* [`optional_args`](#optional_args) +* [`install_cron`](#install_cron) +* [`compression_command`](#compression_command) +* [`compression_extension`](#compression_extension) + +##### <a name="backupuser"></a>`backupuser` Data type: `Any` -MySQL user with backup administrator privileges. - -Default value: `undef` - -##### `backuppassword` - -Data type: `Any` - -Password for `backupuser`. - -Default value: `undef` - -##### `backupdir` +MySQL user to create with backup administrator privileges. + +Default value: ``undef`` + +##### <a name="backuppassword"></a>`backuppassword` + +Data type: `Optional[Variant[String, Sensitive[String]]]` + +Password to create for `backupuser`. + +Default value: ``undef`` + +##### <a name="backupdir"></a>`backupdir` Data type: `Any` Directory to store backup. -Default value: `undef` - -##### `backupdirmode` +Default value: ``undef`` + +##### <a name="backupdirmode"></a>`backupdirmode` Data type: `Any` Permissions applied to the backup directory. This parameter is passed directly to the file resource. -Default value: '0700' - -##### `backupdirowner` +Default value: `'0700'` + +##### <a name="backupdirowner"></a>`backupdirowner` Data type: `Any` Owner for the backup directory. This parameter is passed directly to the file resource. -Default value: 'root' - -##### `backupdirgroup` +Default value: `'root'` + +##### <a name="backupdirgroup"></a>`backupdirgroup` Data type: `Any` Group owner for the backup directory. This parameter is passed directly to the file resource. -Default value: $mysql::params::root_group - -##### `backupcompress` +Default value: `$mysql::params::root_group` + +##### <a name="backupcompress"></a>`backupcompress` Data type: `Any` -Whether or not to compress the backup (when using the mysqldump provider) - -Default value: `true` - -##### `backupmethod` +Whether or not to compress the backup (when using the mysqldump or xtrabackup provider) + +Default value: ``true`` + +##### <a name="backupmethod"></a>`backupmethod` Data type: `Any` The execution binary for backing up. ex. mysqldump, xtrabackup, mariabackup -Default value: `undef` - -##### `backup_success_file_path` +Default value: ``undef`` + +##### <a name="backup_success_file_path"></a>`backup_success_file_path` Data type: `Any` Specify a path where upon successfull backup a file should be created for checking purposes. -Default value: '/tmp/mysqlbackup_success' - -##### `backuprotate` +Default value: `'/tmp/mysqlbackup_success'` + +##### <a name="backuprotate"></a>`backuprotate` Data type: `Any` Backup rotation interval in 24 hour periods. -Default value: 30 - -##### `ignore_events` +Default value: `30` + +##### <a name="ignore_events"></a>`ignore_events` Data type: `Any` Ignore the mysql.event table. -Default value: `true` - -##### `delete_before_dump` +Default value: ``true`` + +##### <a name="delete_before_dump"></a>`delete_before_dump` Data type: `Any` Whether to delete old .sql files before backing up. Setting to true deletes old files before backing up, while setting to false deletes them after backup. -Default value: `false` - -##### `backupdatabases` +Default value: ``false`` + +##### <a name="backupdatabases"></a>`backupdatabases` Data type: `Any` Databases to backup (required if using xtrabackup provider). By default `[]` will back up all databases. -Default value: [] - -##### `file_per_database` +Default value: `[]` + +##### <a name="file_per_database"></a>`file_per_database` Data type: `Any` Use file per database mode creating one file per database backup. -Default value: `false` - -##### `include_routines` +Default value: ``false`` + +##### <a name="include_routines"></a>`include_routines` Data type: `Any` Dump stored routines (procedures and functions) from dumped databases when doing a `file_per_database` backup. -Default value: `false` - -##### `include_triggers` +Default value: ``false`` + +##### <a name="include_triggers"></a>`include_triggers` Data type: `Any` Dump triggers for each dumped table when doing a `file_per_database` backup. -Default value: `false` - -##### `ensure` +Default value: ``false`` + +##### <a name="incremental_backups"></a>`incremental_backups` Data type: `Any` - - -Default value: 'present' - -##### `time` +A flag to activate/deactivate incremental backups. Currently only supported by the xtrabackup provider. + +Default value: ``true`` + +##### <a name="ensure"></a>`ensure` + +Data type: `Any` + + + +Default value: `'present'` + +##### <a name="time"></a>`time` Data type: `Any` An array of two elements to set the backup time. Allows ['23', '5'] (i.e., 23:05) or ['3', '45'] (i.e., 03:45) for HH:MM times. -Default value: ['23', '5'] - -##### `prescript` +Default value: `['23', '5']` + +##### <a name="prescript"></a>`prescript` Data type: `Any` A script that is executed before the backup begins. -Default value: `false` - -##### `postscript` +Default value: ``false`` + +##### <a name="postscript"></a>`postscript` Data type: `Any` A script that is executed when the backup is finished. This could be used to sync the backup to a central store. This script can be either a single line that is directly executed or a number of lines supplied as an array. It could also be one or more externally managed (executable) files. -Default value: `false` - -##### `execpath` +Default value: ``false`` + +##### <a name="execpath"></a>`execpath` Data type: `Any` Allows you to set a custom PATH should your MySQL installation be non-standard places. Defaults to `/usr/bin:/usr/sbin:/bin:/sbin`. -Default value: '/usr/bin:/usr/sbin:/bin:/sbin' - -##### `provider` +Default value: `'/usr/bin:/usr/sbin:/bin:/sbin'` + +##### <a name="provider"></a>`provider` Data type: `Any` Sets the server backup implementation. Valid values are: -Default value: 'mysqldump' - -##### `maxallowedpacket` +Default value: `'mysqldump'` + +##### <a name="maxallowedpacket"></a>`maxallowedpacket` Data type: `Any` Defines the maximum SQL statement size for the backup dump script. The default value is 1MB, as this is the default MySQL Server value. -Default value: '1M' - -##### `optional_args` +Default value: `'1M'` + +##### <a name="optional_args"></a>`optional_args` Data type: `Any` Specifies an array of optional arguments which should be passed through to the backup tool. (Supported by the xtrabackup and mysqldump providers.) -Default value: [] - -### mysql::server::monitor - -This is a helper class to add a monitoring user to the database - -#### Parameters - -The following parameters are available in the `mysql::server::monitor` class. - -##### `mysql_monitor_username` +Default value: `[]` + +##### <a name="install_cron"></a>`install_cron` Data type: `Any` -The username to create for MySQL monitoring. - -Default value: '' - -##### `mysql_monitor_password` - -Data type: `Any` - -The password to create for MySQL monitoring. - -Default value: '' - -##### `mysql_monitor_hostname` +Manage installation of cron package + +Default value: ``true`` + +##### <a name="compression_command"></a>`compression_command` Data type: `Any` -The hostname from which the monitoring user requests are allowed access. - -Default value: '' - -### mysql::server::mysqltuner - -Manage the MySQLTuner package. - -#### Parameters - -The following parameters are available in the `mysql::server::mysqltuner` class. - -##### `ensure` - -Data type: `Any` - -Ensures that the resource exists. Valid values are 'present', 'absent'. Defaults to 'present'. - -Default value: 'present' - -##### `version` +Configure the command used to compress the backup (when using the mysqldump provider). Make sure the command exists +on the target system. Packages for it are NOT automatically installed. + +Default value: ``undef`` + +##### <a name="compression_extension"></a>`compression_extension` Data type: `Any` -The version to install from the major/MySQLTuner-perl github repository. Must be a valid tag. Defaults to 'v1.3.0'. - -Default value: 'v1.3.0' - -##### `source` - -Data type: `Any` - -Source path for the mysqltuner package. - -Default value: `undef` - -##### `tuner_location` - -Data type: `Any` - -Destination for the mysqltuner package. - -Default value: '/usr/local/bin/mysqltuner' +Configure the file extension for the compressed backup (when using the mysqldump provider) + +Default value: ``undef`` ## Defined types -### mysql::db +### <a name="mysqldb"></a>`mysql::db` Create and configure a MySQL database. @@ -948,127 +1088,143 @@ #### Parameters -The following parameters are available in the `mysql::db` defined type. - -##### `user` +The following parameters are available in the `mysql::db` defined type: + +* [`user`](#user) +* [`password`](#password) +* [`tls_options`](#tls_options) +* [`dbname`](#dbname) +* [`charset`](#charset) +* [`collate`](#collate) +* [`host`](#host) +* [`grant`](#grant) +* [`grant_options`](#grant_options) +* [`sql`](#sql) +* [`enforce_sql`](#enforce_sql) +* [`ensure`](#ensure) +* [`import_timeout`](#import_timeout) +* [`import_cat_cmd`](#import_cat_cmd) +* [`mysql_exec_path`](#mysql_exec_path) + +##### <a name="user"></a>`user` Data type: `Any` The user for the database you're creating. -##### `password` - -Data type: `Any` +##### <a name="password"></a>`password` + +Data type: `Variant[String, Sensitive[String]]` The password for $user for the database you're creating. -##### `tls_options` +##### <a name="tls_options"></a>`tls_options` Data type: `Any` The tls_options for $user for the database you're creating. -Default value: `undef` - -##### `dbname` +Default value: ``undef`` + +##### <a name="dbname"></a>`dbname` Data type: `Any` The name of the database to create. -Default value: $name - -##### `charset` +Default value: `$name` + +##### <a name="charset"></a>`charset` Data type: `Any` The character set for the database. -Default value: 'utf8' - -##### `collate` +Default value: `'utf8'` + +##### <a name="collate"></a>`collate` Data type: `Any` The collation for the database. -Default value: 'utf8_general_ci' - -##### `host` +Default value: `'utf8_general_ci'` + +##### <a name="host"></a>`host` Data type: `Any` The host to use as part of user@host for grants. -Default value: 'localhost' - -##### `grant` +Default value: `'localhost'` + +##### <a name="grant"></a>`grant` Data type: `Any` The privileges to be granted for user@host on the database. -Default value: 'ALL' - -##### `grant_options` +Default value: `'ALL'` + +##### <a name="grant_options"></a>`grant_options` Data type: `Any` The grant_options for the grant for user@host on the database. -Default value: `undef` - -##### `sql` +Default value: ``undef`` + +##### <a name="sql"></a>`sql` Data type: `Optional[Variant[Array, Hash, String]]` The path to the sqlfile you want to execute. This can be single file specified as string, or it can be an array of strings. -Default value: `undef` - -##### `enforce_sql` +Default value: ``undef`` + +##### <a name="enforce_sql"></a>`enforce_sql` Data type: `Any` Specifies whether executing the sqlfiles should happen on every run. If set to false, sqlfiles only run once. -Default value: `false` - -##### `ensure` +Default value: ``false`` + +##### <a name="ensure"></a>`ensure` Data type: `Enum['absent', 'present']` Specifies whether to create the database. Valid values are 'present', 'absent'. Defaults to 'present'. -Default value: 'present' - -##### `import_timeout` +Default value: `'present'` + +##### <a name="import_timeout"></a>`import_timeout` Data type: `Any` Timeout, in seconds, for loading the sqlfiles. Defaults to 300. -Default value: 300 - -##### `import_cat_cmd` +Default value: `300` + +##### <a name="import_cat_cmd"></a>`import_cat_cmd` Data type: `Any` Command to read the sqlfile for importing the database. Useful for compressed sqlfiles. For example, you can use 'zcat' for .gz files. -Default value: 'cat' - -##### `mysql_exec_path` +Default value: `'cat'` + +##### <a name="mysql_exec_path"></a>`mysql_exec_path` Data type: `Any` -Default value: $mysql::params::exec_path +Default value: ``undef`` ## Resource types -### mysql_grant +### <a name="mysql_grant"></a>`mysql_grant` @summary Manage a MySQL user's rights. @@ -1079,11 +1235,15 @@ ##### `ensure` -Valid values: present, absent +Valid values: `present`, `absent` The basic property that the resource should be in. -Default value: present +Default value: `present` + +##### `options` + +Options to grant. ##### `privileges` @@ -1091,7 +1251,7 @@ ##### `table` -Valid values: %r{.*\..*}, %r{^[0-9a-zA-Z$_]*@[\w%\.:\-/]*$} +Valid values: `%r{.*\..*}`, `%r{^[0-9a-zA-Z$_]*@[\w%\.:\-/]*$}` Table to apply privileges to. @@ -1099,21 +1259,122 @@ User to operate on. -##### `options` - -Options to grant. - #### Parameters The following parameters are available in the `mysql_grant` type. -##### `name` +* [`name`](#name) +* [`provider`](#provider) + +##### <a name="name"></a>`name` namevar Name to describe the grant. -### mysql_plugin +##### <a name="provider"></a>`provider` + +The specific backend to use for this `mysql_grant` resource. You will seldom need to specify this --- Puppet will +usually discover the appropriate provider for your platform. + +### <a name="mysql_login_path"></a>`mysql_login_path` + +This type provides Puppet with the capabilities to store authentication credentials in an obfuscated login path file +named .mylogin.cnf created with the mysql_config_editor utility. Supports only MySQL Community Edition > v5.6.6. + +* **See also** + * https://dev.mysql.com/doc/refman/8.0/en/mysql-config-editor.html + +#### Examples + +##### + +```puppet +mysql_login_path { 'local_socket': + owner => 'root', + host => 'localhost', + user => 'root', + password => Sensitive('secure'), + socket => '/var/run/mysql/mysql.sock', + ensure => present, +} + +mysql_login_path { 'local_tcp': + owner => 'root', + host => '127.0.0.1', + user => 'root', + password => Sensitive('more_secure'), + port => 3306, + ensure => present, +} +``` + +#### Properties + +The following properties are available in the `mysql_login_path` type. + +##### `ensure` + +Data type: `Enum[present, absent]` + +Whether this resource should be present or absent on the target system. + +##### `host` + +Data type: `Optional[String]` + +Host name to be entered into the login path. + +##### `password` + +Data type: `Optional[Sensitive[String[1]]]` + +Password to be entered into login path + +##### `port` + +Data type: `Optional[Integer[0,65535]]` + +Port number to be entered into login path. + +##### `socket` + +Data type: `Optional[String]` + +Socket path to be entered into login path + +##### `user` + +Data type: `Optional[String]` + +Username to be entered into the login path. + +#### Parameters + +The following parameters are available in the `mysql_login_path` type. + +* [`name`](#name) +* [`owner`](#owner) + +##### <a name="name"></a>`name` + +namevar + +Data type: `String` + +Name of the login path you want to manage. + +##### <a name="owner"></a>`owner` + +namevar + +Data type: `String` + +The user to whom the logon path should belong. + +Default value: `root` + +### <a name="mysql_plugin"></a>`mysql_plugin` Manage MySQL plugins. @@ -1133,15 +1394,15 @@ ##### `ensure` -Valid values: present, absent +Valid values: `present`, `absent` The basic property that the resource should be in. -Default value: present +Default value: `present` ##### `soname` -Valid values: %r{^\w+\.\w+$} +Valid values: `%r{^\w+\.\w+$}` The name of the library @@ -1149,13 +1410,21 @@ The following parameters are available in the `mysql_plugin` type. -##### `name` +* [`name`](#name) +* [`provider`](#provider) + +##### <a name="name"></a>`name` namevar The name of the MySQL plugin to manage. -### mysql_user +##### <a name="provider"></a>`provider` + +The specific backend to use for this `mysql_plugin` resource. You will seldom need to specify this --- Puppet will +usually discover the appropriate provider for your platform. + +### <a name="mysql_user"></a>`mysql_user` @summary Manage a MySQL user. This includes management of users password as well as privileges. @@ -1166,48 +1435,48 @@ ##### `ensure` -Valid values: present, absent +Valid values: `present`, `absent` The basic property that the resource should be in. -Default value: present - -##### `password_hash` - -Valid values: %r{\w*} - -The password hash of the user. Use mysql_password() for creating such a hash. - -##### `plugin` - -Valid values: %r{\w+} - -The authentication plugin of the user. - -##### `max_user_connections` - -Valid values: %r{\d+} - -Max concurrent connections for the user. 0 means no (or global) limit. +Default value: `present` ##### `max_connections_per_hour` -Valid values: %r{\d+} +Valid values: `%r{\d+}` Max connections per hour for the user. 0 means no (or global) limit. ##### `max_queries_per_hour` -Valid values: %r{\d+} +Valid values: `%r{\d+}` Max queries per hour for the user. 0 means no (or global) limit. ##### `max_updates_per_hour` -Valid values: %r{\d+} +Valid values: `%r{\d+}` Max updates per hour for the user. 0 means no (or global) limit. +##### `max_user_connections` + +Valid values: `%r{\d+}` + +Max concurrent connections for the user. 0 means no (or global) limit. + +##### `password_hash` + +Valid values: `%r{\w*}` + +The password hash of the user. Use mysql::password() for creating such a hash. + +##### `plugin` + +Valid values: `%r{\w+}` + +The authentication plugin of the user. + ##### `tls_options` Options to that set the TLS-related REQUIRE attributes for the user. @@ -1216,15 +1485,23 @@ The following parameters are available in the `mysql_user` type. -##### `name` +* [`name`](#name) +* [`provider`](#provider) + +##### <a name="name"></a>`name` namevar The name of the user. This uses the 'username@hostname' or username@hostname. +##### <a name="provider"></a>`provider` + +The specific backend to use for this `mysql_user` resource. You will seldom need to specify this --- Puppet will usually +discover the appropriate provider for your platform. + ## Functions -### mysql::normalise_and_deepmerge +### <a name="mysqlnormalise_and_deepmerge"></a>`mysql::normalise_and_deepmerge` Type: Ruby 4.x API @@ -1250,7 +1527,8 @@ - When there is a duplicate key that is not a hash, the key in the rightmost hash will "win." - When there are conficting uses of dashes and underscores in two keys (which mysql would otherwise equate), the rightmost style will win. -Returns: `Any` +Returns: `Any` hash +The given hash normalised ##### Examples @@ -1268,28 +1546,34 @@ Data type: `Any` - - -### mysql::password +Hash to be normalised + +### <a name="mysqlpassword"></a>`mysql::password` Type: Ruby 4.x API Hash a string as mysql's "PASSWORD()" function would do it -#### `mysql::password(String $password)` - -The mysql::password function. - -Returns: `String` hash +#### `mysql::password(Variant[String, Sensitive[String]] $password, Optional[Boolean] $sensitive)` + +Hash a string as mysql's "PASSWORD()" function would do it + +Returns: `Variant[String, Sensitive[String]]` hash The mysql password hash from the clear text password. ##### `password` -Data type: `String` +Data type: `Variant[String, Sensitive[String]]` Plain text password. -### mysql::strip_hash +##### `sensitive` + +Data type: `Optional[Boolean]` + +If the Postgresql-Passwordhash should be of Datatype Sensitive[String] + +### <a name="mysqlstrip_hash"></a>`mysql::strip_hash` Type: Ruby 4.x API @@ -1308,27 +1592,45 @@ Hash to be stripped -### mysql_password - -Type: Ruby 3.x API - -Hash a string as mysql's "PASSWORD()" function would do it - -#### `mysql_password(String $password)` +### <a name="mysql_password"></a>`mysql_password` + +Type: Ruby 4.x API + +DEPRECATED. Use the namespaced function [`mysql::password`](#mysqlpassword) instead. + +#### `mysql_password(Variant[String, Sensitive[String]] $password, Optional[Boolean] $sensitive)` The mysql_password function. -Returns: `String` the mysql password hash from the clear text password. +Returns: `Variant[String, Sensitive[String]]` The mysql password hash from the 4.x function mysql::password. ##### `password` -Data type: `String` +Data type: `Variant[String, Sensitive[String]]` Plain text password. +##### `sensitive` + +Data type: `Optional[Boolean]` + + + +## Data types + +### <a name="mysqloptions"></a>`Mysql::Options` + +Use this if you don’t want your options merged with the default options. + +Alias of + +```puppet +Hash[String, Hash] +``` + ## Tasks -### export +### <a name="export"></a>`export` Allows you to backup your database to local file. @@ -1360,7 +1662,7 @@ Path to file you want backup to -### sql +### <a name="sql"></a>`sql` Allows you to execute arbitary SQL
--- a/modules/mysql/Rakefile Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,87 +0,0 @@ -require 'puppet_litmus/rake_tasks' if Bundler.rubygems.find_name('puppet_litmus').any? -require 'puppetlabs_spec_helper/rake_tasks' -require 'puppet-syntax/tasks/puppet-syntax' -require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any? -require 'github_changelog_generator/task' if Bundler.rubygems.find_name('github_changelog_generator').any? -require 'puppet-strings/tasks' if Bundler.rubygems.find_name('puppet-strings').any? -require 'puppet_pot_generator/rake_tasks' - -def changelog_user - return unless Rake.application.top_level_tasks.include? "changelog" - returnVal = nil || JSON.load(File.read('metadata.json'))['author'] - raise "unable to find the changelog_user in .sync.yml, or the author in metadata.json" if returnVal.nil? - puts "GitHubChangelogGenerator user:#{returnVal}" - returnVal -end - -def changelog_project - return unless Rake.application.top_level_tasks.include? "changelog" - - returnVal = nil - returnVal ||= begin - metadata_source = JSON.load(File.read('metadata.json'))['source'] - metadata_source_match = metadata_source && metadata_source.match(%r{.*\/([^\/]*?)(?:\.git)?\Z}) - - metadata_source_match && metadata_source_match[1] - end - - raise "unable to find the changelog_project in .sync.yml or calculate it from the source in metadata.json" if returnVal.nil? - - puts "GitHubChangelogGenerator project:#{returnVal}" - returnVal -end - -def changelog_future_release - return unless Rake.application.top_level_tasks.include? "changelog" - returnVal = "v%s" % JSON.load(File.read('metadata.json'))['version'] - raise "unable to find the future_release (version) in metadata.json" if returnVal.nil? - puts "GitHubChangelogGenerator future_release:#{returnVal}" - returnVal -end - -PuppetLint.configuration.send('disable_relative') - -if Bundler.rubygems.find_name('github_changelog_generator').any? - GitHubChangelogGenerator::RakeTask.new :changelog do |config| - raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil? - config.user = "#{changelog_user}" - config.project = "#{changelog_project}" - config.future_release = "#{changelog_future_release}" - config.exclude_labels = ['maintenance'] - config.header = "# Change log\n\nAll notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org)." - config.add_pr_wo_labels = true - config.issues = false - config.merge_prefix = "### UNCATEGORIZED PRS; GO LABEL THEM" - config.configure_sections = { - "Changed" => { - "prefix" => "### Changed", - "labels" => ["backwards-incompatible"], - }, - "Added" => { - "prefix" => "### Added", - "labels" => ["feature", "enhancement"], - }, - "Fixed" => { - "prefix" => "### Fixed", - "labels" => ["bugfix"], - }, - } - end -else - desc 'Generate a Changelog from GitHub' - task :changelog do - raise <<EOM -The changelog tasks depends on unreleased features of the github_changelog_generator gem. -Please manually add it to your .sync.yml for now, and run `pdk update`: ---- -Gemfile: - optional: - ':development': - - gem: 'github_changelog_generator' - git: 'https://github.com/skywinder/github-changelog-generator' - ref: '20ee04ba1234e9e83eb2ffb5056e23d641c7a018' - condition: "Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2')" -EOM - end -end -
--- a/modules/mysql/checksums.json Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,128 +0,0 @@ -{ - "CHANGELOG.md": "51ff4a8d514e13206df28c486983c884", - "CODEOWNERS": "366aefdc1424442b8f864528c2e0db1d", - "CONTRIBUTING.md": "4d17f3c942e7c93d1577cc4438a231e4", - "Gemfile": "40f28a9754cf13fd15f4b8e6897c0ded", - "HISTORY.md": "6bc907f23fa327dbe21873029acc6272", - "LICENSE": "3b83ef96387f14655fc854ddc3c6bd57", - "NOTICE": "61151e454f47a0df587642c792385533", - "README.md": "10b30ee88a990f896376c3d2862b146f", - "REFERENCE.md": "ccfef8f267a428d5b77c5b76a16b61b7", - "Rakefile": "013397feeb5293cbfc9bdcbd51a02b42", - "TODO": "88ca4024a37992b46c34cb46e4ac39e6", - "distelli-manifest.yml": "5ed218d0bcbbd6bb9b8f197f836fc446", - "examples/backup.pp": "a61c6f34f153a323209faf25948737f5", - "examples/bindings.pp": "35a8387f5c55fa2e479c513a67918674", - "examples/java.pp": "0ad9de4f9f2c049642bcf08124757085", - "examples/mysql_database.pp": "107ee8793f7b4a12cfca32eddccc6bbd", - "examples/mysql_db.pp": "55d2d603f9fb8ab3c8a781d08119aa69", - "examples/mysql_grant.pp": "cd42336a6c7b2d27f5d5d6d0e310ee1a", - "examples/mysql_plugin.pp": "3be416bd610ccc563517c1378c726463", - "examples/mysql_user.pp": "ec5182bfb57a9e7a8ba44ad8aff82ac9", - "examples/perl.pp": "454f14dc4492fcf04afbe81b2776917e", - "examples/python.pp": "355a7e1ea3978a8fd290b5bc28b63808", - "examples/ruby.pp": "a6ae0381aacc5a8d2c403e606c6df0f0", - "examples/server/account_security.pp": "375442b7886c01b42fbf75a1fcb31822", - "examples/server/config.pp": "659b7c40e9b55634721b3c33a8c6da98", - "examples/server.pp": "72e22552a95b9a5e4a349dbfc13639dc", - "lib/facter/mysql_server_id.rb": "8074e28063136191d064de5bbd23d823", - "lib/facter/mysql_version.rb": "7f98eab71b47bf3546385d4f944a8d34", - "lib/facter/mysqld_version.rb": "d4db7620b989d251a2c0223b720da1c9", - "lib/puppet/functions/mysql/normalise_and_deepmerge.rb": "4e5b3d3680891be8dd421abc97057562", - "lib/puppet/functions/mysql/password.rb": "5da041193b56f44dd4c43141433ca495", - "lib/puppet/functions/mysql/strip_hash.rb": "014e9cce7d1995145fa49242d6a1430c", - "lib/puppet/parser/functions/mysql_password.rb": "c4d522919ce8d270a5d3d2ccf060ecd1", - "lib/puppet/provider/mysql.rb": "383364bcdbb716bb30e6984e8bb9f1fa", - "lib/puppet/provider/mysql_database/mysql.rb": "12e6bfef70486ed4d8a4e731bfde89fa", - "lib/puppet/provider/mysql_datadir/mysql.rb": "441a199d4239be01eaebcd529d1c3842", - "lib/puppet/provider/mysql_grant/mysql.rb": "e0a96951629bc906d45c8bc73f0d16d5", - "lib/puppet/provider/mysql_plugin/mysql.rb": "d0043d2fec34ab9d9839ecb2f5e6f494", - "lib/puppet/provider/mysql_user/mysql.rb": "4466d0241feb09fc7e60911fa068ba89", - "lib/puppet/type/mysql_database.rb": "a52d622db5cb4e9978c57d445e7d63f7", - "lib/puppet/type/mysql_datadir.rb": "003e20fbccdfabbf46e62dfbfc41781b", - "lib/puppet/type/mysql_grant.rb": "70c9d08f7a1d076d538d93b25ef5a187", - "lib/puppet/type/mysql_plugin.rb": "5786a52bf1ca04a9300831add3f4dbad", - "lib/puppet/type/mysql_user.rb": "86d77c52c8bab20a7b5e2a84e1220467", - "locales/config.yaml": "2fa67bcbae3c1f47b447359558142bb4", - "locales/ja/puppetlabs-mysql.po": "2cf26b43a97d4444f0af6e542b140a84", - "locales/puppetlabs-mysql.pot": "0bc1d574fc470daa825d2052b901f1c2", - "manifests/backup/mysqlbackup.pp": "5862b516f646ac93e4279af9997760db", - "manifests/backup/mysqldump.pp": "6c4173813af1b8416ccbb8b116539779", - "manifests/backup/xtrabackup.pp": "5e139cd43871dc6abbfbf6ef983d4bec", - "manifests/bindings/client_dev.pp": "22caac5dc87099f19e930c045bd3b8ab", - "manifests/bindings/daemon_dev.pp": "835f8b31d04dc4e274554ebc521bfae4", - "manifests/bindings/java.pp": "594bed2948731d4707837f149a6a34dc", - "manifests/bindings/perl.pp": "1db6a303f85d294e60437425d69e6e21", - "manifests/bindings/php.pp": "fd2f05eb16fb26dcb6856368b32e0d8e", - "manifests/bindings/python.pp": "6f21841a99e131cbbed991cd3b224b45", - "manifests/bindings/ruby.pp": "4e15dc048a88fff9d4dda51149444474", - "manifests/bindings.pp": "a082c3fb3bb814a0953ec7beda9f0786", - "manifests/client/install.pp": "26c737ee4b0ce3a4529dbf3368dd56d5", - "manifests/client.pp": "178235b85d2984e7b6245b3419eb9c58", - "manifests/db.pp": "74d31157579a8b41218c6d8de8149b21", - "manifests/params.pp": "04bfb819c6a3094ccbd07f2a990ba945", - "manifests/server/account_security.pp": "e8547d61232dab8399fc1c026678f0e8", - "manifests/server/backup.pp": "53a8ca17a56e8295b80a0d17836139f9", - "manifests/server/binarylog.pp": "26117dc41eb385181e9b997d98ae1758", - "manifests/server/config.pp": "0eeaf180307330258598df1723ed9374", - "manifests/server/install.pp": "e00ad8cd4292540d6556c63a82bcf923", - "manifests/server/installdb.pp": "71b17ea1661be8f30c96ffdeb0ba96e6", - "manifests/server/monitor.pp": "3303efac7f345000b5d49ce8c807a513", - "manifests/server/mysqltuner.pp": "4011f744a433063c85c55de43c3040d6", - "manifests/server/providers.pp": "1ff9ff9f003b061c3a6a184c01ca734e", - "manifests/server/root_password.pp": "56a34e41d4d1f7818675579abc76d10b", - "manifests/server/service.pp": "0e37b66b3d68d734cccf6e18c50238e2", - "manifests/server.pp": "c464de75bd973f2dbfb7f6d985f749a1", - "metadata.json": "06bc02feef5ad82ab399c2503c3c372d", - "provision.yaml": "a58ed874d86485e24cb4e13c1d37fb96", - "readmes/README_ja_JP.md": "f5adf27788eb36c2c1e19a10440f739a", - "readmes/REFERENCE_ja_JP.md": "e9df3acc508f15970e9231b58be26901", - "spec/acceptance/mysql_backup_spec.rb": "0822a52d47aa57e90faff4d8b29ea9de", - "spec/acceptance/mysql_db_spec.rb": "cedd794091296443c31dc39d1f76b7e4", - "spec/acceptance/mysql_server_spec.rb": "3fd29c2a95ceb9a576357a59ad421d0c", - "spec/acceptance/mysql_task_spec.rb": "b405660ce7cb30fd340aa54e0f4a91d5", - "spec/acceptance/types/mysql_database_spec.rb": "77775ed1c0173189e304a2e52f85977d", - "spec/acceptance/types/mysql_grant_spec.rb": "bccfd6eed611ee5c922baec05a227777", - "spec/acceptance/types/mysql_plugin_spec.rb": "5d68e4f537b1ebf9e5f61ede521e48c7", - "spec/acceptance/types/mysql_user_spec.rb": "fe70d4a4f7628c6a1a57b9a94ad6ea85", - "spec/classes/graceful_failures_spec.rb": "b87bf88de1903d81765ea2823e30b13f", - "spec/classes/mycnf_template_spec.rb": "41a4593b53d5ad9416f96d1c695efa0c", - "spec/classes/mysql_backup_mysqldump_spec.rb": "004f7675aae8a4184a3935a20bcac775", - "spec/classes/mysql_backup_xtrabackup_spec.rb": "2a615dae96572bf96e5c17627a2b4ee2", - "spec/classes/mysql_bindings_spec.rb": "cc74d765e235c986be88dc23b68bcc85", - "spec/classes/mysql_client_spec.rb": "da69cadaa56676ab232317c0b2255ec5", - "spec/classes/mysql_server_account_security_spec.rb": "fa9089b55ba0839a601e1b487d6f6958", - "spec/classes/mysql_server_backup_spec.rb": "cfc73d17d76a1ef5e27b5faf3e0f5158", - "spec/classes/mysql_server_monitor_spec.rb": "1e028eeb613ab7baa6d8ae2c9cf7366f", - "spec/classes/mysql_server_mysqltuner_spec.rb": "7fb608f515d9a0cc9efa8683fe9608e8", - "spec/classes/mysql_server_spec.rb": "b39d692016bb1bfb63c61bbc777bfbbb", - "spec/default_facts.yml": "973bd7e9b429cde3c8d45d57c2fa21ed", - "spec/defines/mysql_db_spec.rb": "fba7016688860d20891fd74f0782c54c", - "spec/functions/mysql_normalise_and_deepmerge_spec.rb": "5b6bd36462373a304e1b1628655df7e4", - "spec/functions/mysql_password_spec.rb": "1a2b0cc8ef0b8e9b71e8c9211e8a2c2f", - "spec/functions/mysql_strip_hash_spec.rb": "40c9eccc3b09ca20ed7ce35930affe21", - "spec/spec_helper.rb": "7e33941d7d52fbd6964dae2a91090c6f", - "spec/spec_helper_acceptance.rb": "7a285d6e707935349a4b37eabdb3ae2a", - "spec/spec_helper_acceptance_local.rb": "2d3ae82096bcda4929d5e8b35f850a3c", - "spec/spec_helper_local.rb": "572d87438363ac1be58a01cbcfab24c5", - "spec/unit/facter/mysql_server_id_spec.rb": "f34e0c0cba144771006cb9fbbada3e70", - "spec/unit/facter/mysql_version_spec.rb": "6733d7021877568c29c7c41bf57850b6", - "spec/unit/facter/mysqld_version_spec.rb": "b1dab6f3dddad03c8eb32478bba715f5", - "spec/unit/puppet/functions/mysql_password_spec.rb": "82214310a621f86813dee0dfecaf27ca", - "spec/unit/puppet/provider/mysql_database/mysql_spec.rb": "05ab36956e6807e9e7056b61c2de05f1", - "spec/unit/puppet/provider/mysql_plugin/mysql_spec.rb": "033d476b84e766a455b7bfd403a67c2d", - "spec/unit/puppet/provider/mysql_user/mysql_spec.rb": "fd0434a5096d7083457600e72e3eda00", - "spec/unit/puppet/type/mysql_database_spec.rb": "8e790bec45c59bc48544d7ac446b2f25", - "spec/unit/puppet/type/mysql_grant_spec.rb": "71d25d7baf50eec3172ace2372832c5e", - "spec/unit/puppet/type/mysql_plugin_spec.rb": "c4bfe6319219c10142667af520e09e2b", - "spec/unit/puppet/type/mysql_user_spec.rb": "4fce87af644041f0c5e44a5a43c21410", - "tasks/export.json": "81c6eee3500d31843221da03e75a9f7b", - "tasks/export.rb": "06686cb9e90ac679d9325c6d3a700010", - "tasks/sql.json": "f57ad96a8079e6729ff7557f9ac6fa62", - "tasks/sql.rb": "0047767443883b5a821cb4b2c5f99843", - "templates/meb.cnf.erb": "b6422b19ee97b8a2883bfac44fdc0292", - "templates/my.cnf.erb": "535d2ff37fea6b11ad928224965143d3", - "templates/my.cnf.pass.erb": "11f80afb0993a436f074a43f70733999", - "templates/mysqlbackup.sh.erb": "e08606c65a2c6e9c4f07d074e44d68fa", - "templates/xtrabackup.sh.erb": "28a85fc52f69f117177c162acb317fa6" -} \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/modules/mysql/data/common.yaml Mon Jan 03 17:16:21 2022 +0000 @@ -0,0 +1,1 @@ +--- {}
--- a/modules/mysql/distelli-manifest.yml Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,25 +0,0 @@ -team-modules/puppetlabs-mysql: - PreBuild: - - source /opt/rh/rh-ruby25/enable - - echo "--- LETS update BUNDLER ---" - - bundle install --path vendor/bundle --jobs 3 - Build: - - echo "--- PROVISIONING ---" - - source /opt/rh/rh-ruby25/enable - - bundle exec rake litmus:provision_list[release_checks] - - cat inventory.yaml - - echo "--- AGENT INSTALLATION ---" - - bundle exec rake litmus:install_agent - - echo "--- MODULE INSTALLATION ---" - - bundle exec rake litmus:install_module - - echo "--- TESTS RUNNING ---" - - bundle exec rake litmus:acceptance:parallel - AfterBuildSuccess: - - source /opt/rh/rh-ruby25/enable - - bundle exec rake litmus:tear_down - AfterBuildFailure: - - source /opt/rh/rh-ruby25/enable - - bundle exec rake litmus:tear_down - CommitData: - - RepoType: Git - - RepoPath: .
--- a/modules/mysql/examples/backup.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/examples/backup.pp Mon Jan 03 17:16:21 2022 +0000 @@ -1,5 +1,5 @@ class { 'mysql::server': - root_password => 'password' + root_password => 'password', } class { 'mysql::server::backup':
--- a/modules/mysql/examples/java.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/examples/java.pp Mon Jan 03 17:16:21 2022 +0000 @@ -1,1 +1,1 @@ -class { 'mysql::java':} +class { 'mysql::java': }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/modules/mysql/examples/monitor.pp Mon Jan 03 17:16:21 2022 +0000 @@ -0,0 +1,20 @@ +# @summary +# Add a monitoring user to the database + +$mysql_monitor_password = 'password' +$mysql_monitor_username = 'monitoring' +$mysql_monitor_hostname = $::facts['networking']['hostname'] + +mysql_user { "${mysql_monitor_username}@${mysql_monitor_hostname}": + ensure => present, + password_hash => mysql::password($mysql_monitor_password), + require => Class['mysql::server::service'], +} + +mysql_grant { "${mysql_monitor_username}@${mysql_monitor_hostname}/*.*": + ensure => present, + user => "${mysql_monitor_username}@${mysql_monitor_hostname}", + table => '*.*', + privileges => ['PROCESS', 'SUPER'], + require => Mysql_user["${mysql_monitor_username}@${mysql_monitor_hostname}"], +}
--- a/modules/mysql/examples/mysql_database.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/examples/mysql_database.pp Mon Jan 03 17:16:21 2022 +0000 @@ -1,16 +1,16 @@ class { 'mysql::server': - root_password => 'password' + root_password => 'password', } -mysql::db{ ['test1', 'test2', 'test3']: +mysql::db { ['test1', 'test2', 'test3']: ensure => present, charset => 'utf8', require => Class['mysql::server'], } -mysql::db{ 'test4': +mysql::db { 'test4': ensure => present, charset => 'latin1', } -mysql::db{ 'test5': +mysql::db { 'test5': ensure => present, charset => 'binary', collate => 'binary',
--- a/modules/mysql/examples/mysql_db.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/examples/mysql_db.pp Mon Jan 03 17:16:21 2022 +0000 @@ -1,5 +1,5 @@ class { 'mysql::server': - root_password => 'password' + root_password => 'password', } mysql::db { 'mydb': user => 'myuser',
--- a/modules/mysql/examples/mysql_grant.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/examples/mysql_grant.pp Mon Jan 03 17:16:21 2022 +0000 @@ -1,4 +1,4 @@ -mysql_grant{'test1@localhost/redmine.*': +mysql_grant { 'test1@localhost/redmine.*': user => 'test1@localhost', table => 'redmine.*', privileges => ['UPDATE'],
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/modules/mysql/examples/mysql_login_path.pp Mon Jan 03 17:16:21 2022 +0000 @@ -0,0 +1,64 @@ +# Debian MySQL Commiunity Server 8.0 +include apt +apt::source { 'repo.mysql.com': + location => 'http://repo.mysql.com/apt/debian', + release => $::lsbdistcodename, + repos => 'mysql-8.0', + key => { + id => 'A4A9406876FCBD3C456770C88C718D3B5072E1F5', + server => 'hkp://keyserver.ubuntu.com:80', + }, + include => { + src => false, + deb => true, + }, + notify => Exec['apt-get update'], +} +exec { 'apt-get update': + path => '/usr/bin:/usr/sbin:/bin:/sbin', + refreshonly => true, +} + +$root_pw = 'password' +class { 'mysql::server': + root_password => $root_pw, + service_name => 'mysql', + package_name => 'mysql-community-server', + create_root_my_cnf => false, + require => [ + Apt::Source['repo.mysql.com'], + Exec['apt-get update'] + ], + notify => Mysql_login_path['client'], +} + +class { 'mysql::client': + package_manage => false, + package_name => 'mysql-community-client', + require => Class['::mysql::server'], +} + +mysql_login_path { 'client': + ensure => present, + host => 'localhost', + user => 'root', + password => Sensitive($root_pw), + socket => '/var/run/mysqld/mysqld.sock', + owner => root, +} + +mysql_login_path { 'local_dan': + ensure => present, + host => '127.0.0.1', + user => 'dan', + password => Sensitive('blah'), + port => 3306, + owner => root, + require => Class['::mysql::server'], +} + +mysql_user { 'dan@localhost': + ensure => present, + password_hash => mysql::password('blah'), + require => Mysql_login_path['client'], +}
--- a/modules/mysql/examples/mysql_plugin.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/examples/mysql_plugin.pp Mon Jan 03 17:16:21 2022 +0000 @@ -1,9 +1,9 @@ class { 'mysql::server': - root_password => 'password' + root_password => 'password', } $validate_password_soname = $::osfamily ? { - windows => 'validate_password.dll', + 'windows' => 'validate_password.dll', default => 'validate_password.so' } @@ -13,7 +13,7 @@ } $auth_socket_soname = $::osfamily ? { - windows => 'auth_socket.dll', + 'windows' => 'auth_socket.dll', default => 'auth_socket.so' }
--- a/modules/mysql/examples/mysql_user.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/examples/mysql_user.pp Mon Jan 03 17:16:21 2022 +0000 @@ -4,28 +4,28 @@ root_password => 'password', } -mysql_user{ 'redmine@localhost': +mysql_user { 'redmine@localhost': ensure => present, password_hash => mysql::password('redmine'), require => Class['mysql::server'], } -mysql_user{ 'dan@localhost': +mysql_user { 'dan@localhost': ensure => present, - password_hash => mysql::password('blah') + password_hash => mysql::password('blah'), } -mysql_user{ 'dan@%': +mysql_user { 'dan@%': ensure => present, password_hash => mysql::password('blah'), } -mysql_user{ 'socketplugin@%': +mysql_user { 'socketplugin@%': ensure => present, plugin => 'unix_socket', } -mysql_user{ 'socketplugin@%': +mysql_user { 'socketplugin@%': ensure => present, password_hash => mysql::password('blah'), plugin => 'mysql_native_password',
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/modules/mysql/examples/mysqltuner.pp Mon Jan 03 17:16:21 2022 +0000 @@ -0,0 +1,12 @@ +# @summary +# Manage the MySQLTuner package. + +$version = 'v1.3.0' + +file { '/usr/local/bin/mysqltuner': + ensure => 'file', + owner => 'root', + group => 'root', + mode => '0550', + source => "https://github.com/major/MySQLTuner-perl/raw/${version}/mysqltuner.pl", +}
--- a/modules/mysql/examples/python.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/examples/python.pp Mon Jan 03 17:16:21 2022 +0000 @@ -1,1 +1,1 @@ -class { 'mysql::bindings::python':} +class { 'mysql::bindings::python': }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/modules/mysql/examples/rh-mysql80-server.pp Mon Jan 03 17:16:21 2022 +0000 @@ -0,0 +1,22 @@ +file { '/etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-SCLo': + source => 'https://raw.githubusercontent.com/sclorg/centos-release-scl/master/centos-release-scl/RPM-GPG-KEY-CentOS-SIG-SCLo', +} + +yumrepo { 'centos-sclo-rh': + ensure => present, + name => 'CentOS-SCLo-scl-rh', + enabled => true, + baseurl => 'http://mirror.centos.org/centos/7/sclo/$basearch/rh/', + mirrorlist => 'http://mirrorlist.centos.org?arch=$basearch&release=7&repo=sclo-rh', + descr => 'CentOS-7 - SCLo rh', + gpgcheck => true, + gpgkey => 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-SCLo', +} +class { 'mysql::server': + package_name => 'rh-mysql80', + package_ensure => 'installed', + service_name => 'rh-mysql80-mysqld', + config_file => '/etc/my.cnf', + includedir => '/etc/my.cnf.d', + options => { mysqld => { log_error => '/var/log/mysqld.log', datadir => '/var/lib/mysql' } }, +}
--- a/modules/mysql/examples/server/config.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/examples/server/config.pp Mon Jan 03 17:16:21 2022 +0000 @@ -1,3 +1,2 @@ mysql::server::config { 'testfile': - }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/modules/mysql/hiera.yaml Mon Jan 03 17:16:21 2022 +0000 @@ -0,0 +1,21 @@ +--- +version: 5 + +defaults: # Used for any hierarchy level that omits these keys. + datadir: data # This path is relative to hiera.yaml's directory. + data_hash: yaml_data # Use the built-in YAML backend. + +hierarchy: + - name: "osfamily/major release" + paths: + # Used to distinguish between Debian and Ubuntu + - "os/%{facts.os.name}/%{facts.os.release.major}.yaml" + - "os/%{facts.os.family}/%{facts.os.release.major}.yaml" + # Used for Solaris + - "os/%{facts.os.family}/%{facts.kernelrelease}.yaml" + - name: "osfamily" + paths: + - "os/%{facts.os.name}.yaml" + - "os/%{facts.os.family}.yaml" + - name: 'common' + path: 'common.yaml'
--- a/modules/mysql/lib/facter/mysql_server_id.rb Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/lib/facter/mysql_server_id.rb Mon Jan 03 17:16:21 2022 +0000 @@ -1,5 +1,16 @@ +# frozen_string_literal: true + def mysql_id_get - Facter.value(:macaddress).split(':')[2..-1].reduce(0) { |total, value| (total << 6) + value.hex } + # Convert the existing mac to an integer + macval = Facter.value(:macaddress).delete(':').to_i(16) + + # Valid range is from 1 - 4294967295 for replication hosts. + # We can not guarantee a fully unique value, this reduces the + # full mac value down to into that number space. + # + # The -1/+1 ensures that we keep above 1 if we get unlucky + # enough to hit a mac address that evenly divides. + (macval % (4_294_967_295 - 1)) + 1 end Facter.add('mysql_server_id') do
--- a/modules/mysql/lib/facter/mysql_version.rb Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/lib/facter/mysql_version.rb Mon Jan 03 17:16:21 2022 +0000 @@ -1,3 +1,5 @@ +# frozen_string_literal: true + Facter.add('mysql_version') do confine { Facter::Core::Execution.which('mysql') } setcode do
--- a/modules/mysql/lib/facter/mysqld_version.rb Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/lib/facter/mysqld_version.rb Mon Jan 03 17:16:21 2022 +0000 @@ -1,3 +1,5 @@ +# frozen_string_literal: true + Facter.add('mysqld_version') do confine { Facter::Core::Execution.which('mysqld') } setcode do
--- a/modules/mysql/lib/puppet/functions/mysql/normalise_and_deepmerge.rb Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/lib/puppet/functions/mysql/normalise_and_deepmerge.rb Mon Jan 03 17:16:21 2022 +0000 @@ -1,5 +1,6 @@ -# @summary Recursively merges two or more hashes together, normalises keys with differing use of dashesh and underscores, -# then returns the resulting hash. +# frozen_string_literal: true + +# @summary Recursively merges two or more hashes together, normalises keys with differing use of dashes and underscores. # # @example # $hash1 = {'one' => 1, 'two' => 2, 'three' => { 'four' => 4 } } @@ -13,6 +14,12 @@ # - When there are conficting uses of dashes and underscores in two keys (which mysql would otherwise equate), the rightmost style will win. # Puppet::Functions.create_function(:'mysql::normalise_and_deepmerge') do + # @param args + # Hash to be normalised + # + # @return hash + # The given hash normalised + # def normalise_and_deepmerge(*args) if args.length < 2 raise Puppet::ParseError, _('mysql::normalise_and_deepmerge(): wrong number of arguments (%{args_length}; must be at least 2)') % { args_length: args.length } @@ -39,7 +46,7 @@ def normalized?(hash, key) return true if hash.key?(key) - return false unless key =~ %r{-|_} + return false unless %r{-|_}.match?(key) other_key = key.include?('-') ? key.tr('-', '_') : key.tr('_', '-') return false unless hash.key?(other_key) hash[key] = hash.delete(other_key)
--- a/modules/mysql/lib/puppet/functions/mysql/password.rb Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/lib/puppet/functions/mysql/password.rb Mon Jan 03 17:16:21 2022 +0000 @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'digest/sha1' # @summary # Hash a string as mysql's "PASSWORD()" function would do it @@ -5,18 +7,35 @@ Puppet::Functions.create_function(:'mysql::password') do # @param password # Plain text password. + # @param sensitive + # If the Postgresql-Passwordhash should be of Datatype Sensitive[String] # # @return hash # The mysql password hash from the clear text password. # dispatch :password do - required_param 'String', :password - return_type 'String' + required_param 'Variant[String, Sensitive[String]]', :password + optional_param 'Boolean', :sensitive + return_type 'Variant[String, Sensitive[String]]' end - def password(password) - return '' if password.empty? - return password if password =~ %r{\*[A-F0-9]{40}$} - '*' + Digest::SHA1.hexdigest(Digest::SHA1.digest(password)).upcase + def password(password, sensitive = false) + if password.is_a?(Puppet::Pops::Types::PSensitiveType::Sensitive) + password = password.unwrap + end + + result_string = if %r{\*[A-F0-9]{40}$}.match?(password) + password + elsif password.empty? + '' + else + '*' + Digest::SHA1.hexdigest(Digest::SHA1.digest(password)).upcase + end + + if sensitive + Puppet::Pops::Types::PSensitiveType::Sensitive.new(result_string) + else + result_string + end end end
--- a/modules/mysql/lib/puppet/functions/mysql/strip_hash.rb Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/lib/puppet/functions/mysql/strip_hash.rb Mon Jan 03 17:16:21 2022 +0000 @@ -1,3 +1,5 @@ +# frozen_string_literal: true + # @summary # When given a hash this function strips out all blank entries. #
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/modules/mysql/lib/puppet/functions/mysql_password.rb Mon Jan 03 17:16:21 2022 +0000 @@ -0,0 +1,20 @@ +# frozen_string_literal: true + +# @summary DEPRECATED. Use the namespaced function [`mysql::password`](#mysqlpassword) instead. +Puppet::Functions.create_function(:mysql_password) do + # @param password + # Plain text password. + # + # @return + # The mysql password hash from the 4.x function mysql::password. + dispatch :mysql_password do + required_param 'Variant[String, Sensitive[String]]', :password + optional_param 'Boolean', :sensitive + return_type 'Variant[String, Sensitive[String]]' + end + + def mysql_password(password, sensitive = false) + call_function('deprecation', 'mysql_password', "This method has been deprecated, please use the namespaced version 'mysql::password' instead.") + call_function('mysql::password', password, sensitive) + end +end
--- a/modules/mysql/lib/puppet/parser/functions/mysql_password.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,21 +0,0 @@ -require 'digest/sha1' -module Puppet::Parser::Functions - newfunction(:mysql_password, type: :rvalue, doc: <<-EOS - @summary - Hash a string as mysql's "PASSWORD()" function would do it - - @param [String] password Plain text password. - - @return [String] the mysql password hash from the clear text password. - EOS - ) do |args| - - if args.size != 1 - raise Puppet::ParseError, _('mysql_password(): Wrong number of arguments given (%{args_length} for 1)') % { args_length: args.length } - end - - return '' if args[0].empty? - return args[0] if args[0] =~ %r{\*[A-F0-9]{40}$} - '*' + Digest::SHA1.hexdigest(Digest::SHA1.digest(args[0])).upcase - end -end
--- a/modules/mysql/lib/puppet/provider/mysql.rb Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/lib/puppet/provider/mysql.rb Mon Jan 03 17:16:21 2022 +0000 @@ -1,3 +1,5 @@ +# frozen_string_literal: true + # Puppet provider for mysql class Puppet::Provider::Mysql < Puppet::Provider # Without initvars commands won't work. @@ -13,6 +15,8 @@ '/opt/rh/rh-mysql56/root/usr/lib64', '/opt/rh/rh-mysql57/root/usr/lib', '/opt/rh/rh-mysql57/root/usr/lib64', + '/opt/rh/rh-mysql80/root/usr/lib', + '/opt/rh/rh-mysql80/root/usr/lib64', '/opt/rh/rh-mariadb100/root/usr/lib', '/opt/rh/rh-mariadb100/root/usr/lib64', '/opt/rh/rh-mariadb101/root/usr/lib', @@ -67,10 +71,10 @@ end def self.mysqld_version - # note: be prepared for '5.7.6-rc-log' etc results + # NOTE: be prepared for '5.7.6-rc-log' etc results # versioncmp detects 5.7.6-log to be newer then 5.7.6 # this is why we need the trimming. - mysqld_version_string.scan(%r{\d+\.\d+\.\d+}).first unless mysqld_version_string.nil? + mysqld_version_string&.scan(%r{\d+\.\d+\.\d+})&.first end def mysqld_version @@ -78,7 +82,7 @@ end def self.newer_than(forks_versions) - forks_versions.keys.include?(mysqld_type) && Puppet::Util::Package.versioncmp(mysqld_version, forks_versions[mysqld_type]) >= 0 + forks_versions.key?(mysqld_type) && Puppet::Util::Package.versioncmp(mysqld_version, forks_versions[mysqld_type]) >= 0 end def newer_than(forks_versions) @@ -86,7 +90,7 @@ end def self.older_than(forks_versions) - forks_versions.keys.include?(mysqld_type) && Puppet::Util::Package.versioncmp(mysqld_version, forks_versions[mysqld_type]) < 0 + forks_versions.key?(mysqld_type) && Puppet::Util::Package.versioncmp(mysqld_version, forks_versions[mysqld_type]) < 0 end def older_than(forks_versions) @@ -101,16 +105,16 @@ if type.eql? 'system' if File.file?("#{Facter.value(:root_home)}/.mylogin.cnf") ENV['MYSQL_TEST_LOGIN_FILE'] = "#{Facter.value(:root_home)}/.mylogin.cnf" - mysql_raw([system_database, '-e', text_of_sql].flatten.compact) + mysql_raw([system_database, '-e', text_of_sql].flatten.compact).scrub else - mysql_raw([defaults_file, system_database, '-e', text_of_sql].flatten.compact) + mysql_raw([defaults_file, system_database, '-e', text_of_sql].flatten.compact).scrub end elsif type.eql? 'regular' if File.file?("#{Facter.value(:root_home)}/.mylogin.cnf") ENV['MYSQL_TEST_LOGIN_FILE'] = "#{Facter.value(:root_home)}/.mylogin.cnf" - mysql_raw(['-NBe', text_of_sql].flatten.compact) + mysql_raw(['-NBe', text_of_sql].flatten.compact).scrub else - mysql_raw([defaults_file, '-NBe', text_of_sql].flatten.compact) + mysql_raw([defaults_file, '-NBe', text_of_sql].flatten.compact).scrub end else raise Puppet::Error, _("#mysql_caller: Unrecognised type '%{type}'" % { type: type }) @@ -141,7 +145,7 @@ table_string = '' # We can't escape *.* so special case this. - table_string << if table == '*.*' + table_string += if table == '*.*' '*.*' # Special case also for FUNCTIONs and PROCEDUREs elsif table.start_with?('FUNCTION ', 'PROCEDURE ') @@ -156,7 +160,7 @@ return 'ALL PRIVILEGES' if privileges.include?('ALL') priv_string = '' privileges.each do |priv| - priv_string << "#{priv}, " + priv_string += "#{priv}, " end # Remove trailing , from the last element. priv_string.sub(%r{, $}, '') @@ -166,7 +170,7 @@ def self.cmd_options(options) option_string = '' options.each do |opt| - option_string << ' WITH GRANT OPTION' if opt == 'GRANT' + option_string += ' WITH GRANT OPTION' if opt == 'GRANT' end option_string end
--- a/modules/mysql/lib/puppet/provider/mysql_database/mysql.rb Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/lib/puppet/provider/mysql_database/mysql.rb Mon Jan 03 17:16:21 2022 +0000 @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require File.expand_path(File.join(File.dirname(__FILE__), '..', 'mysql')) Puppet::Type.type(:mysql_database).provide(:mysql, parent: Puppet::Provider::Mysql) do desc 'Manages MySQL databases.' @@ -22,7 +24,7 @@ # the contents of the property_hash generated by self.instances def self.prefetch(resources) databases = instances - resources.keys.each do |database| + resources.each_key do |database| provider = databases.find { |db| db.name == database } resources[database].provider = provider if provider end
--- a/modules/mysql/lib/puppet/provider/mysql_datadir/mysql.rb Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/lib/puppet/provider/mysql_datadir/mysql.rb Mon Jan 03 17:16:21 2022 +0000 @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require File.expand_path(File.join(File.dirname(__FILE__), '..', 'mysql')) Puppet::Type.type(:mysql_datadir).provide(:mysql, parent: Puppet::Provider::Mysql) do desc 'manage data directories for mysql instances' @@ -9,6 +11,8 @@ ENV['PATH'], '/usr/libexec', '/usr/share/mysql/scripts', + '/opt/rh/rh-mysql80/root/usr/bin', + '/opt/rh/rh-mysql80/root/usr/libexec', '/opt/rh/rh-mysql57/root/usr/bin', '/opt/rh/rh-mysql57/root/usr/libexec', '/opt/rh/rh-mysql56/root/usr/bin',
--- a/modules/mysql/lib/puppet/provider/mysql_grant/mysql.rb Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/lib/puppet/provider/mysql_grant/mysql.rb Mon Jan 03 17:16:21 2022 +0000 @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require File.expand_path(File.join(File.dirname(__FILE__), '..', 'mysql')) Puppet::Type.type(:mysql_grant).provide(:mysql, parent: Puppet::Provider::Mysql) do desc 'Set grants for users in MySQL.' @@ -17,7 +19,7 @@ # Default root user created by mysql_install_db on a host with fqdn # of myhost.mydomain.my: root@myhost.mydomain.my, when MySQL is started # with --skip-name-resolve. - next if e.inspect =~ %r{There is no such grant defined for user} + next if %r{There is no such grant defined for user}.match?(e.inspect) raise Puppet::Error, _('#mysql had an error -> %{inspect}') % { inspect: e.inspect } end # Once we have the list of grants generate entries for each. @@ -43,8 +45,15 @@ (priv == 'ALL PRIVILEGES') ? 'ALL' : priv.strip end end + sorted_privileges = stripped_privileges.sort + if newer_than('mysql' => '8.0.0') && sorted_privileges == ['ALTER', 'ALTER ROUTINE', 'CREATE', 'CREATE ROLE', 'CREATE ROUTINE', 'CREATE TABLESPACE', 'CREATE TEMPORARY TABLES', 'CREATE USER', + 'CREATE VIEW', 'DELETE', 'DROP', 'DROP ROLE', 'EVENT', 'EXECUTE', 'FILE', 'INDEX', 'INSERT', 'LOCK TABLES', 'PROCESS', 'REFERENCES', + 'RELOAD', 'REPLICATION CLIENT', 'REPLICATION SLAVE', 'SELECT', 'SHOW DATABASES', 'SHOW VIEW', 'SHUTDOWN', 'SUPER', 'TRIGGER', + 'UPDATE'] + sorted_privileges = ['ALL'] + end # Same here, but to remove OPTION leaving just GRANT. - options = if rest =~ %r{WITH\sGRANT\sOPTION} + options = if %r{WITH\sGRANT\sOPTION}.match?(rest) ['GRANT'] else ['NONE'] @@ -55,7 +64,7 @@ instances << new( name: "#{user}@#{host}/#{table}", ensure: :present, - privileges: stripped_privileges.sort, + privileges: sorted_privileges, table: table, user: "#{user}@#{host}", options: options, @@ -67,7 +76,7 @@ def self.prefetch(resources) users = instances - resources.keys.each do |name| + resources.each_key do |name| if provider = users.find { |user| user.name == name } # rubocop:disable Lint/AssignmentInCondition resources[name].provider = provider end @@ -79,9 +88,9 @@ priv_string = self.class.cmd_privs(privileges) table_string = privileges.include?('PROXY') ? self.class.cmd_user(table) : self.class.cmd_table(table) query = "GRANT #{priv_string}" - query << " ON #{table_string}" - query << " TO #{user_string}" - query << self.class.cmd_options(options) unless options.nil? + query += " ON #{table_string}" + query += " TO #{user_string}" + query += self.class.cmd_options(options) unless options.nil? self.class.mysql_caller(query, 'system') end
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/modules/mysql/lib/puppet/provider/mysql_login_path/inifile.rb Mon Jan 03 17:16:21 2022 +0000 @@ -0,0 +1,643 @@ +# encoding: UTF-8 +# frozen_string_literal: true + +# See: https://github.com/puppetlabs/puppet/blob/main/lib/puppet/util/inifile.rb +# This class represents the INI file and can be used to parse, modify, +# and write INI files. +class Puppet::Provider::MysqlLoginPath::IniFile < Puppet::Provider + include Enumerable + + class Error < StandardError; end + # VERSION = '3.0.0' + + # Public: Open an INI file and load the contents. + # + # filename - The name of the file as a String + # opts - The Hash of options (default: {}) + # :comment - String containing the comment character(s) + # :parameter - String used to separate parameter and value + # :encoding - Encoding String for reading / writing + # :default - The String name of the default global section + # + # Examples + # + # IniFile.load('file.ini') + # #=> IniFile instance + # + # IniFile.load('does/not/exist.ini') + # #=> nil + # + # Returns an IniFile instance or nil if the file could not be opened. + def self.load(filename, opts = {}) + return unless File.file? filename + new(opts.merge(filename: filename)) + end + + # Get and set the filename + attr_accessor :filename + + # Get and set the encoding + attr_accessor :encoding + + # Public: Create a new INI file from the given set of options. If :content + # is provided then it will be used to populate the INI file. If a :filename + # is provided then the contents of the file will be parsed and stored in the + # INI file. If neither the :content or :filename is provided then an empty + # INI file is created. + # + # opts - The Hash of options (default: {}) + # :content - The String/Hash containing the INI contents + # :comment - String containing the comment character(s) + # :parameter - String used to separate parameter and value + # :encoding - Encoding String for reading / writing + # :default - The String name of the default global section + # :filename - The filename as a String + # + # Examples + # + # IniFile.new + # #=> an empty IniFile instance + # + # IniFile.new( :content => "[global]\nfoo=bar" ) + # #=> an IniFile instance + # + # IniFile.new( :filename => 'file.ini', :encoding => 'UTF-8' ) + # #=> an IniFile instance + # + # IniFile.new( :content => "[global]\nfoo=bar", :comment => '#' ) + # #=> an IniFile instance + # + def initialize(opts = {}) + super + + @comment = opts.fetch(:comment, ';#') + @param = opts.fetch(:parameter, '=') + @encoding = opts.fetch(:encoding, nil) + @default = opts.fetch(:default, 'global') + @filename = opts.fetch(:filename, nil) + content = opts.fetch(:content, nil) + + @ini = Hash.new { |h, k| h[k] = {} } + + if content.is_a?(Hash) then merge!(content) + elsif content then parse(content) + elsif @filename then read + end + end + + # Public: Write the contents of this IniFile to the file system. If left + # unspecified, the currently configured filename and encoding will be used. + # Otherwise the filename and encoding can be specified in the options hash. + # + # opts - The default options Hash + # :filename - The filename as a String + # :encoding - The encoding as a String + # + # Returns this IniFile instance. + def write(opts = {}) + filename = opts.fetch(:filename, @filename) + encoding = opts.fetch(:encoding, @encoding) + mode = encoding ? "w:#{encoding}" : 'w' + + File.open(filename, mode) do |f| + @ini.each do |section, hash| + f.puts "[#{section}]" + hash.each { |param, val| f.puts "#{param} #{@param} #{escape_value val}" } + f.puts + end + end + + self + end + alias save write + + # Public: Read the contents of the INI file from the file system and replace + # and set the state of this IniFile instance. If left unspecified the + # currently configured filename and encoding will be used when reading from + # the file system. Otherwise the filename and encoding can be specified in + # the options hash. + # + # opts - The default options Hash + # :filename - The filename as a String + # :encoding - The encoding as a String + # + # Returns this IniFile instance if the read was successful; nil is returned + # if the file could not be read. + def read(opts = {}) + filename = opts.fetch(:filename, @filename) + encoding = opts.fetch(:encoding, @encoding) + return unless File.file? filename + + mode = encoding ? "r:#{encoding}" : 'r' + File.open(filename, mode) { |fd| parse fd } + self + end + alias restore read + + # Returns this IniFile converted to a String. + def to_s + s = [] + @ini.each do |section, hash| + s << "[#{section}]" + hash.each { |param, val| s << "#{param} #{@param} #{escape_value val}" } + s << '' + end + s.join("\n") + end + + # Returns this IniFile converted to a Hash. + def to_h + @ini.dup + end + + # Public: Creates a copy of this inifile with the entries from the + # other_inifile merged into the copy. + # + # other - The other IniFile. + # + # Returns a new IniFile. + def merge(other) + dup.merge!(other) + end + + # Public: Merges other_inifile into this inifile, overwriting existing + # entries. Useful for having a system inifile with user overridable settings + # elsewhere. + # + # other - The other IniFile. + # + # Returns this IniFile. + def merge!(other) + return self if other.nil? + + my_keys = @ini.keys + other_keys = case other + when IniFile + other.instance_variable_get(:@ini).keys + when Hash + other.keys + else + raise Error, "cannot merge contents from '#{other.class.name}'" + end + + (my_keys & other_keys).each do |key| + case other[key] + when Hash + @ini[key].merge!(other[key]) + when nil + nil + else + raise Error, "cannot merge section #{key.inspect} - unsupported type: #{other[key].class.name}" + end + end + + (other_keys - my_keys).each do |key| + @ini[key] = case other[key] + when Hash + other[key].dup + when nil + {} + else + raise Error, "cannot merge section #{key.inspect} - unsupported type: #{other[key].class.name}" + end + end + + self + end + + # Public: Yield each INI file section, parameter, and value in turn to the + # given block. + # + # block - The block that will be iterated by the each method. The block will + # be passed the current section and the parameter/value pair. + # + # Examples + # + # inifile.each do |section, parameter, value| + # puts "#{parameter} = #{value} [in section - #{section}]" + # end + # + # Returns this IniFile. + def each + return unless block_given? + @ini.each do |section, hash| + hash.each do |param, val| + yield section, param, val + end + end + self + end + + # Public: Yield each section in turn to the given block. + # + # block - The block that will be iterated by the each method. The block will + # be passed the current section as a Hash. + # + # Examples + # + # inifile.each_section do |section| + # puts section.inspect + # end + # + # Returns this IniFile. + def each_section + return unless block_given? + @ini.each_key { |section| yield section } + self + end + + # Public: Remove a section identified by name from the IniFile. + # + # section - The section name as a String. + # + # Returns the deleted section Hash. + def delete_section(section) + @ini.delete section.to_s + end + + # Public: Get the section Hash by name. If the section does not exist, then + # it will be created. + # + # section - The section name as a String. + # + # Examples + # + # inifile['global'] + # #=> global section Hash + # + # Returns the Hash of parameter/value pairs for this section. + def [](section) + return nil if section.nil? + @ini[section.to_s] + end + + # Public: Set the section to a hash of parameter/value pairs. + # + # section - The section name as a String. + # value - The Hash of parameter/value pairs. + # + # Examples + # + # inifile['tenderloin'] = { 'gritty' => 'yes' } + # #=> { 'gritty' => 'yes' } + # + # Returns the value Hash. + def []=(section, value) + @ini[section.to_s] = value + end + + # Public: Create a Hash containing only those INI file sections whose names + # match the given regular expression. + # + # regex - The Regexp used to match section names. + # + # Examples + # + # inifile.match(/^tree_/) + # #=> Hash of matching sections + # + # Return a Hash containing only those sections that match the given regular + # expression. + def match(regex) + @ini.dup.delete_if { |section, _| section !~ regex } + end + + # Public: Check to see if the IniFile contains the section. + # + # section - The section name as a String. + # + # Returns true if the section exists in the IniFile. + def section?(section) + @ini.key? section.to_s + end + + # Returns an Array of section names contained in this IniFile. + def sections + @ini.keys + end + + # Public: Freeze the state of this IniFile object. Any attempts to change + # the object will raise an error. + # + # Returns this IniFile. + def freeze + super + @ini.each_value { |h| h.freeze } + @ini.freeze + self + end + + # Public: Mark this IniFile as tainted -- this will traverse each section + # marking each as tainted. + # + # Returns this IniFile. + def taint + super + @ini.each_value { |h| h.taint } + @ini.taint + self + end + + # Public: Produces a duplicate of this IniFile. The duplicate is independent + # of the original -- i.e. the duplicate can be modified without changing the + # original. The tainted state of the original is copied to the duplicate. + # + # Returns a new IniFile. + def dup + other = super + other.instance_variable_set(:@ini, Hash.new { |h, k| h[k] = {} }) + @ini.each_pair { |s, h| other[s].merge! h } + other.taint if tainted? + other + end + + # Public: Produces a duplicate of this IniFile. The duplicate is independent + # of the original -- i.e. the duplicate can be modified without changing the + # original. The tainted state and the frozen state of the original is copied + # to the duplicate. + # + # Returns a new IniFile. + def clone + other = dup + other.freeze if frozen? + other + end + + # Public: Compare this IniFile to some other IniFile. For two INI files to + # be equivalent, they must have the same sections with the same parameter / + # value pairs in each section. + # + # other - The other IniFile. + # + # Returns true if the INI files are equivalent and false if they differ. + def eql?(other) + return true if equal? other + return false unless other.instance_of? self.class + @ini == other.instance_variable_get(:@ini) + end + alias == eql? + + # Escape special characters. + # + # value - The String value to escape. + # + # Returns the escaped value. + def escape_value(value) + value = value.to_s.dup + value.gsub!(%r{\\([0nrt])}, '\\\\\1') + value.gsub!(%r{\n}, '\n') + value.gsub!(%r{\r}, '\r') + value.gsub!(%r{\t}, '\t') + value.gsub!(%r{\0}, '\0') + value + end + + # Parse the given content and store the information in this IniFile + # instance. All data will be cleared out and replaced with the information + # read from the content. + # + # content - A String or a file descriptor (must respond to `each_line`) + # + # Returns this IniFile. + def parse(content) + parser = Parser.new(@ini, @param, @comment, @default) + parser.parse(content) + self + end + + # The IniFile::Parser has the responsibility of reading the contents of an + # .ini file and storing that information into a ruby Hash. The object being + # parsed must respond to `each_line` - this includes Strings and any IO + # object. + class Parser + attr_writer :section + attr_accessor :property + attr_accessor :value + + # Create a new IniFile::Parser that can be used to parse the contents of + # an .ini file. + # + # hash - The Hash where parsed information will be stored + # param - String used to separate parameter and value + # comment - String containing the comment character(s) + # default - The String name of the default global section + # + def initialize(hash, param, comment, default) + @hash = hash + @default = default + + comment = comment.to_s.empty? ? '\\z' : "\\s*(?:[#{comment}].*)?\\z" + + @section_regexp = %r{\A\s*\[([^\]]+)\]#{comment}} + @ignore_regexp = %r{\A#{comment}} + @property_regexp = %r{\A(.*?)(?<!\\)#{param}(.*)\z} + + @open_quote = %r{\A\s*(".*)\z} + @close_quote = %r{\A(.*(?<!\\)")#{comment}} + @full_quote = %r{\A\s*(".*(?<!\\)")#{comment}} + @trailing_slash = %r{\A(.*)(?<!\\)\\#{comment}} + @normal_value = %r{\A(.*?)#{comment}} + end + + # Returns `true` if the current value starts with a leading double quote. + # Otherwise returns false. + def leading_quote? + value&.start_with?('"') + end + + # Given a string, attempt to parse out a value from that string. This + # value might be continued on the following line. So this method returns + # `true` if it is expecting more data. + # + # string - String to parse + # + # Returns `true` if the next line is also part of the current value. + # Returns `fase` if the string contained a complete value. + def parse_value(string) + continuation = false + + # if our value starts with a double quote, then we are in a + # line continuation situation + if leading_quote? + # check for a closing quote at the end of the string + if string =~ @close_quote + self.value += Regexp.last_match(1) + + # otherwise just append the string to the value + else + self.value += string + continuation = true + end + + # not currently processing a continuation line + else + case string + when @full_quote + self.value = Regexp.last_match(1) + + when @open_quote + self.value = Regexp.last_match(1) + continuation = true + + when @trailing_slash + if self.value + self.value += Regexp.last_match(1) + else + self.value = Regexp.last_match(1) + end + continuation = true + + when @normal_value + if self.value + self.value += Regexp.last_match(1) + else + self.value = Regexp.last_match(1) + end + + else + error + end + end + + if continuation + self.value += $INPUT_RECORD_SEPARATOR if leading_quote? + else + process_property + end + + continuation + end + + # Parse the ini file contents. This will clear any values currently stored + # in the ini hash. + # + # content - Any object that responds to `each_line` + # + # Returns nil. + def parse(content) + return unless content + + continuation = false + + @hash.clear + @line = nil + self.section = nil + + content.each_line do |line| + @line = line.chomp + + if continuation + continuation = parse_value @line + else + case @line + when @ignore_regexp + nil + when @section_regexp + self.section = @hash[Regexp.last_match(1)] + when @property_regexp + self.property = Regexp.last_match(1).strip + error if property.empty? + + continuation = parse_value Regexp.last_match(2) + else + error + end + end + end + + # check here if we have a dangling value ... usually means we have an + # unmatched open quote + if leading_quote? + error 'Unmatched open quote' + elsif property && value + process_property + elsif value + error + end + + nil + end + + # Store the property/value pair in the currently active section. This + # method checks for continuation of the value to the next line. + # + # Returns nil. + def process_property + property.strip! + value.strip! + + self.value = Regexp.last_match(1) if value =~ %r{\A"(.*)(?<!\\)"\z}m + + section[property] = typecast(value) + + self.property = nil + self.value = nil + end + + # Returns the current section Hash. + def section + @section ||= @hash[@default] + end + + # Raise a parse error using the given message and appending the current line + # being parsed. + # + # msg - The message String to use. + # + # Raises IniFile::Error + def error(msg = 'Could not parse line') + raise Error, "#{msg}: #{@line.inspect}" + end + + # Attempt to typecast the value string. We are looking for boolean values, + # integers, floats, and empty strings. Below is how each gets cast, but it + # is pretty logical and straightforward. + # + # "true" --> true + # "false" --> false + # "" --> nil + # "42" --> 42 + # "3.14" --> 3.14 + # "foo" --> "foo" + # + # Returns the typecast value. + def typecast(value) + case value + when %r{\Atrue\z}i then true + when %r{\Afalse\z}i then false + when %r{\A\s*\z}i then nil + else + begin + begin + Integer(value) + rescue + Float(value) + end + rescue + unescape_value(value) + end + end + end + + # Unescape special characters found in the value string. This will convert + # escaped null, tab, carriage return, newline, and backslash into their + # literal equivalents. + # + # value - The String value to unescape. + # + # Returns the unescaped value. + def unescape_value(value) + value = value.to_s + value.gsub!(%r{\\[0nrt\\]}) do |char| + case char + when '\0' then "\0" + when '\n' then "\n" + when '\r' then "\r" + when '\t' then "\t" + when '\\\\' then '\\' + end + end + value + end + end +end # IniFile
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/modules/mysql/lib/puppet/provider/mysql_login_path/mysql_login_path.rb Mon Jan 03 17:16:21 2022 +0000 @@ -0,0 +1,166 @@ +# frozen_string_literal: true + +require File.expand_path(File.join(File.dirname(__FILE__), 'inifile')) +require File.expand_path(File.join(File.dirname(__FILE__), 'sensitive')) +require 'puppet/resource_api/simple_provider' +require 'puppet/util/execution' +require 'puppet/util/suidmanager' +require 'open3' +require 'pty' +require 'expect' +require 'fileutils' +require 'English' + +# Implementation for the mysql_login_path type using the Resource API. +class Puppet::Provider::MysqlLoginPath::MysqlLoginPath < Puppet::ResourceApi::SimpleProvider + def get_homedir(_context, uid) + result = Puppet::Util::Execution.execute(['/usr/bin/getent', 'passwd', uid], failonfail: true) + result.split(':')[5] + end + + def mysql_config_editor_set_cmd(context, uid, password = nil, *args) + args.unshift('/usr/bin/mysql_config_editor') + homedir = get_homedir(context, uid) + login_file_path = "#{homedir}/.mylogin.cnf" + + if args.is_a?(Array) + command = args.flatten.map(&:to_s) + command_str = command.join(' ') + elsif args.is_a?(String) + command_str = command + end + + begin + Puppet::Util::SUIDManager.asuser(uid) do + FileUtils.touch login_file_path + FileUtils.chmod 0o600, login_file_path + end + + PTY.spawn({ 'HOME' => homedir }, command_str) do |input, output, _pid| + if password + input.expect(%r{Enter password:}) + output.puts password + end + end + rescue => e + raise Puppet::ExecutionFailure, _( + "Execution of '%{str}' returned %{exit_status}: %{output}", + ) % { + str: command_str, + exit_status: $CHILD_STATUS.exitstatus, + output: e.message, + } + end + end + + def mysql_config_editor_cmd(context, uid, *args) + args.unshift('/usr/bin/mysql_config_editor') + homedir = get_homedir(context, uid) + Puppet::Util::Execution.execute( + args, + failonfail: true, + uid: uid, + custom_environment: { 'HOME' => homedir }, + ) + end + + def my_print_defaults_cmd(context, uid, *args) + args.unshift('/usr/bin/my_print_defaults') + homedir = get_homedir(context, uid) + Puppet::Util::Execution.execute( + args, + failonfail: true, + uid: uid, + custom_environment: { 'HOME' => homedir }, + ) + end + + def get_password(context, uid, name) + result = '' + output = my_print_defaults_cmd(context, uid, '-s', name) + output.split("\n").each do |line| + if %r{\-\-password}.match?(line) + result = line.sub(%r{\-\-password=}, '') + end + end + result + end + + def save_login_path(context, name, should) + uid = name.fetch(:owner) + + args = ['set', '--skip-warn'] + args.push('-G', should[:name].to_s) if should[:name] + args.push('-h', should[:host].to_s) if should[:host] + args.push('-u', should[:user].to_s) if should[:user] + args.push('-S', should[:socket].to_s) if should[:socket] + args.push('-P', should[:port].to_s) if should[:port] + args.push('-p') if should[:password] && extract_pw(should[:password]) + password = (should[:password] && extract_pw(should[:password])) ? extract_pw(should[:password]) : nil + + mysql_config_editor_set_cmd(context, uid, password, args) + end + + def delete_login_path(context, name) + login_path = name.fetch(:name) + uid = name.fetch(:owner) + mysql_config_editor_cmd(context, uid, 'remove', '-G', login_path) + end + + def gen_pw(pw) + Puppet::Provider::MysqlLoginPath::Sensitive.new(pw) + end + + def extract_pw(sensitive) + sensitive.unwrap + end + + def list_login_paths(context, uid) + result = [] + output = mysql_config_editor_cmd(context, uid, 'print', '--all') + ini = Puppet::Provider::MysqlLoginPath::IniFile.new(content: output) + ini.each_section do |section| + result.push(ensure: 'present', + name: section, + owner: uid.to_s, + title: section + '-' + uid.to_s, + host: ini[section]['host'].nil? ? nil : ini[section]['host'], + user: ini[section]['user'].nil? ? nil : ini[section]['user'], + password: ini[section]['password'].nil? ? nil : gen_pw(get_password(context, uid, section)), + socket: ini[section]['socket'].nil? ? nil : ini[section]['socket'], + port: ini[section]['port'].nil? ? nil : ini[section]['port']) + end + result + end + + def get(context, name) + result = [] + owner = name.empty? ? ['root'] : name.map { |item| item[:owner] }.compact.uniq + owner.each do |uid| + login_paths = list_login_paths(context, uid) + result += login_paths + end + result + end + + def create(context, name, should) + save_login_path(context, name, should) + end + + def update(context, name, should) + delete_login_path(context, name) + save_login_path(context, name, should) + end + + def delete(context, name) + delete_login_path(context, name) + end + + def canonicalize(_context, resources) + resources.each do |r| + if r.key?(:password) && r[:password].is_a?(Puppet::Pops::Types::PSensitiveType::Sensitive) + r[:password] = gen_pw(extract_pw(r[:password])) + end + end + end +end
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/modules/mysql/lib/puppet/provider/mysql_login_path/sensitive.rb Mon Jan 03 17:16:21 2022 +0000 @@ -0,0 +1,9 @@ +# frozen_string_literal: true + +# A Puppet Language type that makes the Sensitive Type comparable +# +class Puppet::Provider::MysqlLoginPath::Sensitive < Puppet::Pops::Types::PSensitiveType::Sensitive + def ==(other) + return true if other.is_a?(Puppet::Pops::Types::PSensitiveType::Sensitive) && unwrap == other.unwrap + end +end
--- a/modules/mysql/lib/puppet/provider/mysql_plugin/mysql.rb Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/lib/puppet/provider/mysql_plugin/mysql.rb Mon Jan 03 17:16:21 2022 +0000 @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require File.expand_path(File.join(File.dirname(__FILE__), '..', 'mysql')) Puppet::Type.type(:mysql_plugin).provide(:mysql, parent: Puppet::Provider::Mysql) do desc 'Manages MySQL plugins.' @@ -17,7 +19,7 @@ # the contents of the property_hash generated by self.instances def self.prefetch(resources) plugins = instances - resources.keys.each do |plugin| + resources.each_key do |plugin| if provider = plugins.find { |pl| pl.name == plugin } # rubocop:disable Lint/AssignmentInCondition resources[plugin].provider = provider end
--- a/modules/mysql/lib/puppet/provider/mysql_user/mysql.rb Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/lib/puppet/provider/mysql_user/mysql.rb Mon Jan 03 17:16:21 2022 +0000 @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require File.expand_path(File.join(File.dirname(__FILE__), '..', 'mysql')) Puppet::Type.type(:mysql_user).provide(:mysql, parent: Puppet::Provider::Mysql) do desc 'manage users for a mysql database.' @@ -12,21 +14,30 @@ users.map do |name| if mysqld_version.nil? ## Default ... - # rubocop:disable Metrics/LineLength + # rubocop:disable Layout/LineLength query = "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, SSL_TYPE, SSL_CIPHER, X509_ISSUER, X509_SUBJECT, PASSWORD /*!50508 , PLUGIN */ FROM mysql.user WHERE CONCAT(user, '@', host) = '#{name}'" - elsif newer_than('mysql' => '5.7.6', 'percona' => '5.7.6') || - # https://jira.mariadb.org/browse/MDEV-16238 https://jira.mariadb.org/browse/MDEV-16774 - (newer_than('mariadb' => '10.2.16') && older_than('mariadb' => '10.2.19')) || - (newer_than('mariadb' => '10.3.8') && older_than('mariadb' => '10.3.11')) + elsif newer_than('mysql' => '5.7.6', 'percona' => '5.7.6') query = "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, SSL_TYPE, SSL_CIPHER, X509_ISSUER, X509_SUBJECT, AUTHENTICATION_STRING, PLUGIN FROM mysql.user WHERE CONCAT(user, '@', host) = '#{name}'" + elsif newer_than('mariadb' => '10.1.21') + query = "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, SSL_TYPE, SSL_CIPHER, X509_ISSUER, X509_SUBJECT, PASSWORD, PLUGIN, AUTHENTICATION_STRING FROM mysql.user WHERE CONCAT(user, '@', host) = '#{name}'" else query = "SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, SSL_TYPE, SSL_CIPHER, X509_ISSUER, X509_SUBJECT, PASSWORD /*!50508 , PLUGIN */ FROM mysql.user WHERE CONCAT(user, '@', host) = '#{name}'" end @max_user_connections, @max_connections_per_hour, @max_queries_per_hour, @max_updates_per_hour, ssl_type, ssl_cipher, x509_issuer, x509_subject, - @password, @plugin = mysql_caller(query, 'regular').split(%r{\s}) + @password, @plugin, @authentication_string = mysql_caller(query, 'regular').chomp.split(%r{\t}) @tls_options = parse_tls_options(ssl_type, ssl_cipher, x509_issuer, x509_subject) - # rubocop:enable Metrics/LineLength + if newer_than('mariadb' => '10.1.21') && @plugin == 'ed25519' + # Some auth plugins (e.g. ed25519) use authentication_string + # to store password hash or auth information + @password = @authentication_string + elsif (newer_than('mariadb' => '10.2.16') && older_than('mariadb' => '10.2.19')) || + (newer_than('mariadb' => '10.3.8') && older_than('mariadb' => '10.3.11')) + # Old mariadb 10.2 or 10.3 store password hash in authentication_string + # https://jira.mariadb.org/browse/MDEV-16238 https://jira.mariadb.org/browse/MDEV-16774 + @password = @authentication_string + end + # rubocop:enable Layout/LineLength new(name: name, ensure: :present, password_hash: @password, @@ -44,7 +55,7 @@ def self.prefetch(resources) users = instances # rubocop:disable Lint/AssignmentInCondition - resources.keys.each do |name| + resources.each_key do |name| if provider = users.find { |user| user.name == name } resources[name].provider = provider end @@ -63,6 +74,8 @@ max_updates_per_hour = @resource.value(:max_updates_per_hour) || 0 tls_options = @resource.value(:tls_options) || ['NONE'] + password_hash = password_hash.unwrap if password_hash.is_a?(Puppet::Pops::Types::PSensitiveType::Sensitive) + # Use CREATE USER to be compatible with NO_AUTO_CREATE_USER sql_mode # This is also required if you want to specify a authentication plugin if !plugin.nil? @@ -82,13 +95,13 @@ @property_hash[:ensure] = :present @property_hash[:password_hash] = password_hash end - # rubocop:disable Metrics/LineLength + # rubocop:disable Layout/LineLength if newer_than('mysql' => '5.7.6', 'percona' => '5.7.6') self.class.mysql_caller("ALTER USER IF EXISTS '#{merged_name}' WITH MAX_USER_CONNECTIONS #{max_user_connections} MAX_CONNECTIONS_PER_HOUR #{max_connections_per_hour} MAX_QUERIES_PER_HOUR #{max_queries_per_hour} MAX_UPDATES_PER_HOUR #{max_updates_per_hour}", 'system') else self.class.mysql_caller("GRANT USAGE ON *.* TO '#{merged_name}' WITH MAX_USER_CONNECTIONS #{max_user_connections} MAX_CONNECTIONS_PER_HOUR #{max_connections_per_hour} MAX_QUERIES_PER_HOUR #{max_queries_per_hour} MAX_UPDATES_PER_HOUR #{max_updates_per_hour}", 'system') end - # rubocop:enable Metrics/LineLength + # rubocop:enable Layout/LineLength @property_hash[:max_user_connections] = max_user_connections @property_hash[:max_connections_per_hour] = max_connections_per_hour @property_hash[:max_queries_per_hour] = max_queries_per_hour @@ -133,13 +146,27 @@ def password_hash=(string) merged_name = self.class.cmd_user(@resource[:name]) + plugin = @resource.value(:plugin) # We have a fact for the mysql version ... if mysqld_version.nil? # default ... if mysqld_version does not work self.class.mysql_caller("SET PASSWORD FOR #{merged_name} = '#{string}'", 'system') + elsif newer_than('mariadb' => '10.1.21') && plugin == 'ed25519' + raise ArgumentError, _('ed25519 hash should be 43 bytes long.') unless string.length == 43 + # ALTER USER statement is only available upstream starting 10.2 + # https://mariadb.com/kb/en/mariadb-1020-release-notes/ + if newer_than('mariadb' => '10.2.0') + sql = "ALTER USER #{merged_name} IDENTIFIED WITH ed25519 AS '#{string}'" + else + concat_name = @resource[:name] + sql = "UPDATE mysql.user SET password = '', plugin = 'ed25519'" + sql += ", authentication_string = '#{string}'" + sql += " where CONCAT(user, '@', host) = '#{concat_name}'; FLUSH PRIVILEGES" + end + self.class.mysql_caller(sql, 'system') elsif newer_than('mysql' => '5.7.6', 'percona' => '5.7.6', 'mariadb' => '10.2.0') - raise ArgumentError, _('Only mysql_native_password (*ABCD...XXX) hashes are supported.') unless string =~ %r{^\*|^$} + raise ArgumentError, _('Only mysql_native_password (*ABCD...XXX) hashes are supported.') unless %r{^\*|^$}.match?(string) self.class.mysql_caller("ALTER USER #{merged_name} IDENTIFIED WITH mysql_native_password AS '#{string}'", 'system') else self.class.mysql_caller("SET PASSWORD FOR #{merged_name} = '#{string}'", 'system') @@ -150,43 +177,64 @@ def max_user_connections=(int) merged_name = self.class.cmd_user(@resource[:name]) - self.class.mysql_caller("GRANT USAGE ON *.* TO #{merged_name} WITH MAX_USER_CONNECTIONS #{int}", 'system').chomp - + if newer_than('mysql' => '5.7.6', 'percona' => '5.7.6', 'mariadb' => '10.2.0') + self.class.mysql_caller("ALTER USER #{merged_name} WITH MAX_USER_CONNECTIONS #{int}", 'system').chomp + else + self.class.mysql_caller("GRANT USAGE ON *.* TO #{merged_name} WITH MAX_USER_CONNECTIONS #{int}", 'system').chomp + end (max_user_connections == int) ? (return true) : (return false) end def max_connections_per_hour=(int) merged_name = self.class.cmd_user(@resource[:name]) - self.class.mysql_caller("GRANT USAGE ON *.* TO #{merged_name} WITH MAX_CONNECTIONS_PER_HOUR #{int}", 'system').chomp - + if newer_than('mysql' => '5.7.6', 'percona' => '5.7.6', 'mariadb' => '10.2.0') + self.class.mysql_caller("ALTER USER #{merged_name} WITH MAX_CONNECTIONS_PER_HOUR #{int}", 'system').chomp + else + self.class.mysql_caller("GRANT USAGE ON *.* TO #{merged_name} WITH MAX_CONNECTIONS_PER_HOUR #{int}", 'system').chomp + end (max_connections_per_hour == int) ? (return true) : (return false) end def max_queries_per_hour=(int) merged_name = self.class.cmd_user(@resource[:name]) - self.class.mysql_caller("GRANT USAGE ON *.* TO #{merged_name} WITH MAX_QUERIES_PER_HOUR #{int}", 'system').chomp - + if newer_than('mysql' => '5.7.6', 'percona' => '5.7.6', 'mariadb' => '10.2.0') + self.class.mysql_caller("ALTER USER #{merged_name} WITH MAX_QUERIES_PER_HOUR #{int}", 'system').chomp + else + self.class.mysql_caller("GRANT USAGE ON *.* TO #{merged_name} WITH MAX_QUERIES_PER_HOUR #{int}", 'system').chomp + end (max_queries_per_hour == int) ? (return true) : (return false) end def max_updates_per_hour=(int) merged_name = self.class.cmd_user(@resource[:name]) - self.class.mysql_caller("GRANT USAGE ON *.* TO #{merged_name} WITH MAX_UPDATES_PER_HOUR #{int}", 'system').chomp - + if newer_than('mysql' => '5.7.6', 'percona' => '5.7.6', 'mariadb' => '10.2.0') + self.class.mysql_caller("ALTER USER #{merged_name} WITH MAX_UPDATES_PER_HOUR #{int}", 'system').chomp + else + self.class.mysql_caller("GRANT USAGE ON *.* TO #{merged_name} WITH MAX_UPDATES_PER_HOUR #{int}", 'system').chomp + end (max_updates_per_hour == int) ? (return true) : (return false) end def plugin=(string) merged_name = self.class.cmd_user(@resource[:name]) - if newer_than('mysql' => '5.7.6', 'percona' => '5.7.6') + if newer_than('mariadb' => '10.1.21') && string == 'ed25519' + if newer_than('mariadb' => '10.2.0') + sql = "ALTER USER #{merged_name} IDENTIFIED WITH '#{string}' AS '#{@resource[:password_hash]}'" + else + concat_name = @resource[:name] + sql = "UPDATE mysql.user SET password = '', plugin = '#{string}'" + sql += ", authentication_string = '#{@resource[:password_hash]}'" + sql += " where CONCAT(user, '@', host) = '#{concat_name}'; FLUSH PRIVILEGES" + end + elsif newer_than('mysql' => '5.7.6', 'percona' => '5.7.6', 'mariadb' => '10.2.0') sql = "ALTER USER #{merged_name} IDENTIFIED WITH '#{string}'" - sql << " AS '#{@resource[:password_hash]}'" if string == 'mysql_native_password' + sql += " AS '#{@resource[:password_hash]}'" if string == 'mysql_native_password' else # See https://bugs.mysql.com/bug.php?id=67449 sql = "UPDATE mysql.user SET plugin = '#{string}'" - sql << ((string == 'mysql_native_password') ? ", password = '#{@resource[:password_hash]}'" : ", password = ''") - sql << " WHERE CONCAT(user, '@', host) = '#{@resource[:name]}'" + sql += ((string == 'mysql_native_password') ? ", password = '#{@resource[:password_hash]}'" : ", password = ''") + sql += " WHERE CONCAT(user, '@', host) = '#{@resource[:name]}'" end self.class.mysql_caller(sql, 'system') @@ -212,9 +260,9 @@ ['X509'] elsif ssl_type == 'SPECIFIED' options = [] - options << "CIPHER #{ssl_cipher}" if !ssl_cipher.nil? && !ssl_cipher.empty? - options << "ISSUER #{x509_issuer}" if !x509_issuer.nil? && !x509_issuer.empty? - options << "SUBJECT #{x509_subject}" if !x509_subject.nil? && !x509_subject.empty? + options << "CIPHER '#{ssl_cipher}'" if !ssl_cipher.nil? && !ssl_cipher.empty? + options << "ISSUER '#{x509_issuer}'" if !x509_issuer.nil? && !x509_issuer.empty? + options << "SUBJECT '#{x509_subject}'" if !x509_subject.nil? && !x509_subject.empty? options else ['NONE']
--- a/modules/mysql/lib/puppet/type/mysql_database.rb Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/lib/puppet/type/mysql_database.rb Mon Jan 03 17:16:21 2022 +0000 @@ -1,3 +1,5 @@ +# frozen_string_literal: true + Puppet::Type.newtype(:mysql_database) do @doc = <<-PUPPET @summary
--- a/modules/mysql/lib/puppet/type/mysql_datadir.rb Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/lib/puppet/type/mysql_datadir.rb Mon Jan 03 17:16:21 2022 +0000 @@ -1,3 +1,5 @@ +# frozen_string_literal: true + Puppet::Type.newtype(:mysql_datadir) do @doc = <<-PUPPET @summary
--- a/modules/mysql/lib/puppet/type/mysql_grant.rb Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/lib/puppet/type/mysql_grant.rb Mon Jan 03 17:16:21 2022 +0000 @@ -1,3 +1,5 @@ +# frozen_string_literal: true + Puppet::Type.newtype(:mysql_grant) do @doc = <<-PUPPET @summary @@ -14,7 +16,7 @@ # 'ALL'. This can't be done in the munge in the property as that iterates # over the array and there's no way to replace the entire array before it's # returned to the provider. - if self[:ensure] == :present && Array(self[:privileges]).count > 1 && self[:privileges].to_s.include?('ALL') + if self[:ensure] == :present && Array(self[:privileges]).size > 1 && self[:privileges].to_s.include?('ALL') self[:privileges] = 'ALL' end # Sort the privileges array in order to ensure the comparision in the provider @@ -29,12 +31,12 @@ else priv.strip.upcase end - }.uniq.reject { |k| k == 'GRANT' || k == 'GRANT OPTION' }.sort! + }.uniq.reject { |k| ['GRANT', 'GRANT OPTION'].include?(k) }.sort! end # rubocop:enable Style/MultilineBlockChain validate do raise(_('mysql_grant: `privileges` `parameter` is required.')) if self[:ensure] == :present && self[:privileges].nil? - raise(_('mysql_grant: `privileges` `parameter`: PROXY can only be specified by itself.')) if Array(self[:privileges]).count > 1 && Array(self[:privileges]).include?('PROXY') + raise(_('mysql_grant: `privileges` `parameter`: PROXY can only be specified by itself.')) if Array(self[:privileges]).size > 1 && Array(self[:privileges]).include?('PROXY') raise(_('mysql_grant: `table` `parameter` is required.')) if self[:ensure] == :present && self[:table].nil? raise(_('mysql_grant: `user` `parameter` is required.')) if self[:ensure] == :present && self[:user].nil? if self[:user] && self[:table]
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/modules/mysql/lib/puppet/type/mysql_login_path.rb Mon Jan 03 17:16:21 2022 +0000 @@ -0,0 +1,83 @@ +# frozen_string_literal: true + +require 'puppet/resource_api' + +Puppet::ResourceApi.register_type( + name: 'mysql_login_path', + + docs: <<-EOS, + @summary + Manage a MySQL login path. + @see + https://dev.mysql.com/doc/refman/8.0/en/mysql-config-editor.html + @example + mysql_login_path { 'local_socket': + owner => 'root', + host => 'localhost', + user => 'root', + password => Sensitive('secure'), + socket => '/var/run/mysql/mysql.sock', + ensure => present, + } + + mysql_login_path { 'local_tcp': + owner => 'root', + host => '127.0.0.1', + user => 'root', + password => Sensitive('more_secure'), + port => 3306, + ensure => present, + } + + This type provides Puppet with the capabilities to store authentication credentials in an obfuscated login path file + named .mylogin.cnf created with the mysql_config_editor utility. Supports only MySQL Community Edition > v5.6.6. +EOS + features: ['simple_get_filter', 'canonicalize'], + title_patterns: [ + { + pattern: %r{^(?<name>.*[^-])-(?<owner>.*)$}, + desc: 'Where the name of the and the owner are provided with a hyphen seperator', + }, + { + pattern: %r{^(?<name>.*)$}, + desc: 'Where only the name is provided', + }, + ], + attributes: { + ensure: { + type: 'Enum[present, absent]', + desc: 'Whether this resource should be present or absent on the target system.', + }, + name: { + type: 'String', + desc: 'Name of the login path you want to manage.', + behaviour: :namevar, + }, + owner: { + type: 'String', + desc: 'The user to whom the logon path should belong.', + behaviour: :namevar, + default: 'root', + }, + host: { + type: 'Optional[String]', + desc: 'Host name to be entered into the login path.', + }, + user: { + type: 'Optional[String]', + desc: 'Username to be entered into the login path.', + }, + password: { + type: 'Optional[Sensitive[String[1]]]', + desc: 'Password to be entered into login path', + }, + socket: { + type: 'Optional[String]', + desc: 'Socket path to be entered into login path', + }, + port: { + type: 'Optional[Integer[0,65535]]', + desc: 'Port number to be entered into login path.', + }, + }, +)
--- a/modules/mysql/lib/puppet/type/mysql_plugin.rb Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/lib/puppet/type/mysql_plugin.rb Mon Jan 03 17:16:21 2022 +0000 @@ -1,3 +1,5 @@ +# frozen_string_literal: true + Puppet::Type.newtype(:mysql_plugin) do @doc = <<-PUPPET @summary
--- a/modules/mysql/lib/puppet/type/mysql_user.rb Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/lib/puppet/type/mysql_user.rb Mon Jan 03 17:16:21 2022 +0000 @@ -1,3 +1,5 @@ +# frozen_string_literal: true + # This has to be a separate type to enable collecting Puppet::Type.newtype(:mysql_user) do @doc = <<-PUPPET @@ -47,18 +49,18 @@ end newproperty(:password_hash) do - desc 'The password hash of the user. Use mysql_password() for creating such a hash.' + desc 'The password hash of the user. Use mysql::password() for creating such a hash.' newvalue(%r{\w*}) def change_to_s(currentvalue, _newvalue) (currentvalue == :absent) ? 'created password' : 'changed password' end - # rubocop:disable Style/PredicateName + # rubocop:disable Naming/PredicateName def is_to_s(_currentvalue) '[old password hash redacted]' end - # rubocop:enable Style/PredicateName + # rubocop:enable Naming/PredicateName def should_to_s(_newvalue) '[new password hash redacted]'
--- a/modules/mysql/locales/config.yaml Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,26 +0,0 @@ ---- -# This is the project-specific configuration file for setting up -# fast_gettext for your project. -gettext: - # This is used for the name of the .pot and .po files; they will be - # called <project_name>.pot? - project_name: puppetlabs-mysql - # This is used in comments in the .pot and .po files to indicate what - # project the files belong to and should bea little more desctiptive than - # <project_name> - package_name: puppetlabs-mysql - # The locale that the default messages in the .pot file are in - default_locale: en - # The email used for sending bug reports. - bugs_address: docs@puppet.com - # The holder of the copyright. - copyright_holder: Puppet, Inc. - # This determines which comments in code should be eligible for translation. - # Any comments that start with this string will be externalized. (Leave - # empty to include all.) - comments_tag: TRANSLATOR - # Patterns for +Dir.glob+ used to find all files that might contain - # translatable content, relative to the project root directory - source_files: - - './lib/**/*.rb' -
--- a/modules/mysql/locales/ja/puppetlabs-mysql.po Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,190 +0,0 @@ -# -#, fuzzy -msgid "" -msgstr "" -"Project-Id-Version: PACKAGE VERSION\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2017-09-06T16:20:13+01:00\n" -"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" -"Last-Translator: Kojima Ai <ai-kojima@to-in.co.jp>, 2017\n" -"Language-Team: Japanese (Japan) (https://www.transifex.com/puppet/teams/29089/ja_JP/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: ja_JP\n" -"Plural-Forms: nplurals=1; plural=0;\n" -"X-Generator: Translate Toolkit 2.0.0\n" - -#. ./manifests/bindings/client_dev.pp:12 -msgid "No MySQL client development package configured for %{os}." -msgstr "%{os}向けに設定されたMySQLクライアント開発パッケージはありません。" - -#. ./manifests/bindings/daemon_dev.pp:12 -msgid "No MySQL daemon development package configured for %{os}." -msgstr "%{os}向けに設定されたMySQLデーモン開発パッケージはありません。" - -#. ./manifests/bindings.pp:38 -msgid "" -"::mysql::bindings::java cannot be managed by puppet on %{osfamily} as it is " -"not in official repositories. Please disable java mysql binding." -msgstr "" -"::mysql::bindings::javaは、公式なリポジトリではなく%{osfamily}にあるそのままの状態では、Puppetによる管理はできません。java" -" mysqlバインディングを無効にしてください。" - -#. ./manifests/bindings.pp:40 -msgid "" -"::mysql::bindings::php does not need to be managed by puppet on %{osfamily} " -"as it is included in mysql package by default." -msgstr "" -"::mysql::bindings::phpは、%{osfamily}上にデフォルトでMySQLパッケージに含まれた状態のまま、Puppetで管理する必要はありません。" - -#. ./manifests/bindings.pp:42 -msgid "" -"::mysql::bindings::ruby cannot be managed by puppet on %{osfamily} as it is " -"not in official repositories. Please disable ruby mysql binding." -msgstr "" -"::mysql::bindings::rubyは、公式なリポジトリではなく%{osfamily}にあるそのままの状態では、Puppetによる管理はできません。ruby" -" mysqlバインディングを無効にしてください。" - -#. ./manifests/params.pp:124 -msgid "" -"Unsupported platform: puppetlabs-%{module_name} currently doesn't support " -"%{os}." -msgstr "サポート対象外のプラットフォーム: puppetlabs-%{module_name}は、現在%{os}をサポートしていません" - -#. ./manifests/params.pp:381 -msgid "" -"Unsupported platform: puppetlabs-%{module_name} currently doesn't support " -"%{osfamily} or %{os}." -msgstr "" -"サポート対象外のプラットフォーム: " -"puppetlabs-%{module_name}は、現在%{osfamily}または%{os}をサポートしていません" - -#. ./manifests/params.pp:465 -msgid "" -"Unsupported platform: puppetlabs-%{module_name} only supports RedHat 5.0 and" -" beyond." -msgstr "サポート対象外のプラットフォーム: puppetlabs-%{module_name}は、RedHat 5.0以降のみをサポートしています" - -#. ./manifests/server/backup.pp:28 -msgid "" -"The 'prescript' option is not currently implemented for the %{provider} " -"backup provider." -msgstr "'prescript'オプションは、現在、%{provider}バックアッププロバイダ向けには実装されていません。" - -#. ./manifests/server.pp:48 -msgid "" -"The `old_root_password` attribute is no longer used and will be removed in a" -" future release." -msgstr "`old_root_password`属性は廃止予定であり、今後のリリースで廃止されます。" - -#. metadata.json -#: .summary -msgid "Installs, configures, and manages the MySQL service." -msgstr "MySQLサービスをインストール、設定、管理します。" - -#. metadata.json -#: .description -msgid "MySQL module" -msgstr "MySQLモジュール" - -#: ./lib/puppet/parser/functions/mysql_deepmerge.rb:22 -msgid "" -"mysql_deepmerge(): wrong number of arguments (%{args_length}; must be at " -"least 2)" -msgstr "mysql_deepmerge(): 引数の数が正しくありません(%{args_length}; 2以上にする必要があります)" - -#: ./lib/puppet/parser/functions/mysql_deepmerge.rb:30 -msgid "" -"mysql_deepmerge: unexpected argument type %{arg_class}, only expects hash " -"arguments." -msgstr "mysql_deepmerge: 予期せぬ引数タイプ%{arg_class}です。想定される引数はハッシュ引数のみです。" - -#: ./lib/puppet/parser/functions/mysql_dirname.rb:9 -msgid "" -"mysql_dirname(): Wrong number of arguments given (%{args_length} for 1)" -msgstr "mysql_dirname(): 指定された引数の数が正しくありません(%{args_length}は1)" - -#: ./lib/puppet/parser/functions/mysql_password.rb:11 -msgid "" -"mysql_password(): Wrong number of arguments given (%{args_length} for 1)" -msgstr "mysql_password(): 指定された引数の数が正しくありません(%{args_length}は1)" - -#: ./lib/puppet/parser/functions/mysql_strip_hash.rb:11 -msgid "mysql_strip_hash(): Requires a hash to work." -msgstr "mysql_strip_hash(): 動作するにはハッシュが必要です。" - -#: ./lib/puppet/provider/mysql_datadir/mysql.rb:24 -msgid "Defaults-extra-file %{file} is missing." -msgstr "Defaults-extra-file %{file}が見つかりません" - -#: ./lib/puppet/provider/mysql_datadir/mysql.rb:59 -msgid "ERROR: `Resource` can not be removed." -msgstr "ERROR: `Resource`を削除できませんでした。" - -#: ./lib/puppet/provider/mysql_grant/mysql.rb:19 -msgid "#mysql had an error -> %{inspect}" -msgstr "#mysqlにエラーがありました -> %{inspect}" - -#: ./lib/puppet/provider/mysql_user/mysql.rb:125 -msgid "Only mysql_native_password (*ABCD..XXX) hashes are supported." -msgstr "mysql_native_password (*ABCD...XXX)ハッシュのみサポートされています。" - -#: ./lib/puppet/type/mysql_grant.rb:34 -msgid "`privileges` `parameter` is required." -msgstr "`privileges` `parameter`が必要です。" - -#: ./lib/puppet/type/mysql_grant.rb:35 -msgid "`privileges` `parameter`: PROXY can only be specified by itself." -msgstr "`privileges` `parameter`: PROXYは自身で指定することのみ可能です。" - -#: ./lib/puppet/type/mysql_grant.rb:36 -msgid "`table` `parameter` is required." -msgstr "`table` `parameter`が必要です。" - -#: ./lib/puppet/type/mysql_grant.rb:37 -msgid "`user` `parameter` is required." -msgstr "`user` `parameter`が必要です。" - -#: ./lib/puppet/type/mysql_grant.rb:39 -msgid "`name` `parameter` must match user@host/table format." -msgstr "`name` `parameter`はuser@host/tableの形式と一致している必要があります。" - -#: ./lib/puppet/type/mysql_grant.rb:57 -msgid "" -"PROXY user not supported on mysql versions < 5.5.0. Current version " -"%{version}." -msgstr "PROXYユーザはmysql 5.5.0以前のバージョンではサポートされていません。現在のバージョン%{version}" - -#: ./lib/puppet/type/mysql_grant.rb:67 -msgid "" -"`table` `property` for PROXY should be specified as proxy_user@proxy_host." -msgstr "PROXYの`table` `property`はproxy_user@proxy_hostとして指定されている必要があります。" - -#: ./lib/puppet/type/mysql_grant.rb:96 ./lib/puppet/type/mysql_user.rb:29 -msgid "Invalid database user %{user}." -msgstr "無効なデータベースのユーザ%{user}" - -#: ./lib/puppet/type/mysql_grant.rb:102 ./lib/puppet/type/mysql_user.rb:34 -msgid "MySQL usernames are limited to a maximum of 16 characters." -msgstr "MySQLユーザ名は最大16文字に制限されています。" - -#: ./lib/puppet/type/mysql_grant.rb:103 ./lib/puppet/type/mysql_user.rb:35 -msgid "MySQL usernames are limited to a maximum of 32 characters." -msgstr "MySQLユーザ名は最大32文字に制限されています。" - -#: ./lib/puppet/type/mysql_grant.rb:104 ./lib/puppet/type/mysql_user.rb:36 -msgid "MySQL usernames are limited to a maximum of 80 characters." -msgstr "MySQLユーザ名は最大80文字に制限されています。" - -#: ./lib/puppet/type/mysql_user.rb:82 -msgid "" -"`tls_options` `property`: The values NONE, SSL and X509 cannot be used with " -"other options, you may only pick one of them." -msgstr "" -"`tls_options` `property`: " -"NONE、SSL、X509は他のオプションと同時に使用することはできません。いずれか1つのみ選択可能です。" - -#: ./lib/puppet/type/mysql_user.rb:87 -msgid "Invalid tls option %{option}." -msgstr "無効なtlsオプション%{option}"
--- a/modules/mysql/locales/puppetlabs-mysql.pot Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,176 +0,0 @@ -"Project-Id-Version: puppetlabs-mysql 3.11.0-50-gd122d86\n" -"\n" -"Report-Msgid-Bugs-To: docs@puppet.com\n" -"POT-Creation-Date: 2017-09-14 14:21+0100\n" -"PO-Revision-Date: 2017-09-14 14:21+0100\n" -"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" -"Language-Team: LANGUAGE <LL@li.org>\n" -"Language: \n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=INTEGER; plural=EXPRESSION;\n" - -#. metadata.json -#: .summary -msgid "Installs, configures, and manages the MySQL service." -msgstr "" - -#. metadata.json -#: .description -msgid "MySQL module" -msgstr "" - -#. ./manifests/bindings/client_dev.pp:12 -msgid "No MySQL client development package configured for %{os}." -msgstr "" - -#. ./manifests/bindings/daemon_dev.pp:12 -msgid "No MySQL daemon development package configured for %{os}." -msgstr "" - -#. ./manifests/bindings.pp:38 -msgid "" -"::mysql::bindings::java cannot be managed by puppet on %{osfamily} as it is " -"not in official repositories. Please disable java mysql binding." -msgstr "" - -#. ./manifests/bindings.pp:40 -msgid "" -"::mysql::bindings::php does not need to be managed by puppet on %{osfamily} " -"as it is included in mysql package by default." -msgstr "" - -#. ./manifests/bindings.pp:42 -msgid "" -"::mysql::bindings::ruby cannot be managed by puppet on %{osfamily} as it is " -"not in official repositories. Please disable ruby mysql binding." -msgstr "" - -#. ./manifests/params.pp:124 -msgid "" -"Unsupported platform: puppetlabs-%{module_name} currently doesn't support " -"%{os}." -msgstr "" - -#. ./manifests/params.pp:381 -msgid "" -"Unsupported platform: puppetlabs-%{module_name} currently doesn't support " -"%{osfamily} or %{os}." -msgstr "" - -#. ./manifests/params.pp:465 -msgid "" -"Unsupported platform: puppetlabs-%{module_name} only supports RedHat 5.0 and " -"beyond." -msgstr "" - -#. ./manifests/server/backup.pp:28 -msgid "" -"The 'prescript' option is not currently implemented for the %{provider} " -"backup provider." -msgstr "" - -#. ./manifests/server.pp:48 -msgid "" -"The `old_root_password` attribute is no longer used and will be removed in a " -"future release." -msgstr "" - -#: ./lib/puppet/parser/functions/mysql_deepmerge.rb:22 -msgid "" -"mysql_deepmerge(): wrong number of arguments (%{args_length}; must be at " -"least 2)" -msgstr "" - -#: ./lib/puppet/parser/functions/mysql_deepmerge.rb:30 -msgid "" -"mysql_deepmerge: unexpected argument type %{arg_class}, only expects hash " -"arguments." -msgstr "" - -#: ./lib/puppet/parser/functions/mysql_dirname.rb:9 -msgid "mysql_dirname(): Wrong number of arguments given (%{args_length} for 1)" -msgstr "" - -#: ./lib/puppet/parser/functions/mysql_password.rb:11 -msgid "" -"mysql_password(): Wrong number of arguments given (%{args_length} for 1)" -msgstr "" - -#: ./lib/puppet/parser/functions/mysql_strip_hash.rb:11 -msgid "mysql_strip_hash(): Requires a hash to work." -msgstr "" - -#: ./lib/puppet/provider/mysql_datadir/mysql.rb:24 -msgid "Defaults-extra-file %{file} is missing." -msgstr "" - -#: ./lib/puppet/provider/mysql_datadir/mysql.rb:59 -msgid "ERROR: `Resource` can not be removed." -msgstr "" - -#: ./lib/puppet/provider/mysql_grant/mysql.rb:19 -msgid "#mysql had an error -> %{inspect}" -msgstr "" - -#: ./lib/puppet/provider/mysql_user/mysql.rb:125 -msgid "Only mysql_native_password (*ABCD...XXX) hashes are supported." -msgstr "" - -#: ./lib/puppet/type/mysql_grant.rb:34 -msgid "`privileges` `parameter` is required." -msgstr "" - -#: ./lib/puppet/type/mysql_grant.rb:35 -msgid "`privileges` `parameter`: PROXY can only be specified by itself." -msgstr "" - -#: ./lib/puppet/type/mysql_grant.rb:36 -msgid "`table` `parameter` is required." -msgstr "" - -#: ./lib/puppet/type/mysql_grant.rb:37 -msgid "`user` `parameter` is required." -msgstr "" - -#: ./lib/puppet/type/mysql_grant.rb:39 -msgid "`name` `parameter` must match user@host/table format." -msgstr "" - -#: ./lib/puppet/type/mysql_grant.rb:57 -msgid "" -"PROXY user not supported on mysql versions < 5.5.0. Current version " -"%{version}." -msgstr "" - -#: ./lib/puppet/type/mysql_grant.rb:67 -msgid "" -"`table` `property` for PROXY should be specified as proxy_user@proxy_host." -msgstr "" - -#: ./lib/puppet/type/mysql_grant.rb:96 ./lib/puppet/type/mysql_user.rb:29 -msgid "Invalid database user %{user}." -msgstr "" - -#: ./lib/puppet/type/mysql_grant.rb:102 ./lib/puppet/type/mysql_user.rb:34 -msgid "MySQL usernames are limited to a maximum of 16 characters." -msgstr "" - -#: ./lib/puppet/type/mysql_grant.rb:103 ./lib/puppet/type/mysql_user.rb:35 -msgid "MySQL usernames are limited to a maximum of 32 characters." -msgstr "" - -#: ./lib/puppet/type/mysql_grant.rb:104 ./lib/puppet/type/mysql_user.rb:36 -msgid "MySQL usernames are limited to a maximum of 80 characters." -msgstr "" - -#: ./lib/puppet/type/mysql_user.rb:82 -msgid "" -"`tls_options` `property`: The values NONE, SSL and X509 cannot be used with " -"other options, you may only pick one of them." -msgstr "" - -#: ./lib/puppet/type/mysql_user.rb:87 -msgid "Invalid tls option %{option}." -msgstr ""
--- a/modules/mysql/manifests/backup/mysqlbackup.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/manifests/backup/mysqlbackup.pp Mon Jan 03 17:16:21 2022 +0000 @@ -5,7 +5,7 @@ # class mysql::backup::mysqlbackup ( $backupuser = '', - $backuppassword = '', + Variant[String, Sensitive[String]] $backuppassword = '', $maxallowedpacket = '1M', $backupdir = '', $backupdirmode = '0700', @@ -27,8 +27,16 @@ $postscript = false, $execpath = '/usr/bin:/usr/sbin:/bin:/sbin', $optional_args = [], + $incremental_backups = false, + $install_cron = true, + $compression_command = undef, + $compression_extension = undef, ) inherits mysql::params { - + $backuppassword_unsensitive = if $backuppassword =~ Sensitive { + $backuppassword.unwrap + } else { + $backuppassword + } mysql_user { "${backupuser}@localhost": ensure => $ensure, password_hash => mysql::password($backuppassword), @@ -44,7 +52,7 @@ ensure => $ensure, user => "${backupuser}@localhost", table => '*.*', - privileges => [ 'RELOAD', 'SUPER', 'REPLICATION CLIENT' ], + privileges => ['RELOAD', 'SUPER', 'REPLICATION CLIENT'], require => Mysql_user["${backupuser}@localhost"], } @@ -52,7 +60,7 @@ ensure => $ensure, user => "${backupuser}@localhost", table => 'mysql.backup_progress', - privileges => [ 'CREATE', 'INSERT', 'DROP', 'UPDATE' ], + privileges => ['CREATE', 'INSERT', 'DROP', 'UPDATE'], require => Mysql_user["${backupuser}@localhost"], } @@ -60,21 +68,15 @@ ensure => $ensure, user => "${backupuser}@localhost", table => 'mysql.backup_history', - privileges => [ 'CREATE', 'INSERT', 'SELECT', 'DROP', 'UPDATE' ], + privileges => ['CREATE', 'INSERT', 'SELECT', 'DROP', 'UPDATE'], require => Mysql_user["${backupuser}@localhost"], } - if $::osfamily == 'RedHat' and $::operatingsystemmajrelease == '5' { - package {'crontabs': - ensure => present, - } - } elsif $::osfamily == 'RedHat' { - package {'cronie': - ensure => present, - } - } elsif $::osfamily != 'FreeBSD' { - package {'cron': - ensure => present, + if $install_cron { + if $::osfamily == 'RedHat' { + ensure_packages('cronie') + } elsif $::osfamily != 'FreeBSD' { + ensure_packages('cron') } } @@ -105,8 +107,8 @@ 'incremental_base' => 'history:last_backup', 'incremental_backup_dir' => $backupdir, 'user' => $backupuser, - 'password' => $backuppassword, - } + 'password' => $backuppassword_unsensitive + }, } $options = mysql::normalise_and_deepmerge($default_options, $mysql::server::override_options)
--- a/modules/mysql/manifests/backup/mysqldump.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/manifests/backup/mysqldump.pp Mon Jan 03 17:16:21 2022 +0000 @@ -4,7 +4,7 @@ # class mysql::backup::mysqldump ( $backupuser = '', - $backuppassword = '', + Variant[String, Sensitive[String]] $backuppassword = '', $backupdir = '', $maxallowedpacket = '1M', $backupdirmode = '0700', @@ -28,10 +28,19 @@ $optional_args = [], $mysqlbackupdir_ensure = 'directory', $mysqlbackupdir_target = undef, + $incremental_backups = false, + $install_cron = true, + $compression_command = 'bzcat -zc', + $compression_extension = '.bz2' ) inherits mysql::params { + $backuppassword_unsensitive = if $backuppassword =~ Sensitive { + $backuppassword.unwrap + } else { + $backuppassword + } unless $::osfamily == 'FreeBSD' { - if $backupcompress { + if $backupcompress and $compression_command == 'bzcat -zc' { ensure_packages(['bzip2']) Package['bzip2'] -> File['mysqlbackup.sh'] } @@ -43,10 +52,10 @@ require => Class['mysql::server::root_password'], } - if $include_triggers { - $privs = [ 'SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS', 'TRIGGER' ] + if $include_triggers { + $privs = ['SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS', 'TRIGGER'] } else { - $privs = [ 'SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS' ] + $privs = ['SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS'] } mysql_grant { "${backupuser}@localhost/*.*": @@ -57,17 +66,11 @@ require => Mysql_user["${backupuser}@localhost"], } - if $::osfamily == 'RedHat' and $::operatingsystemmajrelease == '5' { - package {'crontabs': - ensure => present, - } - } elsif $::osfamily == 'RedHat' { - package {'cronie': - ensure => present, - } - } elsif $::osfamily != 'FreeBSD' { - package {'cron': - ensure => present, + if $install_cron { + if $::osfamily == 'RedHat' { + ensure_packages('cronie') + } elsif $::osfamily != 'FreeBSD' { + ensure_packages('cron') } } @@ -83,6 +86,7 @@ require => File['mysqlbackup.sh'], } + # TODO: use EPP instead of ERB, as EPP can handle Data of Type Sensitive without further ado file { 'mysqlbackup.sh': ensure => $ensure, path => '/usr/local/sbin/mysqlbackup.sh', @@ -108,5 +112,4 @@ group => $backupdirgroup, } } - }
--- a/modules/mysql/manifests/backup/xtrabackup.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/manifests/backup/xtrabackup.pp Mon Jan 03 17:16:21 2022 +0000 @@ -5,7 +5,7 @@ class mysql::backup::xtrabackup ( $xtrabackup_package_name = $mysql::params::xtrabackup_package_name, $backupuser = undef, - $backuppassword = undef, + Optional[Variant[String, Sensitive[String]]] $backuppassword = undef, $backupdir = '', $maxallowedpacket = '1M', $backupmethod = 'xtrabackup', @@ -29,10 +29,18 @@ $execpath = '/usr/bin:/usr/sbin:/bin:/sbin', $optional_args = [], $additional_cron_args = '--backup', - $incremental_backups = true + $incremental_backups = true, + $install_cron = true, + $compression_command = undef, + $compression_extension = undef, ) inherits mysql::params { + ensure_packages($xtrabackup_package_name) - ensure_packages($xtrabackup_package_name) + $backuppassword_unsensitive = if $backuppassword =~ Sensitive { + $backuppassword.unwrap + } else { + $backuppassword + } if $backupuser and $backuppassword { mysql_user { "${backupuser}@localhost": @@ -45,15 +53,32 @@ ensure => $ensure, user => "${backupuser}@localhost", table => '*.*', - privileges => [ 'RELOAD', 'PROCESS', 'LOCK TABLES', 'REPLICATION CLIENT' ], + privileges => ['RELOAD', 'PROCESS', 'LOCK TABLES', 'REPLICATION CLIENT'], require => Mysql_user["${backupuser}@localhost"], } } + if $install_cron { + if $::osfamily == 'RedHat' { + ensure_packages('cronie') + } elsif $::osfamily != 'FreeBSD' { + ensure_packages('cron') + } + } + if $incremental_backups { + # Warn if old backups are removed too soon. Incremental backups will fail + # if the full backup is no longer available. + if ($backuprotate.convert_to(Integer) < 7) { + warning('The value for `backuprotate` is too low, it must be set to at least 7 days when using incremental backups.') + } + + # The --target-dir uses a more predictable value for the full backup so + # that it can easily be calculated and used in incremental backup jobs. + # Besides that it allows to have multiple full backups. cron { 'xtrabackup-weekly': ensure => $ensure, - command => "/usr/local/sbin/xtrabackup.sh --target-dir=${backupdir} ${additional_cron_args}", + command => "/usr/local/sbin/xtrabackup.sh --target-dir=${backupdir}/$(date +\\%F)_full ${additional_cron_args}", user => 'root', hour => $time[0], minute => $time[1], @@ -62,13 +87,23 @@ } } + # Wether to use GNU or BSD date format. + case $::osfamily { + 'FreeBSD','OpenBSD': { + $dateformat = '$(date -v-sun +\\%F)_full' + } + default: { + $dateformat = '$(date -d "last sunday" +\\%F)_full' + } + } + $daily_cron_data = ($incremental_backups) ? { true => { - 'directories' => "--incremental-basedir=${backupdir} --target-dir=${backupdir}/$(date +\\%F_\\%H-\\%M-\\%S)", + 'directories' => "--incremental-basedir=${backupdir}/${dateformat} --target-dir=${backupdir}/$(date +\\%F_\\%H-\\%M-\\%S)", 'weekday' => '1-6', }, false => { - 'directories' => "--target-dir=${backupdir}", + 'directories' => "--target-dir=${backupdir}/$(date +\\%F_\\%H-\\%M-\\%S)", 'weekday' => '*', }, } @@ -90,6 +125,7 @@ group => $backupdirgroup, } + # TODO: use EPP instead of ERB, as EPP can handle Data of Type Sensitive without further ado file { 'xtrabackup.sh': ensure => $ensure, path => '/usr/local/sbin/xtrabackup.sh',
--- a/modules/mysql/manifests/bindings.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/manifests/bindings.pp Mon Jan 03 17:16:21 2022 +0000 @@ -100,32 +100,27 @@ $daemon_dev_package_name = $mysql::params::daemon_dev_package_name, $daemon_dev_package_provider = $mysql::params::daemon_dev_package_provider ) inherits mysql::params { - case $::osfamily { 'Archlinux': { - if $java_enable { fail(translate('::mysql::bindings::java cannot be managed by puppet on %{osfamily} - as it is not in official repositories. Please disable java mysql binding.', - {'osfamily' => $::osfamily })) } - if $perl_enable { include '::mysql::bindings::perl' } - if $php_enable { warning(translate('::mysql::bindings::php does not need to be managed by puppet on %{osfamily} - as it is included in mysql package by default.', - {'osfamily' => $::osfamily })) } - if $python_enable { include '::mysql::bindings::python' } - if $ruby_enable { fail(translate('::mysql::bindings::ruby cannot be managed by puppet on %{osfamily} - as it is not in official repositories. Please disable ruby mysql binding.', - {'osfamily' => $::osfamily } )) } + if $java_enable { fail("::mysql::bindings::java cannot be managed by puppet on ${::facts['os']['family']} + as it is not in official repositories. Please disable java mysql binding.") } + if $perl_enable { include 'mysql::bindings::perl' } + if $php_enable { warning("::mysql::bindings::php does not need to be managed by puppet on ${::facts['os']['family']} + as it is included in mysql package by default.") } + if $python_enable { include 'mysql::bindings::python' } + if $ruby_enable { fail("::mysql::bindings::ruby cannot be managed by puppet on %{::facts['os']['family']} + as it is not in official repositories. Please disable ruby mysql binding.") } } default: { - if $java_enable { include '::mysql::bindings::java' } - if $perl_enable { include '::mysql::bindings::perl' } - if $php_enable { include '::mysql::bindings::php' } - if $python_enable { include '::mysql::bindings::python' } - if $ruby_enable { include '::mysql::bindings::ruby' } + if $java_enable { include 'mysql::bindings::java' } + if $perl_enable { include 'mysql::bindings::perl' } + if $php_enable { include 'mysql::bindings::php' } + if $python_enable { include 'mysql::bindings::python' } + if $ruby_enable { include 'mysql::bindings::ruby' } } } - if $client_dev { include '::mysql::bindings::client_dev' } - if $daemon_dev { include '::mysql::bindings::daemon_dev' } - + if $client_dev { include 'mysql::bindings::client_dev' } + if $daemon_dev { include 'mysql::bindings::daemon_dev' } }
--- a/modules/mysql/manifests/bindings/client_dev.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/manifests/bindings/client_dev.pp Mon Jan 03 17:16:21 2022 +0000 @@ -4,7 +4,6 @@ # @api private # class mysql::bindings::client_dev { - if $mysql::bindings::client_dev_package_name { package { 'mysql-client_dev': ensure => $mysql::bindings::client_dev_package_ensure, @@ -13,7 +12,6 @@ provider => $mysql::bindings::client_dev_package_provider, } } else { - warning(translate('No MySQL client development package configured for %{os}.', {'os' => $::operatingsystem })) + warning("No MySQL client development package configured for ${::facts['os']['family']}.") } - }
--- a/modules/mysql/manifests/bindings/daemon_dev.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/manifests/bindings/daemon_dev.pp Mon Jan 03 17:16:21 2022 +0000 @@ -4,7 +4,6 @@ # @api private # class mysql::bindings::daemon_dev { - if $mysql::bindings::daemon_dev_package_name { package { 'mysql-daemon_dev': ensure => $mysql::bindings::daemon_dev_package_ensure, @@ -13,7 +12,6 @@ provider => $mysql::bindings::daemon_dev_package_provider, } } else { - warning(translate('No MySQL daemon development package configured for %{os}.', {'os' => $::operatingsystem })) + warning("No MySQL daemon development package configured for ${::facts['os']['family']}.") } - }
--- a/modules/mysql/manifests/bindings/java.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/manifests/bindings/java.pp Mon Jan 03 17:16:21 2022 +0000 @@ -4,12 +4,10 @@ # @api private # class mysql::bindings::java { - package { 'mysql-connector-java': ensure => $mysql::bindings::java_package_ensure, install_options => $mysql::bindings::install_options, name => $mysql::bindings::java_package_name, provider => $mysql::bindings::java_package_provider, } - }
--- a/modules/mysql/manifests/bindings/perl.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/manifests/bindings/perl.pp Mon Jan 03 17:16:21 2022 +0000 @@ -4,12 +4,10 @@ # @api private # class mysql::bindings::perl { - - package{ 'perl_mysql': + package { 'perl_mysql': ensure => $mysql::bindings::perl_package_ensure, install_options => $mysql::bindings::install_options, name => $mysql::bindings::perl_package_name, provider => $mysql::bindings::perl_package_provider, } - }
--- a/modules/mysql/manifests/bindings/php.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/manifests/bindings/php.pp Mon Jan 03 17:16:21 2022 +0000 @@ -4,12 +4,10 @@ # @api private # class mysql::bindings::php { - package { 'php-mysql': ensure => $mysql::bindings::php_package_ensure, install_options => $mysql::bindings::install_options, name => $mysql::bindings::php_package_name, provider => $mysql::bindings::php_package_provider, } - }
--- a/modules/mysql/manifests/bindings/python.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/manifests/bindings/python.pp Mon Jan 03 17:16:21 2022 +0000 @@ -4,12 +4,10 @@ # @api private # class mysql::bindings::python { - package { 'python-mysqldb': ensure => $mysql::bindings::python_package_ensure, install_options => $mysql::bindings::install_options, name => $mysql::bindings::python_package_name, provider => $mysql::bindings::python_package_provider, } - }
--- a/modules/mysql/manifests/bindings/ruby.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/manifests/bindings/ruby.pp Mon Jan 03 17:16:21 2022 +0000 @@ -4,12 +4,10 @@ # @api private # class mysql::bindings::ruby { - - package{ 'ruby_mysql': + package { 'ruby_mysql': ensure => $mysql::bindings::ruby_package_ensure, install_options => $mysql::bindings::install_options, name => $mysql::bindings::ruby_package_name, provider => $mysql::bindings::ruby_package_provider, } - }
--- a/modules/mysql/manifests/client.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/manifests/client.pp Mon Jan 03 17:16:21 2022 +0000 @@ -20,14 +20,15 @@ # The name of the MySQL client package to install. # class mysql::client ( - $bindings_enable = $mysql::params::bindings_enable, - $install_options = undef, - $package_ensure = $mysql::params::client_package_ensure, - $package_manage = $mysql::params::client_package_manage, - $package_name = $mysql::params::client_package_name, + $bindings_enable = $mysql::params::bindings_enable, + $install_options = undef, + $package_ensure = $mysql::params::client_package_ensure, + $package_manage = $mysql::params::client_package_manage, + $package_name = $mysql::params::client_package_name, + $package_provider = undef, + $package_source = undef, ) inherits mysql::params { - - include '::mysql::client::install' + include 'mysql::client::install' if $bindings_enable { class { 'mysql::bindings':
--- a/modules/mysql/manifests/client/install.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/manifests/client/install.pp Mon Jan 03 17:16:21 2022 +0000 @@ -4,15 +4,13 @@ # @api private # class mysql::client::install { - if $mysql::client::package_manage { - package { 'mysql_client': ensure => $mysql::client::package_ensure, install_options => $mysql::client::install_options, name => $mysql::client::package_name, + provider => $mysql::client::package_provider, + source => $mysql::client::package_source, } - } - }
--- a/modules/mysql/manifests/db.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/manifests/db.pp Mon Jan 03 17:16:21 2022 +0000 @@ -40,7 +40,7 @@ # define mysql::db ( $user, - $password, + Variant[String, Sensitive[String]] $password, $tls_options = undef, $dbname = $name, $charset = 'utf8', @@ -53,21 +53,26 @@ Enum['absent', 'present'] $ensure = 'present', $import_timeout = 300, $import_cat_cmd = 'cat', - $mysql_exec_path = $mysql::params::exec_path, + $mysql_exec_path = undef, ) { - $table = "${dbname}.*" $sql_inputs = join([$sql], ' ') - include '::mysql::client' + include 'mysql::client' + + if ($mysql_exec_path) { + $_mysql_exec_path = $mysql_exec_path + } else { + $_mysql_exec_path = $mysql::params::exec_path + } $db_resource = { ensure => $ensure, charset => $charset, collate => $collate, provider => 'mysql', - require => [ Class['mysql::client'] ], + require => [Class['mysql::client']], } ensure_resource('mysql_database', $dbname, $db_resource) @@ -94,12 +99,12 @@ $refresh = ! $enforce_sql if $sql { - exec{ "${dbname}-import": + exec { "${dbname}-import": command => "${import_cat_cmd} ${sql_inputs} | mysql ${dbname}", logoutput => true, environment => "HOME=${::root_home}", refreshonly => $refresh, - path => "/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:${mysql_exec_path}", + path => "/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:${_mysql_exec_path}", require => Mysql_grant["${user}@${host}/${table}"], subscribe => Mysql_database[$dbname], timeout => $import_timeout,
--- a/modules/mysql/manifests/params.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/manifests/params.pp Mon Jan 03 17:16:21 2022 +0000 @@ -4,8 +4,8 @@ # @api private # class mysql::params { - $manage_config_file = true + $config_file_mode = '0644' $purge_conf_dir = false $restart = false $root_password = 'UNSET' @@ -37,8 +37,7 @@ $client_dev_package_provider = undef $daemon_dev_package_ensure = 'present' $daemon_dev_package_provider = undef - $xtrabackup_package_name = 'percona-xtrabackup' - + $xtrabackup_package_name_default = 'percona-xtrabackup' case $::osfamily { 'RedHat': { @@ -51,12 +50,23 @@ } $python_package_name = 'MySQL-python' } - /^(RedHat|CentOS|Scientific|OracleLinux)$/: { - if versioncmp($::operatingsystemmajrelease, '7') >= 0 { + 'Amazon': { + if versioncmp($::operatingsystemrelease, '2') >= 0 { $provider = 'mariadb' } else { $provider = 'mysql' } + } + /^(RedHat|Rocky|CentOS|Scientific|OracleLinux)$/: { + if versioncmp($::operatingsystemmajrelease, '7') >= 0 { + $provider = 'mariadb' + if versioncmp($::operatingsystemmajrelease, '8') >= 0 { + $xtrabackup_package_name_override = 'percona-xtrabackup-24' + } + } else { + $provider = 'mysql' + $xtrabackup_package_name_override = 'percona-xtrabackup-20' + } if versioncmp($::operatingsystemmajrelease, '8') >= 0 { $java_package_name = 'mariadb-java-client' $python_package_name = 'python3-PyMySQL' @@ -95,11 +105,14 @@ $datadir = '/var/lib/mysql' $root_group = 'root' $mysql_group = 'mysql' + $mycnf_owner = undef + $mycnf_group = undef $socket = '/var/lib/mysql/mysql.sock' $ssl_ca = '/etc/mysql/cacert.pem' $ssl_cert = '/etc/mysql/server-cert.pem' $ssl_key = '/etc/mysql/server-key.pem' $tmpdir = '/tmp' + $managed_dirs = undef # mysql::bindings $perl_package_name = 'perl-DBD-MySQL' $php_package_name = 'php-mysql' @@ -110,80 +123,57 @@ 'Suse': { case $::operatingsystem { 'OpenSuSE': { - if versioncmp( $::operatingsystemmajrelease, '12' ) >= 0 { - $client_package_name = 'mariadb-client' - $server_package_name = 'mariadb' - # First service start fails if this is set. Runs fine without - # it being set, in any case. Leaving it as-is for the mysql. - $basedir = undef - } else { - $client_package_name = 'mysql-community-server-client' - $server_package_name = 'mysql-community-server' - $basedir = '/usr' - } + $socket = '/var/run/mysql/mysql.sock' + $log_error = '/var/log/mysql/mysqld.log' + $pidfile = '/var/run/mysql/mysqld.pid' + $ruby_package_name = 'rubygem-mysql' + $client_package_name = 'mariadb-client' + $server_package_name = 'mariadb' + # First service start fails if this is set. Runs fine without + # it being set, in any case. Leaving it as-is for the mysql. + $basedir = undef } 'SLES','SLED': { - if versioncmp($::operatingsystemrelease, '12') >= 0 { - $client_package_name = 'mariadb-client' - $server_package_name = 'mariadb' - $basedir = undef - } else { - $client_package_name = 'mysql-client' - $server_package_name = 'mysql' - $basedir = '/usr' - } + $socket = '/run/mysql/mysql.sock' + $log_error = '/var/log/mysqld.log' + $pidfile = '/var/lib/mysql/mysqld.pid' + $ruby_package_name = 'ruby-mysql' + $client_package_name = 'mariadb-client' + $server_package_name = 'mariadb' + $basedir = undef } default: { - fail(translate('Unsupported platform: puppetlabs-%{module_name} currently doesn\'t support %{os}.', - {'module_name' => $module_name, 'os' => $::operatingsystem })) + fail("Unsupported platform: puppetlabs-${module_name} currently doesn\'t support ${::operatingsystem}.") } } $config_file = '/etc/my.cnf' $includedir = '/etc/my.cnf.d' $datadir = '/var/lib/mysql' - $log_error = $::operatingsystem ? { - /OpenSuSE/ => '/var/log/mysql/mysqld.log', - /(SLES|SLED)/ => '/var/log/mysqld.log', - } - $pidfile = $::operatingsystem ? { - /OpenSuSE/ => '/var/run/mysql/mysqld.pid', - /(SLES|SLED)/ => '/var/lib/mysql/mysqld.pid', - } $root_group = 'root' $mysql_group = 'mysql' + $mycnf_owner = undef + $mycnf_group = undef $server_service_name = 'mysql' - - if $::operatingsystem =~ /(SLES|SLED)/ { - if versioncmp( $::operatingsystemmajrelease, '12' ) >= 0 { - $socket = '/run/mysql/mysql.sock' - } else { - $socket = '/var/lib/mysql/mysql.sock' - } - } else { - $socket = '/var/run/mysql/mysql.sock' - } + $xtrabackup_package_name_override = 'xtrabackup' $ssl_ca = '/etc/mysql/cacert.pem' $ssl_cert = '/etc/mysql/server-cert.pem' $ssl_key = '/etc/mysql/server-key.pem' $tmpdir = '/tmp' + $managed_dirs = undef # mysql::bindings $java_package_name = 'mysql-connector-java' $perl_package_name = 'perl-DBD-mysql' $php_package_name = 'apache2-mod_php53' $python_package_name = 'python-mysql' - $ruby_package_name = $::operatingsystem ? { - /OpenSuSE/ => 'rubygem-mysql', - /(SLES|SLED)/ => 'ruby-mysql', - } $client_dev_package_name = 'libmysqlclient-devel' $daemon_dev_package_name = 'mysql-devel' } 'Debian': { - if $::operatingsystem == 'Debian' and versioncmp($::operatingsystemrelease, '9') >= 0 { + if $::operatingsystem == 'Debian' { $provider = 'mariadb' - } else { + } else { # Ubuntu $provider = 'mysql' } if $provider == 'mariadb' { @@ -208,34 +198,48 @@ $pidfile = '/var/run/mysqld/mysqld.pid' $root_group = 'root' $mysql_group = 'adm' + $mycnf_owner = undef + $mycnf_group = undef $socket = '/var/run/mysqld/mysqld.sock' $ssl_ca = '/etc/mysql/cacert.pem' $ssl_cert = '/etc/mysql/server-cert.pem' $ssl_key = '/etc/mysql/server-key.pem' $tmpdir = '/tmp' + $managed_dirs = ['tmpdir','basedir','datadir','innodb_data_home_dir','innodb_log_group_home_dir','innodb_undo_directory','innodb_tmpdir'] + # mysql::bindings - if $::operatingsystem == 'Debian' and versioncmp($::operatingsystemrelease, '10') >= 0 { + if ($::operatingsystem == 'Debian' and versioncmp($::operatingsystemrelease, '10') >= 0) or + ($::operatingsystem == 'Ubuntu' and versioncmp($::operatingsystemrelease, '20.04') >= 0) { $java_package_name = 'libmariadb-java' } else { $java_package_name = 'libmysql-java' } $perl_package_name = 'libdbd-mysql-perl' if ($::operatingsystem == 'Ubuntu' and versioncmp($::operatingsystemrelease, '16.04') >= 0) or - ($::operatingsystem == 'Debian' and versioncmp($::operatingsystemrelease, '9') >= 0) { + ($::operatingsystem == 'Debian') { $php_package_name = 'php-mysql' } else { $php_package_name = 'php5-mysql' } + if ($::operatingsystem == 'Ubuntu' and versioncmp($::operatingsystemrelease, '16.04') < 0) or + ($::operatingsystem == 'Ubuntu' and versioncmp($::operatingsystemrelease, '20.04') >= 0) or + ($::operatingsystem == 'Debian') { + $xtrabackup_package_name_override = 'percona-xtrabackup-24' + } + if ($::operatingsystem == 'Ubuntu' and versioncmp($::operatingsystemrelease, '20.04') >= 0) or + ($::operatingsystem == 'Debian' and versioncmp($::operatingsystemrelease, '11') >= 0){ + $python_package_name = 'python3-mysqldb' + } else { + $python_package_name = 'python-mysqldb' + } - $python_package_name = 'python-mysqldb' - $ruby_package_name = $::lsbdistcodename ? { - 'jessie' => 'ruby-mysql', - 'stretch' => 'ruby-mysql2', - 'buster' => 'ruby-mysql2', - 'trusty' => 'ruby-mysql', - 'xenial' => 'ruby-mysql', - 'bionic' => 'ruby-mysql2', - default => 'libmysql-ruby', + $ruby_package_name = $facts['os']['release']['major'] ? { + '9' => 'ruby-mysql2', # stretch + '10' => 'ruby-mysql2', # buster + '16.04' => 'ruby-mysql', # xenial + '18.04' => 'ruby-mysql2', # bionic + '20.04' => 'ruby-mysql2', # focal + default => 'libmysql-ruby', } } @@ -252,12 +256,15 @@ $pidfile = '/var/run/mysqld/mysqld.pid' $root_group = 'root' $mysql_group = 'mysql' + $mycnf_owner = undef + $mycnf_group = undef $server_service_name = 'mysqld' $socket = '/var/lib/mysql/mysql.sock' $ssl_ca = '/etc/mysql/cacert.pem' $ssl_cert = '/etc/mysql/server-cert.pem' $ssl_key = '/etc/mysql/server-key.pem' $tmpdir = '/tmp' + $managed_dirs = undef # mysql::bindings $java_package_name = 'mysql-connector-java' $perl_package_name = 'perl-dbd-mysql' @@ -277,12 +284,15 @@ $pidfile = '/run/mysqld/mysqld.pid' $root_group = 'root' $mysql_group = 'mysql' + $mycnf_owner = undef + $mycnf_group = undef $server_service_name = 'mysql' $socket = '/run/mysqld/mysqld.sock' $ssl_ca = '/etc/mysql/cacert.pem' $ssl_cert = '/etc/mysql/server-cert.pem' $ssl_key = '/etc/mysql/server-key.pem' $tmpdir = '/tmp' + $managed_dirs = undef # mysql::bindings $java_package_name = 'dev-java/jdbc-mysql' $perl_package_name = 'dev-perl/DBD-mysql' @@ -292,8 +302,8 @@ } 'FreeBSD': { - $client_package_name = 'databases/mysql56-client' - $server_package_name = 'databases/mysql56-server' + $client_package_name = 'databases/mysql57-client' + $server_package_name = 'databases/mysql57-server' $basedir = '/usr/local' $config_file = '/usr/local/etc/my.cnf' $includedir = '/usr/local/etc/my.cnf.d' @@ -302,12 +312,15 @@ $pidfile = '/var/run/mysql.pid' $root_group = 'wheel' $mysql_group = 'mysql' + $mycnf_owner = undef + $mycnf_group = undef $server_service_name = 'mysql-server' $socket = '/var/db/mysql/mysql.sock' $ssl_ca = undef $ssl_cert = undef $ssl_key = undef $tmpdir = '/tmp' + $managed_dirs = undef # mysql::bindings $java_package_name = 'databases/mysql-connector-java' $perl_package_name = 'p5-DBD-mysql' @@ -330,12 +343,15 @@ $pidfile = '/var/mysql/mysql.pid' $root_group = 'wheel' $mysql_group = '_mysql' + $mycnf_owner = undef + $mycnf_group = undef $server_service_name = 'mysqld' $socket = '/var/run/mysql/mysql.sock' $ssl_ca = undef $ssl_cert = undef $ssl_key = undef $tmpdir = '/tmp' + $managed_dirs = undef # mysql::bindings $java_package_name = undef $perl_package_name = 'p5-DBD-mysql' @@ -362,6 +378,7 @@ $ssl_cert = undef $ssl_key = undef $tmpdir = '/tmp' + $managed_dirs = undef # mysql::bindings $java_package_name = undef $perl_package_name = undef @@ -385,12 +402,15 @@ $pidfile = '/run/mysqld/mysqld.pid' $root_group = 'root' $mysql_group = 'mysql' + $mycnf_owner = undef + $mycnf_group = undef $server_service_name = 'mariadb' $socket = '/run/mysqld/mysqld.sock' $ssl_ca = '/etc/mysql/cacert.pem' $ssl_cert = '/etc/mysql/server-cert.pem' $ssl_key = '/etc/mysql/server-key.pem' $tmpdir = '/tmp' + $managed_dirs = undef $java_package_name = undef $perl_package_name = 'perl-dbd-mysql' $php_package_name = 'php7-mysqlnd' @@ -410,12 +430,15 @@ $pidfile = '/var/run/mysqld/mysqld.pid' $root_group = 'root' $mysql_group = 'mysql' + $mycnf_owner = undef + $mycnf_group = undef $server_service_name = 'mysqld' $socket = '/var/lib/mysql/mysql.sock' $ssl_ca = '/etc/mysql/cacert.pem' $ssl_cert = '/etc/mysql/server-cert.pem' $ssl_key = '/etc/mysql/server-key.pem' $tmpdir = '/tmp' + $managed_dirs = undef # mysql::bindings $java_package_name = 'mysql-connector-java' $perl_package_name = 'perl-DBD-MySQL' @@ -428,8 +451,7 @@ } default: { - fail(translate('Unsupported platform: puppetlabs-%{module_name} currently doesn\'t support %{osfamily} or %{os}.', - {'module_name' => $module_name, 'os' => $::operatingsystem, 'osfamily' => $::osfamily})) + fail("Unsupported platform: puppetlabs-${module_name} currently doesn\'t support ${::osfamily} or ${::operatingsystem}.") } } } @@ -437,17 +459,14 @@ case $::operatingsystem { 'Ubuntu': { - # lint:ignore:only_variable_string - if versioncmp("${::operatingsystemmajrelease}", '14.10') > 0 { - # lint:endignore - $server_service_provider = 'systemd' - } else { - $server_service_provider = 'upstart' - } + $server_service_provider = 'systemd' } 'Alpine': { $server_service_provider = 'rc-service' } + 'FreeBSD': { + $server_service_provider = 'freebsd' + } default: { $server_service_provider = undef } @@ -518,8 +537,14 @@ }, } + if defined('$xtrabackup_package_name_override') { + $xtrabackup_package_name = pick($xtrabackup_package_name_override, $xtrabackup_package_name_default) + } else { + $xtrabackup_package_name = $xtrabackup_package_name_default + } + ## Additional graceful failures if $::osfamily == 'RedHat' and $::operatingsystemmajrelease == '4' and $::operatingsystem != 'Amazon' { - fail(translate('Unsupported platform: puppetlabs-%{module_name} only supports RedHat 5.0 and beyond.', {'module_name' => $module_name})) + fail("Unsupported platform: puppetlabs-${module_name} only supports RedHat 6.0 and beyond.") } }
--- a/modules/mysql/manifests/server.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/manifests/server.pp Mon Jan 03 17:16:21 2022 +0000 @@ -11,6 +11,8 @@ # # @param config_file # The location, as a path, of the MySQL configuration file. +# @param config_file_mode +# The MySQL configuration file's permissions mode. # @param includedir # The location, as a path, of !includedir for custom configuration overrides. # @param install_options @@ -19,6 +21,8 @@ # Path to secret file containing temporary root password. # @param manage_config_file # Whether the MySQL configuration file should be managed. Valid values are `true`, `false`. Defaults to `true`. +# @param options +# A hash of options structured like the override_options, but not merged with the default options. Use this if you don't want your options merged with the default options. # @param override_options # Specifies override options to pass into MySQL. Structured like a hash in the my.cnf file: See above for usage details. # @param package_ensure @@ -27,6 +31,10 @@ # Whether to manage the MySQL server package. Defaults to `true`. # @param package_name # The name of the MySQL server package to install. +# @param package_provider +# Define a specific provider for package install. +# @param package_source +# The location of the package source (require for some package provider) # @param purge_conf_dir # Whether the `includedir` directory should be purged. Valid values are `true`, `false`. Defaults to `false`. # @param remove_default_accounts @@ -37,6 +45,10 @@ # The name of the group used for root. Can be a group name or a group ID. See more about the [group](https://docs.puppetlabs.com/references/latest/type.html#file-attribute-group). # @param mysql_group # The name of the group of the MySQL daemon user. Can be a group name or a group ID. See more about the [group](https://docs.puppetlabs.com/references/latest/type.html#file-attribute-group). +# @param mycnf_owner +# Name or user-id who owns the mysql-config-file. +# @param mycnf_group +# Name or group-id which owns the mysql-config-file. # @param root_password # The MySQL root password. Puppet attempts to set the root password and update `/root/.my.cnf` with it. This is required if `create_root_user` or `create_root_my_cnf` are true. If `root_password` is 'UNSET', then `create_root_user` and `create_root_my_cnf` are assumed to be false --- that is, the MySQL root user and `/root/.my.cnf` are not created. Password changes are supported; however, the old password must be set in `/root/.my.cnf`. Effectively, Puppet uses the old password, configured in `/root/my.cnf`, to set the new password in MySQL, and then updates `/root/.my.cnf` with the new password. # @param service_enabled @@ -52,11 +64,11 @@ # @param create_root_my_cnf # Whether to create `/root/.my.cnf`. Valid values are `true`, `false`. Defaults to `true`. `create_root_my_cnf` allows creation of `/root/.my.cnf` independently of `create_root_user`. You can use this for a cluster setup with Galera where you want `/root/.my.cnf` to exist on all nodes. # @param users -# Optional hash of users to create, which are passed to [mysql_user](#mysql_user). +# Optional hash of users to create, which are passed to [mysql_user](#mysql_user). # @param grants -# Optional hash of grants, which are passed to [mysql_grant](#mysql_grant). +# Optional hash of grants, which are passed to [mysql_grant](#mysql_grant). # @param databases -# Optional hash of databases to create, which are passed to [mysql_database](#mysql_database). +# Optional hash of databases to create, which are passed to [mysql_database](#mysql_database). # @param enabled # _Deprecated_ # @param manage_service @@ -66,20 +78,27 @@ # class mysql::server ( $config_file = $mysql::params::config_file, + $config_file_mode = $mysql::params::config_file_mode, $includedir = $mysql::params::includedir, $install_options = undef, $install_secret_file = $mysql::params::install_secret_file, $manage_config_file = $mysql::params::manage_config_file, + Mysql::Options $options = {}, $override_options = {}, $package_ensure = $mysql::params::server_package_ensure, $package_manage = $mysql::params::server_package_manage, $package_name = $mysql::params::server_package_name, + $package_provider = undef, + $package_source = undef, $purge_conf_dir = $mysql::params::purge_conf_dir, $remove_default_accounts = false, $restart = $mysql::params::restart, $root_group = $mysql::params::root_group, + $managed_dirs = $mysql::params::managed_dirs, $mysql_group = $mysql::params::mysql_group, - $root_password = $mysql::params::root_password, + $mycnf_owner = $mysql::params::mycnf_owner, + $mycnf_group = $mysql::params::mycnf_group, + Variant[String, Sensitive[String]] $root_password = $mysql::params::root_password, $service_enabled = $mysql::params::server_service_enabled, $service_manage = $mysql::params::server_service_manage, $service_name = $mysql::params::server_service_name, @@ -91,13 +110,11 @@ $users = {}, $grants = {}, $databases = {}, - # Deprecated parameters $enabled = undef, $manage_service = undef, $old_root_password = undef ) inherits mysql::params { - # Deprecated parameters. if $enabled { crit('This parameter has been renamed to service_enabled.') @@ -112,24 +129,32 @@ $real_service_manage = $service_manage } if $old_root_password { - warning(translate('The `old_root_password` attribute is no longer used and will be removed in a future release.')) + warning('The `old_root_password` attribute is no longer used and will be removed in a future release.') + } + + if ! empty($options) and ! empty($override_options) { + fail('You can\'t specify $options and $override_options simultaneously, see the README section \'Customize server options\'!') } - # Create a merged together set of options. Rightmost hashes win over left. - $options = mysql::normalise_and_deepmerge($mysql::params::default_options, $override_options) + # If override_options are set, create a merged together set of options. Rightmost hashes win over left. + # If options are set, just use them. + $_options = empty($options) ? { + true => mysql::normalise_and_deepmerge($mysql::params::default_options, $override_options), + false => $options, + } Class['mysql::server::root_password'] -> Mysql::Db <| |> - include '::mysql::server::config' - include '::mysql::server::install' - include '::mysql::server::binarylog' - include '::mysql::server::installdb' - include '::mysql::server::service' - include '::mysql::server::root_password' - include '::mysql::server::providers' + include 'mysql::server::config' + include 'mysql::server::install' + include 'mysql::server::managed_dirs' + include 'mysql::server::installdb' + include 'mysql::server::service' + include 'mysql::server::root_password' + include 'mysql::server::providers' if $remove_default_accounts { - class { '::mysql::server::account_security': + class { 'mysql::server::account_security': require => Anchor['mysql::server::end'], } } @@ -145,12 +170,9 @@ Anchor['mysql::server::start'] -> Class['mysql::server::config'] -> Class['mysql::server::install'] - -> Class['mysql::server::binarylog'] + -> Class['mysql::server::managed_dirs'] -> Class['mysql::server::installdb'] -> Class['mysql::server::service'] -> Class['mysql::server::root_password'] -> Class['mysql::server::providers'] - -> Anchor['mysql::server::end'] - - -} +-> Anchor['mysql::server::end'] }
--- a/modules/mysql/manifests/server/account_security.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/manifests/server/account_security.pp Mon Jan 03 17:16:21 2022 +0000 @@ -5,27 +5,27 @@ # class mysql::server::account_security { mysql_user { - [ 'root@127.0.0.1', + ['root@127.0.0.1', 'root@::1', '@localhost', - '@%']: - ensure => 'absent', - require => Anchor['mysql::server::end'], + '@%']: + ensure => 'absent', + require => Anchor['mysql::server::end'], } if ($::fqdn != 'localhost.localdomain') { mysql_user { - [ 'root@localhost.localdomain', - '@localhost.localdomain']: - ensure => 'absent', - require => Anchor['mysql::server::end'], + ['root@localhost.localdomain', + '@localhost.localdomain']: + ensure => 'absent', + require => Anchor['mysql::server::end'], } } if ($::fqdn and $::fqdn != 'localhost') { mysql_user { - [ "root@${::fqdn}", - "@${::fqdn}"]: - ensure => 'absent', - require => Anchor['mysql::server::end'], + ["root@${::fqdn}", + "@${::fqdn}"]: + ensure => 'absent', + require => Anchor['mysql::server::end'], } } if ($::fqdn != $::hostname) {
--- a/modules/mysql/manifests/server/backup.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/manifests/server/backup.pp Mon Jan 03 17:16:21 2022 +0000 @@ -17,9 +17,9 @@ # } # # @param backupuser -# MySQL user with backup administrator privileges. +# MySQL user to create with backup administrator privileges. # @param backuppassword -# Password for `backupuser`. +# Password to create for `backupuser`. # @param backupdir # Directory to store backup. # @param backupdirmode @@ -29,7 +29,7 @@ # @param backupdirgroup # Group owner for the backup directory. This parameter is passed directly to the file resource. # @param backupcompress -# Whether or not to compress the backup (when using the mysqldump provider) +# Whether or not to compress the backup (when using the mysqldump or xtrabackup provider) # @param backupmethod # The execution binary for backing up. ex. mysqldump, xtrabackup, mariabackup # @param backup_success_file_path @@ -48,6 +48,8 @@ # Dump stored routines (procedures and functions) from dumped databases when doing a `file_per_database` backup. # @param include_triggers # Dump triggers for each dumped table when doing a `file_per_database` backup. +# @param incremental_backups +# A flag to activate/deactivate incremental backups. Currently only supported by the xtrabackup provider. # @param ensure # @param time # An array of two elements to set the backup time. Allows ['23', '5'] (i.e., 23:05) or ['3', '45'] (i.e., 03:45) for HH:MM times. @@ -63,9 +65,16 @@ # Defines the maximum SQL statement size for the backup dump script. The default value is 1MB, as this is the default MySQL Server value. # @param optional_args # Specifies an array of optional arguments which should be passed through to the backup tool. (Supported by the xtrabackup and mysqldump providers.) +# @param install_cron +# Manage installation of cron package +# @param compression_command +# Configure the command used to compress the backup (when using the mysqldump provider). Make sure the command exists +# on the target system. Packages for it are NOT automatically installed. +# @param compression_extension +# Configure the file extension for the compressed backup (when using the mysqldump provider) class mysql::server::backup ( $backupuser = undef, - $backuppassword = undef, + Optional[Variant[String, Sensitive[String]]] $backuppassword = undef, $backupdir = undef, $backupdirmode = '0700', $backupdirowner = 'root', @@ -88,38 +97,44 @@ $provider = 'mysqldump', $maxallowedpacket = '1M', $optional_args = [], + $incremental_backups = true, + $install_cron = true, + $compression_command = undef, + $compression_extension = undef ) inherits mysql::params { - if $prescript and $provider =~ /(mysqldump|mysqlbackup)/ { - warning(translate("The 'prescript' option is not currently implemented for the %{provider} backup provider.", - {'provider' => $provider})) + warning("The 'prescript' option is not currently implemented for the ${provider} backup provider.") } create_resources('class', { - "mysql::backup::${provider}" => { - 'backupuser' => $backupuser, - 'backuppassword' => $backuppassword, - 'backupdir' => $backupdir, - 'backupdirmode' => $backupdirmode, - 'backupdirowner' => $backupdirowner, - 'backupdirgroup' => $backupdirgroup, - 'backupcompress' => $backupcompress, - 'backuprotate' => $backuprotate, - 'backupmethod' => $backupmethod, - 'backup_success_file_path' => $backup_success_file_path, - 'ignore_events' => $ignore_events, - 'delete_before_dump' => $delete_before_dump, - 'backupdatabases' => $backupdatabases, - 'file_per_database' => $file_per_database, - 'include_routines' => $include_routines, - 'include_triggers' => $include_triggers, - 'ensure' => $ensure, - 'time' => $time, - 'prescript' => $prescript, - 'postscript' => $postscript, - 'execpath' => $execpath, - 'maxallowedpacket' => $maxallowedpacket, - 'optional_args' => $optional_args, - } + "mysql::backup::${provider}" => { + 'backupuser' => $backupuser, + 'backuppassword' => $backuppassword, + 'backupdir' => $backupdir, + 'backupdirmode' => $backupdirmode, + 'backupdirowner' => $backupdirowner, + 'backupdirgroup' => $backupdirgroup, + 'backupcompress' => $backupcompress, + 'backuprotate' => $backuprotate, + 'backupmethod' => $backupmethod, + 'backup_success_file_path' => $backup_success_file_path, + 'ignore_events' => $ignore_events, + 'delete_before_dump' => $delete_before_dump, + 'backupdatabases' => $backupdatabases, + 'file_per_database' => $file_per_database, + 'include_routines' => $include_routines, + 'include_triggers' => $include_triggers, + 'ensure' => $ensure, + 'time' => $time, + 'prescript' => $prescript, + 'postscript' => $postscript, + 'execpath' => $execpath, + 'maxallowedpacket' => $maxallowedpacket, + 'optional_args' => $optional_args, + 'incremental_backups' => $incremental_backups, + 'install_cron' => $install_cron, + 'compression_command' => $compression_command, + 'compression_extension' => $compression_extension, + } }) }
--- a/modules/mysql/manifests/server/binarylog.pp Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,26 +0,0 @@ -# @summary -# Binary log configuration requires the mysql user to be present. This must be done after package install -# -# @api private -# -class mysql::server::binarylog { - - $options = $mysql::server::options - $includedir = $mysql::server::includedir - - $logbin = pick($options['mysqld']['log-bin'], $options['mysqld']['log_bin'], false) - - if $logbin { - $logbindir = dirname($logbin) - - #Stop puppet from managing directory if just a filename/prefix is specified - if $logbindir != '.' { - file { $logbindir: - ensure => directory, - mode => '0755', - owner => $options['mysqld']['user'], - group => $options['mysqld']['user'], - } - } - } -}
--- a/modules/mysql/manifests/server/config.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/manifests/server/config.pp Mon Jan 03 17:16:21 2022 +0000 @@ -4,9 +4,9 @@ # @api private # class mysql::server::config { - - $options = $mysql::server::options + $options = $mysql::server::_options $includedir = $mysql::server::includedir + $managed_dirs = $mysql::server::managed_dirs File { owner => 'root', @@ -33,11 +33,36 @@ } } - if $mysql::server::manage_config_file { + #Debian: Creating world readable directories before installing. + case $::operatingsystem { + 'Debian': { + if $managed_dirs { + $managed_dirs.each | $entry | { + $dir = $options['mysqld']["${entry}"] + if ( $dir and $dir != '/usr' and $dir != '/tmp' ) { + exec { "${entry}-managed_dir-mkdir": + command => "/bin/mkdir -p ${dir}", + unless => "/usr/bin/dpkg -s ${mysql::server::package_name}", + notify => Exec["${entry}-managed_dir-chmod"], + } + exec { "${entry}-managed_dir-chmod": + command => "/bin/chmod 777 ${dir}", + refreshonly => true, + } + } + } + } + } + default: {} + } + + if $mysql::server::manage_config_file { file { 'mysql-config-file': path => $mysql::server::config_file, content => template('mysql/my.cnf.erb'), - mode => '0644', + mode => $mysql::server::config_file_mode, + owner => $mysql::server::mycnf_owner, + group => $mysql::server::mycnf_group, selinux_ignore_defaults => true, } @@ -49,7 +74,7 @@ # We then check that the value of $includedir is either undefined or that different from $configparentdir # We first check that it is undefined due to dirname throwing an error when given undef/empty strings if $includedir == undef or $includedir == '' or - ($configparentdir != $includedir and $configparentdir != dirname($includedir)) { + ($configparentdir != $includedir and $configparentdir != dirname($includedir)) { file { $configparentdir: ensure => directory, mode => '0755', @@ -59,9 +84,9 @@ } if $options['mysqld']['ssl-disable'] { - notify {'ssl-disable': - message =>'Disabling SSL is evil! You should never ever do this except - if you are forced to use a mysql version compiled without SSL support' + notify { 'ssl-disable': + message => 'Disabling SSL is evil! You should never ever do this except + if you are forced to use a mysql version compiled without SSL support', } } }
--- a/modules/mysql/manifests/server/install.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/manifests/server/install.pp Mon Jan 03 17:16:21 2022 +0000 @@ -1,17 +1,16 @@ -# @summary +# @summary # Private class for managing MySQL package. # # @api private # class mysql::server::install { - if $mysql::server::package_manage { - package { 'mysql-server': ensure => $mysql::server::package_ensure, install_options => $mysql::server::install_options, name => $mysql::server::package_name, + provider => $mysql::server::package_provider, + source => $mysql::server::package_source, } } - }
--- a/modules/mysql/manifests/server/installdb.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/manifests/server/installdb.pp Mon Jan 03 17:16:21 2022 +0000 @@ -1,19 +1,18 @@ -# @summary +# @summary # Builds initial databases on installation. # # @api private # class mysql::server::installdb { - $options = $mysql::server::options + $options = $mysql::server::_options if $mysql::server::package_manage { - # Build the initial databases. - $mysqluser = $mysql::server::options['mysqld']['user'] - $datadir = $mysql::server::options['mysqld']['datadir'] - $basedir = $mysql::server::options['mysqld']['basedir'] + $mysqluser = $mysql::server::_options['mysqld']['user'] + $datadir = $mysql::server::_options['mysqld']['datadir'] + $basedir = $mysql::server::_options['mysqld']['basedir'] $config_file = $mysql::server::config_file - $log_error = $mysql::server::options['mysqld']['log-error'] + $log_error = $mysql::server::_options['mysqld']['log-error'] if $mysql::server::manage_config_file and $config_file != $mysql::params::config_file { $_config_file=$config_file @@ -21,15 +20,15 @@ $_config_file=undef } - if $options['mysqld']['log-error'] { - file { $options['mysqld']['log-error']: - ensure => present, - owner => $mysqluser, - group => $::mysql::server::mysql_group, - mode => 'u+rw', - before => Mysql_datadir[ $datadir ], + if $options['mysqld']['log-error'] { + file { $options['mysqld']['log-error']: + ensure => file, + owner => $mysqluser, + group => $mysql::server::mysql_group, + mode => 'u+rw', + before => Mysql_datadir[$datadir], + } } - } mysql_datadir { $datadir: ensure => 'present', @@ -46,5 +45,4 @@ } } } - }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/modules/mysql/manifests/server/managed_dirs.pp Mon Jan 03 17:16:21 2022 +0000 @@ -0,0 +1,45 @@ +# @summary +# Binary log configuration requires the mysql user to be present. This must be done after package install. +# +# @api private +# +class mysql::server::managed_dirs { + $options = $mysql::server::_options + $includedir = $mysql::server::includedir + $managed_dirs = $mysql::server::managed_dirs + + #Debian: Fix permission on directories + if $managed_dirs { + $managed_dirs_path = $managed_dirs.map |$path| { $options['mysqld']["${path}"] } + $managed_dirs.each | $entry | { + $dir = $options['mysqld']["${entry}"] + if ( $dir and $dir != '/usr' and $dir != '/tmp' ) { + file { "${entry}-managed_dir": + ensure => directory, + path => $dir, + mode => '0700', + owner => $options['mysqld']['user'], + group => $options['mysqld']['user'], + } + } + } + } else { + $managed_dirs_path = [] + } + + $logbin = pick($options['mysqld']['log-bin'], $options['mysqld']['log_bin'], false) + + if $logbin { + $logbindir = dirname($logbin) + + #Stop puppet from managing directory if just a filename/prefix is specified or is not already managed + if (!($logbindir == '.' or $logbindir in $managed_dirs_path)) { + file { $logbindir: + ensure => directory, + mode => '0700', + owner => $options['mysqld']['user'], + group => $options['mysqld']['user'], + } + } + } +}
--- a/modules/mysql/manifests/server/monitor.pp Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,33 +0,0 @@ -# @summary -# This is a helper class to add a monitoring user to the database -# -# @param mysql_monitor_username -# The username to create for MySQL monitoring. -# @param mysql_monitor_password -# The password to create for MySQL monitoring. -# @param mysql_monitor_hostname -# The hostname from which the monitoring user requests are allowed access. -# -class mysql::server::monitor ( - $mysql_monitor_username = '', - $mysql_monitor_password = '', - $mysql_monitor_hostname = '' -) { - - Anchor['mysql::server::end'] -> Class['mysql::server::monitor'] - - mysql_user { "${mysql_monitor_username}@${mysql_monitor_hostname}": - ensure => present, - password_hash => mysql::password($mysql_monitor_password), - require => Class['mysql::server::service'], - } - - mysql_grant { "${mysql_monitor_username}@${mysql_monitor_hostname}/*.*": - ensure => present, - user => "${mysql_monitor_username}@${mysql_monitor_hostname}", - table => '*.*', - privileges => [ 'PROCESS', 'SUPER' ], - require => Mysql_user["${mysql_monitor_username}@${mysql_monitor_hostname}"], - } - -}
--- a/modules/mysql/manifests/server/mysqltuner.pp Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,28 +0,0 @@ -# @summary -# Manage the MySQLTuner package. -# -# @param ensure -# Ensures that the resource exists. Valid values are 'present', 'absent'. Defaults to 'present'. -# @param version -# The version to install from the major/MySQLTuner-perl github repository. Must be a valid tag. Defaults to 'v1.3.0'. -# @param source -# Source path for the mysqltuner package. -# @param tuner_location -# Destination for the mysqltuner package. -class mysql::server::mysqltuner( - $ensure = 'present', - $version = 'v1.3.0', - $source = undef, - $tuner_location = '/usr/local/bin/mysqltuner', -) { - if $source { - $_source = $source - } else { - $_source = "https://github.com/major/MySQLTuner-perl/raw/${version}/mysqltuner.pl" - } - file { $tuner_location: - ensure => $ensure, - mode => '0550', - source => $_source, - } -}
--- a/modules/mysql/manifests/server/root_password.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/manifests/server/root_password.pp Mon Jan 03 17:16:21 2022 +0000 @@ -1,11 +1,21 @@ -# @summary +# @summary # Private class for managing the root password # # @api private # class mysql::server::root_password { + if $mysql::server::root_password =~ Sensitive { + $root_password = $mysql::server::root_password.unwrap + } else { + $root_password = $mysql::server::root_password + } + if $root_password == 'UNSET' { + $root_password_set = false + } else { + $root_password_set = true + } - $options = $mysql::server::options + $options = $mysql::server::_options $secret_file = $mysql::server::install_secret_file $login_file = $mysql::server::login_file @@ -14,25 +24,26 @@ # below exec will remove this default password. If the user has supplied a root # password it will be set further down with the mysql_user resource. $rm_pass_cmd = join([ - "mysqladmin -u root --password=\$(grep -o '[^ ]\\+\$' ${secret_file}) password ''", - "rm -f ${secret_file}" + "mysqladmin -u root --password=\$(grep -o '[^ ]\\+\$' ${secret_file}) password ''", + "rm -f ${secret_file}", ], ' && ') exec { 'remove install pass': command => $rm_pass_cmd, onlyif => "test -f ${secret_file}", - path => '/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin' + path => '/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin', } # manage root password if it is set - if $mysql::server::create_root_user == true and $mysql::server::root_password != 'UNSET' { + if $mysql::server::create_root_user and $root_password_set { mysql_user { 'root@localhost': ensure => present, password_hash => mysql::password($mysql::server::root_password), - require => Exec['remove install pass'] + require => Exec['remove install pass'], } } - if $mysql::server::create_root_my_cnf == true and $mysql::server::root_password != 'UNSET' { + if $mysql::server::create_root_my_cnf and $root_password_set { + # TODO: use EPP instead of ERB, as EPP can handle Data of Type Sensitive without further ado file { "${::root_home}/.my.cnf": content => template('mysql/my.cnf.pass.erb'), owner => 'root', @@ -43,12 +54,12 @@ if versioncmp($::puppetversion, '3.0') >= 0 { File["${::root_home}/.my.cnf"] { show_diff => false } } - if $mysql::server::create_root_user == true { + if $mysql::server::create_root_user { Mysql_user['root@localhost'] -> File["${::root_home}/.my.cnf"] } } - if $mysql::server::create_root_login_file == true and $mysql::server::root_password != 'UNSET' { + if $mysql::server::create_root_login_file and $root_password_set { file { "${::root_home}/.mylogin.cnf": source => $login_file, owner => 'root',
--- a/modules/mysql/manifests/server/service.pp Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/manifests/server/service.pp Mon Jan 03 17:16:21 2022 +0000 @@ -4,7 +4,7 @@ # @api private # class mysql::server::service { - $options = $mysql::server::options + $options = $mysql::server::_options if $mysql::server::real_service_manage { if $mysql::server::real_service_enabled { @@ -17,7 +17,7 @@ } if $mysql::server::override_options and $mysql::server::override_options['mysqld'] - and $mysql::server::override_options['mysqld']['user'] { + and $mysql::server::override_options['mysqld']['user'] { $mysqluser = $mysql::server::override_options['mysqld']['user'] } else { $mysqluser = $options['mysqld']['user'] @@ -46,7 +46,7 @@ } if $mysql::server::override_options and $mysql::server::override_options['mysqld'] - and $mysql::server::override_options['mysqld']['socket'] { + and $mysql::server::override_options['mysqld']['socket'] { $mysqlsocket = $mysql::server::override_options['mysqld']['socket'] } else { $mysqlsocket = $options['mysqld']['socket']
--- a/modules/mysql/metadata.json Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/metadata.json Mon Jan 03 17:16:21 2022 +0000 @@ -1,6 +1,6 @@ { "name": "puppetlabs-mysql", - "version": "10.3.0", + "version": "12.0.1", "author": "puppetlabs", "summary": "Installs, configures, and manages the MySQL service.", "license": "Apache-2.0", @@ -10,19 +10,13 @@ "dependencies": [ { "name": "puppetlabs/stdlib", - "version_requirement": ">= 3.2.0 < 7.0.0" - }, - { - "name": "puppetlabs/translate", - "version_requirement": ">= 1.0.0 < 3.0.0" + "version_requirement": ">= 3.2.0 < 9.0.0" } ], - "data_provider": null, "operatingsystem_support": [ { "operatingsystem": "RedHat", "operatingsystemrelease": [ - "5", "6", "7", "8" @@ -31,7 +25,6 @@ { "operatingsystem": "CentOS", "operatingsystemrelease": [ - "5", "6", "7", "8" @@ -40,7 +33,6 @@ { "operatingsystem": "OracleLinux", "operatingsystemrelease": [ - "5", "6", "7" ] @@ -55,36 +47,27 @@ { "operatingsystem": "SLES", "operatingsystemrelease": [ - "11", "12", "15" ] }, { - "operatingsystem": "Debian", - "operatingsystemrelease": [ - "8", - "9", - "10" - ] - }, - { "operatingsystem": "Ubuntu", "operatingsystemrelease": [ - "14.04", "16.04", - "18.04" + "18.04", + "20.04" ] } ], "requirements": [ { "name": "puppet", - "version_requirement": ">= 5.5.10 < 7.0.0" + "version_requirement": ">= 6.0.0 < 8.0.0" } ], "description": "MySQL module", - "template-url": "https://github.com/puppetlabs/pdk-templates#master", - "template-ref": "heads/master-0-g643529a", - "pdk-version": "1.14.1" + "template-url": "https://github.com/puppetlabs/pdk-templates#main", + "template-ref": "heads/main-0-g51828b4", + "pdk-version": "2.2.0" }
--- a/modules/mysql/provision.yaml Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/provision.yaml Mon Jan 03 17:16:21 2022 +0000 @@ -1,22 +1,88 @@ --- default: provisioner: docker_exp - images: ['waffleimage/centos7'] + images: + - litmusimage/centos:7 +vagrant: + provisioner: vagrant + images: + - centos/7 + - generic/ubuntu1804 travis_deb: provisioner: docker - images: ['waffleimage/debian8', 'waffleimage/debian9', 'waffleimage/ubuntu14.04', 'waffleimage/ubuntu16.04', 'waffleimage/ubuntu18.04'] -travis_el6: - provisioner: docker_exp - images: ['waffleimage/centos6', 'waffleimage/scientificlinux6'] + images: + - litmusimage/debian:9 + - litmusimage/debian:10 +travis_ub_5: + provisioner: docker + images: + - litmusimage/ubuntu:16.04 + - litmusimage/ubuntu:18.04 +travis_ub_6: + provisioner: docker + images: + - litmusimage/ubuntu:16.04 + - litmusimage/ubuntu:18.04 + - litmusimage/ubuntu:20.04 travis_el7: provisioner: docker_exp - images: ['litmusimage/centos:7', 'litmusimage/oraclelinux:7', 'litmusimage/scientificlinux:7'] + images: + - litmusimage/centos:7 + - litmusimage/oraclelinux:7 + - litmusimage/scientificlinux:7 travis_el8: - provisioner: docker_exp - images: ['litmusimage/centos:8'] -vagrant: - provisioner: vagrant - images: ['centos/7', 'generic/ubuntu1804'] -release_checks: - provisioner: vmpooler - images: ['redhat-5-x86_64', 'redhat-6-x86_64', 'redhat-7-x86_64', 'redhat-8-x86_64', 'centos-5-x86_64', 'centos-6-x86_64', 'centos-7-x86_64', 'centos-8-x86_64', 'oracle-5-x86_64', 'oracle-6-x86_64', 'oracle-7-x86_64', 'scientific-6-x86_64', 'scientific-7-x86_64', 'debian-8-x86_64', 'debian-9-x86_64', 'debian-10-x86_64', 'sles-11-x86_64', 'ubuntu-1404-x86_64', 'ubuntu-1604-x86_64', 'ubuntu-1804-x86_64'] + provisioner: docker + images: + - litmusimage/centos:8 +release_checks_5: + provisioner: abs + images: + - redhat-6-x86_64 + - redhat-7-x86_64 + - redhat-8-x86_64 + - centos-6-x86_64 + - centos-7-x86_64 + - centos-8-x86_64 + - oracle-5-x86_64 + - oracle-6-x86_64 + - oracle-7-x86_64 + - scientific-6-x86_64 + - scientific-7-x86_64 + - debian-9-x86_64 + - debian-10-x86_64 + - ubuntu-1604-x86_64 + - ubuntu-1804-x86_64 +release_checks_6: + provisioner: abs + images: + - redhat-6-x86_64 + - redhat-7-x86_64 + - redhat-8-x86_64 + - centos-6-x86_64 + - centos-7-x86_64 + - centos-8-x86_64 + - oracle-5-x86_64 + - oracle-6-x86_64 + - oracle-7-x86_64 + - scientific-6-x86_64 + - scientific-7-x86_64 + - debian-9-x86_64 + - debian-10-x86_64 + - ubuntu-1604-x86_64 + - ubuntu-1804-x86_64 + - ubuntu-2004-x86_64 +release_checks_7: + provisioner: abs + images: + - redhat-7-x86_64 + - redhat-8-x86_64 + - centos-7-x86_64 + - centos-8-x86_64 + - oracle-7-x86_64 + - scientific-7-x86_64 + - sles-12-x86_64 + - sles-15-x86_64 + - debian-9-x86_64 + - debian-10-x86_64 + - ubuntu-1804-x86_64 + - ubuntu-2004-x86_64
--- a/modules/mysql/readmes/README_ja_JP.md Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/readmes/README_ja_JP.md Mon Jan 03 17:16:21 2022 +0000 @@ -513,7 +513,7 @@ ## 制約事項 -サポートされているオペレーティングシステムの一覧については、[metadata.json](https://github.com/puppetlabs/puppetlabs-mysql/blob/master/metadata.json)を参照してください。 +サポートされているオペレーティングシステムの一覧については、[metadata.json](https://github.com/puppetlabs/puppetlabs-mysql/blob/main/metadata.json)を参照してください。 **注意:** mysqlbackup.shは、MySQL 5.7以降では動作せず、サポートされていません。
--- a/modules/mysql/spec/acceptance/mysql_backup_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,136 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'mysql::server::backup class' do - context 'should work with no errors' do - pp = <<-MANIFEST - class { 'mysql::server': root_password => 'password' } - mysql::db { [ - 'backup1', - 'backup2' - ]: - user => 'backup', - password => 'secret', - } - - class { 'mysql::server::backup': - backupuser => 'myuser', - backuppassword => 'mypassword', - backupdir => '/tmp/backups', - backupcompress => true, - postscript => [ - 'rm -rf /var/tmp/mysqlbackups', - 'rm -f /var/tmp/mysqlbackups.done', - 'cp -r /tmp/backups /var/tmp/mysqlbackups', - 'touch /var/tmp/mysqlbackups.done', - ], - execpath => '/usr/bin:/usr/sbin:/bin:/sbin:/opt/zimbra/bin', - } - MANIFEST - it 'when configuring mysql backups' do - idempotent_apply(pp) - end - end - - describe 'mysqlbackup.sh', if: Gem::Version.new(mysql_version) < Gem::Version.new('5.7.0') do - before(:all) do - pre_run - end - - it 'runs mysqlbackup.sh with no errors' do - run_shell('/usr/local/sbin/mysqlbackup.sh') do |r| - expect(r.stderr).to eq('') - end - end - - it 'dumps all databases to single file' do - run_shell('ls -l /tmp/backups/mysql_backup_*-*.sql.bz2 | wc -l') do |r| - expect(r.stdout).to match(%r{1}) - expect(r.exit_code).to be_zero - end - end - - context 'should create one file per database per run' do - it 'executes mysqlbackup.sh a second time' do - run_shell('sleep 1') - run_shell('/usr/local/sbin/mysqlbackup.sh') - end - - it 'creates at least one backup tarball' do - run_shell('ls -l /tmp/backups/mysql_backup_*-*.sql.bz2 | wc -l') do |r| - expect(r.stdout).to match(%r{2}) - expect(r.exit_code).to be_zero - end - end - end - end - # rubocop:enable RSpec/MultipleExpectations, RSpec/ExampleLength -end - -context 'with one file per database' do - context 'should work with no errors' do - pp = <<-MANIFEST - class { 'mysql::server': root_password => 'password' } - mysql::db { [ - 'backup1', - 'backup2' - ]: - user => 'backup', - password => 'secret', - } - - class { 'mysql::server::backup': - backupuser => 'myuser', - backuppassword => 'mypassword', - backupdir => '/tmp/backups', - backupcompress => true, - file_per_database => true, - postscript => [ - 'rm -rf /var/tmp/mysqlbackups', - 'rm -f /var/tmp/mysqlbackups.done', - 'cp -r /tmp/backups /var/tmp/mysqlbackups', - 'touch /var/tmp/mysqlbackups.done', - ], - execpath => '/usr/bin:/usr/sbin:/bin:/sbin:/opt/zimbra/bin', - } - MANIFEST - it 'when configuring mysql backups' do - idempotent_apply(pp) - end - end - - describe 'mysqlbackup.sh', if: Gem::Version.new(mysql_version) < Gem::Version.new('5.7.0') do - before(:all) do - pre_run - end - - it 'runs mysqlbackup.sh with no errors without root credentials' do - run_shell('HOME=/tmp/dontreadrootcredentials /usr/local/sbin/mysqlbackup.sh') do |r| - expect(r.stderr).to eq('') - end - end - - it 'creates one file per database' do - ['backup1', 'backup2'].each do |database| - run_shell("ls -l /tmp/backups/mysql_backup_#{database}_*-*.sql.bz2 | wc -l") do |r| - expect(r.stdout).to match(%r{1}) - expect(r.exit_code).to be_zero - end - end - end - - it 'executes mysqlbackup.sh a second time' do - run_shell('sleep 1') - run_shell('HOME=/tmp/dontreadrootcredentials /usr/local/sbin/mysqlbackup.sh') - end - - it 'has one file per database per run' do - ['backup1', 'backup2'].each do |database| - run_shell("ls -l /tmp/backups/mysql_backup_#{database}_*-*.sql.bz2 | wc -l") do |r| - expect(r.stdout).to match(%r{2}) - expect(r.exit_code).to be_zero - end - end - end - # rubocop:enable RSpec/MultipleExpectations, RSpec/ExampleLength - end -end
--- a/modules/mysql/spec/acceptance/mysql_db_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,81 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'mysql::db define' do - describe 'creating a database' do - let(:pp) do - <<-MANIFEST - class { 'mysql::server': - root_password => 'password', - service_enabled => 'true', - service_manage => 'true', - } - mysql::db { 'spec1': - user => 'root1', - password => 'password', - } - MANIFEST - end - - it 'behaves idempotently' do - idempotent_apply(pp) - end - - it 'Checking exit code and stdout' do - result = run_shell("mysql -e 'show databases;'") - expect(result.exit_code).to eq 0 - expect(result.stdout).to match %r{^spec1$} - end - end - - describe 'creating a database with post-sql' do - let(:pp) do - <<-MANIFEST - class { 'mysql::server': override_options => { 'root_password' => 'password' } } - file { '/tmp/spec.sql': - ensure => file, - content => 'CREATE TABLE table1 (id int);', - before => Mysql::Db['spec2'], - } - mysql::db { 'spec2': - user => 'root1', - password => 'password', - sql => '/tmp/spec.sql', - } - MANIFEST - end - - it 'behaves idempotently' do - idempotent_apply(pp) - end - - it 'Checking exit code and stdout' do - result = run_shell("mysql -e 'show tables;' spec2") - expect(result.exit_code).to eq 0 - expect(result.stdout).to match %r{^table1$} - end - end - - describe 'creating a database with dbname parameter' do - let(:check_command) { ' | grep realdb' } - let(:pp) do - <<-MANIFEST - class { 'mysql::server': override_options => { 'root_password' => 'password' } } - mysql::db { 'spec1': - user => 'root1', - password => 'password', - dbname => 'realdb', - } - MANIFEST - end - - it 'behaves idempotently' do - idempotent_apply(pp) - end - - it 'Checking exit code and stdout' do - result = run_shell("mysql -e 'show databases;'") - expect(result.exit_code).to eq 0 - expect(result.stdout).to match %r{^realdb$} - end - end -end
--- a/modules/mysql/spec/acceptance/mysql_server_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,64 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'mysql class' do - describe 'advanced config' do - let(:pp) do - <<-MANIFEST - class { 'mysql::server': - manage_config_file => 'true', - override_options => { 'mysqld' => { 'key_buffer_size' => '32M' }}, - package_ensure => 'present', - purge_conf_dir => 'true', - remove_default_accounts => 'true', - restart => 'true', - root_group => 'root', - root_password => 'test', - service_enabled => 'true', - service_manage => 'true', - users => { - 'someuser@localhost' => { - ensure => 'present', - max_connections_per_hour => '0', - max_queries_per_hour => '0', - max_updates_per_hour => '0', - max_user_connections => '0', - password_hash => '*F3A2A51A9B0F2BE2468926B4132313728C250DBF', - }}, - grants => { - 'someuser@localhost/somedb.*' => { - ensure => 'present', - options => ['GRANT'], - privileges => ['SELECT', 'INSERT', 'UPDATE', 'DELETE'], - table => 'somedb.*', - user => 'someuser@localhost', - }, - }, - databases => { - 'somedb' => { - ensure => 'present', - charset => 'utf8', - }, - } - } - MANIFEST - end - - it 'behaves idempotently' do - idempotent_apply(pp) - end - end - - describe 'syslog configuration' do - let(:pp) do - <<-MANIFEST - class { 'mysql::server': - override_options => { 'mysqld' => { 'log-error' => undef }, 'mysqld_safe' => { 'log-error' => false, 'syslog' => true }}, - } - MANIFEST - end - - it 'behaves idempotently' do - idempotent_apply(pp) - end - end -end
--- a/modules/mysql/spec/acceptance/mysql_task_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,24 +0,0 @@ -# run a test task -require 'spec_helper_acceptance' - -describe 'mysql tasks', if: os[:family] != 'sles' do - describe 'execute some sql' do - pp = <<-MANIFEST - class { 'mysql::server': root_password => 'password' } - mysql::db { 'spec1': - user => 'root1', - password => 'password', - } - MANIFEST - - it 'sets up a mysql instance' do - apply_manifest(pp, catch_failures: true) - end - - it 'execute arbitary sql' do - result = run_bolt_task('mysql::sql', 'sql' => 'show databases;', 'password' => 'password') - expect(result.stdout).to contain(%r{information_schema}) - expect(result.stdout).to contain(%r{spec1}) - end - end -end
--- a/modules/mysql/spec/acceptance/types/mysql_database_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,60 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'mysql_database' do - describe 'setup' do - pp = <<-MANIFEST - class { 'mysql::server': } - MANIFEST - it 'works with no errors' do - apply_manifest(pp, catch_failures: true) - end - end - - describe 'creating database' do - pp = <<-MANIFEST - mysql_database { 'spec_db': - ensure => present, - } - MANIFEST - it 'works without errors' do - apply_manifest(pp, catch_failures: true) - end - - it 'finds the database #stdout' do - run_shell("mysql -NBe \"SHOW DATABASES LIKE 'spec_db'\"") do |r| - expect(r.stdout).to match(%r{^spec_db$}) - expect(r.stderr).to be_empty - end - end - end - - describe 'charset and collate' do - pp = <<-MANIFEST - mysql_database { 'spec_latin1': - charset => 'latin1', - collate => 'latin1_swedish_ci', - } - mysql_database { 'spec_utf8': - charset => 'utf8', - collate => 'utf8_general_ci', - } - MANIFEST - it 'creates two db of different types idempotently' do - idempotent_apply(pp) - end - - it 'finds latin1 db #stdout' do - run_shell("mysql -NBe \"SHOW VARIABLES LIKE '%_database'\" spec_latin1") do |r| - expect(r.stdout).to match(%r{^character_set_database\tlatin1\ncollation_database\tlatin1_swedish_ci$}) - expect(r.stderr).to be_empty - end - end - - it 'finds utf8 db #stdout' do - run_shell("mysql -NBe \"SHOW VARIABLES LIKE '%_database'\" spec_utf8") do |r| - expect(r.stdout).to match(%r{^character_set_database\tutf8\ncollation_database\tutf8_general_ci$}) - expect(r.stderr).to be_empty - end - end - end -end
--- a/modules/mysql/spec/acceptance/types/mysql_grant_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,701 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'mysql_grant' do - before(:all) do - pp = <<-MANIFEST - class { 'mysql::server': - root_password => 'password', - } - MANIFEST - - apply_manifest(pp, catch_failures: true) - end - - describe 'missing privileges for user' do - pp = <<-MANIFEST - mysql_user { 'test1@tester': - ensure => present, - } - mysql_grant { 'test1@tester/test.*': - ensure => 'present', - table => 'test.*', - user => 'test1@tester', - require => Mysql_user['test1@tester'], - } - MANIFEST - it 'fails' do - result = apply_manifest(pp, expect_failures: true) - expect(result.stderr).to contain(%r{`privileges` `parameter` is required}) - end - - it 'does not find the user' do - result = run_shell('mysql -NBe "SHOW GRANTS FOR test1@tester"', expect_failures: true) - expect(result.stderr).to contain(%r{There is no such grant defined for user 'test1' on host 'tester'}) - end - end - - describe 'missing table for user' do - pp = <<-MANIFEST - mysql_user { 'atest@tester': - ensure => present, - } - mysql_grant { 'atest@tester/test.*': - ensure => 'present', - user => 'atest@tester', - privileges => ['ALL'], - require => Mysql_user['atest@tester'], - } - MANIFEST - it 'fails' do - apply_manifest(pp, expect_failures: true) - end - - it 'does not find the user' do - result = run_shell('mysql -NBe "SHOW GRANTS FOR atest@tester"', expect_failures: true) - expect(result.stderr).to contain(%r{There is no such grant defined for user 'atest' on host 'tester'}) - end - end - - describe 'adding privileges' do - pp = <<-MANIFEST - mysql_user { 'test2@tester': - ensure => present, - } - mysql_grant { 'test2@tester/test.*': - ensure => 'present', - table => 'test.*', - user => 'test2@tester', - privileges => ['SELECT', 'UPDATE'], - require => Mysql_user['test2@tester'], - } - MANIFEST - it 'works without errors' do - apply_manifest(pp, catch_failures: true) - end - - it 'finds the user #stdout' do - result = run_shell('mysql -NBe "SHOW GRANTS FOR test2@tester"') - expect(result.stdout).to contain(%r{GRANT SELECT, UPDATE.*TO 'test2'@'tester'}) - expect(result.stderr).to be_empty - end - end - - describe 'adding privileges with special character in name' do - pp = <<-MANIFEST - mysql_user { 'test-2@tester': - ensure => present, - } - mysql_grant { 'test-2@tester/test.*': - ensure => 'present', - table => 'test.*', - user => 'test-2@tester', - privileges => ['SELECT', 'UPDATE'], - require => Mysql_user['test-2@tester'], - } - MANIFEST - it 'works without errors' do - apply_manifest(pp, catch_failures: true) - end - - it 'finds the user #stdout' do - result = run_shell("mysql -NBe \"SHOW GRANTS FOR 'test-2'@tester\"") - expect(result.stdout).to contain(%r{GRANT SELECT, UPDATE.*TO 'test-2'@'tester'}) - expect(result.stderr).to be_empty - end - end - - describe 'adding option' do - pp = <<-MANIFEST - mysql_user { 'test3@tester': - ensure => present, - } - mysql_grant { 'test3@tester/test.*': - ensure => 'present', - table => 'test.*', - user => 'test3@tester', - options => ['GRANT'], - privileges => ['SELECT', 'UPDATE'], - require => Mysql_user['test3@tester'], - } - MANIFEST - it 'works without errors' do - apply_manifest(pp, catch_failures: true) - end - - it 'finds the user #stdout' do - result = run_shell('mysql -NBe "SHOW GRANTS FOR test3@tester"') - expect(result.stdout).to contain(%r{GRANT SELECT, UPDATE ON `test`.* TO 'test3'@'tester' WITH GRANT OPTION$}) - expect(result.stderr).to be_empty - end - end - - describe 'adding all privileges without table' do - pp = <<-MANIFEST - mysql_user { 'test4@tester': - ensure => present, - } - mysql_grant { 'test4@tester/test.*': - ensure => 'present', - user => 'test4@tester', - options => ['GRANT'], - privileges => ['SELECT', 'UPDATE', 'ALL'], - require => Mysql_user['test4@tester'], - } - MANIFEST - it 'fails' do - result = apply_manifest(pp, expect_failures: true) - expect(result.stderr).to contain(%r{`table` `parameter` is required.}) - end - end - - describe 'adding all privileges' do - pp = <<-MANIFEST - mysql_user { 'test4@tester': - ensure => present, - } - mysql_grant { 'test4@tester/test.*': - ensure => 'present', - table => 'test.*', - user => 'test4@tester', - options => ['GRANT'], - privileges => ['SELECT', 'UPDATE', 'ALL'], - require => Mysql_user['test4@tester'], - } - MANIFEST - it 'onlies try to apply ALL' do - apply_manifest(pp, catch_failures: true) - end - - it 'finds the user #stdout' do - result = run_shell('mysql -NBe "SHOW GRANTS FOR test4@tester"') - expect(result.stdout).to contain(%r{GRANT ALL PRIVILEGES ON `test`.* TO 'test4'@'tester' WITH GRANT OPTION}) - expect(result.stderr).to be_empty - end - end - - # Test combinations of user@host to ensure all cases work. - describe 'short hostname' do - pp = <<-MANIFEST - mysql_user { 'test@short': - ensure => present, - } - mysql_grant { 'test@short/test.*': - ensure => 'present', - table => 'test.*', - user => 'test@short', - privileges => 'ALL', - require => Mysql_user['test@short'], - } - mysql_user { 'test@long.hostname.com': - ensure => present, - } - mysql_grant { 'test@long.hostname.com/test.*': - ensure => 'present', - table => 'test.*', - user => 'test@long.hostname.com', - privileges => 'ALL', - require => Mysql_user['test@long.hostname.com'], - } - mysql_user { 'test@192.168.5.6': - ensure => present, - } - mysql_grant { 'test@192.168.5.6/test.*': - ensure => 'present', - table => 'test.*', - user => 'test@192.168.5.6', - privileges => 'ALL', - require => Mysql_user['test@192.168.5.6'], - } - mysql_user { 'test@2607:f0d0:1002:0051:0000:0000:0000:0004': - ensure => present, - } - mysql_grant { 'test@2607:f0d0:1002:0051:0000:0000:0000:0004/test.*': - ensure => 'present', - table => 'test.*', - user => 'test@2607:f0d0:1002:0051:0000:0000:0000:0004', - privileges => 'ALL', - require => Mysql_user['test@2607:f0d0:1002:0051:0000:0000:0000:0004'], - } - mysql_user { 'test@::1/128': - ensure => present, - } - mysql_grant { 'test@::1/128/test.*': - ensure => 'present', - table => 'test.*', - user => 'test@::1/128', - privileges => 'ALL', - require => Mysql_user['test@::1/128'], - } - MANIFEST - it 'applies' do - apply_manifest(pp, catch_failures: true) - end - - it 'finds short hostname #stdout' do - result = run_shell('mysql -NBe "SHOW GRANTS FOR test@short"') - expect(result.stdout).to contain(%r{GRANT ALL PRIVILEGES ON `test`.* TO 'test'@'short'}) - expect(result.stderr).to be_empty - end - - it 'finds long hostname #stdout' do - run_shell("mysql -NBe \"SHOW GRANTS FOR 'test'@'long.hostname.com'\"") do |r| - expect(r.stdout).to match(%r{GRANT ALL PRIVILEGES ON `test`.* TO 'test'@'long.hostname.com'}) - expect(r.stderr).to be_empty - end - end - - it 'finds ipv4 #stdout' do - run_shell("mysql -NBe \"SHOW GRANTS FOR 'test'@'192.168.5.6'\"") do |r| - expect(r.stdout).to match(%r{GRANT ALL PRIVILEGES ON `test`.* TO 'test'@'192.168.5.6'}) - expect(r.stderr).to be_empty - end - end - - it 'finds ipv6 #stdout' do - run_shell("mysql -NBe \"SHOW GRANTS FOR 'test'@'2607:f0d0:1002:0051:0000:0000:0000:0004'\"") do |r| - expect(r.stdout).to match(%r{GRANT ALL PRIVILEGES ON `test`.* TO 'test'@'2607:f0d0:1002:0051:0000:0000:0000:0004'}) - expect(r.stderr).to be_empty - end - end - - it 'finds short ipv6 #stdout' do - run_shell("mysql -NBe \"SHOW GRANTS FOR 'test'@'::1/128'\"") do |r| - expect(r.stdout).to match(%r{GRANT ALL PRIVILEGES ON `test`.* TO 'test'@'::1\/128'}) - expect(r.stderr).to be_empty - end - end - end - - describe 'complex test' do - pp = <<-MANIFEST - $dbSubnet = '10.10.10.%' - - mysql_database { 'foo': - ensure => present, - } - - exec { 'mysql-create-table': - command => '/usr/bin/mysql -NBe "CREATE TABLE foo.bar (name VARCHAR(20))"', - environment => "HOME=${::root_home}", - unless => '/usr/bin/mysql -NBe "SELECT 1 FROM foo.bar LIMIT 1;"', - require => Mysql_database['foo'], - } - - Mysql_grant { - ensure => present, - options => ['GRANT'], - privileges => ['ALL'], - table => '*.*', - require => [ Mysql_database['foo'], Exec['mysql-create-table'] ], - } - - mysql_user { "user1@${dbSubnet}": - ensure => present, - } - mysql_grant { "user1@${dbSubnet}/*.*": - user => "user1@${dbSubnet}", - require => Mysql_user["user1@${dbSubnet}"], - } - mysql_user { "user2@${dbSubnet}": - ensure => present, - } - mysql_grant { "user2@${dbSubnet}/foo.bar": - privileges => ['SELECT', 'INSERT', 'UPDATE'], - user => "user2@${dbSubnet}", - table => 'foo.bar', - require => Mysql_user["user2@${dbSubnet}"], - } - mysql_user { "user3@${dbSubnet}": - ensure => present, - } - mysql_grant { "user3@${dbSubnet}/foo.*": - privileges => ['SELECT', 'INSERT', 'UPDATE'], - user => "user3@${dbSubnet}", - table => 'foo.*', - require => Mysql_user["user3@${dbSubnet}"], - } - mysql_user { 'web@%': - ensure => present, - } - mysql_grant { 'web@%/*.*': - user => 'web@%', - require => Mysql_user['web@%'], - } - mysql_user { "web@${dbSubnet}": - ensure => present, - } - mysql_grant { "web@${dbSubnet}/*.*": - user => "web@${dbSubnet}", - require => Mysql_user["web@${dbSubnet}"], - } - mysql_user { "web@${fqdn}": - ensure => present, - } - mysql_grant { "web@${fqdn}/*.*": - user => "web@${fqdn}", - require => Mysql_user["web@${fqdn}"], - } - mysql_user { 'web@localhost': - ensure => present, - } - mysql_grant { 'web@localhost/*.*': - user => 'web@localhost', - require => Mysql_user['web@localhost'], - } - MANIFEST - it 'setup mysql::server' do - idempotent_apply(pp) - end - end - - describe 'lower case privileges' do - pp_one = <<-MANIFEST - mysql_user { 'lowercase@localhost': - ensure => present, - } - mysql_grant { 'lowercase@localhost/*.*': - user => 'lowercase@localhost', - privileges => 'ALL', - table => '*.*', - require => Mysql_user['lowercase@localhost'], - } - MANIFEST - it 'create ALL privs' do - apply_manifest(pp_one, catch_failures: true) - end - - pp_two = <<-MANIFEST - mysql_user { 'lowercase@localhost': - ensure => present, - } - mysql_grant { 'lowercase@localhost/*.*': - user => 'lowercase@localhost', - privileges => 'all', - table => '*.*', - require => Mysql_user['lowercase@localhost'], - } - MANIFEST - it 'create lowercase all privs' do - result = apply_manifest(pp_two, catch_failures: true) - expect(result.exit_code).to eq(0) - end - end - - describe 'adding procedure privileges' do - pp = <<-MANIFEST - exec { 'simpleproc-create': - command => 'mysql --user="root" --password="password" --database=mysql --delimiter="//" -NBe "CREATE PROCEDURE simpleproc (OUT param1 INT) BEGIN SELECT COUNT(*) INTO param1 FROM t; end//"', - path => '/usr/bin/', - before => Mysql_user['test2@tester'], - } - mysql_user { 'test2@tester': - ensure => present, - } - mysql_grant { 'test2@tester/PROCEDURE mysql.simpleproc': - ensure => 'present', - table => 'PROCEDURE mysql.simpleproc', - user => 'test2@tester', - privileges => ['EXECUTE'], - require => Mysql_user['test2@tester'], - } - MANIFEST - it 'works without errors' do - apply_manifest(pp, catch_failures: true) - end - - it 'finds the user #stdout' do - result = run_shell('mysql -NBe "SHOW GRANTS FOR test2@tester"') - expect(result.stdout).to match(%r{GRANT EXECUTE ON PROCEDURE `mysql`.`simpleproc` TO 'test2'@'tester'}) - expect(result.stderr).to be_empty - end - end - - describe 'adding function privileges' do - it 'works without errors' do - pp = <<-EOS - exec { 'simplefunc-create': - command => '/usr/bin/mysql --user="root" --password="password" --database=mysql -NBe "CREATE FUNCTION simplefunc (s CHAR(20)) RETURNS CHAR(50) DETERMINISTIC RETURN CONCAT(\\'Hello, \\', s, \\'!\\')"', - before => Mysql_user['test3@tester'], - } - - mysql_user { 'test3@tester': - ensure => 'present', - } - - mysql_grant { 'test3@tester/FUNCTION mysql.simplefunc': - ensure => 'present', - table => 'FUNCTION mysql.simplefunc', - user => 'test3@tester', - privileges => ['EXECUTE'], - require => Mysql_user['test3@tester'], - } - EOS - - apply_manifest(pp, catch_failures: true) - end - # rubocop:enable RSpec/ExampleLength - it 'finds the user' do - result = run_shell('mysql -NBe "SHOW GRANTS FOR test3@tester"') - expect(result.stdout).to match(%r{GRANT EXECUTE ON FUNCTION `mysql`.`simplefunc` TO 'test3'@'tester'}) - expect(result.stderr).to be_empty - end - # rubocop:enable RSpec/MultipleExpectations - end - - describe 'proxy privilieges' do - pre_run - - describe 'adding proxy privileges', if: Gem::Version.new(mysql_version) > Gem::Version.new('5.5.0') do - pp = <<-MANIFEST - mysql_user { 'proxy1@tester': - ensure => present, - } - mysql_grant { 'proxy1@tester/proxy_user@proxy_host': - ensure => 'present', - table => 'proxy_user@proxy_host', - user => 'proxy1@tester', - privileges => ['PROXY'], - require => Mysql_user['proxy1@tester'], - } - MANIFEST - it 'works without errors when version greater than 5.5.0' do - apply_manifest(pp, catch_failures: true) - end - - it 'finds the user #stdout' do - run_shell('mysql -NBe "SHOW GRANTS FOR proxy1@tester"') do |r| - expect(r.stdout).to match(%r{GRANT PROXY ON 'proxy_user'@'proxy_host' TO 'proxy1'@'tester'}) - expect(r.stderr).to be_empty - end - end - end - - describe 'removing proxy privileges', if: Gem::Version.new(mysql_version) > Gem::Version.new('5.5.0') do - pp = <<-MANIFEST - mysql_user { 'proxy1@tester': - ensure => present, - } - mysql_grant { 'proxy1@tester/proxy_user@proxy_host': - ensure => 'absent', - table => 'proxy_user@proxy_host', - user => 'proxy1@tester', - privileges => ['PROXY'], - require => Mysql_user['proxy1@tester'], - } - MANIFEST - it 'works without errors' do - apply_manifest(pp, catch_failures: true) - end - - it 'finds the user #stdout' do - run_shell('mysql -NBe "SHOW GRANTS FOR proxy1@tester"') do |r| - expect(r.stdout).not_to match(%r{GRANT PROXY ON 'proxy_user'@'proxy_host' TO 'proxy1'@'tester'}) - expect(r.stderr).to be_empty - end - end - end - - describe 'adding proxy privileges with other privileges', if: Gem::Version.new(mysql_version) > Gem::Version.new('5.5.0') do - pp = <<-MANIFEST - mysql_user { 'proxy2@tester': - ensure => present, - } - mysql_grant { 'proxy2@tester/proxy_user@proxy_host': - ensure => 'present', - table => 'proxy_user@proxy_host', - user => 'proxy2@tester', - privileges => ['PROXY', 'SELECT'], - require => Mysql_user['proxy2@tester'], - } - MANIFEST - it 'fails' do - result = apply_manifest(pp, expect_failures: true) - expect(result.stderr).to match(%r{`privileges` `parameter`: PROXY can only be specified by itself}) - end - - it 'does not find the user' do - result = run_shell('mysql -NBe "SHOW GRANTS FOR proxy2@tester"', expect_failures: true) - expect(result.stderr).to match(%r{There is no such grant defined for user 'proxy2' on host 'tester'}) - end - end - - describe 'adding proxy privileges with mysql version less than 5.5.0', unless: Gem::Version.new(mysql_version) > Gem::Version.new('5.5.0') do - pp = <<-MANIFEST - mysql_user { 'proxy3@tester': - ensure => present, - } - mysql_grant { 'proxy3@tester/proxy_user@proxy_host': - ensure => 'present', - table => 'proxy_user@proxy_host', - user => 'proxy3@tester', - privileges => ['PROXY', 'SELECT'], - require => Mysql_user['proxy3@tester'], - } - MANIFEST - it 'fails' do - result = apply_manifest(pp, expect_failures: true) - expect(result.stderr).to match(%r{PROXY user not supported on mysql versions < 5\.5\.0}i) - end - - it 'does not find the user' do - result = run_shell('mysql -NBe "SHOW GRANTS FOR proxy2@tester"', expect_failures: true) - expect(result.stderr).to match(%r{There is no such grant defined for user 'proxy2' on host 'tester'}) - end - end - - describe 'adding proxy privileges with invalid proxy user', if: Gem::Version.new(mysql_version) > Gem::Version.new('5.5.0') do - pp = <<-MANIFEST - mysql_user { 'proxy3@tester': - ensure => present, - } - mysql_grant { 'proxy3@tester/invalid_proxy_user': - ensure => 'present', - table => 'invalid_proxy_user', - user => 'proxy3@tester', - privileges => ['PROXY'], - require => Mysql_user['proxy3@tester'], - } - MANIFEST - it 'fails' do - result = apply_manifest(pp, expect_failures: true) - expect(result.stderr).to match(%r{`table` `property` for PROXY should be specified as proxy_user@proxy_host.}) - end - - it 'does not find the user' do - result = run_shell('mysql -NBe "SHOW GRANTS FOR proxy3@tester"', expect_failures: true) - expect(result.stderr).to contain(%r{There is no such grant defined for user 'proxy3' on host 'tester'}) - end - end - end - - describe 'grants with skip-name-resolve specified' do - pp_one = <<-MANIFEST - class { 'mysql::server': - override_options => { - 'mysqld' => {'skip-name-resolve' => true} - }, - restart => true, - } - MANIFEST - it 'setup mysql::server' do - apply_manifest(pp_one, catch_failures: true) - end - - pp_two = <<-MANIFEST - mysql_user { 'test@fqdn.com': - ensure => present, - } - mysql_grant { 'test@fqdn.com/test.*': - ensure => 'present', - table => 'test.*', - user => 'test@fqdn.com', - privileges => 'ALL', - require => Mysql_user['test@fqdn.com'], - } - mysql_user { 'test@192.168.5.7': - ensure => present, - } - mysql_grant { 'test@192.168.5.7/test.*': - ensure => 'present', - table => 'test.*', - user => 'test@192.168.5.7', - privileges => 'ALL', - require => Mysql_user['test@192.168.5.7'], - } - MANIFEST - it 'applies' do - apply_manifest(pp_two, catch_failures: true) - end - - it 'fails with fqdn' do - pre_run - unless Gem::Version.new(mysql_version) > Gem::Version.new('5.7.0') - result = run_shell('mysql -NBe "SHOW GRANTS FOR test@fqdn.com"', expect_failures: true) - expect(result.stderr).to contain(%r{There is no such grant defined for user 'test' on host 'fqdn.com'}) - end - end - - it 'finds ipv4 #stdout' do - run_shell("mysql -NBe \"SHOW GRANTS FOR 'test'@'192.168.5.7'\"") do |r| - expect(r.stdout).to match(%r{GRANT ALL PRIVILEGES ON `test`.* TO 'test'@'192.168.5.7'}) - expect(r.stderr).to be_empty - end - end - - pp_three = <<-MANIFEST - mysql_user { 'test@fqdn.com': - ensure => present, - } - mysql_grant { 'test@fqdn.com/test.*': - ensure => 'present', - table => 'test.*', - user => 'test@fqdn.com', - privileges => 'ALL', - require => Mysql_user['test@fqdn.com'], - } - MANIFEST - it 'fails to execute while applying' do - mysql_cmd = run_shell('which mysql').stdout.chomp - run_shell("mv #{mysql_cmd} #{mysql_cmd}.bak") - result = apply_manifest(pp_three, expect_failures: true) - expect(result.stderr).to match(%r{Could not find a suitable provider for mysql_grant}) - run_shell("mv #{mysql_cmd}.bak #{mysql_cmd}") - end - - pp_four = <<-MANIFEST - class { 'mysql::server': - restart => true, - } - MANIFEST - it 'reset mysql::server config' do - apply_manifest(pp_four, catch_failures: true) - end - end - - describe 'adding privileges to specific table' do - # Using puppet_apply as a helper - pp_one = <<-MANIFEST - class { 'mysql::server': override_options => { 'root_password' => 'password' } } - MANIFEST - it 'setup mysql server' do - apply_manifest(pp_one, catch_failures: true) - end - - pp_two = <<-MANIFEST - mysql_user { 'test@localhost': - ensure => present, - } - mysql_grant { 'test@localhost/grant_spec_db.grant_spec_table_doesnt_exist': - user => 'test@localhost', - privileges => ['SELECT'], - table => 'grant_spec_db.grant_spec_table_doesnt_exist', - require => Mysql_user['test@localhost'], - } - MANIFEST - it 'creates grant on missing table will fail' do - result = apply_manifest(pp_two, expect_failures: true) - expect(result.stderr).to match(%r{Table 'grant_spec_db\.grant_spec_table_doesnt_exist' doesn't exist}) - end - - pp_three = <<-MANIFEST - file { '/tmp/grant_spec_table.sql': - ensure => file, - content => 'CREATE TABLE grant_spec_table (id int);', - before => Mysql::Db['grant_spec_db'], - } - mysql::db { 'grant_spec_db': - user => 'root1', - password => 'password', - sql => '/tmp/grant_spec_table.sql', - } - MANIFEST - it 'creates table' do - apply_manifest(pp_three, catch_failures: true) - end - - it 'has the table' do - result = run_shell("mysql -e 'show tables;' grant_spec_db|grep grant_spec_table") - expect(result.exit_code).to be_zero - end - end -end
--- a/modules/mysql/spec/acceptance/types/mysql_plugin_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,63 +0,0 @@ -require 'spec_helper_acceptance' - -# Different operating systems (and therefore different versions/forks -# of mysql) have varying levels of support for plugins and have -# different plugins available. Choose a plugin that works or don't try -# to test plugins if not available. -if os[:family] == 'redhat' - if os[:release].to_i == 5 - plugin = nil # Plugins not supported on mysql on RHEL 5 - elsif os[:release].to_i == 6 - plugin = 'example' - plugin_lib = 'ha_example.so' - elsif os[:release].to_i == 7 - plugin = 'pam' - plugin_lib = 'auth_pam.so' - end -elsif os[:family] == 'debian' - if os[:family] == 'ubuntu' - if os[:release] =~ %r{^16\.04|^18\.04} - # On Xenial running 5.7.12, the example plugin does not appear to be available. - plugin = 'validate_password' - plugin_lib = 'validate_password.so' - else - plugin = 'example' - plugin_lib = 'ha_example.so' - end - end -elsif os[:family] == 'suse' - plugin = nil # Plugin library path is broken on Suse http://lists.opensuse.org/opensuse-bugs/2013-08/msg01123.html -end - -describe 'mysql_plugin' do - if plugin # if plugins are supported - describe 'setup' do - it 'works with no errors' do - pp = <<-MANIFEST - class { 'mysql::server': } - MANIFEST - - apply_manifest(pp, catch_failures: true) - end - end - - describe 'load plugin' do - pp = <<-MANIFEST - mysql_plugin { #{plugin}: - ensure => present, - soname => '#{plugin_lib}', - } - MANIFEST - it 'works without errors' do - apply_manifest(pp, catch_failures: true) - end - - it 'finds the plugin #stdout' do - run_shell("mysql -NBe \"select plugin_name from information_schema.plugins where plugin_name='#{plugin}'\"") do |r| - expect(r.stdout).to match(%r{^#{plugin}$}i) - expect(r.stderr).to be_empty - end - end - end - end -end
--- a/modules/mysql/spec/acceptance/types/mysql_user_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,175 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'mysql_user' do - describe 'setup' do - pp_one = <<-MANIFEST - class { 'mysql::server': } - MANIFEST - it 'works with no errors' do - apply_manifest(pp_one, catch_failures: true) - end - end - - context 'using ashp@localhost' do - describe 'adding user' do - pp_two = <<-MANIFEST - mysql_user { 'ashp@localhost': - password_hash => '*F9A8E96790775D196D12F53BCC88B8048FF62ED5', - } - MANIFEST - it 'works without errors' do - apply_manifest(pp_two, catch_failures: true) - end - - it 'finds the user #stdout' do - run_shell("mysql -NBe \"select '1' from mysql.user where CONCAT(user, '@', host) = 'ashp@localhost'\"") do |r| - expect(r.stdout).to match(%r{^1$}) - expect(r.stderr).to be_empty - end - end - - it 'has no SSL options #stdout' do - run_shell("mysql -NBe \"select SSL_TYPE from mysql.user where CONCAT(user, '@', host) = 'ashp@localhost'\"") do |r| - expect(r.stdout).to match(%r{^\s*$}) - expect(r.stderr).to be_empty - end - end - end - - describe 'changing authentication plugin', if: (Gem::Version.new(mysql_version) > Gem::Version.new('5.5.0') && os[:release] !~ %r{^16\.04}) do - it 'works without errors' do - pp = <<-EOS - mysql_user { 'ashp@localhost': - plugin => 'auth_socket', - } - EOS - - idempotent_apply(pp) - end - - it 'has the correct plugin' do - run_shell("mysql -NBe \"select plugin from mysql.user where CONCAT(user, '@', host) = 'ashp@localhost'\"") do |r| - expect(r.stdout.rstrip).to eq('auth_socket') - expect(r.stderr).to be_empty - end - end - - it 'does not have a password' do - pre_run - table = if Gem::Version.new(mysql_version) > Gem::Version.new('5.7.0') - 'authentication_string' - else - 'password' - end - run_shell("mysql -NBe \"select #{table} from mysql.user where CONCAT(user, '@', host) = 'ashp@localhost'\"") do |r| - expect(r.stdout.rstrip).to be_empty - expect(r.stderr).to be_empty - end - end - end - # rubocop:enable RSpec/ExampleLength, RSpec/MultipleExpectations - end - - context 'using ashp-dash@localhost' do - describe 'adding user' do - pp_three = <<-MANIFEST - mysql_user { 'ashp-dash@localhost': - password_hash => '*F9A8E96790775D196D12F53BCC88B8048FF62ED5', - } - MANIFEST - it 'works without errors' do - apply_manifest(pp_three, catch_failures: true) - end - - it 'finds the user #stdout' do - run_shell("mysql -NBe \"select '1' from mysql.user where CONCAT(user, '@', host) = 'ashp-dash@localhost'\"") do |r| - expect(r.stdout).to match(%r{^1$}) - expect(r.stderr).to be_empty - end - end - end - end - - context 'using ashp@LocalHost' do - describe 'adding user' do - pp_four = <<-MANIFEST - mysql_user { 'ashp@LocalHost': - password_hash => '*F9A8E96790775D196D12F53BCC88B8048FF62ED5', - } - MANIFEST - it 'works without errors' do - apply_manifest(pp_four, catch_failures: true) - end - - it 'finds the user #stdout' do - run_shell("mysql -NBe \"select '1' from mysql.user where CONCAT(user, '@', host) = 'ashp@localhost'\"") do |r| - expect(r.stdout).to match(%r{^1$}) - expect(r.stderr).to be_empty - end - end - end - end - context 'using resource should throw no errors' do - describe 'find users' do - it do - result = run_shell('puppet resource mysql_user') - expect(result.stdout).not_to match(%r{Error:}) - expect(result.stdout).not_to match(%r{must be properly quoted, invalid character:}) - end - end - end - context 'using user-w-ssl@localhost with SSL' do - describe 'adding user' do - pp_five = <<-MANIFEST - mysql_user { 'user-w-ssl@localhost': - password_hash => '*F9A8E96790775D196D12F53BCC88B8048FF62ED5', - tls_options => ['SSL'], - } - MANIFEST - it 'works without errors' do - apply_manifest(pp_five, catch_failures: true) - end - - it 'finds the user #stdout' do - run_shell("mysql -NBe \"select '1' from mysql.user where CONCAT(user, '@', host) = 'user-w-ssl@localhost'\"") do |r| - expect(r.stdout).to match(%r{^1$}) - expect(r.stderr).to be_empty - end - end - - it 'shows correct ssl_type #stdout' do - run_shell("mysql -NBe \"select SSL_TYPE from mysql.user where CONCAT(user, '@', host) = 'user-w-ssl@localhost'\"") do |r| - expect(r.stdout).to match(%r{^ANY$}) - expect(r.stderr).to be_empty - end - end - end - end - context 'using user-w-x509@localhost with X509' do - describe 'adding user' do - pp_six = <<-MANIFEST - mysql_user { 'user-w-x509@localhost': - password_hash => '*F9A8E96790775D196D12F53BCC88B8048FF62ED5', - tls_options => ['X509'], - } - MANIFEST - it 'works without errors' do - apply_manifest(pp_six, catch_failures: true) - end - - it 'finds the user #stdout' do - run_shell("mysql -NBe \"select '1' from mysql.user where CONCAT(user, '@', host) = 'user-w-x509@localhost'\"") do |r| - expect(r.stdout).to match(%r{^1$}) - expect(r.stderr).to be_empty - end - end - - it 'shows correct ssl_type #stdout' do - run_shell("mysql -NBe \"select SSL_TYPE from mysql.user where CONCAT(user, '@', host) = 'user-w-x509@localhost'\"") do |r| - expect(r.stdout).to match(%r{^X509$}) - expect(r.stderr).to be_empty - end - end - end - end -end
--- a/modules/mysql/spec/classes/graceful_failures_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,16 +0,0 @@ -require 'spec_helper' - -describe 'mysql::server' do - context 'on an unsupported OS' do - let(:facts) do - { - osfamily: 'UNSUPPORTED', - operatingsystem: 'UNSUPPORTED', - } - end - - it 'gracefully fails' do - is_expected.to compile.and_raise_error(%r{Unsupported platform:}) - end - end -end
--- a/modules/mysql/spec/classes/mycnf_template_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,85 +0,0 @@ -require 'spec_helper' - -describe 'mysql::server' do - on_supported_os.each do |os, facts| - context "my.cnf template - on #{os}" do - let(:facts) do - facts.merge(root_home: '/root') - end - - context 'normal entry' do - let(:params) { { override_options: { 'mysqld' => { 'socket' => '/var/lib/mysql/mysql.sock' } } } } - - it do - is_expected.to contain_file('mysql-config-file').with(mode: '0644', - selinux_ignore_defaults: true).with_content(%r{socket = \/var\/lib\/mysql\/mysql.sock}) - end - end - - describe 'array entry' do - let(:params) { { override_options: { 'mysqld' => { 'replicate-do-db' => ['base1', 'base2'] } } } } - - it do - is_expected.to contain_file('mysql-config-file').with_content( - %r{.*replicate-do-db = base1\nreplicate-do-db = base2.*}, - ) - end - end - - describe 'skip-name-resolve set to an empty string' do - let(:params) { { override_options: { 'mysqld' => { 'skip-name-resolve' => '' } } } } - - it { is_expected.to contain_file('mysql-config-file').with_content(%r{^skip-name-resolve$}) } - end - - describe 'ssl set to true' do - let(:params) { { override_options: { 'mysqld' => { 'ssl' => true } } } } - - it { is_expected.to contain_file('mysql-config-file').with_content(%r{ssl}) } - it { is_expected.to contain_file('mysql-config-file').without_content(%r{ssl = true}) } - end - - describe 'ssl set to false' do - let(:params) { { override_options: { 'mysqld' => { 'ssl' => false } } } } - - it { is_expected.to contain_file('mysql-config-file').with_content(%r{ssl = false}) } - end - - # ssl-disable (and ssl) are special cased within mysql. - describe 'possibility of disabling ssl completely' do - let(:params) { { override_options: { 'mysqld' => { 'ssl' => true, 'ssl-disable' => true } } } } - - it { is_expected.to contain_file('mysql-config-file').without_content(%r{ssl = true}) } - end - - describe 'a non ssl option set to true' do - let(:params) { { override_options: { 'mysqld' => { 'test' => true } } } } - - it { is_expected.to contain_file('mysql-config-file').with_content(%r{^test$}) } - it { is_expected.to contain_file('mysql-config-file').without_content(%r{test = true}) } - end - - context 'with includedir' do - let(:params) { { includedir: '/etc/my.cnf.d' } } - - it 'makes the directory' do - is_expected.to contain_file('/etc/my.cnf.d').with(ensure: :directory, - mode: '0755') - end - - it { is_expected.to contain_file('mysql-config-file').with_content(%r{!includedir}) } - end - - context 'without includedir' do - let(:params) { { includedir: '' } } - - it 'shouldnt contain the directory' do - is_expected.not_to contain_file('mysql-config-file').with(ensure: :directory, - mode: '0755') - end - - it { is_expected.to contain_file('mysql-config-file').without_content(%r{!includedir}) } - end - end - end -end
--- a/modules/mysql/spec/classes/mysql_backup_mysqldump_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,56 +0,0 @@ -require 'spec_helper' - -describe 'mysql::backup::mysqldump' do - on_supported_os.each do |os, facts| - context "on #{os}" do - let(:pre_condition) do - <<-EOF - class { 'mysql::server': } - EOF - end - let(:facts) do - facts.merge(root_home: '/root') - end - - let(:default_params) do - { 'backupuser' => 'testuser', - 'backuppassword' => 'testpass', - 'backupdir' => '/tmp/mysql-backup', - 'backuprotate' => '25', - 'delete_before_dump' => true, - 'execpath' => '/usr/bin:/usr/sbin:/bin:/sbin:/opt/zimbra/bin', - 'maxallowedpacket' => '1M' } - end - - context 'with time included' do - let(:params) do - { time: [23, 59, 30, 12, 6] }.merge(default_params) - end - - it { - is_expected.to contain_cron('mysql-backup').with( - hour: 23, - minute: 59, - monthday: 30, - month: 12, - weekday: 6, - ) - } - end - - context 'with defaults' do - let(:params) { default_params } - - it { - is_expected.to contain_cron('mysql-backup').with( - command: '/usr/local/sbin/mysqlbackup.sh', - ensure: 'present', - hour: 23, - minute: 5, - ) - } - end - end - end - # rubocop:enable RSpec/NestedGroups -end
--- a/modules/mysql/spec/classes/mysql_backup_xtrabackup_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,175 +0,0 @@ -require 'spec_helper' - -describe 'mysql::backup::xtrabackup' do - on_supported_os.each do |os, facts| - context "on #{os}" do - let(:pre_condition) do - <<-EOF - class { 'mysql::server': } - EOF - end - let(:facts) do - facts.merge(root_home: '/root') - end - - let(:default_params) do - { 'backupdir' => '/tmp' } - end - - context 'with defaults' do - let(:params) do - default_params - end - - it 'contains the wrapper script' do - is_expected.to contain_file('xtrabackup.sh').with_content( - %r{(\n*^xtrabackup\s+.*\$@)}, - ) - end - - it 'contains the weekly cronjob' do - is_expected.to contain_cron('xtrabackup-weekly') - .with( - ensure: 'present', - command: '/usr/local/sbin/xtrabackup.sh --target-dir=/tmp --backup', - user: 'root', - hour: '23', - minute: '5', - weekday: '0', - ) - .that_requires('Package[percona-xtrabackup]') - end - - it 'contains the daily cronjob for weekdays 1-6' do - is_expected.to contain_cron('xtrabackup-daily') - .with( - ensure: 'present', - command: '/usr/local/sbin/xtrabackup.sh --incremental-basedir=/tmp --target-dir=/tmp/$(date +\%F_\%H-\%M-\%S) --backup', - user: 'root', - hour: '23', - minute: '5', - weekday: '1-6', - ) - .that_requires('Package[percona-xtrabackup]') - end - end - - context 'with backupuser and backuppassword' do - let(:params) do - { backupuser: 'backupuser', - backuppassword: 'backuppassword' }.merge(default_params) - end - - it 'contains the defined mysql user' do - is_expected.to contain_mysql_user('backupuser@localhost') - .with( - ensure: 'present', - password_hash: '*4110E08DF51E70A4BA1D4E33A84205E38CF3FE58', - ) - .that_requires('Class[mysql::server::root_password]') - - is_expected.to contain_mysql_grant('backupuser@localhost/*.*') - .with( - ensure: 'present', - user: 'backupuser@localhost', - table: '*.*', - privileges: ['RELOAD', 'PROCESS', 'LOCK TABLES', 'REPLICATION CLIENT'], - ) - .that_requires('Mysql_user[backupuser@localhost]') - end - end - - context 'with additional cron args' do - let(:params) do - { additional_cron_args: '--backup --skip-ssl' }.merge(default_params) - end - - it 'contains the weekly cronjob' do - is_expected.to contain_cron('xtrabackup-weekly') - .with( - ensure: 'present', - command: '/usr/local/sbin/xtrabackup.sh --target-dir=/tmp --backup --skip-ssl', - user: 'root', - hour: '23', - minute: '5', - weekday: '0', - ) - .that_requires('Package[percona-xtrabackup]') - end - - it 'contains the daily cronjob for weekdays 1-6' do - is_expected.to contain_cron('xtrabackup-daily') - .with( - ensure: 'present', - command: '/usr/local/sbin/xtrabackup.sh --incremental-basedir=/tmp --target-dir=/tmp/$(date +\%F_\%H-\%M-\%S) --backup --skip-ssl', - user: 'root', - hour: '23', - minute: '5', - weekday: '1-6', - ) - .that_requires('Package[percona-xtrabackup]') - end - end - - context 'with deactivated incremental backups' do - let(:params) do - { incremental_backups: false }.merge(default_params) - end - - it 'not contains the weekly cronjob' do - is_expected.not_to contain_cron('xtrabackup-weekly') - end - - it 'contains the daily cronjob with all weekdays' do - is_expected.to contain_cron('xtrabackup-daily').with( - ensure: 'present', - command: '/usr/local/sbin/xtrabackup.sh --target-dir=/tmp --backup', - user: 'root', - hour: '23', - minute: '5', - weekday: '*', - ) - end - end - - context 'with prescript defined' do - let(:params) do - { prescript: ['rsync -a /tmp backup01.local-lan:', - 'rsync -a /tmp backup02.local-lan:'] }.merge(default_params) - end - - it 'contains the prescript' do - is_expected.to contain_file('xtrabackup.sh').with_content( - %r{.*rsync -a \/tmp backup01.local-lan:\n\nrsync -a \/tmp backup02.local-lan:.*}, - ) - end - end - - context 'with postscript defined' do - let(:params) do - { postscript: ['rsync -a /tmp backup01.local-lan:', - 'rsync -a /tmp backup02.local-lan:'] }.merge(default_params) - end - - it 'contains the prostscript' do - is_expected.to contain_file('xtrabackup.sh').with_content( - %r{.*rsync -a \/tmp backup01.local-lan:\n\nrsync -a \/tmp backup02.local-lan:.*}, - ) - end - end - - context 'with mariabackup' do - let(:params) do - { backupmethod: 'mariabackup' }.merge(default_params) - end - - it 'contain the mariabackup executor' do - is_expected.to contain_file('xtrabackup.sh').with_content( - %r{(\n*^mariabackup\s+.*\$@)}, - ) - end - end - end - end - # rubocop:enable RSpec/NestedGroups -end
--- a/modules/mysql/spec/classes/mysql_bindings_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,33 +0,0 @@ -require 'spec_helper' - -describe 'mysql::bindings' do - on_supported_os.each do |os, facts| - next if facts[:osfamily] == 'Archlinux' - context "on #{os}" do - let(:facts) do - facts.merge(root_home: '/root') - end - - let(:params) do - { - 'java_enable' => true, - 'perl_enable' => true, - 'php_enable' => true, - 'python_enable' => true, - 'ruby_enable' => true, - 'client_dev' => true, - 'daemon_dev' => true, - 'client_dev_package_name' => 'libmysqlclient-devel', - 'daemon_dev_package_name' => 'mysql-devel', - } - end - - it { is_expected.to contain_package('mysql-connector-java') } - it { is_expected.to contain_package('perl_mysql') } - it { is_expected.to contain_package('python-mysqldb') } - it { is_expected.to contain_package('ruby_mysql') } - it { is_expected.to contain_package('mysql-client_dev') } - it { is_expected.to contain_package('mysql-daemon_dev') } - end - end -end
--- a/modules/mysql/spec/classes/mysql_client_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,35 +0,0 @@ -require 'spec_helper' - -describe 'mysql::client' do - on_supported_os.each do |os, facts| - context "on #{os}" do - let(:facts) do - facts.merge(root_home: '/root') - end - - context 'with defaults' do - it { is_expected.not_to contain_class('mysql::bindings') } - it { is_expected.to contain_package('mysql_client') } - end - - context 'with bindings enabled' do - let(:params) { { bindings_enable: true } } - - it { is_expected.to contain_class('mysql::bindings') } - it { is_expected.to contain_package('mysql_client') } - end - - context 'with package_manage set to true' do - let(:params) { { package_manage: true } } - - it { is_expected.to contain_package('mysql_client') } - end - - context 'with package_manage set to false' do - let(:params) { { package_manage: false } } - - it { is_expected.not_to contain_package('mysql_client') } - end - end - end -end
--- a/modules/mysql/spec/classes/mysql_server_account_security_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,83 +0,0 @@ -require 'spec_helper' - -describe 'mysql::server::account_security' do - on_supported_os.each do |os, facts| - context "on #{os}" do - let(:pre_condition) do - <<-EOF - anchor {'mysql::server::end': } - EOF - end - - context 'with fqdn==myhost.mydomain' do - let(:facts) do - facts.merge(root_home: '/root', - fqdn: 'myhost.mydomain', - hostname: 'myhost') - end - - ['root@myhost.mydomain', - 'root@127.0.0.1', - 'root@::1', - '@myhost.mydomain', - '@localhost', - '@%'].each do |user| - it "removes Mysql_User[#{user}]" do # rubocop:disable RSpec/RepeatedExample - is_expected.to contain_mysql_user(user).with_ensure('absent') - end - end - - # When the hostname doesn't match the fqdn we also remove these. - # We don't need to test the inverse as when they match they are - # covered by the above list. - ['root@myhost', '@myhost'].each do |user| - it "removes Mysql_User[#{user}]" do # rubocop:disable RSpec/RepeatedExample - is_expected.to contain_mysql_user(user).with_ensure('absent') - end - end - - it 'removes Mysql_database[test]' do - is_expected.to contain_mysql_database('test').with_ensure('absent') - end - end - - context 'with fqdn==localhost' do - let(:facts) do - facts.merge(root_home: '/root', - fqdn: 'localhost', - hostname: 'localhost') - end - - ['root@127.0.0.1', - 'root@::1', - '@localhost', - 'root@localhost.localdomain', - '@localhost.localdomain', - '@%'].each do |user| - it "removes Mysql_User[#{user}] for fqdn==localhost" do - is_expected.to contain_mysql_user(user).with_ensure('absent') - end - end - end - - context 'with fqdn==localhost.localdomain' do - let(:facts) do - facts.merge(root_home: '/root', - fqdn: 'localhost.localdomain', - hostname: 'localhost') - end - - ['root@127.0.0.1', - 'root@::1', - '@localhost', - 'root@localhost.localdomain', - '@localhost.localdomain', - '@%'].each do |user| - it "removes Mysql_User[#{user}] for fqdn==localhost.localdomain" do - is_expected.to contain_mysql_user(user).with_ensure('absent') - end - end - end - end - end -end
--- a/modules/mysql/spec/classes/mysql_server_backup_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,388 +0,0 @@ -require 'spec_helper' - -describe 'mysql::server::backup' do - on_supported_os.each do |os, facts| - context "on #{os}" do - let(:pre_condition) do - <<-EOF - class { 'mysql::server': } - EOF - end - let(:facts) do - facts.merge(root_home: '/root') - end - - let(:default_params) do - { 'backupuser' => 'testuser', - 'backuppassword' => 'testpass', - 'backupdir' => '/tmp/mysql-backup', - 'backuprotate' => '25', - 'delete_before_dump' => true, - 'execpath' => '/usr/bin:/usr/sbin:/bin:/sbin:/opt/zimbra/bin', - 'maxallowedpacket' => '1M' } - end - - context 'standard conditions' do - let(:params) { default_params } - - # Cannot use that_requires here, doesn't work on classes. - it { - is_expected.to contain_mysql_user('testuser@localhost').with( - require: 'Class[Mysql::Server::Root_password]', - ) - } - - it { - is_expected.to contain_mysql_grant('testuser@localhost/*.*').with( - privileges: ['SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS'], - ).that_requires('Mysql_user[testuser@localhost]') - } - - context 'with triggers included' do - let(:params) do - { include_triggers: true }.merge(default_params) - end - - it { - is_expected.to contain_mysql_grant('testuser@localhost/*.*').with( - privileges: ['SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS', 'TRIGGER'], - ).that_requires('Mysql_user[testuser@localhost]') - } - end - - it { - is_expected.to contain_cron('mysql-backup').with( - command: '/usr/local/sbin/mysqlbackup.sh', - ensure: 'present', - ) - } - - it { - is_expected.to contain_file('mysqlbackup.sh').with( - path: '/usr/local/sbin/mysqlbackup.sh', - ensure: 'present', - ) - } - - it { - is_expected.to contain_file('/tmp/mysql-backup').with( - ensure: 'directory', - ) - } - - it 'has compression by default' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - %r{bzcat -zc}, - ) - end - - it 'skips backing up events table by default' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - %r{ADDITIONAL_OPTIONS="--ignore-table=mysql.event"}, - ) - end - - it 'does not mention triggers by default because file_per_database is false' do - is_expected.to contain_file('mysqlbackup.sh').without_content( - %r{.*triggers.*}, - ) - end - - it 'does not mention routines by default because file_per_database is false' do - is_expected.to contain_file('mysqlbackup.sh').without_content( - %r{.*routines.*}, - ) - end - - it 'has 25 days of rotation' do - # MySQL counts from 0 - is_expected.to contain_file('mysqlbackup.sh').with_content(%r{.*ROTATE=24.*}) - end - - it 'has a standard PATH' do - is_expected.to contain_file('mysqlbackup.sh').with_content(%r{PATH=/usr/bin:/usr/sbin:/bin:/sbin:/opt/zimbra/bin}) - end - end - - context 'with delete after dump' do - let(:custom_params) do - { - 'delete_before_dump' => false, - } - end - let(:params) do - default_params.merge!(custom_params) - end - - it { is_expected.to contain_file('mysqlbackup.sh').with_content(%r{touch /tmp/mysqlbackup_success}) } - end - - context 'with delete after dump and custom success file path' do - let(:custom_params) do - { - 'delete_before_dump' => false, - 'backup_success_file_path' => '/opt/mysqlbackup_success', - } - end - let(:params) do - default_params.merge!(custom_params) - end - - it { is_expected.to contain_file('mysqlbackup.sh').with_content(%r{touch /opt/mysqlbackup_success}) } - end - - context 'custom ownership and mode for backupdir' do - let(:params) do - { backupdirmode: '0750', - backupdirowner: 'testuser', - backupdirgroup: 'testgrp' }.merge(default_params) - end - - it { - is_expected.to contain_file('/tmp/mysql-backup').with( - ensure: 'directory', - mode: '0750', - owner: 'testuser', - group: 'testgrp', - ) - } - end - - context 'with compression disabled' do - let(:params) do - { backupcompress: false }.merge(default_params) - end - - it { - is_expected.to contain_file('mysqlbackup.sh').with( - path: '/usr/local/sbin/mysqlbackup.sh', - ensure: 'present', - ) - } - - it 'is able to disable compression' do - is_expected.to contain_file('mysqlbackup.sh').without_content( - %r{.*bzcat -zc.*}, - ) - end - end - - context 'with mysql.events backedup' do - let(:params) do - { ignore_events: false }.merge(default_params) - end - - it { - is_expected.to contain_file('mysqlbackup.sh').with( - path: '/usr/local/sbin/mysqlbackup.sh', - ensure: 'present', - ) - } - - it 'is able to backup events table' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - %r{ADDITIONAL_OPTIONS="--events"}, - ) - end - end - - context 'with database list specified' do - let(:params) do - { backupdatabases: ['mysql'] }.merge(default_params) - end - - it { - is_expected.to contain_file('mysqlbackup.sh').with( - path: '/usr/local/sbin/mysqlbackup.sh', - ensure: 'present', - ) - } - - it 'has a backup file for each database' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - %r{mysql | bzcat -zc \${DIR}\\\${PREFIX}mysql_`date'}, - ) - end - - it 'skips backup triggers by default' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - %r{ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --skip-triggers"}, - ) - end - - it 'skips backing up routines by default' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - %r{ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --skip-routines"}, - ) - end - - context 'with include_triggers set to true' do - let(:params) do - default_params.merge(backupdatabases: ['mysql'], - include_triggers: true) - end - - it 'backups triggers when asked' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - %r{ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --triggers"}, - ) - end - end - - context 'with include_triggers set to false' do - let(:params) do - default_params.merge(backupdatabases: ['mysql'], - include_triggers: false) - end - - it 'skips backing up triggers when asked to skip' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - %r{ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --skip-triggers"}, - ) - end - end - - context 'with include_routines set to true' do - let(:params) do - default_params.merge(backupdatabases: ['mysql'], - include_routines: true) - end - - it 'backups routines when asked' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - %r{ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --routines"}, - ) - end - end - - context 'with include_routines set to false' do - let(:params) do - default_params.merge(backupdatabases: ['mysql'], - include_triggers: true) - end - - it 'skips backing up routines when asked to skip' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - %r{ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --skip-routines"}, - ) - end - end - end - - context 'with file per database' do - let(:params) do - default_params.merge(file_per_database: true) - end - - it 'loops through backup all databases' do - is_expected.to contain_file('mysqlbackup.sh').with_content(%r{.*SHOW DATABASES.*}) - end - - context 'with compression disabled' do - let(:params) do - default_params.merge(file_per_database: true, backupcompress: false) - end - - it 'loops through backup all databases without compression #show databases' do - is_expected.to contain_file('mysqlbackup.sh').with_content(%r{.*SHOW DATABASES.*}) - end - it 'loops through backup all databases without compression #bzcat' do - is_expected.to contain_file('mysqlbackup.sh').without_content(%r{.*bzcat -zc.*}) - end - end - - it 'skips backup triggers by default' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - %r{ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --skip-triggers"}, - ) - end - - it 'skips backing up routines by default' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - %r{ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --skip-routines"}, - ) - end - - context 'with include_triggers set to true' do - let(:params) do - default_params.merge(file_per_database: true, - include_triggers: true) - end - - it 'backups triggers when asked' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - %r{ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --triggers"}, - ) - end - end - - context 'with include_triggers set to false' do - let(:params) do - default_params.merge(file_per_database: true, - include_triggers: false) - end - - it 'skips backing up triggers when asked to skip' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - %r{ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --skip-triggers"}, - ) - end - end - - context 'with include_routines set to true' do - let(:params) do - default_params.merge(file_per_database: true, - include_routines: true) - end - - it 'backups routines when asked' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - %r{ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --routines"}, - ) - end - end - - context 'with include_routines set to false' do - let(:params) do - default_params.merge(file_per_database: true, - include_triggers: true) - end - - it 'skips backing up routines when asked to skip' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - %r{ADDITIONAL_OPTIONS="\$ADDITIONAL_OPTIONS --skip-routines"}, - ) - end - end - end - - context 'with postscript' do - let(:params) do - default_params.merge(postscript: 'rsync -a /tmp backup01.local-lan:') - end - - it 'is add postscript' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - %r{rsync -a \/tmp backup01.local-lan:}, - ) - end - end - - context 'with postscripts' do - let(:params) do - default_params.merge(postscript: [ - 'rsync -a /tmp backup01.local-lan:', - 'rsync -a /tmp backup02.local-lan:', - ]) - end - - it 'is add postscript' do - is_expected.to contain_file('mysqlbackup.sh').with_content( - %r{.*rsync -a \/tmp backup01.local-lan:\n\nrsync -a \/tmp backup02.local-lan:.*}, - ) - end - end - end - end - # rubocop:enable RSpec/NestedGroups -end
--- a/modules/mysql/spec/classes/mysql_server_monitor_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,36 +0,0 @@ -require 'spec_helper' -describe 'mysql::server::monitor' do - on_supported_os.each do |os, facts| - context "on #{os}" do - let(:facts) do - facts.merge(root_home: '/root') - end - - let :pre_condition do - "include 'mysql::server'" - end - - let :default_params do - { - mysql_monitor_username: 'monitoruser', - mysql_monitor_password: 'monitorpass', - mysql_monitor_hostname: 'monitorhost', - } - end - - let :params do - default_params - end - - it { is_expected.to contain_mysql_user('monitoruser@monitorhost') } - - it { - is_expected.to contain_mysql_grant('monitoruser@monitorhost/*.*').with( - ensure: 'present', user: 'monitoruser@monitorhost', - table: '*.*', privileges: ['PROCESS', 'SUPER'], - require: 'Mysql_user[monitoruser@monitorhost]' - ) - } - end - end -end
--- a/modules/mysql/spec/classes/mysql_server_mysqltuner_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,35 +0,0 @@ -require 'spec_helper' - -describe 'mysql::server::mysqltuner' do - context 'ensure => present' do - it { is_expected.to compile } - it { - is_expected.to contain_file('/usr/local/bin/mysqltuner') - } - end - - context 'ensure => absent' do - let(:params) { { ensure: 'absent' } } - - it { is_expected.to compile } - it { is_expected.to contain_file('/usr/local/bin/mysqltuner').with(ensure: 'absent') } - end - - context 'custom version' do - let(:params) { { version: 'v1.2.0' } } - - it { is_expected.to compile } - it { - is_expected.to contain_file('/usr/local/bin/mysqltuner') - } - end - - context 'custom source' do - let(:params) { { source: '/tmp/foo' } } - - it { is_expected.to compile } - it { - is_expected.to contain_file('/usr/local/bin/mysqltuner') - } - end -end
--- a/modules/mysql/spec/classes/mysql_server_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,256 +0,0 @@ -require 'spec_helper' - -describe 'mysql::server' do - on_supported_os.each do |os, facts| - context "on #{os}" do - let(:facts) do - facts.merge(root_home: '/root') - end - - context 'with defaults' do - it { is_expected.to contain_class('mysql::server::install') } - it { is_expected.to contain_class('mysql::server::config') } - it { is_expected.to contain_class('mysql::server::service') } - it { is_expected.to contain_class('mysql::server::root_password') } - it { is_expected.to contain_class('mysql::server::providers') } - end - - context 'with remove_default_accounts set' do - let(:params) { { remove_default_accounts: true } } - - it { is_expected.to contain_class('mysql::server::account_security') } - end - - context 'when not managing config file' do - let(:params) { { manage_config_file: false } } - - it { is_expected.to compile.with_all_deps } - end - - context 'when not managing the service' do - let(:params) { { service_manage: false } } - - it { is_expected.to compile.with_all_deps } - it { is_expected.not_to contain_service('mysqld') } - end - - context 'mysql::server::install' do - it 'contains the package by default' do - is_expected.to contain_package('mysql-server').with(ensure: :present) - end - context 'with package_manage set to true' do - let(:params) { { package_manage: true } } - - it { is_expected.to contain_package('mysql-server') } - end - context 'with package_manage set to false' do - let(:params) { { package_manage: false } } - - it { is_expected.not_to contain_package('mysql-server') } - end - context 'with datadir overridden' do - let(:params) { { override_options: { 'mysqld' => { 'datadir' => '/tmp' } } } } - - it { is_expected.to contain_mysql_datadir('/tmp') } - end - end - - context 'mysql::server::service' do - context 'with defaults' do - it { is_expected.to contain_service('mysqld') } - end - context 'with package_manage set to true' do - let(:params) { { package_manage: true } } - - it { is_expected.to contain_service('mysqld').that_requires('Package[mysql-server]') } - end - context 'with package_manage set to false' do - let(:params) { { package_manage: false } } - - it { is_expected.to contain_service('mysqld') } - it { is_expected.not_to contain_service('mysqld').that_requires('Package[mysql-server]') } - end - context 'service_enabled set to false' do - let(:params) { { service_enabled: false } } - - it do - is_expected.to contain_service('mysqld').with(ensure: :stopped) - end - context 'with package_manage set to true' do - let(:params) { { package_manage: true } } - - it { is_expected.to contain_package('mysql-server') } - end - context 'with package_manage set to false' do - let(:params) { { package_manage: false } } - - it { is_expected.not_to contain_package('mysql-server') } - end - context 'with datadir overridden' do - let(:params) { { override_options: { 'mysqld' => { 'datadir' => '/tmp' } } } } - - it { is_expected.to contain_mysql_datadir('/tmp') } - end - end - context 'with log-error overridden' do - let(:params) { { override_options: { 'mysqld' => { 'log-error' => '/tmp/error.log' } } } } - - it { is_expected.to contain_file('/tmp/error.log') } - end - context 'default bind-address' do - it { is_expected.to contain_file('mysql-config-file').with_content(%r{^bind-address = 127.0.0.1}) } - end - context 'with defined bind-address' do - let(:params) { { override_options: { 'mysqld' => { 'bind-address' => '1.1.1.1' } } } } - - it { is_expected.to contain_file('mysql-config-file').with_content(%r{^bind-address = 1.1.1.1}) } - end - context 'without bind-address' do - let(:params) { { override_options: { 'mysqld' => { 'bind-address' => :undef } } } } - - it { is_expected.to contain_file('mysql-config-file').without_content(%r{^bind-address}) } - end - end - - context 'mysql::server::root_password' do - describe 'when defaults' do - it { - is_expected.to contain_exec('remove install pass').with( - command: 'mysqladmin -u root --password=$(grep -o \'[^ ]\\+$\' /.mysql_secret) password \'\' && rm -f /.mysql_secret', - onlyif: 'test -f /.mysql_secret', - path: '/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin', - ) - } - it { is_expected.not_to contain_mysql_user('root@localhost') } - it { is_expected.not_to contain_file('/root/.my.cnf') } - end - describe 'when root_password set' do - let(:params) { { root_password: 'SET' } } - - it { is_expected.to contain_mysql_user('root@localhost') } - if Puppet.version.to_f >= 3.0 - it { is_expected.to contain_file('/root/.my.cnf').with(show_diff: false).that_requires('Mysql_user[root@localhost]') } - else - it { is_expected.to contain_file('/root/.my.cnf').that_requires('Mysql_user[root@localhost]') } - end - end - describe 'when root_password set, create_root_user set to false' do - let(:params) { { root_password: 'SET', create_root_user: false } } - - it { is_expected.not_to contain_mysql_user('root@localhost') } - if Puppet.version.to_f >= 3.0 - it { is_expected.to contain_file('/root/.my.cnf').with(show_diff: false) } - else - it { is_expected.to contain_file('/root/.my.cnf') } - end - end - describe 'when root_password set, create_root_my_cnf set to false' do - let(:params) { { root_password: 'SET', create_root_my_cnf: false } } - - it { is_expected.to contain_mysql_user('root@localhost') } - it { is_expected.not_to contain_file('/root/.my.cnf') } - end - describe 'when root_password set, create_root_user and create_root_my_cnf set to false' do - let(:params) { { root_password: 'SET', create_root_user: false, create_root_my_cnf: false } } - - it { is_expected.not_to contain_mysql_user('root@localhost') } - it { is_expected.not_to contain_file('/root/.my.cnf') } - end - describe 'when install_secret_file set to /root/.mysql_secret' do - let(:params) { { install_secret_file: '/root/.mysql_secret' } } - - it { - is_expected.to contain_exec('remove install pass').with( - command: 'mysqladmin -u root --password=$(grep -o \'[^ ]\\+$\' /root/.mysql_secret) password \'\' && rm -f /root/.mysql_secret', - onlyif: 'test -f /root/.mysql_secret', - ) - } - end - end - - context 'mysql::server::providers' do - describe 'with users' do - let(:params) do - { users: { - 'foo@localhost' => { - 'max_connections_per_hour' => '1', - 'max_queries_per_hour' => '2', - 'max_updates_per_hour' => '3', - 'max_user_connections' => '4', - 'password_hash' => '*F3A2A51A9B0F2BE2468926B4132313728C250DBF', - }, - 'foo2@localhost' => {}, - } } - end - - it { - is_expected.to contain_mysql_user('foo@localhost').with( - max_connections_per_hour: '1', max_queries_per_hour: '2', - max_updates_per_hour: '3', max_user_connections: '4', - password_hash: '*F3A2A51A9B0F2BE2468926B4132313728C250DBF' - ) - } - it { - is_expected.to contain_mysql_user('foo2@localhost').with( - max_connections_per_hour: nil, max_queries_per_hour: nil, - max_updates_per_hour: nil, max_user_connections: nil, - password_hash: nil - ) - } - end - - describe 'with grants' do - let(:params) do - { grants: { - 'foo@localhost/somedb.*' => { - 'user' => 'foo@localhost', - 'table' => 'somedb.*', - 'privileges' => ['SELECT', 'UPDATE'], - 'options' => ['GRANT'], - }, - 'foo2@localhost/*.*' => { - 'user' => 'foo2@localhost', - 'table' => '*.*', - 'privileges' => ['SELECT'], - }, - } } - end - - it { - is_expected.to contain_mysql_grant('foo@localhost/somedb.*').with( - user: 'foo@localhost', table: 'somedb.*', - privileges: ['SELECT', 'UPDATE'], options: ['GRANT'] - ) - } - it { - is_expected.to contain_mysql_grant('foo2@localhost/*.*').with( - user: 'foo2@localhost', table: '*.*', - privileges: ['SELECT'], options: nil - ) - } - end - - describe 'with databases' do - let(:params) do - { databases: { - 'somedb' => { - 'charset' => 'latin1', - 'collate' => 'latin1', - }, - 'somedb2' => {}, - } } - end - - it { - is_expected.to contain_mysql_database('somedb').with( - charset: 'latin1', - collate: 'latin1', - ) - } - it { is_expected.to contain_mysql_database('somedb2') } - end - end - end - end - # rubocop:enable RSpec/NestedGroups -end
--- a/modules/mysql/spec/default_facts.yml Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,8 +0,0 @@ -# Use default_module_facts.yml for module specific facts. -# -# Facts specified here will override the values provided by rspec-puppet-facts. ---- -ipaddress: "172.16.254.254" -ipaddress6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA" -is_pe: false -macaddress: "AA:AA:AA:AA:AA:AA"
--- a/modules/mysql/spec/defines/mysql_db_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,82 +0,0 @@ -require 'spec_helper' - -describe 'mysql::db', type: :define do - on_supported_os.each do |os, facts| - context "on #{os}" do - let(:facts) do - facts.merge(root_home: '/root') - end - - let(:title) { 'test_db' } - - let(:params) do - { 'user' => 'testuser', - 'password' => 'testpass', - 'mysql_exec_path' => '' } - end - - it 'does not notify the import sql exec if no sql script was provided' do - is_expected.to contain_mysql_database('test_db').without_notify - end - - it 'subscribes to database if sql script is given' do - params['sql'] = 'test_sql' - is_expected.to contain_mysql_database('test_db') - is_expected.to contain_exec('test_db-import').with_subscribe('Mysql_database[test_db]') - end - - it 'onlies import sql script on creation if not enforcing' do - params.merge!('sql' => 'test_sql', 'enforce_sql' => false) - is_expected.to contain_exec('test_db-import').with_refreshonly(true) - end - - it 'imports sql script on creation' do - params.merge!('sql' => 'test_sql', 'enforce_sql' => true) - # ' if enforcing #refreshonly' - is_expected.to contain_exec('test_db-import').with_refreshonly(false) - # 'if enforcing #command' - is_expected.to contain_exec('test_db-import').with_command('cat test_sql | mysql test_db') - end - - it 'imports sql script with custom command on creation ' do - params.merge!('sql' => 'test_sql', 'enforce_sql' => true, 'import_cat_cmd' => 'zcat') - # if enforcing #refreshonly - is_expected.to contain_exec('test_db-import').with_refreshonly(false) - # if enforcing #command - is_expected.to contain_exec('test_db-import').with_command('zcat test_sql | mysql test_db') - end - - it 'imports sql scripts when more than one is specified' do - params['sql'] = ['test_sql', 'test_2_sql'] - is_expected.to contain_exec('test_db-import').with_command('cat test_sql test_2_sql | mysql test_db') - end - - it 'does not create database' do - params.merge!('ensure' => 'absent', 'host' => 'localhost') - is_expected.to contain_mysql_database('test_db').with_ensure('absent') - is_expected.to contain_mysql_user('testuser@localhost').with_ensure('absent') - end - - it 'creates with an appropriate collate and charset' do - params.merge!('charset' => 'utf8', 'collate' => 'utf8_danish_ci') - is_expected.to contain_mysql_database('test_db').with('charset' => 'utf8', - 'collate' => 'utf8_danish_ci') - end - - it 'uses dbname parameter as database name instead of name' do - params['dbname'] = 'real_db' - is_expected.to contain_mysql_database('real_db') - end - - it 'uses tls_options for user when set' do - params['tls_options'] = ['SSL'] - is_expected.to contain_mysql_user('testuser@localhost').with_tls_options(['SSL']) - end - - it 'uses grant_options for grant when set' do - params['grant_options'] = ['GRANT'] - is_expected.to contain_mysql_grant('testuser@localhost/test_db.*').with_options(['GRANT']) - end - end - end -end
--- a/modules/mysql/spec/functions/mysql_normalise_and_deepmerge_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,92 +0,0 @@ -require 'spec_helper' - -describe 'mysql::normalise_and_deepmerge' do - it 'exists' do - is_expected.not_to eq(nil) - end - - it 'throws error with no arguments' do - is_expected.to run.with_params.and_raise_error(Puppet::ParseError) - end - - it 'throws error with only one argument' do - is_expected.to run.with_params('one' => 1).and_raise_error(Puppet::ParseError) - end - - it 'accepts empty strings as puppet undef' do - is_expected.to run.with_params({}, '') - end - - # rubocop:disable RSpec/NamedSubject - index_values = ['one', 'two', 'three'] - expected_values_one = ['1', '2', '2'] - it 'merge two hashes' do - new_hash = subject.execute({ 'one' => '1', 'two' => '1' }, 'two' => '2', 'three' => '2') - index_values.each_with_index do |index, expected| - expect(new_hash[index]).to eq(expected_values_one[expected]) - end - end - - it 'merges multiple hashes' do - hash = subject.execute({ 'one' => 1 }, { 'one' => '2' }, 'one' => '3') - expect(hash['one']).to eq('3') - end - - it 'accepts empty hashes' do - is_expected.to run.with_params({}, {}, {}).and_return({}) - end - - expected_values_two = [1, 2, 'four' => 4] - it 'merges subhashes' do - hash = subject.execute({ 'one' => 1 }, 'two' => 2, 'three' => { 'four' => 4 }) - index_values.each_with_index do |index, expected| - expect(hash[index]).to eq(expected_values_two[expected]) - end - end - - it 'appends to subhashes' do - hash = subject.execute({ 'one' => { 'two' => 2 } }, 'one' => { 'three' => 3 }) - expect(hash['one']).to eq('two' => 2, 'three' => 3) - end - - expected_values_three = [1, 'dos', { 'four' => 4, 'five' => 5 }] - it 'appends to subhashes 2' do - hash = subject.execute({ 'one' => 1, 'two' => 2, 'three' => { 'four' => 4 } }, 'two' => 'dos', 'three' => { 'five' => 5 }) - index_values.each_with_index do |index, expected| - expect(hash[index]).to eq(expected_values_three[expected]) - end - end - - index_values_two = ['key1', 'key2'] - expected_values_four = [{ 'a' => 1, 'b' => 99 }, 'c' => 3] - it 'appends to subhashes 3' do - hash = subject.execute({ 'key1' => { 'a' => 1, 'b' => 2 }, 'key2' => { 'c' => 3 } }, 'key1' => { 'b' => 99 }) - index_values_two.each_with_index do |index, expected| - expect(hash[index]).to eq(expected_values_four[expected]) - end - end - - it 'equates keys mod dash and underscore #value' do - hash = subject.execute({ 'a-b-c' => 1 }, 'a_b_c' => 10) - expect(hash['a_b_c']).to eq(10) - end - it 'equates keys mod dash and underscore #not' do - hash = subject.execute({ 'a-b-c' => 1 }, 'a_b_c' => 10) - expect(hash).not_to have_key('a-b-c') - end - - index_values_three = ['a_b_c', 'b-c-d'] - expected_values_five = [10, { 'e-f-g' => 3, 'c_d_e' => 12 }] - index_values_error = ['a-b-c', 'b_c_d'] - index_values_three.each_with_index do |index, expected| - it 'keeps style of the last when keys are equal mod dash and underscore #value' do - hash = subject.execute({ 'a-b-c' => 1, 'b_c_d' => { 'c-d-e' => 2, 'e-f-g' => 3 } }, 'a_b_c' => 10, 'b-c-d' => { 'c_d_e' => 12 }) - expect(hash[index]).to eq(expected_values_five[expected]) - end - it 'keeps style of the last when keys are equal mod dash and underscore #not' do - hash = subject.execute({ 'a-b-c' => 1, 'b_c_d' => { 'c-d-e' => 2, 'e-f-g' => 3 } }, 'a_b_c' => 10, 'b-c-d' => { 'c_d_e' => 12 }) - expect(hash).not_to have_key(index_values_error[expected]) - end - end - # rubocop:enable RSpec/NamedSubject -end
--- a/modules/mysql/spec/functions/mysql_password_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,31 +0,0 @@ -require 'spec_helper' - -describe 'mysql::password' do - it 'exists' do - is_expected.not_to eq(nil) - end - - it 'raises a ArgumentError if there is less than 1 arguments' do - is_expected.to run.with_params.and_raise_error(ArgumentError) - end - - it 'raises a ArgumentError if there is more than 1 arguments' do - is_expected.to run.with_params('foo', 'bar').and_raise_error(ArgumentError) - end - - it 'converts password into a hash' do - is_expected.to run.with_params('password').and_return('*2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19') - end - - it 'password should be String' do - is_expected.to run.with_params(123).and_raise_error(ArgumentError) - end - - it 'converts an empty password into a empty string' do - is_expected.to run.with_params('').and_return('') - end - - it 'does not convert a password that is already a hash' do - is_expected.to run.with_params('*2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19').and_return('*2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19') - end -end
--- a/modules/mysql/spec/functions/mysql_strip_hash_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,27 +0,0 @@ -require 'spec_helper' - -describe 'mysql::strip_hash' do - it 'exists' do - is_expected.not_to eq(nil) - end - - it 'raises a ArgumentError if there is less than 1 arguments' do - is_expected.to run.with_params.and_raise_error(ArgumentError) - end - - it 'raises a ArgumentError if there is more than 1 arguments' do - is_expected.to run.with_params({ 'foo' => 1 }, 'bar' => 2).and_raise_error(ArgumentError) - end - - it 'raises a ArgumentError if argument is not a hash' do - is_expected.to run.with_params('foo').and_raise_error(ArgumentError) - end - - it 'passes a hash without blanks through' do - is_expected.to run.with_params('one' => 1, 'two' => 2, 'three' => 3).and_return('one' => 1, 'two' => 2, 'three' => 3) - end - - it 'removes blank hash elements' do - is_expected.to run.with_params('one' => 1, 'two' => '', 'three' => nil, 'four' => 4).and_return('one' => 1, 'three' => nil, 'four' => 4) - end -end
--- a/modules/mysql/spec/spec_helper.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,56 +0,0 @@ -require 'puppetlabs_spec_helper/module_spec_helper' -require 'rspec-puppet-facts' - -require 'spec_helper_local' if File.file?(File.join(File.dirname(__FILE__), 'spec_helper_local.rb')) - -include RspecPuppetFacts - -default_facts = { - puppetversion: Puppet.version, - facterversion: Facter.version, -} - -default_fact_files = [ - File.expand_path(File.join(File.dirname(__FILE__), 'default_facts.yml')), - File.expand_path(File.join(File.dirname(__FILE__), 'default_module_facts.yml')), -] - -default_fact_files.each do |f| - next unless File.exist?(f) && File.readable?(f) && File.size?(f) - - begin - default_facts.merge!(YAML.safe_load(File.read(f), [], [], true)) - rescue => e - RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}" - end -end - -# read default_facts and merge them over what is provided by facterdb -default_facts.each do |fact, value| - add_custom_fact fact, value -end - -RSpec.configure do |c| - c.default_facts = default_facts - c.before :each do - # set to strictest setting for testing - # by default Puppet runs at warning level - Puppet.settings[:strict] = :warning - end - c.filter_run_excluding(bolt: true) unless ENV['GEM_BOLT'] - c.after(:suite) do - RSpec::Puppet::Coverage.report!(0) - end -end - -# Ensures that a module is defined -# @param module_name Name of the module -def ensure_module_defined(module_name) - module_name.split('::').reduce(Object) do |last_module, next_module| - last_module.const_set(next_module, Module.new) unless last_module.const_defined?(next_module, false) - last_module.const_get(next_module, false) - end -end - -# 'spec_overrides' from sync.yml will appear below this line -require 'spec_helper_local'
--- a/modules/mysql/spec/spec_helper_acceptance.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,82 +0,0 @@ -# frozen_string_literal: true - -require 'serverspec' -require 'puppet_litmus' -require 'spec_helper_acceptance_local' if File.file?(File.join(File.dirname(__FILE__), 'spec_helper_acceptance_local.rb')) -include PuppetLitmus - -if ENV['TARGET_HOST'].nil? || ENV['TARGET_HOST'] == 'localhost' - puts 'Running tests against this machine !' - if Gem.win_platform? - set :backend, :cmd - else - set :backend, :exec - end -else - # load inventory - inventory_hash = inventory_hash_from_inventory_file - node_config = config_from_node(inventory_hash, ENV['TARGET_HOST']) - - if target_in_group(inventory_hash, ENV['TARGET_HOST'], 'docker_nodes') - host = ENV['TARGET_HOST'] - set :backend, :docker - set :docker_container, host - elsif target_in_group(inventory_hash, ENV['TARGET_HOST'], 'ssh_nodes') - set :backend, :ssh - options = Net::SSH::Config.for(host) - options[:user] = node_config.dig('ssh', 'user') unless node_config.dig('ssh', 'user').nil? - options[:port] = node_config.dig('ssh', 'port') unless node_config.dig('ssh', 'port').nil? - options[:keys] = node_config.dig('ssh', 'private-key') unless node_config.dig('ssh', 'private-key').nil? - options[:password] = node_config.dig('ssh', 'password') unless node_config.dig('ssh', 'password').nil? - # Support both net-ssh 4 and 5. - # rubocop:disable Metrics/BlockNesting - options[:verify_host_key] = if node_config.dig('ssh', 'host-key-check').nil? - # Fall back to SSH behavior. This variable will only be set in net-ssh 5.3+. - if @strict_host_key_checking.nil? || @strict_host_key_checking - Net::SSH::Verifiers::Always.new - else - # SSH's behavior with StrictHostKeyChecking=no: adds new keys to known_hosts. - # If known_hosts points to /dev/null, then equivalent to :never where it - # accepts any key beacuse they're all new. - Net::SSH::Verifiers::AcceptNewOrLocalTunnel.new - end - elsif node_config.dig('ssh', 'host-key-check') - if defined?(Net::SSH::Verifiers::Always) - Net::SSH::Verifiers::Always.new - else - Net::SSH::Verifiers::Secure.new - end - elsif defined?(Net::SSH::Verifiers::Never) - Net::SSH::Verifiers::Never.new - else - Net::SSH::Verifiers::Null.new - end - # rubocop:enable Metrics/BlockNesting - host = if ENV['TARGET_HOST'].include?(':') - ENV['TARGET_HOST'].split(':').first - else - ENV['TARGET_HOST'] - end - set :host, options[:host_name] || host - set :ssh_options, options - set :request_pty, true - elsif target_in_group(inventory_hash, ENV['TARGET_HOST'], 'winrm_nodes') - require 'winrm' - - set :backend, :winrm - set :os, family: 'windows' - user = node_config.dig('winrm', 'user') unless node_config.dig('winrm', 'user').nil? - pass = node_config.dig('winrm', 'password') unless node_config.dig('winrm', 'password').nil? - endpoint = "http://#{ENV['TARGET_HOST']}:5985/wsman" - - opts = { - user: user, - password: pass, - endpoint: endpoint, - operation_timeout: 300, - } - - winrm = WinRM::Connection.new opts - Specinfra.configuration.winrm = winrm - end -end
--- a/modules/mysql/spec/spec_helper_acceptance_local.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,27 +0,0 @@ -# frozen_string_literal: true - -def pre_run - apply_manifest("class { 'mysql::server': root_password => 'password' }", catch_failures: true) -end - -def mysql_version - shell_output = run_shell('mysql --version', expect_failures: true) - if shell_output.stdout.match(%r{\d+\.\d+\.\d+}).nil? - pre_run - shell_output = run_shell('mysql --version') - raise _('unable to get mysql version') if shell_output.stdout.match(%r{\d+\.\d+\.\d+}).nil? - end - mysql_version = shell_output.stdout.match(%r{\d+\.\d+\.\d+})[0] - mysql_version -end - -RSpec.configure do |c| - c.before :suite do - if os[:family] == 'debian' || os[:family] == 'ubuntu' - # needed for the puppet fact - apply_manifest("package { 'lsb-release': ensure => installed, }", expect_failures: false) - end - # needed for the grant tests, not installed on el7 docker images - apply_manifest("package { 'which': ensure => installed, }", expect_failures: false) - end -end
--- a/modules/mysql/spec/spec_helper_local.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,31 +0,0 @@ -require 'rspec-puppet-facts' -include RspecPuppetFacts - -if ENV['COVERAGE'] == 'yes' - require 'simplecov' - require 'simplecov-console' - require 'codecov' - - SimpleCov.formatters = [ - SimpleCov::Formatter::HTMLFormatter, - SimpleCov::Formatter::Console, - SimpleCov::Formatter::Codecov, - ] - SimpleCov.start do - track_files 'lib/**/*.rb' - - add_filter '/spec' - - # do not track vendored files - add_filter '/vendor' - add_filter '/.vendor' - - # do not track gitignored files - # this adds about 4 seconds to the coverage check - # this could definitely be optimized - add_filter do |f| - # system returns true if exit status is 0, which with git-check-ignore means file is ignored - system("git check-ignore --quiet #{f.filename}") - end - end -end
--- a/modules/mysql/spec/unit/facter/mysql_server_id_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,36 +0,0 @@ -require 'spec_helper' - -describe Facter::Util::Fact.to_s do - before(:each) do - Facter.clear - end - - describe 'mysql_server_id' do - context "igalic's laptop" do - before :each do - Facter.fact(:macaddress).stubs(:value).returns('3c:97:0e:69:fb:e1') - end - it do - Facter.fact(:mysql_server_id).value.to_s.should == '4116385' - end - end - - context 'node with lo only' do - before :each do - Facter.fact(:macaddress).stubs(:value).returns('00:00:00:00:00:00') - end - it do - Facter.fact(:mysql_server_id).value.to_s.should == '0' - end - end - - context 'test nil case' do - before :each do - Facter.fact(:macaddress).stubs(:value).returns(nil) - end - it do - Facter.fact(:mysql_server_id).value.to_s.should == '' - end - end - end -end
--- a/modules/mysql/spec/unit/facter/mysql_version_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,19 +0,0 @@ -require 'spec_helper' - -describe Facter::Util::Fact.to_s do - before(:each) do - Facter.clear - end - - describe 'mysql_version' do - context 'with value' do - before :each do - Facter::Core::Execution.stubs(:which).returns('fake_mysql_path') - Facter::Util::Resolution.stubs(:exec).with('mysql --version').returns('mysql Ver 14.12 Distrib 5.0.95, for redhat-linux-gnu (x86_64) using readline 5.1') - end - it { - expect(Facter.fact(:mysql_version).value).to eq('5.0.95') - } - end - end -end
--- a/modules/mysql/spec/unit/facter/mysqld_version_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,19 +0,0 @@ -require 'spec_helper' - -describe Facter::Util::Fact.to_s do - before(:each) do - Facter.clear - end - - describe 'mysqld_version' do - context 'with value' do - before :each do - Facter::Core::Execution.stubs(:which).with('mysqld').returns('/usr/sbin/mysqld') - Facter::Util::Resolution.stubs(:exec).with('mysqld --no-defaults -V 2>/dev/null').returns('mysqld Ver 5.5.49-37.9 for Linux on x86_64 (Percona Server (GPL), Release 37.9, Revision efa0073)') - end - it { - expect(Facter.fact(:mysqld_version).value).to eq('mysqld Ver 5.5.49-37.9 for Linux on x86_64 (Percona Server (GPL), Release 37.9, Revision efa0073)') - } - end - end -end
--- a/modules/mysql/spec/unit/puppet/functions/mysql_password_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,36 +0,0 @@ -require 'spec_helper' - -describe 'the mysql_password function' do - before :all do # rubocop:disable RSpec/BeforeAfterAll - Puppet::Parser::Functions.autoloader.loadall - end - - let(:scope) { PuppetlabsSpec::PuppetInternals.scope } - - it 'exists' do - expect(Puppet::Parser::Functions.function('mysql_password')).to eq('function_mysql_password') - end - - it 'raises a ParseError if there is less than 1 arguments' do - expect { scope.function_mysql_password([]) }.to(raise_error(Puppet::ParseError)) - end - - it 'raises a ParseError if there is more than 1 arguments' do - expect { scope.function_mysql_password(['foo', 'bar']) }.to(raise_error(Puppet::ParseError)) - end - - it 'converts password into a hash' do - result = scope.function_mysql_password(['password']) - expect(result).to(eq('*2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19')) - end - - it 'converts an empty password into a empty string' do - result = scope.function_mysql_password(['']) - expect(result).to(eq('')) - end - - it 'does not convert a password that is already a hash' do - result = scope.function_mysql_password(['*2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19']) - expect(result).to(eq('*2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19')) - end -end
--- a/modules/mysql/spec/unit/puppet/provider/mysql_database/mysql_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,112 +0,0 @@ -require 'spec_helper' - -describe Puppet::Type.type(:mysql_database).provider(:mysql) do - let(:defaults_file) { '--defaults-extra-file=/root/.my.cnf' } - let(:parsed_databases) { ['information_schema', 'mydb', 'mysql', 'performance_schema', 'test'] } - let(:provider) { resource.provider } - let(:instance) { provider.class.instances.first } - let(:resource) do - Puppet::Type.type(:mysql_database).new( - ensure: :present, charset: 'latin1', - collate: 'latin1_swedish_ci', name: 'new_database', - provider: described_class.name - ) - end - let(:raw_databases) do - <<-SQL_OUTPUT -information_schema -mydb -mysql -performance_schema -test - SQL_OUTPUT - # rubocop:enable Layout/IndentHeredoc - end - - before :each do - Facter.stubs(:value).with(:root_home).returns('/root') - Puppet::Util.stubs(:which).with('mysql').returns('/usr/bin/mysql') - File.stubs(:file?).with('/root/.my.cnf').returns(true) - provider.class.stubs(:mysql_caller).with('show databases', 'regular').returns('new_database') - provider.class.stubs(:mysql_caller).with(["show variables like '%_database'", 'new_database'], 'regular').returns("character_set_database latin1\ncollation_database latin1_swedish_ci\nskip_show_database OFF") # rubocop:disable Metrics/LineLength - end - - describe 'self.instances' do - it 'returns an array of databases' do - provider.class.stubs(:mysql_caller).with('show databases', 'regular').returns(raw_databases) - raw_databases.each_line do |db| - provider.class.stubs(:mysql_caller).with(["show variables like '%_database'", db.chomp], 'regular').returns("character_set_database latin1\ncollation_database latin1_swedish_ci\nskip_show_database OFF") # rubocop:disable Metrics/LineLength - end - databases = provider.class.instances.map { |x| x.name } - expect(parsed_databases).to match_array(databases) - end - end - - describe 'self.prefetch' do - it 'exists' do - provider.class.instances - provider.class.prefetch({}) - end - end - - describe 'create' do - it 'makes a database' do - provider.class.expects(:mysql_caller).with("create database if not exists `#{resource[:name]}` character set `#{resource[:charset]}` collate `#{resource[:collate]}`", 'regular') - provider.expects(:exists?).returns(true) - expect(provider.create).to be_truthy - end - end - - describe 'destroy' do - it 'removes a database if present' do - provider.class.expects(:mysql_caller).with("drop database if exists `#{resource[:name]}`", 'regular') - provider.expects(:exists?).returns(false) - expect(provider.destroy).to be_truthy - end - end - - describe 'exists?' do - it 'checks if database exists' do - expect(instance).to be_exists - end - end - - describe 'self.defaults_file' do - it 'sets --defaults-extra-file' do - File.stubs(:file?).with('/root/.my.cnf').returns(true) - expect(provider.defaults_file).to eq '--defaults-extra-file=/root/.my.cnf' - end - it 'fails if file missing' do - File.stubs(:file?).with('/root/.my.cnf').returns(false) - expect(provider.defaults_file).to be_nil - end - end - - describe 'charset' do - it 'returns a charset' do - expect(instance.charset).to eq('latin1') - end - end - - describe 'charset=' do - it 'changes the charset' do - provider.class.expects(:mysql_caller).with("alter database `#{resource[:name]}` CHARACTER SET blah", 'regular').returns('0') - - provider.charset = 'blah' - end - end - - describe 'collate' do - it 'returns a collate' do - expect(instance.collate).to eq('latin1_swedish_ci') - end - end - - describe 'collate=' do - it 'changes the collate' do - provider.class.expects(:mysql_caller).with("alter database `#{resource[:name]}` COLLATE blah", 'regular').returns('0') - - provider.collate = 'blah' - end - end -end
--- a/modules/mysql/spec/unit/puppet/provider/mysql_plugin/mysql_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,68 +0,0 @@ -require 'spec_helper' - -describe Puppet::Type.type(:mysql_plugin).provider(:mysql) do - let(:defaults_file) { '--defaults-extra-file=/root/.my.cnf' } - let(:provider) { resource.provider } - let(:instance) { provider.class.instances.first } - let(:resource) do - Puppet::Type.type(:mysql_plugin).new( - ensure: :present, - soname: 'auth_socket.so', - name: 'auth_socket', - provider: described_class.name, - ) - end - - before :each do - Facter.stubs(:value).with(:root_home).returns('/root') - Puppet::Util.stubs(:which).with('mysql').returns('/usr/bin/mysql') - File.stubs(:file?).with('/root/.my.cnf').returns(true) - provider.class.stubs(:mysql_caller).with('show plugins', 'regular').returns('auth_socket ACTIVE AUTHENTICATION auth_socket.so GPL') - end - - describe 'self.prefetch' do - it 'exists' do - provider.class.instances - provider.class.prefetch({}) - end - end - - describe 'create' do - it 'loads a plugin' do - provider.class.expects(:mysql_caller).with("install plugin #{resource[:name]} soname '#{resource[:soname]}'", 'regular') - provider.expects(:exists?).returns(true) - expect(provider.create).to be_truthy - end - end - - describe 'destroy' do - it 'unloads a plugin if present' do - provider.class.expects(:mysql_caller).with("uninstall plugin #{resource[:name]}", 'regular') - provider.expects(:exists?).returns(false) - expect(provider.destroy).to be_truthy - end - end - - describe 'exists?' do - it 'checks if plugin exists' do - expect(instance).to be_exists - end - end - - describe 'self.defaults_file' do - it 'sets --defaults-extra-file' do - File.stubs(:file?).with('/root/.my.cnf').returns(true) - expect(provider.defaults_file).to eq '--defaults-extra-file=/root/.my.cnf' - end - it 'fails if file missing' do - File.stubs(:file?).with('/root/.my.cnf').returns(false) - expect(provider.defaults_file).to be_nil - end - end - - describe 'soname' do - it 'returns a soname' do - expect(instance.soname).to eq('auth_socket.so') - end - end -end
--- a/modules/mysql/spec/unit/puppet/provider/mysql_user/mysql_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,394 +0,0 @@ -require 'spec_helper' - -describe Puppet::Type.type(:mysql_user).provider(:mysql) do - # Output of mysqld -V - mysql_version_string_hash = { - 'mysql-5.5' => - { - version: '5.5.46', - string: '/usr/sbin/mysqld Ver 5.5.46-log for Linux on x86_64 (MySQL Community Server (GPL))', - mysql_type: 'mysql', - }, - 'mysql-5.6' => - { - version: '5.6.27', - string: '/usr/sbin/mysqld Ver 5.6.27 for Linux on x86_64 (MySQL Community Server (GPL))', - mysql_type: 'mysql', - }, - 'mysql-5.7.1' => - { - version: '5.7.1', - string: '/usr/sbin/mysqld Ver 5.7.1 for Linux on x86_64 (MySQL Community Server (GPL))', - mysql_type: 'mysql', - }, - 'mysql-5.7.6' => - { - version: '5.7.8', - string: '/usr/sbin/mysqld Ver 5.7.8-rc for Linux on x86_64 (MySQL Community Server (GPL))', - mysql_type: 'mysql', - }, - 'mariadb-10.0' => - { - version: '10.0.21', - string: '/usr/sbin/mysqld Ver 10.0.21-MariaDB for Linux on x86_64 (MariaDB Server)', - mysql_type: 'mariadb', - }, - 'mariadb-10.0-deb8' => - { - version: '10.0.23', - string: '/usr/sbin/mysqld (mysqld 10.0.23-MariaDB-0+deb8u1)', - mysql_type: 'mariadb', - }, - 'percona-5.5' => - { - version: '5.5.39', - string: 'mysqld Ver 5.5.39-36.0-55 for Linux on x86_64 (Percona XtraDB Cluster (GPL), Release rel36.0, Revision 824, WSREP version 25.11, wsrep_25.11.r4023)', - mysql_type: 'percona', - }, - } - - let(:defaults_file) { '--defaults-extra-file=/root/.my.cnf' } - let(:system_database) { '--database=mysql' } - let(:newhash) { '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5' } - - let(:raw_users) do - <<-SQL_OUTPUT -root@127.0.0.1 -root@::1 -@localhost -debian-sys-maint@localhost -root@localhost -usvn_user@localhost -@vagrant-ubuntu-raring-64 - SQL_OUTPUT - # rubocop:enable Layout/IndentHeredoc - end - - let(:parsed_users) { ['root@127.0.0.1', 'root@::1', '@localhost', 'debian-sys-maint@localhost', 'root@localhost', 'usvn_user@localhost', '@vagrant-ubuntu-raring-64'] } - let(:provider) { resource.provider } - let(:instance) { provider.class.instances.first } - let(:resource) do - Puppet::Type.type(:mysql_user).new( - ensure: :present, - password_hash: '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4', - name: 'joe@localhost', - max_user_connections: '10', - max_connections_per_hour: '10', - max_queries_per_hour: '10', - max_updates_per_hour: '10', - provider: described_class.name, - ) - end - - before :each do - # Set up the stubs for an instances call. - Facter.stubs(:value).with(:root_home).returns('/root') - Facter.stubs(:value).with(:mysql_version).returns('5.6.24') - provider.class.instance_variable_set(:@mysqld_version_string, '5.6.24') - Puppet::Util.stubs(:which).with('mysql').returns('/usr/bin/mysql') - Puppet::Util.stubs(:which).with('mysqld').returns('/usr/sbin/mysqld') - File.stubs(:file?).with('/root/.my.cnf').returns(true) - provider.class.stubs(:mysql_caller).with("SELECT CONCAT(User, '@',Host) AS User FROM mysql.user", 'regular').returns('joe@localhost') - provider.class.stubs(:mysql_caller).with("SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, SSL_TYPE, SSL_CIPHER, X509_ISSUER, X509_SUBJECT, PASSWORD /*!50508 , PLUGIN */ FROM mysql.user WHERE CONCAT(user, '@', host) = 'joe@localhost'", 'regular').returns('10 10 10 10 *6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4') # rubocop:disable Metrics/LineLength - end - - describe 'self.instances' do - it 'returns an array of users MySQL 5.5' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.5'][:string]) - provider.class.stubs(:mysql_caller).with("SELECT CONCAT(User, '@',Host) AS User FROM mysql.user", 'regular').returns(raw_users) - parsed_users.each { |user| provider.class.stubs(:mysql_caller).with("SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, SSL_TYPE, SSL_CIPHER, X509_ISSUER, X509_SUBJECT, PASSWORD /*!50508 , PLUGIN */ FROM mysql.user WHERE CONCAT(user, '@', host) = '#{user}'", 'regular').returns('10 10 10 10 ') } # rubocop:disable Metrics/LineLength - - usernames = provider.class.instances.map { |x| x.name } - expect(parsed_users).to match_array(usernames) - end - it 'returns an array of users MySQL 5.6' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.6'][:string]) - provider.class.stubs(:mysql_caller).with("SELECT CONCAT(User, '@',Host) AS User FROM mysql.user", 'regular').returns(raw_users) - parsed_users.each { |user| provider.class.stubs(:mysql_caller).with("SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, SSL_TYPE, SSL_CIPHER, X509_ISSUER, X509_SUBJECT, PASSWORD /*!50508 , PLUGIN */ FROM mysql.user WHERE CONCAT(user, '@', host) = '#{user}'", 'regular').returns('10 10 10 10 ') } # rubocop:disable Metrics/LineLength - - usernames = provider.class.instances.map { |x| x.name } - expect(parsed_users).to match_array(usernames) - end - it 'returns an array of users MySQL >= 5.7.0 < 5.7.6' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.7.1'][:string]) - provider.class.stubs(:mysql_caller).with("SELECT CONCAT(User, '@',Host) AS User FROM mysql.user", 'regular').returns(raw_users) - parsed_users.each { |user| provider.class.stubs(:mysql_caller).with("SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, SSL_TYPE, SSL_CIPHER, X509_ISSUER, X509_SUBJECT, PASSWORD /*!50508 , PLUGIN */ FROM mysql.user WHERE CONCAT(user, '@', host) = '#{user}'", 'regular').returns('10 10 10 10 ') } # rubocop:disable Metrics/LineLength - - usernames = provider.class.instances.map { |x| x.name } - expect(parsed_users).to match_array(usernames) - end - it 'returns an array of users MySQL >= 5.7.6' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.7.6'][:string]) - provider.class.stubs(:mysql_caller).with("SELECT CONCAT(User, '@',Host) AS User FROM mysql.user", 'regular').returns(raw_users) - parsed_users.each { |user| provider.class.stubs(:mysql_caller).with("SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, SSL_TYPE, SSL_CIPHER, X509_ISSUER, X509_SUBJECT, AUTHENTICATION_STRING, PLUGIN FROM mysql.user WHERE CONCAT(user, '@', host) = '#{user}'", 'regular').returns('10 10 10 10 ') } # rubocop:disable Metrics/LineLength - - usernames = provider.class.instances.map { |x| x.name } - expect(parsed_users).to match_array(usernames) - end - it 'returns an array of users mariadb 10.0' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mariadb-10.0'][:string]) - provider.class.stubs(:mysql_caller).with("SELECT CONCAT(User, '@',Host) AS User FROM mysql.user", 'regular').returns(raw_users) - parsed_users.each { |user| provider.class.stubs(:mysql_caller).with("SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, SSL_TYPE, SSL_CIPHER, X509_ISSUER, X509_SUBJECT, PASSWORD /*!50508 , PLUGIN */ FROM mysql.user WHERE CONCAT(user, '@', host) = '#{user}'", 'regular').returns('10 10 10 10 ') } # rubocop:disable Metrics/LineLength - - usernames = provider.class.instances.map { |x| x.name } - expect(parsed_users).to match_array(usernames) - end - it 'returns an array of users percona 5.5' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['percona-5.5'][:string]) - provider.class.stubs(:mysql_caller).with("SELECT CONCAT(User, '@',Host) AS User FROM mysql.user", 'regular').returns(raw_users) - parsed_users.each { |user| provider.class.stubs(:mysql_caller).with("SELECT MAX_USER_CONNECTIONS, MAX_CONNECTIONS, MAX_QUESTIONS, MAX_UPDATES, SSL_TYPE, SSL_CIPHER, X509_ISSUER, X509_SUBJECT, PASSWORD /*!50508 , PLUGIN */ FROM mysql.user WHERE CONCAT(user, '@', host) = '#{user}'", 'regular').returns('10 10 10 10 ') } # rubocop:disable Metrics/LineLength - - usernames = provider.class.instances.map { |x| x.name } - expect(parsed_users).to match_array(usernames) - end - end - - describe 'mysql version and type detection' do - mysql_version_string_hash.each do |_name, line| - version = line[:version] - string = line[:string] - mysql_type = line[:mysql_type] - it "detects version '#{version}'" do - provider.class.instance_variable_set(:@mysqld_version_string, string) - expect(provider.mysqld_version).to eq(version) - end - it "detects type '#{mysql_type}'" do - provider.class.instance_variable_set(:@mysqld_version_string, string) - expect(provider.mysqld_type).to eq(mysql_type) - end - end - end - - describe 'self.prefetch' do - it 'exists' do - provider.class.instances - provider.class.prefetch({}) - end - end - - describe 'create' do - it 'makes a user' do - provider.class.expects(:mysql_caller).with("CREATE USER 'joe'@'localhost' IDENTIFIED BY PASSWORD '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4'", 'system') - provider.class.expects(:mysql_caller).with("GRANT USAGE ON *.* TO 'joe'@'localhost' WITH MAX_USER_CONNECTIONS 10 MAX_CONNECTIONS_PER_HOUR 10 MAX_QUERIES_PER_HOUR 10 MAX_UPDATES_PER_HOUR 10", 'system') # rubocop:disable Metrics/LineLength - provider.class.expects(:mysql_caller).with("GRANT USAGE ON *.* TO 'joe'@'localhost' REQUIRE NONE", 'system') - provider.expects(:exists?).returns(true) - expect(provider.create).to be_truthy - end - it 'creates a user using IF NOT EXISTS' do - provider.class.instance_variable_set(:@mysqld_version_string, '5.7.6') - - provider.class.expects(:mysql_caller).with("CREATE USER IF NOT EXISTS 'joe'@'localhost' IDENTIFIED WITH 'mysql_native_password' AS '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4'", 'system') # rubocop:disable Metrics/LineLength - provider.class.expects(:mysql_caller).with("ALTER USER IF EXISTS 'joe'@'localhost' WITH MAX_USER_CONNECTIONS 10 MAX_CONNECTIONS_PER_HOUR 10 MAX_QUERIES_PER_HOUR 10 MAX_UPDATES_PER_HOUR 10", 'system') # rubocop:disable Metrics/LineLength - provider.class.expects(:mysql_caller).with("ALTER USER 'joe'@'localhost' REQUIRE NONE", 'system') - provider.expects(:exists?).returns(true) - expect(provider.create).to be_truthy - end - end - - describe 'destroy' do - it 'removes a user if present' do - provider.class.expects(:mysql_caller).with("DROP USER 'joe'@'localhost'", 'system') - provider.expects(:exists?).returns(false) - expect(provider.destroy).to be_truthy - end - it 'removes a user using IF EXISTS' do - provider.class.instance_variable_set(:@mysqld_version_string, '5.7.1') - - provider.class.expects(:mysql_caller).with("DROP USER IF EXISTS 'joe'@'localhost'", 'system') - expect(provider.destroy).to be_truthy - end - end - - describe 'exists?' do - it 'checks if user exists' do - expect(instance).to be_exists - end - end - - describe 'self.mysqld_version' do - it 'uses the mysqld_version fact if unset' do - provider.class.instance_variable_set(:@mysqld_version_string, nil) - Facter.stubs(:value).with(:mysqld_version).returns('5.6.24') - expect(provider.mysqld_version).to eq '5.6.24' - end - it 'returns 5.7.6 for "mysqld Ver 5.7.6 for Linux on x86_64 (MySQL Community Server (GPL))"' do - provider.class.instance_variable_set(:@mysqld_version_string, 'mysqld Ver 5.7.6 for Linux on x86_64 (MySQL Community Server (GPL))') - expect(provider.mysqld_version).to eq '5.7.6' - end - it 'returns 5.7.6 for "mysqld Ver 5.7.6-rc for Linux on x86_64 (MySQL Community Server (GPL))"' do - provider.class.instance_variable_set(:@mysqld_version_string, 'mysqld Ver 5.7.6-rc for Linux on x86_64 (MySQL Community Server (GPL))') - expect(provider.mysqld_version).to eq '5.7.6' - end - it 'detects >= 5.7.6 for 5.7.7-log' do - provider.class.instance_variable_set(:@mysqld_version_string, 'mysqld Ver 5.7.7-log for Linux on x86_64 (MySQL Community Server (GPL))') - expect(Puppet::Util::Package.versioncmp(provider.mysqld_version, '5.7.6')).to be >= 0 - end - it 'detects < 5.7.6 for 5.7.5-log' do - provider.class.instance_variable_set(:@mysqld_version_string, 'mysqld Ver 5.7.5-log for Linux on x86_64 (MySQL Community Server (GPL))') - expect(Puppet::Util::Package.versioncmp(provider.mysqld_version, '5.7.6')).to be < 0 - end - end - - describe 'self.defaults_file' do - it 'sets --defaults-extra-file' do - File.stubs(:file?).with('/root/.my.cnf').returns(true) - expect(provider.defaults_file).to eq '--defaults-extra-file=/root/.my.cnf' - end - it 'fails if file missing' do - File.expects(:file?).with('/root/.my.cnf').returns(false) - expect(provider.defaults_file).to be_nil - end - end - - describe 'password_hash' do - it 'returns a hash' do - expect(instance.password_hash).to eq('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4') - end - end - - describe 'password_hash=' do - it 'changes the hash mysql 5.5' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.5'][:string]) - provider.class.expects(:mysql_caller).with("SET PASSWORD FOR 'joe'@'localhost' = '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5'", 'system').returns('0') - - provider.expects(:password_hash).returns('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') - provider.password_hash = '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5' - end - it 'changes the hash mysql 5.6' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.6'][:string]) - provider.class.expects(:mysql_caller).with("SET PASSWORD FOR 'joe'@'localhost' = '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5'", 'system').returns('0') - - provider.expects(:password_hash).returns('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') - provider.password_hash = '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5' - end - it 'changes the hash mysql < 5.7.6' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.7.1'][:string]) - provider.class.expects(:mysql_caller).with("SET PASSWORD FOR 'joe'@'localhost' = '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5'", 'system').returns('0') - - provider.expects(:password_hash).returns('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') - provider.password_hash = '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5' - end - it 'changes the hash MySQL >= 5.7.6' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.7.6'][:string]) - provider.class.expects(:mysql_caller).with("ALTER USER 'joe'@'localhost' IDENTIFIED WITH mysql_native_password AS '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5'", 'system').returns('0') # rubocop:disable Metrics/LineLength - - provider.expects(:password_hash).returns('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') - provider.password_hash = '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5' - end - it 'changes the hash mariadb-10.0' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mariadb-10.0'][:string]) - provider.class.expects(:mysql_caller).with("SET PASSWORD FOR 'joe'@'localhost' = '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5'", 'system').returns('0') - - provider.expects(:password_hash).returns('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') - provider.password_hash = '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5' - end - it 'changes the hash percona-5.5' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['percona-5.5'][:string]) - provider.class.expects(:mysql_caller).with("SET PASSWORD FOR 'joe'@'localhost' = '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5'", 'system').returns('0') - - provider.expects(:password_hash).returns('*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5') - provider.password_hash = '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF5' - end - end - - describe 'plugin=' do - context 'auth_socket' do - context 'MySQL < 5.7.6' do - it 'changes the authentication plugin' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.7.1'][:string]) - provider.class.expects(:mysql_caller).with("UPDATE mysql.user SET plugin = 'auth_socket', password = '' WHERE CONCAT(user, '@', host) = 'joe@localhost'", 'system').returns('0') - - provider.expects(:plugin).returns('auth_socket') - provider.plugin = 'auth_socket' - end - end - - context 'MySQL >= 5.7.6' do - it 'changes the authentication plugin' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.7.6'][:string]) - provider.class.expects(:mysql_caller).with("ALTER USER 'joe'@'localhost' IDENTIFIED WITH 'auth_socket'", 'system').returns('0') - - provider.expects(:plugin).returns('auth_socket') - provider.plugin = 'auth_socket' - end - end - end - - context 'mysql_native_password' do - context 'MySQL < 5.7.6' do - it 'changes the authentication plugin' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.7.1'][:string]) - provider.class.expects(:mysql_caller).with("UPDATE mysql.user SET plugin = 'mysql_native_password', password = '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4' WHERE CONCAT(user, '@', host) = 'joe@localhost'", 'system').returns('0') # rubocop:disable Metrics/LineLength - - provider.expects(:plugin).returns('mysql_native_password') - provider.plugin = 'mysql_native_password' - end - end - - context 'MySQL >= 5.7.6' do - it 'changes the authentication plugin' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.7.6'][:string]) - provider.class.expects(:mysql_caller).with("ALTER USER 'joe'@'localhost' IDENTIFIED WITH 'mysql_native_password' AS '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4'", 'system').returns('0') # rubocop:disable Metrics/LineLength - - provider.expects(:plugin).returns('mysql_native_password') - provider.plugin = 'mysql_native_password' - end - end - end - # rubocop:enable RSpec/NestedGroups - end - - describe 'tls_options=' do - it 'adds SSL option grant in mysql 5.5' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.5'][:string]) - provider.class.expects(:mysql_caller).with("GRANT USAGE ON *.* TO 'joe'@'localhost' REQUIRE NONE", 'system').returns('0') - - provider.expects(:tls_options).returns(['NONE']) - provider.tls_options = ['NONE'] - end - it 'adds SSL option grant in mysql 5.6' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.6'][:string]) - provider.class.expects(:mysql_caller).with("GRANT USAGE ON *.* TO 'joe'@'localhost' REQUIRE NONE", 'system').returns('0') - - provider.expects(:tls_options).returns(['NONE']) - provider.tls_options = ['NONE'] - end - it 'adds SSL option grant in mysql < 5.7.6' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.7.1'][:string]) - provider.class.expects(:mysql_caller).with("GRANT USAGE ON *.* TO 'joe'@'localhost' REQUIRE NONE", 'system').returns('0') - - provider.expects(:tls_options).returns(['NONE']) - provider.tls_options = ['NONE'] - end - it 'adds SSL option grant in mysql >= 5.7.6' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mysql-5.7.6'][:string]) - provider.class.expects(:mysql_caller).with("ALTER USER 'joe'@'localhost' REQUIRE NONE", 'system').returns('0') - - provider.expects(:tls_options).returns(['NONE']) - provider.tls_options = ['NONE'] - end - it 'adds SSL option grant in mariadb-10.0' do - provider.class.instance_variable_set(:@mysqld_version_string, mysql_version_string_hash['mariadb-10.0'][:string]) - provider.class.expects(:mysql_caller).with("GRANT USAGE ON *.* TO 'joe'@'localhost' REQUIRE NONE", 'system').returns('0') - - provider.expects(:tls_options).returns(['NONE']) - provider.tls_options = ['NONE'] - end - end - - ['max_user_connections', 'max_connections_per_hour', 'max_queries_per_hour', 'max_updates_per_hour'].each do |property| - describe property do - it "returns #{property}" do - expect(instance.send(property.to_s.to_sym)).to eq('10') - end - end - - describe "#{property}=" do - it "changes #{property}" do - provider.class.expects(:mysql_caller).with("GRANT USAGE ON *.* TO 'joe'@'localhost' WITH #{property.upcase} 42", 'system').returns('0') - provider.expects(property.to_sym).returns('42') - provider.send("#{property}=".to_sym, '42') - end - end - end -end
--- a/modules/mysql/spec/unit/puppet/type/mysql_database_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,25 +0,0 @@ -require 'puppet' -require 'puppet/type/mysql_database' -describe Puppet::Type.type(:mysql_database) do - let(:user) { Puppet::Type.type(:mysql_database).new(name: 'test', charset: 'utf8', collate: 'utf8_blah_ci') } - - it 'accepts a database name' do - expect(user[:name]).to eq('test') - end - - it 'accepts a charset' do - user[:charset] = 'latin1' - expect(user[:charset]).to eq('latin1') - end - - it 'accepts a collate' do - user[:collate] = 'latin1_swedish_ci' - expect(user[:collate]).to eq('latin1_swedish_ci') - end - - it 'requires a name' do - expect { - Puppet::Type.type(:mysql_database).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end -end
--- a/modules/mysql/spec/unit/puppet/type/mysql_grant_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,102 +0,0 @@ -require 'puppet' -require 'puppet/type/mysql_grant' -require 'spec_helper' -describe Puppet::Type.type(:mysql_grant) do - let(:user) { Puppet::Type.type(:mysql_grant).new(name: 'foo@localhost/*.*', privileges: ['ALL'], table: ['*.*'], user: 'foo@localhost') } - - it 'accepts a grant name' do - expect(user[:name]).to eq('foo@localhost/*.*') - end - - it 'accepts ALL privileges' do - user[:privileges] = 'ALL' - expect(user[:privileges]).to eq(['ALL']) - end - - context 'PROXY privilege with mysql greater than or equal to 5.5.0' do - before :each do - Facter.stubs(:value).with(:mysql_version).returns('5.5.0') - end - - it 'does not raise error' do - user[:privileges] = 'PROXY' - user[:table] = 'proxy_user@proxy_host' - expect(user[:privileges]).to eq(['PROXY']) - end - end - - context 'PROXY privilege with mysql greater than or equal to 5.4.0' do - before :each do - Facter.stubs(:value).with(:mysql_version).returns('5.4.0') - end - - it 'raises error' do - expect { - user[:privileges] = 'PROXY' - }.to raise_error(Puppet::ResourceError, %r{PROXY user not supported on mysql versions < 5.5.0}) - end - end - - it 'accepts a table' do - user[:table] = '*.*' - expect(user[:table]).to eq('*.*') - end - - it 'accepts @ for table' do - user[:table] = '@' - expect(user[:table]).to eq('@') - end - - it 'accepts proxy user for table' do - user[:table] = 'proxy_user@proxy_host' - expect(user[:table]).to eq('proxy_user@proxy_host') - end - - it 'accepts a user' do - user[:user] = 'foo@localhost' - expect(user[:user]).to eq('foo@localhost') - end - - it 'requires a name' do - expect { - Puppet::Type.type(:mysql_grant).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'requires the name to match the user and table #general' do - expect { - Puppet::Type.type(:mysql_grant).new(name: 'foo@localhost/*.*', privileges: ['ALL'], table: ['*.*'], user: 'foo@localhost') - }.not_to raise_error - end - it 'requires the name to match the user and table #specific' do - expect { - Puppet::Type.type(:mysql_grant).new(name: 'foo', privileges: ['ALL'], table: ['*.*'], user: 'foo@localhost') - }.to raise_error %r{mysql_grant: `name` `parameter` must match user@host\/table format} - end - - describe 'it should munge privileges' do - it 'to just ALL' do - user = Puppet::Type.type(:mysql_grant).new( - name: 'foo@localhost/*.*', table: ['*.*'], user: 'foo@localhost', - privileges: ['ALL'] - ) - expect(user[:privileges]).to eq(['ALL']) - end - - it 'to upcase and ordered' do - user = Puppet::Type.type(:mysql_grant).new( - name: 'foo@localhost/*.*', table: ['*.*'], user: 'foo@localhost', - privileges: ['select', 'Insert'] - ) - expect(user[:privileges]).to eq(['INSERT', 'SELECT']) - end - - it 'ordered including column privileges' do - user = Puppet::Type.type(:mysql_grant).new( - name: 'foo@localhost/*.*', table: ['*.*'], user: 'foo@localhost', - privileges: ['SELECT(Host,Address)', 'Insert'] - ) - expect(user[:privileges]).to eq(['INSERT', 'SELECT (Address, Host)']) - end - end -end
--- a/modules/mysql/spec/unit/puppet/type/mysql_plugin_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,20 +0,0 @@ -require 'puppet' -require 'puppet/type/mysql_plugin' -describe Puppet::Type.type(:mysql_plugin) do - let(:plugin) { Puppet::Type.type(:mysql_plugin).new(name: 'test', soname: 'test.so') } - - it 'accepts a plugin name' do - expect(plugin[:name]).to eq('test') - end - - it 'accepts a library name' do - plugin[:soname] = 'test.so' - expect(plugin[:soname]).to eq('test.so') - end - - it 'requires a name' do - expect { - Puppet::Type.type(:mysql_plugin).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end -end
--- a/modules/mysql/spec/unit/puppet/type/mysql_user_spec.rb Mon Jan 03 17:15:14 2022 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,136 +0,0 @@ -require 'puppet' -require 'puppet/type/mysql_user' -require 'spec_helper' -describe Puppet::Type.type(:mysql_user) do - context 'On MySQL 5.x' do - before :each do - Facter.stubs(:value).with(:mysql_version).returns('5.6.24') - end - - it 'fails with a long user name' do - expect { - Puppet::Type.type(:mysql_user).new(name: '12345678901234567@localhost', password_hash: 'pass') - }.to raise_error %r{MySQL usernames are limited to a maximum of 16 characters} - end - end - - context 'On MariaDB 10.0.0+' do - let(:user) { Puppet::Type.type(:mysql_user).new(name: '12345678901234567@localhost', password_hash: 'pass') } - - before :each do - Facter.stubs(:value).with(:mysql_version).returns('10.0.19') - end - - it 'succeeds with a long user name on MariaDB' do - expect(user[:name]).to eq('12345678901234567@localhost') - end - end - - it 'requires a name' do - expect { - Puppet::Type.type(:mysql_user).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - context 'using foo@localhost' do - let(:user) { Puppet::Type.type(:mysql_user).new(name: 'foo@localhost', password_hash: 'pass') } - - it 'accepts a user name' do - expect(user[:name]).to eq('foo@localhost') - end - - it 'accepts a password' do - user[:password_hash] = 'foo' - expect(user[:password_hash]).to eq('foo') - end - - it 'accepts an empty password' do - user[:password_hash] = '' - expect(user[:password_hash]).to eq('') - end - end - - context 'using foo@LocalHost' do - let(:user) { Puppet::Type.type(:mysql_user).new(name: 'foo@LocalHost', password_hash: 'pass') } - - it 'lowercases the user name' do - expect(user[:name]).to eq('foo@localhost') - end - end - - context 'using foo@192.168.1.0/255.255.255.0' do - let(:user) { Puppet::Type.type(:mysql_user).new(name: 'foo@192.168.1.0/255.255.255.0', password_hash: 'pass') } - - it 'creates the user with the netmask' do - expect(user[:name]).to eq('foo@192.168.1.0/255.255.255.0') - end - end - - context 'using allo_wed$char@localhost' do - let(:user) { Puppet::Type.type(:mysql_user).new(name: 'allo_wed$char@localhost', password_hash: 'pass') } - - it 'accepts a user name' do - expect(user[:name]).to eq('allo_wed$char@localhost') - end - end - - context 'ensure the default \'debian-sys-main\'@localhost user can be parsed' do - let(:user) { Puppet::Type.type(:mysql_user).new(name: '\'debian-sys-maint\'@localhost', password_hash: 'pass') } - - it 'accepts a user name' do - expect(user[:name]).to eq('\'debian-sys-maint\'@localhost') - end - end - - context 'using a quoted 16 char username' do - let(:user) { Puppet::Type.type(:mysql_user).new(name: '"debian-sys-maint"@localhost', password_hash: 'pass') } - - it 'accepts a user name' do - expect(user[:name]).to eq('"debian-sys-maint"@localhost') - end - end - - context 'using a quoted username that is too long ' do - before :each do - Facter.stubs(:value).with(:mysql_version).returns('5.6.24') - end - - it 'fails with a size error' do - expect { - Puppet::Type.type(:mysql_user).new(name: '"debian-sys-maint2"@localhost', password_hash: 'pass') - }.to raise_error %r{MySQL usernames are limited to a maximum of 16 characters} - end - end - - context 'using `speci!al#`@localhost' do - let(:user) { Puppet::Type.type(:mysql_user).new(name: '`speci!al#`@localhost', password_hash: 'pass') } - - it 'accepts a quoted user name with special chatracters' do - expect(user[:name]).to eq('`speci!al#`@localhost') - end - end - - context 'using in-valid@localhost' do - let(:user) { Puppet::Type.type(:mysql_user).new(name: 'in-valid@localhost', password_hash: 'pass') } - - it 'accepts a user name with special chatracters' do - expect(user[:name]).to eq('in-valid@localhost') - end - end - - context 'using "misquoted@localhost' do - it 'fails with a misquoted username is used' do - expect { - Puppet::Type.type(:mysql_user).new(name: '"misquoted@localhost', password_hash: 'pass') - }.to raise_error %r{Invalid database user "misquoted@localhost} - end - end - - context 'using invalid options' do - it 'fails with an invalid option' do - expect { - Puppet::Type.type(:mysql_user).new(name: 'misquoted@localhost', password_hash: 'pass', tls_options: ['SOMETHING_ELSE']) - }.to raise_error %r{Invalid tls option} - end - end -end
--- a/modules/mysql/tasks/export.rb Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/tasks/export.rb Mon Jan 03 17:16:21 2022 +0000 @@ -1,4 +1,6 @@ #!/opt/puppetlabs/puppet/bin/ruby +# frozen_string_literal: true + require 'json' require 'open3' require 'puppet'
--- a/modules/mysql/tasks/sql.rb Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/tasks/sql.rb Mon Jan 03 17:16:21 2022 +0000 @@ -1,4 +1,6 @@ #!/opt/puppetlabs/puppet/bin/ruby +# frozen_string_literal: true + require 'json' require 'open3' require 'puppet'
--- a/modules/mysql/templates/my.cnf.pass.erb Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/templates/my.cnf.pass.erb Mon Jan 03 17:16:21 2022 +0000 @@ -4,8 +4,8 @@ [<%= section -%>] user=root host=localhost -<% unless scope.lookupvar('mysql::server::root_password') == 'UNSET' -%> -password='<%= scope.lookupvar('mysql::server::root_password') %>' +<% if @root_password_set -%> +password='<%= @root_password %>' <% end -%> socket=<%= @options['client']['socket'] %> <% end %>
--- a/modules/mysql/templates/mysqlbackup.sh.erb Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/templates/mysqlbackup.sh.erb Mon Jan 03 17:16:21 2022 +0000 @@ -15,7 +15,7 @@ ##### START CONFIG ################################################### USER=<%= @backupuser %> -PASS='<%= @backuppassword %>' +PASS='<%= @backuppassword_unsensitive %>' MAX_ALLOWED_PACKET=<%= @maxallowedpacket %> DIR=<%= @backupdir %> ROTATE=<%= [ Integer(@backuprotate) - 1, 0 ].max %> @@ -93,18 +93,18 @@ do <%= @backupmethod -%> --defaults-extra-file=$TMPFILE --opt --flush-logs --single-transaction \ ${ADDITIONAL_OPTIONS} \ - ${dbname} <% if @backupcompress %>| bzcat -zc <% end %>> ${DIR}/${PREFIX}${dbname}_`date +%Y%m%d-%H%M%S`.sql<% if @backupcompress %>.bz2<% end %> + ${dbname} <% if @backupcompress %>| <%= @compression_command %> <% end %>> ${DIR}/${PREFIX}${dbname}_`date +%Y%m%d-%H%M%S`.sql<% if @backupcompress %><%= @compression_extension %><% end %> done <% else -%> <%= @backupmethod -%> --defaults-extra-file=$TMPFILE --opt --flush-logs --single-transaction \ ${ADDITIONAL_OPTIONS} \ - --all-databases <% if @backupcompress %>| bzcat -zc <% end %>> ${DIR}/${PREFIX}`date +%Y%m%d-%H%M%S`.sql<% if @backupcompress %>.bz2<% end %> + --all-databases <% if @backupcompress %>| <%= @compression_command %> <% end %>> ${DIR}/${PREFIX}`date +%Y%m%d-%H%M%S`.sql<% if @backupcompress %><%= @compression_extension %><% end %> <% end -%> <% else -%> <% @backupdatabases.each do |db| -%> <%= @backupmethod -%> --defaults-extra-file=$TMPFILE --opt --flush-logs --single-transaction \ ${ADDITIONAL_OPTIONS} \ - <%= db %><% if @backupcompress %>| bzcat -zc <% end %>> ${DIR}/${PREFIX}<%= db %>_`date +%Y%m%d-%H%M%S`.sql<% if @backupcompress %>.bz2<% end %> + <%= db %><% if @backupcompress %>| <%= @compression_command %> <% end %>> ${DIR}/${PREFIX}<%= db %>_`date +%Y%m%d-%H%M%S`.sql<% if @backupcompress %><%= @compression_extension %><% end %> <% end -%> <% end -%>
--- a/modules/mysql/templates/xtrabackup.sh.erb Mon Jan 03 17:15:14 2022 +0000 +++ b/modules/mysql/templates/xtrabackup.sh.erb Mon Jan 03 17:16:21 2022 +0000 @@ -26,9 +26,9 @@ cleanup() { <%- if @kernel == 'SunOS' -%> - gfind "${DIR}/" -maxdepth 1 -type f -name "${PREFIX}*.sql*" -mtime +${ROTATE} -print0 | gxargs -0 -r rm -f + gfind "${DIR}/" -mindepth 1 -maxdepth 1 -mtime +${ROTATE} -print0 | gxargs -0 -r rm -rf <%- else -%> - find "${DIR}/" -maxdepth 1 -type f -name "${PREFIX}*.sql*" -mtime +${ROTATE} -print0 | xargs -0 -r rm -f + find "${DIR}/" -mindepth 1 -maxdepth 1 -mtime +${ROTATE} -print0 | xargs -0 -r rm -rf <%- end -%> } @@ -39,8 +39,12 @@ <%- _innobackupex_args = '' -%> -<%- if @backupuser and @backuppassword -%> - <%- _innobackupex_args = '--user="' + @backupuser + '" --password="' + @backuppassword + '"' -%> +<%- if @backupuser and @backuppassword_unsensitive -%> + <%- _innobackupex_args = '--user="' + @backupuser + '" --password="' + @backuppassword_unsensitive + '"' -%> +<%- end -%> + +<%- if @backupcompress -%> + <%- _innobackupex_args = _innobackupex_args + ' --compress' -%> <%- end -%> <%- if @backupdatabases and @backupdatabases.is_a?(Array) and !@backupdatabases.empty? -%>
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/modules/mysql/types/options.pp Mon Jan 03 17:16:21 2022 +0000 @@ -0,0 +1,6 @@ +# @summary A hash of options structured like the override_options, but not merged with the default options. +# Use this if you don’t want your options merged with the default options. +type Mysql::Options = Hash[ + String, + Hash, +]