From 5ab81692d7374ea8feaca49745c2b40ec70a66e5 Mon Sep 17 00:00:00 2001 From: Mark Theunissen Date: Wed, 25 Jul 2012 16:31:12 -0500 Subject: [PATCH 1/5] Change modules to use credentials in my.cnf if they are available --- mysql_db | 35 +++++++++++++++++++++++++++++++---- mysql_user | 32 +++++++++++++++++++++++++++++--- 2 files changed, 60 insertions(+), 7 deletions(-) diff --git a/mysql_db b/mysql_db index d777036dbb8..07d4374546b 100755 --- a/mysql_db +++ b/mysql_db @@ -18,6 +18,7 @@ # You should have received a copy of the GNU General Public License # along with Ansible. If not, see . +import ConfigParser try: import MySQLdb except ImportError: @@ -43,6 +44,16 @@ def db_create(cursor, db): res = cursor.execute(query) return True +def load_mycnf(): + config = ConfigParser.RawConfigParser() + mycnf = os.path.expanduser('~/.my.cnf') + config.read(mycnf) + try: + creds = dict(user=config.get('client', 'user'),passwd=config.get('client', 'pass')) + except ConfigParser.NoOptionError: + return False + return creds + # =========================================== # Module execution. # @@ -50,8 +61,8 @@ def db_create(cursor, db): def main(): module = AnsibleModule( argument_spec = dict( - loginuser=dict(default="root"), - loginpass=dict(default=""), + loginuser=dict(default=None), + loginpass=dict(default=None), loginhost=dict(default="localhost"), db=dict(required=True), state=dict(default="present", choices=["absent", "present"]), @@ -63,13 +74,29 @@ def main(): db = module.params["db"] state = module.params["state"] - changed = False + + # Either the caller passes both a username and password with which to connect to + # mysql, or they pass neither and allow this module to read the credentials from + # ~/.my.cnf. + loginpass = module.params["loginpass"] + loginuser = module.params["loginuser"] + if loginuser is None and loginpass is None: + mycnf_creds = load_mycnf() + if mycnf_creds is False: + module.fail_json(msg="incomplete login arguments passed and can't find them in ~/.my.cnf") + else: + loginuser = mycnf_creds["user"] + loginpass = mycnf_creds["passwd"] + elif loginpass is None or loginuser is None: + module.fail_json(msg="when supplying login arguments, both user and pass must be provided") + try: - db_connection = MySQLdb.connect(host=module.params["loginhost"], user=module.params["loginuser"], passwd=module.params["loginpass"], db="mysql") + db_connection = MySQLdb.connect(host=module.params["loginhost"], user=loginuser, passwd=loginpass, db="mysql") cursor = db_connection.cursor() except Exception as e: module.fail_json(msg="unable to connect to database") + changed = False if db_exists(cursor, db): if state == "absent": changed = db_delete(cursor, db) diff --git a/mysql_user b/mysql_user index 49e2fd520db..385f48faa94 100755 --- a/mysql_user +++ b/mysql_user @@ -18,6 +18,7 @@ # You should have received a copy of the GNU General Public License # along with Ansible. If not, see . +import ConfigParser try: import MySQLdb except ImportError: @@ -141,6 +142,16 @@ def privileges_grant(cursor, user,host,db_table,priv): query = "GRANT %s ON %s TO '%s'@'%s'" % (priv_string,db_table,user,host) cursor.execute(query) +def load_mycnf(): + config = ConfigParser.RawConfigParser() + mycnf = os.path.expanduser('~/.my.cnf') + config.read(mycnf) + try: + creds = dict(user=config.get('client', 'user'),passwd=config.get('client', 'pass')) + except ConfigParser.NoOptionError: + return False + return creds + # =========================================== # Module execution. # @@ -148,8 +159,8 @@ def privileges_grant(cursor, user,host,db_table,priv): def main(): module = AnsibleModule( argument_spec = dict( - loginuser=dict(default="root"), - loginpass=dict(default=""), + loginuser=dict(default=None), + loginpass=dict(default=None), loginhost=dict(default="localhost"), user=dict(required=True), passwd=dict(default=None), @@ -173,8 +184,23 @@ def main(): except: module.fail_json(msg="invalid privileges string") + # Either the caller passes both a username and password with which to connect to + # mysql, or they pass neither and allow this module to read the credentials from + # ~/.my.cnf. + loginpass = module.params["loginpass"] + loginuser = module.params["loginuser"] + if loginuser is None and loginpass is None: + mycnf_creds = load_mycnf() + if mycnf_creds is False: + module.fail_json(msg="incomplete login arguments passed and can't find them in ~/.my.cnf") + else: + loginuser = mycnf_creds["user"] + loginpass = mycnf_creds["passwd"] + elif loginpass is None or loginuser is None: + module.fail_json(msg="when supplying login arguments, both user and pass must be provided") + try: - db_connection = MySQLdb.connect(host=module.params["loginhost"], user=module.params["loginuser"], passwd=module.params["loginpass"], db="mysql") + db_connection = MySQLdb.connect(host=module.params["loginhost"], user=loginuser, passwd=loginpass, db="mysql") cursor = db_connection.cursor() except Exception as e: module.fail_json(msg="unable to connect to database") From 894e4ff78a8bccf10bb55bbf493a7bdb08cc1cd8 Mon Sep 17 00:00:00 2001 From: Mark Theunissen Date: Thu, 26 Jul 2012 08:58:21 -0500 Subject: [PATCH 2/5] Changing to read from a file pointer instead so that an exception is thrown if the file doesn't exist --- mysql_db | 4 ++-- mysql_user | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/mysql_db b/mysql_db index 07d4374546b..1e98c3676c0 100755 --- a/mysql_db +++ b/mysql_db @@ -47,10 +47,10 @@ def db_create(cursor, db): def load_mycnf(): config = ConfigParser.RawConfigParser() mycnf = os.path.expanduser('~/.my.cnf') - config.read(mycnf) try: + config.readfp(open(mycnf)) creds = dict(user=config.get('client', 'user'),passwd=config.get('client', 'pass')) - except ConfigParser.NoOptionError: + except (ConfigParser.NoOptionError, IOError): return False return creds diff --git a/mysql_user b/mysql_user index 385f48faa94..7ae3cb6363c 100755 --- a/mysql_user +++ b/mysql_user @@ -145,10 +145,10 @@ def privileges_grant(cursor, user,host,db_table,priv): def load_mycnf(): config = ConfigParser.RawConfigParser() mycnf = os.path.expanduser('~/.my.cnf') - config.read(mycnf) try: + config.readfp(open(mycnf)) creds = dict(user=config.get('client', 'user'),passwd=config.get('client', 'pass')) - except ConfigParser.NoOptionError: + except (ConfigParser.NoOptionError, IOError): return False return creds From b51d6d9fcaa59460ccb3448c8273b89599b9b18e Mon Sep 17 00:00:00 2001 From: Mark Theunissen Date: Thu, 26 Jul 2012 11:10:22 -0500 Subject: [PATCH 3/5] Making the passwd parameter consistent --- mysql_db | 2 +- mysql_user | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/mysql_db b/mysql_db index 1e98c3676c0..41c8e385de7 100755 --- a/mysql_db +++ b/mysql_db @@ -62,7 +62,7 @@ def main(): module = AnsibleModule( argument_spec = dict( loginuser=dict(default=None), - loginpass=dict(default=None), + loginpasswd=dict(default=None), loginhost=dict(default="localhost"), db=dict(required=True), state=dict(default="present", choices=["absent", "present"]), diff --git a/mysql_user b/mysql_user index 7ae3cb6363c..040ff2fbf26 100755 --- a/mysql_user +++ b/mysql_user @@ -160,7 +160,7 @@ def main(): module = AnsibleModule( argument_spec = dict( loginuser=dict(default=None), - loginpass=dict(default=None), + loginpasswd=dict(default=None), loginhost=dict(default="localhost"), user=dict(required=True), passwd=dict(default=None), From 812711d53048e9159158d1206cc39f45b7b35c22 Mon Sep 17 00:00:00 2001 From: Mark Theunissen Date: Thu, 26 Jul 2012 11:13:10 -0500 Subject: [PATCH 4/5] Woops, missed the rest of them --- mysql_db | 10 +++++----- mysql_user | 10 +++++----- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/mysql_db b/mysql_db index 41c8e385de7..3a620f84941 100755 --- a/mysql_db +++ b/mysql_db @@ -78,20 +78,20 @@ def main(): # Either the caller passes both a username and password with which to connect to # mysql, or they pass neither and allow this module to read the credentials from # ~/.my.cnf. - loginpass = module.params["loginpass"] + loginpasswd = module.params["loginpasswd"] loginuser = module.params["loginuser"] - if loginuser is None and loginpass is None: + if loginuser is None and loginpasswd is None: mycnf_creds = load_mycnf() if mycnf_creds is False: module.fail_json(msg="incomplete login arguments passed and can't find them in ~/.my.cnf") else: loginuser = mycnf_creds["user"] - loginpass = mycnf_creds["passwd"] - elif loginpass is None or loginuser is None: + loginpasswd = mycnf_creds["passwd"] + elif loginpasswd is None or loginuser is None: module.fail_json(msg="when supplying login arguments, both user and pass must be provided") try: - db_connection = MySQLdb.connect(host=module.params["loginhost"], user=loginuser, passwd=loginpass, db="mysql") + db_connection = MySQLdb.connect(host=module.params["loginhost"], user=loginuser, passwd=loginpasswd, db="mysql") cursor = db_connection.cursor() except Exception as e: module.fail_json(msg="unable to connect to database") diff --git a/mysql_user b/mysql_user index 040ff2fbf26..6734961a749 100755 --- a/mysql_user +++ b/mysql_user @@ -187,20 +187,20 @@ def main(): # Either the caller passes both a username and password with which to connect to # mysql, or they pass neither and allow this module to read the credentials from # ~/.my.cnf. - loginpass = module.params["loginpass"] + loginpasswd = module.params["loginpasswd"] loginuser = module.params["loginuser"] - if loginuser is None and loginpass is None: + if loginuser is None and loginpasswd is None: mycnf_creds = load_mycnf() if mycnf_creds is False: module.fail_json(msg="incomplete login arguments passed and can't find them in ~/.my.cnf") else: loginuser = mycnf_creds["user"] - loginpass = mycnf_creds["passwd"] - elif loginpass is None or loginuser is None: + loginpasswd = mycnf_creds["passwd"] + elif loginpasswd is None or loginuser is None: module.fail_json(msg="when supplying login arguments, both user and pass must be provided") try: - db_connection = MySQLdb.connect(host=module.params["loginhost"], user=loginuser, passwd=loginpass, db="mysql") + db_connection = MySQLdb.connect(host=module.params["loginhost"], user=loginuser, passwd=loginpasswd, db="mysql") cursor = db_connection.cursor() except Exception as e: module.fail_json(msg="unable to connect to database") From 7a3f64d4d76049ce7179d9526e9a6dc8d337249a Mon Sep 17 00:00:00 2001 From: Mark Theunissen Date: Thu, 26 Jul 2012 11:30:22 -0500 Subject: [PATCH 5/5] Check file exists instead of relying on the exception. Leave the exception catch in, in case the file is deleted or some other issue crops up --- mysql_db | 2 ++ mysql_user | 2 ++ 2 files changed, 4 insertions(+) diff --git a/mysql_db b/mysql_db index 3a620f84941..85b25cb99d6 100755 --- a/mysql_db +++ b/mysql_db @@ -47,6 +47,8 @@ def db_create(cursor, db): def load_mycnf(): config = ConfigParser.RawConfigParser() mycnf = os.path.expanduser('~/.my.cnf') + if not os.path.exists(mycnf): + return False try: config.readfp(open(mycnf)) creds = dict(user=config.get('client', 'user'),passwd=config.get('client', 'pass')) diff --git a/mysql_user b/mysql_user index 6734961a749..1cba17e9a91 100755 --- a/mysql_user +++ b/mysql_user @@ -145,6 +145,8 @@ def privileges_grant(cursor, user,host,db_table,priv): def load_mycnf(): config = ConfigParser.RawConfigParser() mycnf = os.path.expanduser('~/.my.cnf') + if not os.path.exists(mycnf): + return False try: config.readfp(open(mycnf)) creds = dict(user=config.get('client', 'user'),passwd=config.get('client', 'pass'))