Commit graph

31 commits

Author SHA1 Message Date
tcraxs
bb61d7527f #50877: add support to postgresql_privs to use "FOR { ROLE | USER } target_role" in "ALTER DEFAULT PRIVILEGES" (#51073)
* #50877:
* add support to postgresql_privs to use "FOR { ROLE | USER } target_role"
   in "ALTER DEFAULT PRIVILEGES"

* fix sanity errors

* #50877: fix documentation and add a check for correct usage
of target_roles

*  #50877: fix missing absent option for default privs with target_role

* #50877: add clear description, when target_roles can be used

* #50877: fix conflicts, formatting, and add a changelog fragment

* #50877: fix sanity error E335

* #50877: swap conditions and fix error to warning msg

*  #50877: add tests for default privileges

* #50877: fix tests for default privileges

* #50877: fix tests for default privileges on centos 6
2019-03-21 13:26:44 +00:00
Andrey Klychkov
cf5aceb482 New module postgresql_set - Change a PostgreSQL server configuration parameter (#51875)
* New module postgresql_set - Change a PostgreSQL server configuration parameter

* New module postgresql_set - fix

* New module postgresql_set - fix tests

* New module postgresql_set - fix tests

* New module postgresql_set - fix tests

* New module postgresql_set - fix tests

* New module postgresql_set - fix tests

* New module postgresql_set - fix tests

* New module postgresql_set - fix tests

* Various cosmetic and docs changes

* New module postgresql_set - add returned value

* New module postgresql_set - add returned value

* New module postgresql_set - add check mode

* New module postgresql_set - fix comment

* New module postgresql_set - added CI tests for check_mode

* New module postgresql_set - added aliases, fix typos

* New module postgresql_set - fix

* New module postgresql_set - fix sanity

* New module postgresql_set - fixes

* New module postgresql_set - fixes

* New module postgresql_set - fixes
2019-03-18 11:39:10 +00:00
Andrey Klychkov
db17e88fd2 New module postgresql_facts: Gathers facts about PostgreSQL servers. (#51164)
* New module postgresql_facts: Gathers facts about remote PostgreSQL instances

* New module postgresql_facts: fix default values of function

* New module postgresql_facts: add extension support

* New module postgresql_facts: fixed typo

* New module postgresql_facts: added integration test

* New module postgresql_facts: fix test error

* New module postgresql_facts: add info about min server version

* New module postgresql_facts: fix

* New module postgresql_facts: fix

* New module postgresql_facts: added repl stat tables checks

* New module postgresql_facts: fix

* New module postgresql_facts: fix

* New module postgresql_facts: fix

* New module postgresql_facts: fix

* New module postgresql_facts: fix

* New module postgresql_facts: fix

* New module postgresql_facts: fix

* New module postgresql_facts: ansible_facts -> postgresql_facts

* New module postgresql_facts: fix ci

New module postgresql_facts: revision for review

New module postgresql_facts: revision for review, fix

* fix doc

* New module postgresql_facts: add data types to param dict

* New module postgresql_facts: code refactoring

* # This is a combination of 3 commits.
# The first commit's message is:
New module postgresql_facts: incl_subset => filter

# This is the 2nd commit message:

New module postgresql_facts: fix a typo

# This is the 3rd commit message:

New module postgresql_facts: fixes

* New module postgresql_facts: incl_subset => filter

New module postgresql_facts: fix a typo

New module postgresql_facts: fixes

Various cosmetic and doc changes

* New module postgresql_facts: fix filter type

* New module postgresql_facts: fix sanity

* New module postgresql_facts: change ansible_facts to postgresql_facts

* New module postgresql_facts: fix tests

* New module postgresql_facts: fixes

* New module postgresql_facts: fixes

* New module postgresql_facts: fixes

* New module postgresql_facts: doc fixes

* New module postgresql_facts: added pretty_val

* New module postgresql_facts: added pending restart

* New module postgresql_facts: fix documentation

* New module postgresql_facts: fix documentation

* New module postgresql_facts: fixes by KN

* New module postgresql_facts: fixed sanity

* New module postgresql_facts: fixed tests
2019-03-18 11:31:32 +00:00
Matt Clay
906427caba
Add shippable/posix/group4/ for CI. (#53816) 2019-03-15 07:25:37 -07:00
Matteo Ferrando
86405b8fe4 (postgresql_privs) accept 'ALL_IN_SCHEMA' objs for 'function' type (#35331)
* avoid using Postgres formatting function
* add tests for ALL FUNCTIONS IN SCHEMA
* documentation and changelog
* requested changes in tests
* fixed changelog
2019-03-14 20:21:05 +05:30
Bartosz Licheński
6e198487c9 postgresql_privs: Support FOREIGN DATA WRAPPER and FOREIGN SERVER (#38803)
* Support FOREIGN DATA WRAPPER and FOREIGN SERVER in postgresql_privs module
* Added available from note to fdw and fs object types
* Integration tests, examples in documentation
* Complete integration tests
2019-03-08 14:51:03 +05:30
Andrey Klychkov
b41027b6cd New module postgresql_tablespace (#52914)
* New module postgresql_tablespace
2019-03-07 16:27:20 +00:00
Andrey Klychkov
e246e74843 New module postgresql_ping: Checks remote PostgreSQL server availability. (#51477)
* New module postgresql_ping: simple module to check remote PostgreSQL server availability.

* New module postgresql_ping: simple module to check remote PostgreSQL server availability, doc fixes

* postgresql_ping: added integration tests

* New module postgresql_ping: misc changes

* New module postgresql_ping: change return suit

* New module postgresql_ping: tests reformatting, return value

* Various cosmetic/documentation fixes

* A few more fixes

* And even more cleanups

* Fix PEP8 issue
2019-03-06 11:01:13 +00:00
Andrey Klychkov
be75c79941 New module postgresql_query (#52555)
* New module postgresql_query

* New module postgresql_query: added tests

* New module postgresql_query: added path_to_script

* New module postgresql_query: fix doc

* New module postgresql_query: fix autocommit

* New module postgresql_query: added exception for centos6 tests

* New module postgresql_query: fixes

* New module postgresql_query: add psycopg2 check

* New module postgresql_query: add psycopg2 check, fix

* New module postgresql_query: add psycopg2 check, fix

* New module postgresql_query: add psycopg2 check, fix

* New module postgresql_query: fix a type
2019-02-25 14:08:04 +00:00
Andrey Klychkov
8e0f95951d Module postgresql_idx: added ci tests, new params, returned values, code refactoring (#52230)
* postgresql_idx: ci tests, refactoring, return values

* postgresql_idx: ci tests, new params, return values

* postgresql_idx: ci tests, fix

* postgresql_idx: ci tests, fix

* postgresql_idx: ci tests, fix

* postgresql_idx: ci tests, fix

* postgresql_idx: ci tests, fix

* postgresql_idx: ci tests, fix

* postgresql_idx: ci tests, fix

* postgresql_idx: ci tests, fix

* postgresql_idx: ci tests, fix

* New module postgresql_table - fix tests

* New module postgresql_table - fix tests

* New module postgresql_table - fix tests

* New module postgresql_table - fix state choices order
2019-02-15 15:38:56 +01:00
Feike Steenbergen
38e70ea317 Add session_role to postgresql modules (#43650)
* Allow session_role to be set for PostgreSQL

By implementing session_role it becomes possible to run the specific
PostgreSQL commands as a different role.
The usecase that is immediately served by this, is the one that one
ansible playbook can be shared by multiple users, which all have
their
own PostgreSQL login_user. They do not need to share login
credentials,
as they can share the role within the PostgreSQL database.

The following example may give some insight:

$ psql -U jdoe -X -d postgres

postgres=> CREATE DATABASE abc;
ERROR:  permission denied to create database
postgres=> set role postgres;
SET
postgres=# CREATE DATABASE abc;
CREATE DATABASE

fixes #43592

* Tests for session_role in PostgreSQL

* Bump version_added for session_role feature

* Remove explicit encrypted parameter from tests
2019-02-02 20:12:14 +01:00
Adam Miller
2d83db7036 update/enable postgresql integration test target for rhel8 beta
Signed-off-by: Adam Miller <admiller@redhat.com>
2019-01-23 11:09:10 -08:00
Matt Clay
a41c0405a7
Add CI platform: rhel/8.0 (#48835) 2018-11-16 22:06:19 -08:00
Jordan Borean
dd46f953f6
postgresql_user: fix test errors on newer Fedora versions (#47166) 2018-10-17 14:01:11 +10:00
Brian Coca
af6b9799aa fixed test using removed feature 2018-08-01 15:17:28 -04:00
Matt Clay
4e489d1be8
Update Shippable integration test groups. (#43118)
* Update Shippable integration test groups.
* Update integration test group aliases.
* Rebalance AWS and Azure tests with extra group.
* Rebalance Windows tests with another group.
2018-07-23 20:46:22 -07:00
Strahinja Kustudic
32d6a354d7 postgresql_user: set encrypted as default and fix empty password reporting changed (#36931)
* Set encrypted as default and fix empty password reporting changed

* Starting with Postgres 10 `UNENCRYPTED` passwords are removed and
because of that this module fails with the default `encrypted=no`.
Also encrypted passwords are suported since version 7.2
(https://www.postgresql.org/docs/7.2/static/sql-createuser.html) which
went EOL in 2007 and since 7.3 it is the default. Because of this it
makes a lot more sense to make `encrypted=yes` the default. This won't
break backward compatibility, the module would just update the user's
password in the DB in the hashed format and everything else will work
like before. It's also a security bad practice to store passwords in
plain text. fixes #25823
* There was also a bug with `encrypted=yes` and an empty password always
reported as changed.
* Improved documentation for `encrypted`/`password` parameters, and
removed some obsolete notes about passlib.

* Fix clearing user's password to work with all versions of Postgres

* Add tests for clearing the user password

* Fix documentation atfer rebase

* Add changelog fragment
2018-05-21 14:49:44 -05:00
Matt Martz
4fe08441be Deprecate tests used as filters (#32361)
* Warn on tests used as filters

* Update docs, add aliases for tests that fit more gramatically with test syntax

* Fix rst formatting

* Add successful filter, alias of success

* Remove renamed_deprecation, it was overkill

* Make directory alias for is_dir

* Update tests to use proper jinja test syntax

* Update additional documentation, living outside of YAML files, to reflect proper jinja test syntax

* Add conversion script, porting guide updates, and changelog updates

* Update newly added uses of tests as filters

* No underscore variable

* Convert recent tests as filter changes to win_stat

* Fix some changes related to rebasing a few integration tests

* Make tests_as_filters_warning explicitly accept the name of the test, instead of inferring the name

* Add test for tests_as_filters_warning

* Update tests as filters in newly added/modified tests

* Address recent changes to several integration tests

* Address recent changes in cs_vpc
2017-11-27 17:58:08 -05:00
Josh Moore
d5ae6cc585 postgres_db: add dump and restore support (#20627)
* Feature #2731: added postgres import and dump

* Feature #2731: be more permissive of arguments

```
hacking/test-module -m ./ppostgresql_db.py -a "db=example state=dump target=/tmp/out"`
```

failed previously since host, user, and port were required as keywords
in the pg_dump / pg_import methods.

* Feature #2731: fixed doc string for validate-modules

```
$ ansible-validate-modules database/postgresql/
```

now passes.

* Feature #2731: disable 'password' for dump/restore

* Feature #2731: bump added version to 2.3

* Feature #2731: replace db_import with db_restore

* Feature #2731: add missing version description

* Feature #2731: fix 'state' description

* Feature #2731: fix pep8 issues

* Feature #2731: put state documentation in a single string

* Bump added version from 2.3 to 2.4

* Fix pep8 and pylint errors

* Attempt yaml formatting of documentation string

* Add integration tests for postgres_db:dump/restore

* Update dump/restore logic to support new kw-args

Also attempt to support password; integration tests are
still failing.

* Revert to postgres user for dump/restore

Passing PGPASSWORD is not working for subprocesses. For the
moment, reverting to the strategy of failing if login_password
is set and using `postgres` for all testing of dump/restore.

* Various cleanups to have tests passing

* Working tests for {sql,tar} x {,bz2,gz,xz}

* Use pg_user to support FreeBSD

* Revert login_ prefixes and re-enable password support

All `login_` keywords are mapped to their non-prefix versions
so the previous changes were effectively using `postgres` for
all actions. With the proper keywords, PGPASSWORD-passing to
the subprocess is now working.

* Optionally add password

environ_update doesn't handle None values in the
dictionary to be added to the environment. Adding
check.

* Quick fixes

* Refactor login arguments after fixes from pchauncey

The fixes introduced by pchaunchy pointed to further issues
(like no --dbname on PG<=9.2) with the login parameters. This
refactors them and adds further tests.

Note: this will still not pass integration tests due to a further
      issue with pg_dump as a non-admin user:

      pg_restore: [archiver (db)] Error while PROCESSING TOC:
      pg_restore: [archiver (db)] Error from TOC entry 1925; 0 0 COMMENT EXTENSION plpgsql
      pg_restore: [archiver (db)] could not execute query: ERROR:  must be owner of extension plpgsql

* Introduce target_opts for passing limiting dumped/restored schemas

The current integration tests (PG version and template DBs) don't
permit a regular user (`{{ db_user1 }}`) access to plpgsql causing
restores to fail. By adding an option for passing arbitrary args to
pg_dump and pg_restore, testing is made easier. This also paves the
way for `-j` usage, once the PG version is bumped.
2017-07-10 08:05:42 +01:00
Michael De La Rue
3c4db1e8dd Mdd psql user aws fix (#23988)
* postgresql_user module - transaction logic hacks to allow recovery from failed select

* postgresql_user - PEP8 and style fixes to make debugging easier

* postgresql_user - move password changing logic to separate function

* postgresql_user - trap failure in case where there is no access to pg_authid

* postgresql_user - further PEP8 fixes

* postgresql_user - Simplify password change logic and improve imports according to suggestions from PR review

* postgresql_user - Eliminate pep8/blank line errors introduced in merge

* Check behaviour when pg_authid relation isn't readable

TASK [postgresql : Normal user isn't allowed to access pg_authid relation:
      password comparison will fail, password will be updated] ***
An exception occurred during task execution. To see the full traceback,
use -vvv. The error was: psycopg2.ProgrammingError: permission denied
for relation pg_authid

* Don't reintroduce passlib, remove useless query
2017-07-07 09:28:31 -07:00
Pilou
460d932aa8 postgresql_user: fix bugs related to 'expires' option (#23862)
* Factorize tests related to no_password_change using an include task

* Refactor: deduplicate tasks

* postgresql_user: test 'expires' parameter

* Change 'valid until' even it's the only updated field

* value is changed when another value is provided

* value isn't returned when unset

* Remove unused variable

* psycopg2.extras.DictRow is able to handle comparison

* postgresql_user: simplify helper method

* postgresql_user: define variable just before using it

* Fix comparison between user input and applied configuration

* new test: adding an invalid attribute

* Refactor, add cleaning task

* Check that using same attribute a 2nd time does nothing

* Always try to remove created user

* postgresql_user: fix pep8
2017-06-11 14:48:39 -07:00
Pierre-Louis Bonicoli
a4131197e0 PostgreSQL tests: enforce UTF8
By default, client encoding is determined either from the LANG_*/LC_*
environment variables or using encoding of the database.

Containers used in the CI don't define a default locale, then encoding
of default databases was SQL_ASCII.
2017-05-30 10:55:49 -07:00
Pierre-Louis Bonicoli
ce856c2123 postgresql_user: add tests with hashed password 2017-05-30 10:55:49 -07:00
Reilly Herrewig-Pope
723c8f06ab Allow setting/unsetting BYPASSRLS Postgres role attribute (#24625)
* Allow setting/unsetting BYPASSRLS role attr

* Build valid role attrs against version

* Add integration tests
2017-05-26 12:56:42 -04:00
Adrian Likins
499d3a1b53 add a intg test for issue #19835 (#21487)
(postgresql_user changing role_attr_flags with no_password_checks
fails)
2017-02-15 15:28:29 -05:00
Matt Clay
31d6b6ef67 Run postgresql tests on FreeBSD. (#20676)
* Use vars for user, group and locale suffix.
* Switch tests from `es_MX` to `es_ES`.
* Enable postgresql tests on freebsd.
* Work-arounds for service restart on freebsd.
2017-01-25 18:45:28 -08:00
Matt Clay
95b59cd76c Remove needs/privileged from postgresql test. (#19907)
* Remove `needs/privileged` from postgresql test.
* Add python 3 support to postgresql tests.
2017-01-04 16:41:18 -08:00
Carlos E. Garcia
0b8011436d minor spelling changes 2016-12-13 13:51:13 -05:00
Matt Clay
6bbd92e422 Initial ansible-test implementation. (#18556) 2016-11-29 21:21:53 -08:00
Adrien Vergé
0e834fc9e4 Fix cosmetic problems in YAML source
This change corrects problems reported by the `yamllint` linter.

Since key duplication problems were removed in 4d48711, this commit
mainly fixes trailing spaces and extra empty lines at beginning/end of
files.
2016-11-11 14:50:57 -08:00
Matt Clay
75e4645ee7 Migrate Linux CI roles to test targets. (#17997) 2016-10-13 09:09:25 -07:00