postgresql_user: fix test errors on newer Fedora versions (#47166) (#47172)

(cherry picked from commit dd46f953f6)
pull/48637/head
Jordan Borean 6 years ago committed by Matt Davis
parent 7794ad9f53
commit 0ee1f1ed4f

@ -0,0 +1,2 @@
bugfixes:
- postgresql_user - create pretty error message when creating a user without an encrypted password on newer PostgreSQL versions

@ -393,6 +393,8 @@ def user_alter(db_connection, module, user, password, role_attr_flags, encrypted
return changed return changed
else: else:
raise psycopg2.InternalError(e) raise psycopg2.InternalError(e)
except psycopg2.NotSupportedError as e:
module.fail_json(msg=e.pgerror, exception=traceback.format_exc())
elif no_password_changes and role_attr_flags != '': elif no_password_changes and role_attr_flags != '':
# Grab role information from pg_roles instead of pg_authid # Grab role information from pg_roles instead of pg_authid

@ -186,17 +186,8 @@
# #
# Create and destroy user, test 'password' and 'encrypted' parameters # Create and destroy user, test 'password' and 'encrypted' parameters
# #
- include: test_password.yml # unencrypted values are not supported on newer versions
vars: # do not run the encrypted: no tests if on 10+
encrypted: '{{ item.user_creation_encrypted_value }}'
db_password1: 'secretù' # use UTF-8
with_items:
- user_creation_encrypted_value: 'yes'
- user_creation_encrypted_value: 'no'
# BYPASSRLS role attribute was introduced in PostgreSQL 9.5, so
# we want to test atrribute management differently depending
# on the version.
- name: Get PostgreSQL version - name: Get PostgreSQL version
become_user: "{{ pg_user }}" become_user: "{{ pg_user }}"
become: True become: True
@ -207,6 +198,23 @@
debug: debug:
msg: "{{ postgres_version_resp.stdout }}" msg: "{{ postgres_version_resp.stdout }}"
- set_fact:
encryption_values:
- 'yes'
- set_fact:
encryption_values: '{{ encryption_values }} + ["no"]'
when: postgres_version_resp.stdout is version('10', '<=')
- include: test_password.yml
vars:
encrypted: '{{ item }}'
db_password1: 'secretù' # use UTF-8
loop: '{{ encryption_values }}'
# BYPASSRLS role attribute was introduced in PostgreSQL 9.5, so
# we want to test atrribute management differently depending
# on the version.
- set_fact: - set_fact:
bypassrls_supported: "{{ postgres_version_resp.stdout is version('9.5.0', '>=') }}" bypassrls_supported: "{{ postgres_version_resp.stdout is version('9.5.0', '>=') }}"
@ -648,7 +656,7 @@
postgresql_user: postgresql_user:
name: "{{ db_user1 }}" name: "{{ db_user1 }}"
state: "present" state: "present"
encrypted: 'no' encrypted: 'yes'
password: "password" password: "password"
role_attr_flags: "CREATEDB,LOGIN,CREATEROLE" role_attr_flags: "CREATEDB,LOGIN,CREATEROLE"
login_user: "{{ pg_user }}" login_user: "{{ pg_user }}"

@ -158,6 +158,11 @@
<<: *parameters <<: *parameters
password: "md5{{ ('prefix2' ~ db_password1 ~ db_user1) | hash('md5')}}" password: "md5{{ ('prefix2' ~ db_password1 ~ db_user1) | hash('md5')}}"
encrypted: 'no' encrypted: 'no'
register: change_pass_unencrypted
failed_when:
- change_pass_unencrypted is failed
# newer version of psycopg2 no longer supported unencrypted password, we ignore the error
- '"UNENCRYPTED PASSWORD is no longer supported" not in change_pass_unencrypted.msg'
- <<: *changed - <<: *changed

Loading…
Cancel
Save