PostgreSQL tests: enforce UTF8

By default, client encoding is determined either from the LANG_*/LC_*
environment variables or using encoding of the database.

Containers used in the CI don't define a default locale, then encoding
of default databases was SQL_ASCII.
pull/24680/head
Pierre-Louis Bonicoli 8 years ago committed by Toshio Kuratomi
parent fb1e7aaa81
commit a4131197e0

@ -3,12 +3,6 @@
become_user: "{{ pg_user }}" become_user: "{{ pg_user }}"
become: True become: True
register: result register: result
task_parameters_readonly: &task_parameters_readonly
become_user: "{{ pg_user }}"
become: True
register: result
environment:
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
postgresql_parameters: &parameters postgresql_parameters: &parameters
db: postgres db: postgres
name: "{{ db_user1 }}" name: "{{ db_user1 }}"
@ -16,11 +10,14 @@
block: # block is only used here in order to be able to define YAML anchors at the beginning in 'vars' section block: # block is only used here in order to be able to define YAML anchors at the beginning in 'vars' section
- name: 'Check that PGOPTIONS environment variable is effective (1/2)' - name: 'Check that PGOPTIONS environment variable is effective (1/2)'
<<: *task_parameters_readonly <<: *task_parameters
postgresql_user: postgresql_user:
<<: *parameters <<: *parameters
password: '{{ db_password1 }}' password: '{{ db_password1 }}'
ignore_errors: true ignore_errors: true
environment:
PGCLIENTENCODING: 'UTF8'
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
- name: 'Check that PGOPTIONS environment variable is effective (2/2)' - name: 'Check that PGOPTIONS environment variable is effective (2/2)'
assert: assert:
@ -33,6 +30,8 @@
<<: *parameters <<: *parameters
password: '{{ db_password1 }}' password: '{{ db_password1 }}'
encrypted: '{{ encrypted }}' encrypted: '{{ encrypted }}'
environment:
PGCLIENTENCODING: 'UTF8'
- block: &changed # block is only used here in order to be able to define YAML anchor - block: &changed # block is only used here in order to be able to define YAML anchor
- name: Check that ansible reports it was created - name: Check that ansible reports it was created
@ -49,11 +48,14 @@
- "result.stdout_lines[-1] == '(1 row)'" - "result.stdout_lines[-1] == '(1 row)'"
- name: Check that creating user a second time does nothing - name: Check that creating user a second time does nothing
<<: *task_parameters_readonly <<: *task_parameters
postgresql_user: postgresql_user:
<<: *parameters <<: *parameters
password: '{{ db_password1 }}' password: '{{ db_password1 }}'
encrypted: '{{ encrypted }}' encrypted: '{{ encrypted }}'
environment:
PGCLIENTENCODING: 'UTF8'
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
- block: &not_changed # block is only used here in order to be able to define YAML anchor - block: &not_changed # block is only used here in order to be able to define YAML anchor
- name: Check that ansible reports no change - name: Check that ansible reports no change
@ -64,29 +66,36 @@
- block: - block:
- name: 'Using MD5-hashed password: check that password not changed when using cleartext password' - name: 'Using MD5-hashed password: check that password not changed when using cleartext password'
<<: *task_parameters_readonly <<: *task_parameters
postgresql_user: postgresql_user:
<<: *parameters <<: *parameters
password: '{{ db_password1 }}' password: '{{ db_password1 }}'
encrypted: 'yes' encrypted: 'yes'
environment:
# PGCLIENTENCODING: 'UTF8'
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
- <<: *not_changed - <<: *not_changed
- name: "Using MD5-hashed password: check that password not changed when using md5 hash with 'ENCRYPTED'" - name: "Using MD5-hashed password: check that password not changed when using md5 hash with 'ENCRYPTED'"
<<: *task_parameters_readonly <<: *task_parameters
postgresql_user: postgresql_user:
<<: *parameters <<: *parameters
password: "md5{{ (db_password1 ~ db_user1) | hash('md5')}}" password: "md5{{ (db_password1 ~ db_user1) | hash('md5')}}"
encrypted: 'yes' encrypted: 'yes'
environment:
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
- <<: *not_changed - <<: *not_changed
- name: "Using MD5-hashed password: check that password not changed when using md5 hash with 'UNENCRYPTED'" - name: "Using MD5-hashed password: check that password not changed when using md5 hash with 'UNENCRYPTED'"
<<: *task_parameters_readonly <<: *task_parameters
postgresql_user: postgresql_user:
<<: *parameters <<: *parameters
password: "md5{{ (db_password1 ~ db_user1) | hash('md5')}}" password: "md5{{ (db_password1 ~ db_user1) | hash('md5')}}"
encrypted: 'no' encrypted: 'no'
environment:
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
- <<: *not_changed - <<: *not_changed
@ -96,6 +105,8 @@
<<: *parameters <<: *parameters
password: 'prefix{{ db_password1 }}' password: 'prefix{{ db_password1 }}'
encrypted: 'yes' encrypted: 'yes'
environment:
PGCLIENTENCODING: 'UTF8'
- <<: *changed - <<: *changed
@ -122,11 +133,14 @@
- block: - block:
- name: 'Using cleartext password: check that password not changed when using cleartext password' - name: 'Using cleartext password: check that password not changed when using cleartext password'
<<: *task_parameters_readonly <<: *task_parameters
postgresql_user: postgresql_user:
<<: *parameters <<: *parameters
password: "{{ db_password1 }}" password: "{{ db_password1 }}"
encrypted: 'no' encrypted: 'no'
environment:
PGCLIENTENCODING: 'UTF8'
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
- <<: *not_changed - <<: *not_changed
@ -136,6 +150,8 @@
<<: *parameters <<: *parameters
password: "changed{{ db_password1 }}" password: "changed{{ db_password1 }}"
encrypted: 'no' encrypted: 'no'
environment:
PGCLIENTENCODING: 'UTF8'
- <<: *changed - <<: *changed
@ -150,17 +166,21 @@
- <<: *changed - <<: *changed
- name: Check that they were removed - name: Check that they were removed
<<: *task_parameters_readonly <<: *task_parameters
shell: echo "select * from pg_user where usename='{{ db_user1 }}';" | psql -d postgres shell: echo "select * from pg_user where usename='{{ db_user1 }}';" | psql -d postgres
environment:
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
- assert: - assert:
that: that:
- "result.stdout_lines[-1] == '(0 rows)'" - "result.stdout_lines[-1] == '(0 rows)'"
- name: Check that removing user a second time does nothing - name: Check that removing user a second time does nothing
<<: *task_parameters_readonly <<: *task_parameters
postgresql_user: postgresql_user:
state: 'absent' state: 'absent'
<<: *parameters <<: *parameters
environment:
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
- <<: *not_changed - <<: *not_changed

Loading…
Cancel
Save