postgresql_user: fix test errors on newer Fedora versions (#47166)

(cherry picked from commit dd46f953f6)
This commit is contained in:
Jordan Borean 2018-10-17 14:01:11 +10:00 committed by Toshio Kuratomi
parent 940eb3ae47
commit 20fc17a55f
4 changed files with 29 additions and 12 deletions

View file

@ -0,0 +1,2 @@
bugfixes:
- postgresql_user - create pretty error message when creating a user without an encrypted password on newer PostgreSQL versions

View file

@ -406,6 +406,8 @@ def user_alter(db_connection, module, user, password, role_attr_flags, encrypted
return changed
else:
raise psycopg2.InternalError(e)
except psycopg2.NotSupportedError as e:
module.fail_json(msg=e.pgerror, exception=traceback.format_exc())
elif no_password_changes and role_attr_flags != '':
# Grab role information from pg_roles instead of pg_authid

View file

@ -186,17 +186,8 @@
#
# Create and destroy user, test 'password' and 'encrypted' parameters
#
- include: test_password.yml
vars:
encrypted: '{{ item.user_creation_encrypted_value }}'
db_password1: 'secretù' # use UTF-8
with_items:
- user_creation_encrypted_value: 'yes'
- user_creation_encrypted_value: 'no'
# BYPASSRLS role attribute was introduced in PostgreSQL 9.5, so
# we want to test atrribute management differently depending
# on the version.
# unencrypted values are not supported on newer versions
# do not run the encrypted: no tests if on 10+
- name: Get PostgreSQL version
become_user: "{{ pg_user }}"
become: True
@ -207,6 +198,23 @@
debug:
msg: "{{ postgres_version_resp.stdout }}"
- set_fact:
encryption_values:
- 'yes'
- set_fact:
encryption_values: '{{ encryption_values }} + ["no"]'
when: postgres_version_resp.stdout is version('10', '<=')
- include: test_password.yml
vars:
encrypted: '{{ item }}'
db_password1: 'secretù' # use UTF-8
loop: '{{ encryption_values }}'
# BYPASSRLS role attribute was introduced in PostgreSQL 9.5, so
# we want to test atrribute management differently depending
# on the version.
- set_fact:
bypassrls_supported: "{{ postgres_version_resp.stdout is version('9.5.0', '>=') }}"
@ -648,7 +656,7 @@
postgresql_user:
name: "{{ db_user1 }}"
state: "present"
encrypted: 'no'
encrypted: 'yes'
password: "password"
role_attr_flags: "CREATEDB,LOGIN,CREATEROLE"
login_user: "{{ pg_user }}"

View file

@ -158,6 +158,11 @@
<<: *parameters
password: "md5{{ ('prefix2' ~ db_password1 ~ db_user1) | hash('md5')}}"
encrypted: 'no'
register: change_pass_unencrypted
failed_when:
- change_pass_unencrypted is failed
# newer version of psycopg2 no longer supported unencrypted password, we ignore the error
- '"UNENCRYPTED PASSWORD is no longer supported" not in change_pass_unencrypted.msg'
- <<: *changed