mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
PostgreSQL tests: enforce UTF8
By default, client encoding is determined either from the LANG_*/LC_* environment variables or using encoding of the database. Containers used in the CI don't define a default locale, then encoding of default databases was SQL_ASCII.
This commit is contained in:
parent
fb1e7aaa81
commit
a4131197e0
1 changed files with 34 additions and 14 deletions
|
@ -3,12 +3,6 @@
|
|||
become_user: "{{ pg_user }}"
|
||||
become: True
|
||||
register: result
|
||||
task_parameters_readonly: &task_parameters_readonly
|
||||
become_user: "{{ pg_user }}"
|
||||
become: True
|
||||
register: result
|
||||
environment:
|
||||
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
|
||||
postgresql_parameters: ¶meters
|
||||
db: postgres
|
||||
name: "{{ db_user1 }}"
|
||||
|
@ -16,11 +10,14 @@
|
|||
|
||||
block: # block is only used here in order to be able to define YAML anchors at the beginning in 'vars' section
|
||||
- name: 'Check that PGOPTIONS environment variable is effective (1/2)'
|
||||
<<: *task_parameters_readonly
|
||||
<<: *task_parameters
|
||||
postgresql_user:
|
||||
<<: *parameters
|
||||
password: '{{ db_password1 }}'
|
||||
ignore_errors: true
|
||||
environment:
|
||||
PGCLIENTENCODING: 'UTF8'
|
||||
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
|
||||
|
||||
- name: 'Check that PGOPTIONS environment variable is effective (2/2)'
|
||||
assert:
|
||||
|
@ -33,6 +30,8 @@
|
|||
<<: *parameters
|
||||
password: '{{ db_password1 }}'
|
||||
encrypted: '{{ encrypted }}'
|
||||
environment:
|
||||
PGCLIENTENCODING: 'UTF8'
|
||||
|
||||
- block: &changed # block is only used here in order to be able to define YAML anchor
|
||||
- name: Check that ansible reports it was created
|
||||
|
@ -49,11 +48,14 @@
|
|||
- "result.stdout_lines[-1] == '(1 row)'"
|
||||
|
||||
- name: Check that creating user a second time does nothing
|
||||
<<: *task_parameters_readonly
|
||||
<<: *task_parameters
|
||||
postgresql_user:
|
||||
<<: *parameters
|
||||
password: '{{ db_password1 }}'
|
||||
encrypted: '{{ encrypted }}'
|
||||
environment:
|
||||
PGCLIENTENCODING: 'UTF8'
|
||||
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
|
||||
|
||||
- block: ¬_changed # block is only used here in order to be able to define YAML anchor
|
||||
- name: Check that ansible reports no change
|
||||
|
@ -64,29 +66,36 @@
|
|||
- block:
|
||||
|
||||
- name: 'Using MD5-hashed password: check that password not changed when using cleartext password'
|
||||
<<: *task_parameters_readonly
|
||||
<<: *task_parameters
|
||||
postgresql_user:
|
||||
<<: *parameters
|
||||
password: '{{ db_password1 }}'
|
||||
encrypted: 'yes'
|
||||
environment:
|
||||
# PGCLIENTENCODING: 'UTF8'
|
||||
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
|
||||
|
||||
- <<: *not_changed
|
||||
|
||||
- name: "Using MD5-hashed password: check that password not changed when using md5 hash with 'ENCRYPTED'"
|
||||
<<: *task_parameters_readonly
|
||||
<<: *task_parameters
|
||||
postgresql_user:
|
||||
<<: *parameters
|
||||
password: "md5{{ (db_password1 ~ db_user1) | hash('md5')}}"
|
||||
encrypted: 'yes'
|
||||
environment:
|
||||
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
|
||||
|
||||
- <<: *not_changed
|
||||
|
||||
- name: "Using MD5-hashed password: check that password not changed when using md5 hash with 'UNENCRYPTED'"
|
||||
<<: *task_parameters_readonly
|
||||
<<: *task_parameters
|
||||
postgresql_user:
|
||||
<<: *parameters
|
||||
password: "md5{{ (db_password1 ~ db_user1) | hash('md5')}}"
|
||||
encrypted: 'no'
|
||||
environment:
|
||||
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
|
||||
|
||||
- <<: *not_changed
|
||||
|
||||
|
@ -96,6 +105,8 @@
|
|||
<<: *parameters
|
||||
password: 'prefix{{ db_password1 }}'
|
||||
encrypted: 'yes'
|
||||
environment:
|
||||
PGCLIENTENCODING: 'UTF8'
|
||||
|
||||
- <<: *changed
|
||||
|
||||
|
@ -122,11 +133,14 @@
|
|||
- block:
|
||||
|
||||
- name: 'Using cleartext password: check that password not changed when using cleartext password'
|
||||
<<: *task_parameters_readonly
|
||||
<<: *task_parameters
|
||||
postgresql_user:
|
||||
<<: *parameters
|
||||
password: "{{ db_password1 }}"
|
||||
encrypted: 'no'
|
||||
environment:
|
||||
PGCLIENTENCODING: 'UTF8'
|
||||
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
|
||||
|
||||
- <<: *not_changed
|
||||
|
||||
|
@ -136,6 +150,8 @@
|
|||
<<: *parameters
|
||||
password: "changed{{ db_password1 }}"
|
||||
encrypted: 'no'
|
||||
environment:
|
||||
PGCLIENTENCODING: 'UTF8'
|
||||
|
||||
- <<: *changed
|
||||
|
||||
|
@ -150,17 +166,21 @@
|
|||
- <<: *changed
|
||||
|
||||
- name: Check that they were removed
|
||||
<<: *task_parameters_readonly
|
||||
<<: *task_parameters
|
||||
shell: echo "select * from pg_user where usename='{{ db_user1 }}';" | psql -d postgres
|
||||
environment:
|
||||
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
|
||||
|
||||
- assert:
|
||||
that:
|
||||
- "result.stdout_lines[-1] == '(0 rows)'"
|
||||
|
||||
- name: Check that removing user a second time does nothing
|
||||
<<: *task_parameters_readonly
|
||||
<<: *task_parameters
|
||||
postgresql_user:
|
||||
state: 'absent'
|
||||
<<: *parameters
|
||||
environment:
|
||||
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
|
||||
|
||||
- <<: *not_changed
|
||||
|
|
Loading…
Reference in a new issue