From 00ee21022e4809e8a1bba723083058b6b2dbbfb3 Mon Sep 17 00:00:00 2001
From: Douglas J Hunley <doug.hunley@gmail.com>
Date: Mon, 16 May 2022 10:31:18 -0400
Subject: [PATCH 1/7] fix: add missing license file
doc: add changelog fragment
fix: correct license path in _version.py
---
PSF-license.txt | 48 ++++++++++++++++++++++++++++
changelogs/fragments/psf-license.yml | 2 ++
plugins/module_utils/_version.py | 2 +-
3 files changed, 51 insertions(+), 1 deletion(-)
create mode 100644 PSF-license.txt
create mode 100644 changelogs/fragments/psf-license.yml
diff --git a/PSF-license.txt b/PSF-license.txt
new file mode 100644
index 00000000..35acd7fb
--- /dev/null
+++ b/PSF-license.txt
@@ -0,0 +1,48 @@
+PYTHON SOFTWARE FOUNDATION LICENSE VERSION 2
+--------------------------------------------
+
+1. This LICENSE AGREEMENT is between the Python Software Foundation
+("PSF"), and the Individual or Organization ("Licensee") accessing and
+otherwise using this software ("Python") in source or binary form and
+its associated documentation.
+
+2. Subject to the terms and conditions of this License Agreement, PSF hereby
+grants Licensee a nonexclusive, royalty-free, world-wide license to reproduce,
+analyze, test, perform and/or display publicly, prepare derivative works,
+distribute, and otherwise use Python alone or in any derivative version,
+provided, however, that PSF's License Agreement and PSF's notice of copyright,
+i.e., "Copyright (c) 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010,
+2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Python Software Foundation;
+All Rights Reserved" are retained in Python alone or in any derivative version
+prepared by Licensee.
+
+3. In the event Licensee prepares a derivative work that is based on
+or incorporates Python or any part thereof, and wants to make
+the derivative work available to others as provided herein, then
+Licensee hereby agrees to include in any such work a brief summary of
+the changes made to Python.
+
+4. PSF is making Python available to Licensee on an "AS IS"
+basis. PSF MAKES NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR
+IMPLIED. BY WAY OF EXAMPLE, BUT NOT LIMITATION, PSF MAKES NO AND
+DISCLAIMS ANY REPRESENTATION OR WARRANTY OF MERCHANTABILITY OR FITNESS
+FOR ANY PARTICULAR PURPOSE OR THAT THE USE OF PYTHON WILL NOT
+INFRINGE ANY THIRD PARTY RIGHTS.
+
+5. PSF SHALL NOT BE LIABLE TO LICENSEE OR ANY OTHER USERS OF PYTHON
+FOR ANY INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES OR LOSS AS
+A RESULT OF MODIFYING, DISTRIBUTING, OR OTHERWISE USING PYTHON,
+OR ANY DERIVATIVE THEREOF, EVEN IF ADVISED OF THE POSSIBILITY THEREOF.
+
+6. This License Agreement will automatically terminate upon a material
+breach of its terms and conditions.
+
+7. Nothing in this License Agreement shall be deemed to create any
+relationship of agency, partnership, or joint venture between PSF and
+Licensee. This License Agreement does not grant permission to use PSF
+trademarks or trade name in a trademark sense to endorse or promote
+products or services of Licensee, or any third party.
+
+8. By copying, installing or otherwise using Python, Licensee
+agrees to be bound by the terms and conditions of this License
+Agreement.
diff --git a/changelogs/fragments/psf-license.yml b/changelogs/fragments/psf-license.yml
new file mode 100644
index 00000000..f8fbc0bd
--- /dev/null
+++ b/changelogs/fragments/psf-license.yml
@@ -0,0 +1,2 @@
+bugfixes:
+ - Include ``PSF-license.txt`` file for ``plugins/module_utils/_version.py``.
diff --git a/plugins/module_utils/_version.py b/plugins/module_utils/_version.py
index dfcdf093..0a34929e 100644
--- a/plugins/module_utils/_version.py
+++ b/plugins/module_utils/_version.py
@@ -3,7 +3,7 @@
# Implements multiple version numbering conventions for the
# Python Module Distribution Utilities.
#
-# PSF License (see licenses/PSF-license.txt or https://opensource.org/licenses/Python-2.0)
+# PSF License (see PSF-license.txt or https://opensource.org/licenses/Python-2.0)
#
"""Provides classes to represent module version numbers (one class for
From 11a27aa6dca0d0ffae502345e6c669f8308b8fe8 Mon Sep 17 00:00:00 2001
From: Jim Chanco Jr <69092730+jchancojr@users.noreply.github.com>
Date: Sat, 4 Jun 2022 20:23:45 -0400
Subject: [PATCH 2/7] Update postgresql_privs.py to include `ALL x IN SCHEMA`
functionality for PostgreSQL versions 9.x + (#282)
Co-authored-by: Andrew Klychkov <aaklychkov@mail.ru>
(cherry picked from commit 7ab23e95c0b6377e797f62340bce1a80607da130)
---
changelogs/fragments/all_in_schema.yml | 2 ++
plugins/modules/postgresql_privs.py | 40 +++++++++++++++++++-------
2 files changed, 31 insertions(+), 11 deletions(-)
create mode 100644 changelogs/fragments/all_in_schema.yml
diff --git a/changelogs/fragments/all_in_schema.yml b/changelogs/fragments/all_in_schema.yml
new file mode 100644
index 00000000..daa78732
--- /dev/null
+++ b/changelogs/fragments/all_in_schema.yml
@@ -0,0 +1,2 @@
+bugfixes:
+ - postgresql_privs.py - add functionality when the PostgreSQL version is 9.0.0 or greater to incorporate ``ALL x IN SCHEMA`` syntax (https://github.com/ansible-collections/community.postgresql/pull/282). Please see the official documentation for details regarding grants (https://www.postgresql.org/docs/9.0/sql-grant.html).
diff --git a/plugins/modules/postgresql_privs.py b/plugins/modules/postgresql_privs.py
index e60b6ff4..72420d25 100644
--- a/plugins/modules/postgresql_privs.py
+++ b/plugins/modules/postgresql_privs.py
@@ -702,7 +702,8 @@ def get_type_acls(self, schema, types):
# Manipulating privileges
- def manipulate_privs(self, obj_type, privs, objs, roles, target_roles,
+ # WARNING: usage_on_types has been deprecated and will be removed in community.postgresql 3.0.0, please use an obj_type of 'type' instead.
+ def manipulate_privs(self, obj_type, privs, objs, orig_objs, roles, target_roles,
state, grant_option, schema_qualifier=None, fail_on_role=True, usage_on_types=True):
"""Manipulate database object privileges.
@@ -712,6 +713,7 @@ def manipulate_privs(self, obj_type, privs, objs, roles, target_roles,
or None if type is "group".
:param objs: List of database objects to grant/revoke
privileges for.
+ :param orig_objs: ALL_IN_SCHEMA or None
:param roles: Either a list of role names or "PUBLIC"
for the implicitly defined "PUBLIC" group
:param target_roles: List of role names to grant/revoke
@@ -784,8 +786,10 @@ def manipulate_privs(self, obj_type, privs, objs, roles, target_roles,
# Note: obj_type has been checked against a set of string literals
# and privs was escaped when it was parsed
# Note: Underscores are replaced with spaces to support multi-word obj_type
- set_what = '%s ON %s %s' % (','.join(privs), obj_type.replace('_', ' '),
- ','.join(obj_ids))
+ if orig_objs is not None:
+ set_what = '%s ON %s %s' % (','.join(privs), orig_objs, schema_qualifier)
+ else:
+ set_what = '%s ON %s %s' % (','.join(privs), obj_type.replace('_', ' '), ','.join(obj_ids))
# for_whom: SQL-fragment specifying for whom to set the above
if roles == 'PUBLIC':
@@ -1085,14 +1089,27 @@ def main():
else:
privs = None
# objs:
- if p.type == 'table' and p.objs == 'ALL_IN_SCHEMA':
- objs = conn.get_all_tables_in_schema(p.schema)
- elif p.type == 'sequence' and p.objs == 'ALL_IN_SCHEMA':
- objs = conn.get_all_sequences_in_schema(p.schema)
- elif p.type == 'function' and p.objs == 'ALL_IN_SCHEMA':
- objs = conn.get_all_functions_in_schema(p.schema)
- elif p.type == 'procedure' and p.objs == 'ALL_IN_SCHEMA':
- objs = conn.get_all_procedures_in_schema(p.schema)
+ orig_objs = None
+ if p.objs == 'ALL_IN_SCHEMA':
+ if p.type == 'table':
+ objs = conn.get_all_tables_in_schema(p.schema)
+ elif p.type == 'sequence':
+ objs = conn.get_all_sequences_in_schema(p.schema)
+ elif p.type == 'function':
+ objs = conn.get_all_functions_in_schema(p.schema)
+ elif p.type == 'procedure':
+ objs = conn.get_all_procedures_in_schema(p.schema)
+
+ if conn.pg_version >= 90000:
+ if p.type == 'table':
+ orig_objs = 'ALL TABLES IN SCHEMA'
+ elif p.type == 'sequence':
+ orig_objs = 'ALL SEQUENCES IN SCHEMA'
+ elif p.type == 'function':
+ orig_objs = 'ALL FUNCTIONS IN SCHEMA'
+ elif p.type == 'procedure':
+ orig_objs = 'ALL PROCEDURES IN SCHEMA'
+
elif p.type == 'default_privs':
if p.objs == 'ALL_DEFAULT':
objs = frozenset(VALID_DEFAULT_OBJS.keys())
@@ -1142,6 +1159,7 @@ def main():
obj_type=p.type,
privs=privs,
objs=objs,
+ orig_objs=orig_objs,
roles=roles,
target_roles=target_roles,
state=p.state,
From 31b418dacd6e5103461c424532d219133949dbda Mon Sep 17 00:00:00 2001
From: Douglas J Hunley <doug.hunley@gmail.com>
Date: Mon, 29 Aug 2022 08:13:59 -0400
Subject: [PATCH 3/7] style: convert yes/no to true/false (#337)
(cherry picked from commit a08ee81dea6dfd150dd92ea45b950d007d6b98b5)
---
plugins/modules/postgresql_copy.py | 14 +-
plugins/modules/postgresql_db.py | 6 +-
plugins/modules/postgresql_ext.py | 10 +-
plugins/modules/postgresql_idx.py | 32 +-
plugins/modules/postgresql_info.py | 14 +-
plugins/modules/postgresql_lang.py | 40 +-
plugins/modules/postgresql_membership.py | 16 +-
plugins/modules/postgresql_owner.py | 12 +-
plugins/modules/postgresql_pg_hba.py | 4 +-
plugins/modules/postgresql_ping.py | 8 +-
plugins/modules/postgresql_privs.py | 32 +-
plugins/modules/postgresql_publication.py | 6 +-
plugins/modules/postgresql_query.py | 28 +-
plugins/modules/postgresql_schema.py | 8 +-
plugins/modules/postgresql_sequence.py | 16 +-
plugins/modules/postgresql_set.py | 10 +-
plugins/modules/postgresql_slot.py | 14 +-
plugins/modules/postgresql_subscription.py | 16 +-
plugins/modules/postgresql_table.py | 16 +-
plugins/modules/postgresql_tablespace.py | 6 +-
plugins/modules/postgresql_user.py | 26 +-
.../modules/postgresql_user_obj_stat_info.py | 6 +-
.../tasks/postgresql_copy_initial.yml | 36 +-
.../postgresql_db/tasks/manage_database.yml | 2 +-
.../tasks/postgresql_db_initial.yml | 54 +-
.../tasks/postgresql_db_session_role.yml | 18 +-
.../tasks/state_dump_restore.yml | 28 +-
.../postgresql_db/tasks/state_rename.yml | 20 +-
.../tasks/postgresql_ext_initial.yml | 2 +-
.../tasks/postgresql_ext_session_role.yml | 26 +-
.../tasks/postgresql_ext_version_opt.yml | 46 +-
.../tasks/postgresql_idx_initial.yml | 12 +-
.../tasks/postgresql_info_initial.yml | 8 +-
.../tasks/setup_publication.yml | 2 +-
.../tasks/postgresql_lang_add_owner_param.yml | 12 +-
.../tasks/postgresql_lang_initial.yml | 64 +-
.../tasks/postgresql_membership_initial.yml | 390 -----------
.../tasks/postgresql_owner_initial.yml | 12 +-
.../tasks/postgresql_pg_hba_initial.yml | 10 +-
.../tasks/postgresql_ping_initial.yml | 20 +-
.../tasks/pg_authid_not_readable.yml | 10 +-
.../tasks/postgresql_privs_general.yml | 234 +++----
.../tasks/postgresql_privs_initial.yml | 84 +--
.../tasks/postgresql_privs_session_role.yml | 24 +-
.../tasks/test_target_role.yml | 20 +-
.../tasks/postgresql_publication_initial.yml | 32 +-
.../tasks/postgresql_query_initial.yml | 608 ------------------
.../tasks/postgresql_schema_initial.yml | 64 +-
.../tasks/postgresql_schema_session_role.yml | 16 +-
.../tasks/postgresql_sequence_initial.yml | 110 ++--
.../postgresql_set/tasks/options_coverage.yml | 4 +-
.../tasks/postgresql_set_initial.yml | 36 +-
.../tasks/postgresql_slot_initial.yml | 144 ++---
.../tasks/postgresql_subscription_initial.yml | 66 +-
.../tasks/setup_publication.yml | 2 +-
.../tasks/postgresql_table_initial.yml | 212 +++---
.../tasks/postgresql_tablespace_initial.yml | 4 +-
.../tasks/postgresql_user_general.yml | 44 +-
.../tasks/postgresql_user_initial.yml | 30 +-
.../tasks/test_no_password_change.yml | 4 +-
.../postgresql_user/tasks/test_password.yml | 42 +-
.../tasks/postgresql_user_obj_stat_info.yml | 20 +-
.../targets/setup_pkg_mgr/tasks/main.yml | 4 +-
.../setup_postgresql_db/tasks/main.yml | 10 +-
.../handlers/main.yml | 2 +-
65 files changed, 968 insertions(+), 1960 deletions(-)
delete mode 100644 tests/integration/targets/postgresql_membership/tasks/postgresql_membership_initial.yml
delete mode 100644 tests/integration/targets/postgresql_query/tasks/postgresql_query_initial.yml
diff --git a/plugins/modules/postgresql_copy.py b/plugins/modules/postgresql_copy.py
index 147f735e..b104ecc3 100644
--- a/plugins/modules/postgresql_copy.py
+++ b/plugins/modules/postgresql_copy.py
@@ -51,7 +51,7 @@
- Mark I(src)/I(dst) as a program. Data will be copied to/from a program.
- See block Examples and PROGRAM arg description U(https://www.postgresql.org/docs/current/sql-copy.html).
type: bool
- default: no
+ default: false
options:
description:
- Options of COPY command.
@@ -71,17 +71,17 @@
type: str
trust_input:
description:
- - If C(no), check whether values of parameters are potentially dangerous.
- - It makes sense to use C(no) only when SQL injections are possible.
+ - If C(false), check whether values of parameters are potentially dangerous.
+ - It makes sense to use C(false) only when SQL injections are possible.
type: bool
- default: yes
+ default: true
version_added: '0.2.0'
notes:
- Supports PostgreSQL version 9.4+.
- COPY command is only allowed to database superusers.
-- If I(check_mode=yes), we just check the src/dst table availability
+- If I(check_mode=true), we just check the src/dst table availability
and return the COPY query that actually has not been executed.
-- If i(check_mode=yes) and the source has been passed as SQL, the module
+- If i(check_mode=true) and the source has been passed as SQL, the module
will execute it and rolled the transaction back but pay attention
it can affect database performance (e.g., if SQL collects a lot of data).
@@ -137,7 +137,7 @@
community.postgresql.postgresql_copy:
src: my_table
copy_to: 'gzip > /tmp/data.csv.gz'
- program: yes
+ program: true
options:
format: csv
diff --git a/plugins/modules/postgresql_db.py b/plugins/modules/postgresql_db.py
index 02cb258e..2f46c6a3 100644
--- a/plugins/modules/postgresql_db.py
+++ b/plugins/modules/postgresql_db.py
@@ -121,11 +121,11 @@
version_added: '0.2.0'
trust_input:
description:
- - If C(no), check whether values of parameters I(owner), I(conn_limit), I(encoding),
+ - If C(false), check whether values of parameters I(owner), I(conn_limit), I(encoding),
I(db), I(template), I(tablespace), I(session_role) are potentially dangerous.
- - It makes sense to use C(no) only when SQL injections via the parameters are possible.
+ - It makes sense to use C(false) only when SQL injections via the parameters are possible.
type: bool
- default: yes
+ default: true
version_added: '0.2.0'
seealso:
- name: CREATE DATABASE reference
diff --git a/plugins/modules/postgresql_ext.py b/plugins/modules/postgresql_ext.py
index 4377e013..b4c743cf 100644
--- a/plugins/modules/postgresql_ext.py
+++ b/plugins/modules/postgresql_ext.py
@@ -49,7 +49,7 @@
- Automatically install/remove any extensions that this extension depends on
that are not already installed/removed (supported since PostgreSQL 9.6).
type: bool
- default: no
+ default: false
login_unix_socket:
description:
- Path to a Unix domain socket for local connections.
@@ -81,11 +81,11 @@
type: str
trust_input:
description:
- - If C(no), check whether values of parameters I(ext), I(schema),
+ - If C(false), check whether values of parameters I(ext), I(schema),
I(version), I(session_role) are potentially dangerous.
- - It makes sense to use C(no) only when SQL injections via the parameters are possible.
+ - It makes sense to use C(false) only when SQL injections via the parameters are possible.
type: bool
- default: yes
+ default: true
version_added: '0.2.0'
seealso:
- name: PostgreSQL extensions
@@ -148,7 +148,7 @@
community.postgresql.postgresql_ext:
name: cube
db: acme
- cascade: yes
+ cascade: true
state: absent
- name: Create extension foo of version 1.2 or update it to that version if it's already created and a valid update path exists
diff --git a/plugins/modules/postgresql_idx.py b/plugins/modules/postgresql_idx.py
index 2fbf8a1f..72fdc762 100644
--- a/plugins/modules/postgresql_idx.py
+++ b/plugins/modules/postgresql_idx.py
@@ -75,19 +75,19 @@
concurrent:
description:
- Enable or disable concurrent mode (CREATE / DROP INDEX CONCURRENTLY).
- - Pay attention, if I(concurrent=no), the table will be locked (ACCESS EXCLUSIVE) during the building process.
+ - Pay attention, if I(concurrent=false), the table will be locked (ACCESS EXCLUSIVE) during the building process.
For more information about the lock levels see U(https://www.postgresql.org/docs/current/explicit-locking.html).
- - If the building process was interrupted for any reason when I(cuncurrent=yes), the index becomes invalid.
+ - If the building process was interrupted for any reason when I(cuncurrent=true), the index becomes invalid.
In this case it should be dropped and created again.
- - Mutually exclusive with I(cascade=yes).
+ - Mutually exclusive with I(cascade=true).
type: bool
- default: yes
+ default: true
unique:
description:
- Enable unique index.
- Only btree currently supports unique indexes.
type: bool
- default: no
+ default: false
version_added: '0.2.0'
tablespace:
description:
@@ -105,17 +105,17 @@
- Automatically drop objects that depend on the index,
and in turn all objects that depend on those objects.
- It used only with I(state=absent).
- - Mutually exclusive with I(concurrent=yes).
+ - Mutually exclusive with I(concurrent=true).
type: bool
- default: no
+ default: false
trust_input:
description:
- - If C(no), check whether values of parameters I(idxname), I(session_role),
+ - If C(false), check whether values of parameters I(idxname), I(session_role),
I(schema), I(table), I(columns), I(tablespace), I(storage_params),
I(cond) are potentially dangerous.
- - It makes sense to use C(no) only when SQL injections via the parameters are possible.
+ - It makes sense to use C(false) only when SQL injections via the parameters are possible.
type: bool
- default: yes
+ default: true
version_added: '0.2.0'
seealso:
@@ -137,7 +137,7 @@
notes:
- Supports C(check_mode).
- The index building process can affect database performance.
-- To avoid table locks on production databases, use I(concurrent=yes) (default behavior).
+- To avoid table locks on production databases, use I(concurrent=true) (default behavior).
author:
- Andrew Klychkov (@Andersson007)
@@ -182,7 +182,7 @@
idxname: gin0_idx
table: test
columns: comment gin_trgm_ops
- concurrent: no
+ concurrent: false
idxtype: gin
- name: Drop btree test_idx concurrently
@@ -196,8 +196,8 @@
db: mydb
idxname: test_idx
state: absent
- cascade: yes
- concurrent: no
+ cascade: true
+ concurrent: false
- name: Create btree index test_idx concurrently on columns id,comment where column id > 1
community.postgresql.postgresql_idx:
@@ -213,8 +213,8 @@
table: products
columns: name
name: test_unique_idx
- unique: yes
- concurrent: no
+ unique: true
+ concurrent: false
'''
RETURN = r'''
diff --git a/plugins/modules/postgresql_info.py b/plugins/modules/postgresql_info.py
index 332fe150..ecfd5d51 100644
--- a/plugins/modules/postgresql_info.py
+++ b/plugins/modules/postgresql_info.py
@@ -42,10 +42,10 @@
type: str
trust_input:
description:
- - If C(no), check whether a value of I(session_role) is potentially dangerous.
- - It makes sense to use C(no) only when SQL injections via I(session_role) are possible.
+ - If C(false), check whether a value of I(session_role) is potentially dangerous.
+ - It makes sense to use C(false) only when SQL injections via I(session_role) are possible.
type: bool
- default: yes
+ default: true
version_added: '0.2.0'
seealso:
- module: community.postgresql.postgresql_ping
@@ -72,13 +72,13 @@
# ansible databases -m postgresql_info -a 'filter=!settings'
- name: Collect PostgreSQL version and extensions
- become: yes
+ become: true
become_user: postgres
community.postgresql.postgresql_info:
filter: ver*,ext*
- name: Collect all info except settings and roles
- become: yes
+ become: true
become_user: postgres
community.postgresql.postgresql_info:
filter: "!settings,!roles"
@@ -86,7 +86,7 @@
# On FreeBSD with PostgreSQL 9.5 version and lower use pgsql user to become
# and pass "postgres" as a database to connect to
- name: Collect tablespaces and repl_slots info
- become: yes
+ become: true
become_user: pgsql
community.postgresql.postgresql_info:
db: postgres
@@ -95,7 +95,7 @@
- repl_sl*
- name: Collect all info except databases
- become: yes
+ become: true
become_user: postgres
community.postgresql.postgresql_info:
filter:
diff --git a/plugins/modules/postgresql_lang.py b/plugins/modules/postgresql_lang.py
index 276b9c24..1c37869f 100644
--- a/plugins/modules/postgresql_lang.py
+++ b/plugins/modules/postgresql_lang.py
@@ -18,11 +18,11 @@
relationship with a PostgreSQL database.
- The module can be used on the machine where executed or on a remote host.
- When removing a language from a database, it is possible that dependencies prevent
- the database from being removed. In that case, you can specify I(cascade=yes) to
+ the database from being removed. In that case, you can specify I(cascade=true) to
automatically drop objects that depend on the language (such as functions in the
language).
- In case the language can't be deleted because it is required by the
- database system, you can specify I(fail_on_drop=no) to ignore the error.
+ database system, you can specify I(fail_on_drop=false) to ignore the error.
- Be careful when marking a language as trusted since this could be a potential
security breach. Untrusted languages allow only users with the PostgreSQL superuser
privilege to use this language to create new functions.
@@ -38,7 +38,7 @@
description:
- Make this language trusted for the selected db.
type: bool
- default: 'no'
+ default: 'false'
db:
description:
- Name of database to connect to and where the language will be added, removed or changed.
@@ -51,20 +51,20 @@
- Marks the language as trusted, even if it's marked as untrusted in pg_pltemplate.
- Use with care!
type: bool
- default: 'no'
+ default: 'false'
fail_on_drop:
description:
- - If C(yes), fail when removing a language. Otherwise just log and continue.
+ - If C(true), fail when removing a language. Otherwise just log and continue.
- In some cases, it is not possible to remove a language (used by the db-system).
- When dependencies block the removal, consider using I(cascade).
type: bool
- default: 'yes'
+ default: 'true'
cascade:
description:
- When dropping a language, also delete object that depend on this language.
- Only used when I(state=absent).
type: bool
- default: 'no'
+ default: 'false'
session_role:
description:
- Switch to session_role after connecting.
@@ -104,11 +104,11 @@
version_added: '0.2.0'
trust_input:
description:
- - If C(no), check whether values of parameters I(lang), I(session_role),
+ - If C(false), check whether values of parameters I(lang), I(session_role),
I(owner) are potentially dangerous.
- - It makes sense to use C(no) only when SQL injections via the parameters are possible.
+ - It makes sense to use C(false) only when SQL injections via the parameters are possible.
type: bool
- default: yes
+ default: true
version_added: '0.2.0'
seealso:
- name: PostgreSQL languages
@@ -145,8 +145,8 @@
db: testdb
lang: pltclu
state: present
- trust: yes
- force_trust: yes
+ trust: true
+ force_trust: true
- name: Remove language pltclu from database testdb
community.postgresql.postgresql_lang:
@@ -159,14 +159,14 @@
db: testdb
lang: pltclu
state: absent
- cascade: yes
+ cascade: true
- name: Remove language c from database testdb but ignore errors if something prevents the removal
community.postgresql.postgresql_lang:
db: testdb
lang: pltclu
state: absent
- fail_on_drop: no
+ fail_on_drop: false
- name: In testdb change owner of mylang to alice
community.postgresql.postgresql_lang:
@@ -279,13 +279,13 @@ def main():
db=dict(type="str", required=True, aliases=["login_db"]),
lang=dict(type="str", required=True, aliases=["name"]),
state=dict(type="str", default="present", choices=["absent", "present"]),
- trust=dict(type="bool", default="no"),
- force_trust=dict(type="bool", default="no"),
- cascade=dict(type="bool", default="no"),
- fail_on_drop=dict(type="bool", default="yes"),
+ trust=dict(type="bool", default="false"),
+ force_trust=dict(type="bool", default="false"),
+ cascade=dict(type="bool", default="false"),
+ fail_on_drop=dict(type="bool", default="true"),
session_role=dict(type="str"),
owner=dict(type="str"),
- trust_input=dict(type="bool", default="yes")
+ trust_input=dict(type="bool", default="true")
)
module = AnsibleModule(
@@ -340,7 +340,7 @@ def main():
changed = lang_drop(cursor, lang, cascade)
if fail_on_drop and not changed:
msg = ("unable to drop language, use cascade "
- "to delete dependencies or fail_on_drop=no to ignore")
+ "to delete dependencies or fail_on_drop=false to ignore")
module.fail_json(msg=msg)
kw['lang_dropped'] = changed
diff --git a/plugins/modules/postgresql_membership.py b/plugins/modules/postgresql_membership.py
index 5f8cb346..3ed0e89e 100644
--- a/plugins/modules/postgresql_membership.py
+++ b/plugins/modules/postgresql_membership.py
@@ -23,7 +23,7 @@
groups:
description:
- The list of groups (roles) that need to be granted to or revoked from I(target_roles).
- required: yes
+ required: true
type: list
elements: str
aliases:
@@ -33,7 +33,7 @@
target_roles:
description:
- The list of target roles (groups will be granted to them).
- required: yes
+ required: true
type: list
elements: str
aliases:
@@ -42,8 +42,8 @@
- user
fail_on_role:
description:
- - If C(yes), fail when group or target_role doesn't exist. If C(no), just warn and continue.
- default: yes
+ - If C(true), fail when group or target_role doesn't exist. If C(false), just warn and continue.
+ default: true
type: bool
state:
description:
@@ -68,11 +68,11 @@
type: str
trust_input:
description:
- - If C(no), check whether values of parameters I(groups),
+ - If C(false), check whether values of parameters I(groups),
I(target_roles), I(session_role) are potentially dangerous.
- - It makes sense to use C(no) only when SQL injections via the parameters are possible.
+ - It makes sense to use C(false) only when SQL injections via the parameters are possible.
type: bool
- default: yes
+ default: true
version_added: '0.2.0'
seealso:
- module: community.postgresql.postgresql_user
@@ -109,7 +109,7 @@
- read_only
- exec_func
target_role: bob
- fail_on_role: no
+ fail_on_role: false
state: absent
'''
diff --git a/plugins/modules/postgresql_owner.py b/plugins/modules/postgresql_owner.py
index 45c817bf..f802cb0d 100644
--- a/plugins/modules/postgresql_owner.py
+++ b/plugins/modules/postgresql_owner.py
@@ -20,7 +20,7 @@
description:
- Role (user/group) to set as an I(obj_name) owner.
type: str
- required: yes
+ required: true
obj_name:
description:
- Name of a database object to change ownership.
@@ -48,10 +48,10 @@
elements: str
fail_on_role:
description:
- - If C(yes), fail when I(reassign_owned_by) role does not exist.
+ - If C(true), fail when I(reassign_owned_by) role does not exist.
Otherwise just warn and continue.
- Mutually exclusive with I(obj_name) and I(obj_type).
- default: yes
+ default: true
type: bool
db:
description:
@@ -68,11 +68,11 @@
type: str
trust_input:
description:
- - If C(no), check whether values of parameters I(new_owner), I(obj_name),
+ - If C(false), check whether values of parameters I(new_owner), I(obj_name),
I(reassign_owned_by), I(session_role) are potentially dangerous.
- - It makes sense to use C(no) only when SQL injections via the parameters are possible.
+ - It makes sense to use C(false) only when SQL injections via the parameters are possible.
type: bool
- default: yes
+ default: true
version_added: '0.2.0'
seealso:
- module: community.postgresql.postgresql_user
diff --git a/plugins/modules/postgresql_pg_hba.py b/plugins/modules/postgresql_pg_hba.py
index 06caba70..86bc0aac 100644
--- a/plugins/modules/postgresql_pg_hba.py
+++ b/plugins/modules/postgresql_pg_hba.py
@@ -563,7 +563,7 @@ def source(self):
ipaddress.ip_address(u'{0}'.format(self['src']))
except ValueError:
raise PgHbaValueError('Mask was specified, but source "{0}" '
- 'is no valid ip'.format(self['src']))
+ 'is not valid ip'.format(self['src']))
# ipaddress module cannot work with ipv6 netmask, so lets convert it to prefixlen
# furthermore ipv4 with bad netmask throws 'Rule {} doesn't seem to be an ip, but has a
# mask error that doesn't seem to describe what is going on.
@@ -580,7 +580,7 @@ def source(self):
try:
return ipaddress.ip_network(u'{0}'.format(sourcenw), strict=False)
except ValueError:
- raise PgHbaValueError('{0} is no valid address range'.format(sourcenw))
+ raise PgHbaValueError('{0} is not valid address range'.format(sourcenw))
try:
return ipaddress.ip_network(u'{0}'.format(self['src']), strict=False)
diff --git a/plugins/modules/postgresql_ping.py b/plugins/modules/postgresql_ping.py
index a681bba8..9a475f63 100644
--- a/plugins/modules/postgresql_ping.py
+++ b/plugins/modules/postgresql_ping.py
@@ -30,10 +30,10 @@
version_added: '0.2.0'
trust_input:
description:
- - If C(no), check whether a value of I(session_role) is potentially dangerous.
- - It makes sense to use C(no) only when SQL injections via I(session_role) are possible.
+ - If C(false), check whether a value of I(session_role) is potentially dangerous.
+ - It makes sense to use C(false) only when SQL injections via I(session_role) are possible.
type: bool
- default: yes
+ default: true
version_added: '0.2.0'
seealso:
- module: community.postgresql.postgresql_info
@@ -69,7 +69,7 @@
# You can use the registered result with another task
- name: This task should be executed only if the server is available
# ...
- when: result.is_available == yes
+ when: result.is_available == true
'''
RETURN = r'''
diff --git a/plugins/modules/postgresql_privs.py b/plugins/modules/postgresql_privs.py
index 72420d25..9760f423 100644
--- a/plugins/modules/postgresql_privs.py
+++ b/plugins/modules/postgresql_privs.py
@@ -21,7 +21,7 @@
database:
description:
- Name of database to connect to.
- required: yes
+ required: true
type: str
aliases:
- db
@@ -79,14 +79,14 @@
- The special value C(PUBLIC) can be provided instead to set permissions
for the implicitly defined PUBLIC group.
type: str
- required: yes
+ required: true
aliases:
- role
fail_on_role:
description:
- - If C(yes), fail when target role (for whom privs need to be granted) does not exist.
+ - If C(true), fail when target role (for whom privs need to be granted) does not exist.
Otherwise just warn and continue.
- default: yes
+ default: true
type: bool
session_role:
description:
@@ -103,7 +103,7 @@
grant_option:
description:
- Whether C(role) may grant/revoke the specified privileges/group memberships to others.
- - Set to C(no) to revoke GRANT OPTION, leave unspecified to make no changes.
+ - Set to C(false) to revoke GRANT OPTION, leave unspecified to make no changes.
- I(grant_option) only has an effect if I(state) is C(present).
type: bool
aliases:
@@ -157,20 +157,20 @@
- ssl_rootcert
trust_input:
description:
- - If C(no), check whether values of parameters I(roles), I(target_roles), I(session_role),
+ - If C(false), check whether values of parameters I(roles), I(target_roles), I(session_role),
I(schema) are potentially dangerous.
- - It makes sense to use C(no) only when SQL injections via the parameters are possible.
+ - It makes sense to use C(false) only when SQL injections via the parameters are possible.
type: bool
- default: yes
+ default: true
version_added: '0.2.0'
usage_on_types:
description:
- When adding default privileges, the module always implicitly adds ``USAGE ON TYPES``.
- - To avoid this behavior, set I(usage_on_types) to C(no).
+ - To avoid this behavior, set I(usage_on_types) to C(false).
- Added to save backwards compatibility.
- Used only when adding default privileges, ignored otherwise.
type: bool
- default: yes
+ default: true
version_added: '1.2.0'
notes:
@@ -178,7 +178,7 @@
- Parameters that accept comma separated lists (I(privs), I(objs), I(roles))
have singular alias names (I(priv), I(obj), I(role)).
- To revoke only C(GRANT OPTION) for a specific object, set I(state) to
- C(present) and I(grant_option) to C(no) (see examples).
+ C(present) and I(grant_option) to C(false) (see examples).
- Note that when revoking privileges from a role R, this role may still have
access via privileges granted to any role R is a member of including C(PUBLIC).
- Note that when you use C(PUBLIC) role, the module always reports that the state has been changed.
@@ -223,7 +223,7 @@
objs: books,authors
schema: public
roles: librarian,reader
- grant_option: yes
+ grant_option: true
- name: Same as above leveraging default values
community.postgresql.postgresql_privs:
@@ -231,7 +231,7 @@
privs: SELECT,INSERT,UPDATE
objs: books,authors
roles: librarian,reader
- grant_option: yes
+ grant_option: true
# REVOKE GRANT OPTION FOR INSERT ON TABLE books FROM reader
# Note that role "reader" will be *granted* INSERT privilege itself if this
@@ -243,7 +243,7 @@
priv: INSERT
obj: books
role: reader
- grant_option: no
+ grant_option: false
# "public" is the default schema. This also works for PostgreSQL 8.x.
- name: REVOKE INSERT, UPDATE ON ALL TABLES IN SCHEMA public FROM reader
@@ -280,7 +280,7 @@
type: group
objs: librarian,reader
roles: alice,bob
- admin_option: yes
+ admin_option: true
# Note that here "db: postgres" specifies the database to connect to, not the
# database to grant privileges on (which is specified via the "objs" param)
@@ -312,7 +312,7 @@
privs: ALL
type: default_privs
role: librarian
- grant_option: yes
+ grant_option: true
# Available since version 2.7
# Objs must be set, ALL_DEFAULT to TABLES/SEQUENCES/TYPES/FUNCTIONS
diff --git a/plugins/modules/postgresql_publication.py b/plugins/modules/postgresql_publication.py
index 26f797a1..0dee8751 100644
--- a/plugins/modules/postgresql_publication.py
+++ b/plugins/modules/postgresql_publication.py
@@ -68,11 +68,11 @@
version_added: '0.2.0'
trust_input:
description:
- - If C(no), check whether values of parameters I(name), I(tables), I(owner),
+ - If C(false), check whether values of parameters I(name), I(tables), I(owner),
I(session_role), I(params) are potentially dangerous.
- - It makes sense to use C(no) only when SQL injections via the parameters are possible.
+ - It makes sense to use C(false) only when SQL injections via the parameters are possible.
type: bool
- default: yes
+ default: true
version_added: '0.2.0'
notes:
- PostgreSQL version must be 10 or greater.
diff --git a/plugins/modules/postgresql_query.py b/plugins/modules/postgresql_query.py
index 1604cc98..0ba19146 100644
--- a/plugins/modules/postgresql_query.py
+++ b/plugins/modules/postgresql_query.py
@@ -41,7 +41,7 @@
- Path to a SQL script on the target machine.
- If the script contains several queries, they must be semicolon-separated.
- To run scripts containing objects with semicolons
- (for example, function and procedure definitions), use I(as_single_query=yes).
+ (for example, function and procedure definitions), use I(as_single_query=true).
- To upload dumps or to execute other complex scripts, the preferable way
is to use the M(community.postgresql.postgresql_db) module with I(state=restore).
- Mutually exclusive with I(query).
@@ -65,7 +65,7 @@
(e.g., VACUUM).
- Mutually exclusive with I(check_mode).
type: bool
- default: no
+ default: false
encoding:
description:
- Set the client encoding for the current session (e.g. C(UTF-8)).
@@ -74,10 +74,10 @@
version_added: '0.2.0'
trust_input:
description:
- - If C(no), check whether a value of I(session_role) is potentially dangerous.
- - It makes sense to use C(no) only when SQL injections via I(session_role) are possible.
+ - If C(false), check whether a value of I(session_role) is potentially dangerous.
+ - It makes sense to use C(false) only when SQL injections via I(session_role) are possible.
type: bool
- default: yes
+ default: true
version_added: '0.2.0'
search_path:
description:
@@ -87,17 +87,23 @@
version_added: '1.0.0'
as_single_query:
description:
- - If C(yes), when reading from the I(path_to_script) file,
- executes its whole content in a single query.
- - When C(yes), the C(query_all_results) return value
+ - This option has been B(deprecated) and will be removed in community.postgresql 3.0.0,
+ please use the M(community.postgresql.postgresql_script) module to execute
+ statements from scripts.
+ - If C(true), when reading from the I(path_to_script) file,
+ executes its whole content in a single query (not splitting it up
+ into separate queries by semicolons). It brings the following changes in
+ the module's behavior.
+ - When C(true), the C(query_all_results) return value
contains only the result of the last statement.
- Whether the state is reported as changed or not
is determined by the last statement of the file.
- Used only when I(path_to_script) is specified, otherwise ignored.
- - If set to C(no), the script can contain only semicolon-separated queries.
+ - If set to C(false), the script can contain only semicolon-separated queries.
(see the I(path_to_script) option documentation).
- The default value is C(no).
type: bool
+ default: true
version_added: '1.1.0'
seealso:
- module: community.postgresql.postgresql_db
@@ -144,7 +150,7 @@
query: INSERT INTO test_table (id, story) VALUES (2, 'my_long_story')
# If your script contains semicolons as parts of separate objects
-# like functions, procedures, and so on, use "as_single_query: yes"
+# like functions, procedures, and so on, use "as_single_query: true"
- name: Run queries from SQL script using UTF-8 client encoding for session
community.postgresql.postgresql_query:
db: test_db
@@ -157,7 +163,7 @@
community.postgresql.postgresql_query:
db: test_db
query: VACUUM
- autocommit: yes
+ autocommit: true
- name: >
Insert data to the column of array type using positional_args.
diff --git a/plugins/modules/postgresql_schema.py b/plugins/modules/postgresql_schema.py
index 74732031..c8d408c4 100644
--- a/plugins/modules/postgresql_schema.py
+++ b/plugins/modules/postgresql_schema.py
@@ -67,10 +67,10 @@
aliases: [ ssl_rootcert ]
trust_input:
description:
- - If C(no), check whether values of parameters I(schema), I(owner), I(session_role) are potentially dangerous.
- - It makes sense to use C(no) only when SQL injections via the parameters are possible.
+ - If C(false), check whether values of parameters I(schema), I(owner), I(session_role) are potentially dangerous.
+ - It makes sense to use C(false) only when SQL injections via the parameters are possible.
type: bool
- default: yes
+ default: true
version_added: '0.2.0'
seealso:
- name: PostgreSQL schemas
@@ -109,7 +109,7 @@
community.postgresql.postgresql_schema:
name: acme
state: absent
- cascade_drop: yes
+ cascade_drop: true
'''
RETURN = r'''
diff --git a/plugins/modules/postgresql_sequence.py b/plugins/modules/postgresql_sequence.py
index e3a9c78d..68ef1c9b 100644
--- a/plugins/modules/postgresql_sequence.py
+++ b/plugins/modules/postgresql_sequence.py
@@ -85,7 +85,7 @@
has reached its maximum value will return an error. False (NO CYCLE) is
the default.
type: bool
- default: no
+ default: false
cascade:
description:
- Automatically drop objects that depend on the sequence, and in turn all
@@ -93,7 +93,7 @@
- Ignored if I(state=present).
- Only used with I(state=absent).
type: bool
- default: no
+ default: false
rename_to:
description:
- The new name for the I(sequence).
@@ -131,11 +131,11 @@
- login_db
trust_input:
description:
- - If C(no), check whether values of parameters I(sequence), I(schema), I(rename_to),
+ - If C(false), check whether values of parameters I(sequence), I(schema), I(rename_to),
I(owner), I(newschema), I(session_role) are potentially dangerous.
- - It makes sense to use C(no) only when SQL injections via the parameters are possible.
+ - It makes sense to use C(false) only when SQL injections via the parameters are possible.
type: bool
- default: yes
+ default: true
version_added: '0.2.0'
notes:
- Supports C(check_mode).
@@ -186,7 +186,7 @@
- name: Create an ascending sequence called foobar, which cycle between 1 to 10
community.postgresql.postgresql_sequence:
name: foobar
- cycle: yes
+ cycle: true
min: 1
max: 10
@@ -219,7 +219,7 @@
- name: Drop a sequence called foobar with cascade
community.postgresql.postgresql_sequence:
name: foobar
- cascade: yes
+ cascade: true
state: absent
'''
@@ -275,7 +275,7 @@
description: Shows if the sequence cycle or not.
returned: always
type: str
- sample: 'NO'
+ sample: 'false'
owner:
description: Shows the current owner of the sequence
after the successful run of the task.
diff --git a/plugins/modules/postgresql_set.py b/plugins/modules/postgresql_set.py
index 8a589609..fb0fa825 100644
--- a/plugins/modules/postgresql_set.py
+++ b/plugins/modules/postgresql_set.py
@@ -18,7 +18,7 @@
- It can be more convenient and safe than the traditional method of manually editing the postgresql.conf file.
- ALTER SYSTEM writes the given parameter setting to the $PGDATA/postgresql.auto.conf file,
which is read in addition to postgresql.conf.
- - The module allows to reset parameter to boot_val (cluster initial value) by I(reset=yes) or remove parameter
+ - The module allows to reset parameter to boot_val (cluster initial value) by I(reset=true) or remove parameter
string from postgresql.auto.conf and reload I(value=default) (for settings with postmaster context restart is required).
- After change you can see in the ansible output the previous and
the new parameter value and other information using returned values and M(ansible.builtin.debug) module.
@@ -55,10 +55,10 @@
- login_db
trust_input:
description:
- - If C(no), check whether values of parameters are potentially dangerous.
- - It makes sense to use C(no) only when SQL injections are possible.
+ - If C(false), check whether values of parameters are potentially dangerous.
+ - It makes sense to use C(false) only when SQL injections are possible.
type: bool
- default: yes
+ default: true
version_added: '0.2.0'
notes:
- Supported version of PostgreSQL is 9.4 and later.
@@ -93,7 +93,7 @@
- name: Restore wal_keep_segments parameter to initial state
community.postgresql.postgresql_set:
name: wal_keep_segments
- reset: yes
+ reset: true
# Set work_mem parameter to 32MB and show what's been changed and restart is required or not
# (output example: "msg": "work_mem 4MB >> 64MB restart_req: False")
diff --git a/plugins/modules/postgresql_slot.py b/plugins/modules/postgresql_slot.py
index b8b37970..5bd3f9ff 100644
--- a/plugins/modules/postgresql_slot.py
+++ b/plugins/modules/postgresql_slot.py
@@ -19,7 +19,7 @@
description:
- Name of the replication slot to add or remove.
type: str
- required: yes
+ required: true
aliases:
- slot_name
slot_type:
@@ -38,14 +38,14 @@
choices: [ absent, present ]
immediately_reserve:
description:
- - Optional parameter that when C(yes) specifies that the LSN for this replication slot be reserved
- immediately, otherwise the default, C(no), specifies that the LSN is reserved on the first connection
+ - Optional parameter that when C(true) specifies that the LSN for this replication slot be reserved
+ immediately, otherwise the default, C(false), specifies that the LSN is reserved on the first connection
from a streaming replication client.
- Is available from PostgreSQL version 9.6.
- Uses only with I(slot_type=physical).
- Mutually exclusive with I(slot_type=logical).
type: bool
- default: no
+ default: false
output_plugin:
description:
- All logical slots must indicate which output plugin decoder they're using.
@@ -68,10 +68,10 @@
type: str
trust_input:
description:
- - If C(no), check the value of I(session_role) is potentially dangerous.
- - It makes sense to use C(no) only when SQL injections via I(session_role) are possible.
+ - If C(false), check the value of I(session_role) is potentially dangerous.
+ - It makes sense to use C(false) only when SQL injections via I(session_role) are possible.
type: bool
- default: yes
+ default: true
version_added: '0.2.0'
notes:
diff --git a/plugins/modules/postgresql_subscription.py b/plugins/modules/postgresql_subscription.py
index 22b3ca15..29d0bfda 100644
--- a/plugins/modules/postgresql_subscription.py
+++ b/plugins/modules/postgresql_subscription.py
@@ -21,14 +21,14 @@
description:
- Name of the subscription to add, update, or remove.
type: str
- required: yes
+ required: true
db:
description:
- Name of the database to connect to and where
the subscription state will be changed.
aliases: [ login_db ]
type: str
- required: yes
+ required: true
state:
description:
- The subscription state.
@@ -86,11 +86,11 @@
version_added: '0.2.0'
trust_input:
description:
- - If C(no), check whether values of parameters I(name), I(publications), I(owner),
+ - If C(false), check whether values of parameters I(name), I(publications), I(owner),
I(session_role), I(connparams), I(subsparams) are potentially dangerous.
- - It makes sense to use C(yes) only when SQL injections via the parameters are possible.
+ - It makes sense to use C(true) only when SQL injections via the parameters are possible.
type: bool
- default: yes
+ default: true
version_added: '0.2.0'
notes:
@@ -153,12 +153,12 @@
name: acme
state: refresh
-- name: Drop acme subscription from mydb with dependencies (cascade=yes)
+- name: Drop acme subscription from mydb with dependencies (cascade=true)
community.postgresql.postgresql_subscription:
db: mydb
name: acme
state: absent
- cascade: yes
+ cascade: true
- name: Assuming that acme subscription exists and enabled, disable the subscription
community.postgresql.postgresql_subscription:
@@ -166,7 +166,7 @@
name: acme
state: present
subsparams:
- enabled: no
+ enabled: false
'''
RETURN = r'''
diff --git a/plugins/modules/postgresql_table.py b/plugins/modules/postgresql_table.py
index b3a48782..5c3a6a1b 100644
--- a/plugins/modules/postgresql_table.py
+++ b/plugins/modules/postgresql_table.py
@@ -40,7 +40,7 @@
description:
- Create an unlogged table.
type: bool
- default: no
+ default: false
like:
description:
- Create a table like another table (with similar DDL).
@@ -66,7 +66,7 @@
- Truncate a table. Mutually exclusive with I(tablespace), I(owner), I(unlogged),
I(like), I(including), I(columns), I(rename), and I(storage_params).
type: bool
- default: no
+ default: false
storage_params:
description:
- Storage parameters like fillfactor, autovacuum_vacuum_treshold, etc.
@@ -91,13 +91,13 @@
- Automatically drop objects that depend on the table (such as views).
Used with I(state=absent) only.
type: bool
- default: no
+ default: false
trust_input:
description:
- - If C(no), check whether values of parameters are potentially dangerous.
- - It makes sense to use C(no) only when SQL injections are possible.
+ - If C(false), check whether values of parameters are potentially dangerous.
+ - It makes sense to use C(false) only when SQL injections are possible.
type: bool
- default: yes
+ default: true
version_added: '0.2.0'
notes:
- Supports C(check_mode).
@@ -190,7 +190,7 @@
- name: Truncate table foo
community.postgresql.postgresql_table:
name: foo
- truncate: yes
+ truncate: true
- name: Drop table foo from schema acme
community.postgresql.postgresql_table:
@@ -201,7 +201,7 @@
community.postgresql.postgresql_table:
name: bar
state: absent
- cascade: yes
+ cascade: true
'''
RETURN = r'''
diff --git a/plugins/modules/postgresql_tablespace.py b/plugins/modules/postgresql_tablespace.py
index 94f50e23..dacf5663 100644
--- a/plugins/modules/postgresql_tablespace.py
+++ b/plugins/modules/postgresql_tablespace.py
@@ -71,11 +71,11 @@
- login_db
trust_input:
description:
- - If C(no), check whether values of parameters I(tablespace), I(location), I(owner),
+ - If C(false), check whether values of parameters I(tablespace), I(location), I(owner),
I(rename_to), I(session_role), I(settings_list) are potentially dangerous.
- - It makes sense to use C(no) only when SQL injections via the parameters are possible.
+ - It makes sense to use C(false) only when SQL injections via the parameters are possible.
type: bool
- default: yes
+ default: true
version_added: '0.2.0'
notes:
diff --git a/plugins/modules/postgresql_user.py b/plugins/modules/postgresql_user.py
index d10d1c05..52cc8b38 100644
--- a/plugins/modules/postgresql_user.py
+++ b/plugins/modules/postgresql_user.py
@@ -18,7 +18,7 @@
- A user is a role with login privilege.
- You can also use it to grant or revoke user's privileges in a particular database.
- You cannot remove a user while it still has any privileges granted to it in any database.
-- Set I(fail_on_user) to C(no) to make the module ignore failures when trying to remove a user.
+- Set I(fail_on_user) to C(false) to make the module ignore failures when trying to remove a user.
In this case, the module reports if changes happened as usual and separately reports
whether the user has been removed or not.
- B(WARNING) The I(priv) option has been B(deprecated) and will be removed in community.postgresql 3.0.0. Please use the
@@ -55,8 +55,8 @@
- login_db
fail_on_user:
description:
- - If C(yes), fails when the user (role) cannot be removed. Otherwise just log and continue.
- default: yes
+ - If C(true), fails when the user (role) cannot be removed. Otherwise just log and continue.
+ default: true
type: bool
aliases:
- fail_on_role
@@ -100,12 +100,12 @@
description:
- Whether the password is stored hashed in the database.
- You can specify an unhashed password, and PostgreSQL ensures
- the stored password is hashed when I(encrypted=yes) is set.
+ the stored password is hashed when I(encrypted=true) is set.
If you specify a hashed password, the module uses it as-is,
regardless of the setting of I(encrypted).
- "Note: Postgresql 10 and newer does not support unhashed passwords."
- - Previous to Ansible 2.6, this was C(no) by default.
- default: yes
+ - Previous to Ansible 2.6, this was C(false) by default.
+ default: true
type: bool
expires:
description:
@@ -115,11 +115,11 @@
type: str
no_password_changes:
description:
- - If C(yes), does not inspect the database for password changes.
+ - If C(true), does not inspect the database for password changes.
If the user already exists, skips all password related checks.
Useful when C(pg_authid) is not accessible (such as in AWS RDS).
Otherwise, makes password changes as necessary.
- default: no
+ default: false
type: bool
conn_limit:
description:
@@ -154,11 +154,11 @@
version_added: '0.2.0'
trust_input:
description:
- - If C(no), checks whether values of options I(name), I(password), I(privs), I(expires),
+ - If C(false), checks whether values of options I(name), I(password), I(privs), I(expires),
I(role_attr_flags), I(groups), I(comment), I(session_role) are potentially dangerous.
- - It makes sense to use C(no) only when SQL injections through the options are possible.
+ - It makes sense to use C(false) only when SQL injections through the options are possible.
type: bool
- default: yes
+ default: true
version_added: '0.2.0'
notes:
- The module creates a user (role) with login privilege by default.
@@ -172,7 +172,7 @@
- On some systems (such as AWS RDS), C(pg_authid) is not accessible, thus, the module cannot compare
the current and desired C(password). In this case, the module assumes that the passwords are
different and changes it reporting that the state has been changed.
- To skip all password related checks for existing users, use I(no_password_changes=yes).
+ To skip all password related checks for existing users, use I(no_password_changes=true).
- On some systems (such as AWS RDS), C(SUPERUSER) is unavailable. This means the C(SUPERUSER) and
C(NOSUPERUSER) I(role_attr_flags) should not be specified to preserve idempotency and avoid
InsufficientPrivilege errors.
@@ -227,7 +227,7 @@
name: test
priv: "ALL/products:ALL"
state: absent
- fail_on_user: no
+ fail_on_user: false
# This example uses the 'priv' argument which is deprecated.
# You should use the 'postgresql_privs' module instead.
diff --git a/plugins/modules/postgresql_user_obj_stat_info.py b/plugins/modules/postgresql_user_obj_stat_info.py
index f09b4075..6bc09a84 100644
--- a/plugins/modules/postgresql_user_obj_stat_info.py
+++ b/plugins/modules/postgresql_user_obj_stat_info.py
@@ -42,10 +42,10 @@
type: str
trust_input:
description:
- - If C(no), check the value of I(session_role) is potentially dangerous.
- - It makes sense to use C(no) only when SQL injections via I(session_role) are possible.
+ - If C(false), check the value of I(session_role) is potentially dangerous.
+ - It makes sense to use C(false) only when SQL injections via I(session_role) are possible.
type: bool
- default: yes
+ default: true
version_added: '0.2.0'
notes:
diff --git a/tests/integration/targets/postgresql_copy/tasks/postgresql_copy_initial.yml b/tests/integration/targets/postgresql_copy/tasks/postgresql_copy_initial.yml
index cd9981e9..5c51c108 100644
--- a/tests/integration/targets/postgresql_copy/tasks/postgresql_copy_initial.yml
+++ b/tests/integration/targets/postgresql_copy/tasks/postgresql_copy_initial.yml
@@ -8,7 +8,7 @@
data_file_csv: /tmp/data.csv
task_parameters: &task_parameters
become_user: '{{ pg_user }}'
- become: yes
+ become: true
register: result
pg_parameters: &pg_parameters
login_user: '{{ pg_user }}'
@@ -46,13 +46,13 @@
# check_mode - if it's OK, must always return changed=True:
- name: postgresql_copy - check_mode, copy test table content to data_file_txt
- check_mode: yes
+ check_mode: true
<<: *task_parameters
postgresql_copy:
<<: *pg_parameters
copy_to: '{{ data_file_txt }}'
src: '{{ test_table }}'
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -61,7 +61,7 @@
# check that nothing changed after the previous step:
- name: postgresql_copy - check that data_file_txt doesn't exist
<<: *task_parameters
- ignore_errors: yes
+ ignore_errors: true
shell: head -n 1 '{{ data_file_txt }}'
- assert:
@@ -71,13 +71,13 @@
# check_mode - if it's OK, must always return changed=True:
- name: postgresql_copy - check_mode, copy test table content from data_file_txt
- check_mode: yes
+ check_mode: true
<<: *task_parameters
postgresql_copy:
<<: *pg_parameters
copy_from: '{{ data_file_txt }}'
dst: '{{ test_table }}'
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -96,14 +96,14 @@
# check_mode - test must fail because test table doesn't exist:
- name: postgresql_copy - check_mode, copy non existent table to data_file_txt
- check_mode: yes
- ignore_errors: yes
+ check_mode: true
+ ignore_errors: true
<<: *task_parameters
postgresql_copy:
<<: *pg_parameters
copy_to: '{{ data_file_txt }}'
src: non_existent_table
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -117,8 +117,8 @@
copy_to: '{{ data_file_txt }}'
src: '{{ test_table }}'
session_role: 'curious.anonymous"; SELECT * FROM information_schema.tables; --'
- trust_input: no
- ignore_errors: yes
+ trust_input: false
+ ignore_errors: true
- assert:
that:
@@ -131,7 +131,7 @@
<<: *pg_parameters
copy_to: '{{ data_file_txt }}'
src: '{{ test_table }}'
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -161,7 +161,7 @@
- name
options:
format: csv
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -190,7 +190,7 @@
- name
options:
format: csv
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -215,11 +215,11 @@
<<: *pg_parameters
src: '{{ test_table }}'
copy_to: '/bin/true'
- program: yes
+ program: true
columns: id, name
options:
delimiter: '|'
- trust_input: no
+ trust_input: false
when: ansible_distribution != 'FreeBSD'
- assert:
@@ -236,11 +236,11 @@
<<: *pg_parameters
dst: '{{ test_table }}'
copy_from: 'echo 1,first'
- program: yes
+ program: true
columns: id, name
options:
delimiter: ','
- trust_input: no
+ trust_input: false
- assert:
that:
diff --git a/tests/integration/targets/postgresql_db/tasks/manage_database.yml b/tests/integration/targets/postgresql_db/tasks/manage_database.yml
index a835dde3..42d0f4ee 100644
--- a/tests/integration/targets/postgresql_db/tasks/manage_database.yml
+++ b/tests/integration/targets/postgresql_db/tasks/manage_database.yml
@@ -6,4 +6,4 @@
postgresql_db:
name: mydb
state: absent
- force: yes
+ force: true
diff --git a/tests/integration/targets/postgresql_db/tasks/postgresql_db_initial.yml b/tests/integration/targets/postgresql_db/tasks/postgresql_db_initial.yml
index 851c19f4..472524a2 100644
--- a/tests/integration/targets/postgresql_db/tasks/postgresql_db_initial.yml
+++ b/tests/integration/targets/postgresql_db/tasks/postgresql_db_initial.yml
@@ -3,7 +3,7 @@
#
- name: Create DB
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
state: present
name: "{{ db_name }}"
@@ -19,7 +19,7 @@
- name: Check that database created
become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "select datname from pg_database where datname = '{{ db_name }}';" | psql -d postgres
register: result
@@ -29,7 +29,7 @@
- name: Run create on an already created db
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
state: present
name: "{{ db_name }}"
@@ -43,7 +43,7 @@
- name: Destroy DB
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
state: absent
name: "{{ db_name }}"
@@ -58,7 +58,7 @@
- name: Check that database was destroyed
become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "select datname from pg_database where datname = '{{ db_name }}';" | psql -d postgres
register: result
@@ -68,7 +68,7 @@
- name: Destroy DB
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
state: absent
name: "{{ db_name }}"
@@ -107,7 +107,7 @@
#
- name: Create a DB with conn_limit, encoding, collate, ctype, and template options
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
name: '{{ db_name }}'
state: 'present'
@@ -126,7 +126,7 @@
- name: Check that the DB has all of our options
become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "select datname, datconnlimit, pg_encoding_to_char(encoding), datcollate, datctype from pg_database where datname = '{{ db_name }}';" | psql -d postgres
register: result
@@ -142,7 +142,7 @@
- name: Check that running db creation with options a second time does nothing
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
name: '{{ db_name }}'
state: 'present'
@@ -161,7 +161,7 @@
- name: Check that attempting to change encoding returns an error
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
name: '{{ db_name }}'
state: 'present'
@@ -171,7 +171,7 @@
template: 'template0'
login_user: "{{ pg_user }}"
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -179,7 +179,7 @@
- name: Check that changing the conn_limit actually works
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
name: '{{ db_name }}'
state: 'present'
@@ -198,7 +198,7 @@
- name: Check that conn_limit has actually been set / updated to 200
become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "SELECT datconnlimit AS conn_limit FROM pg_database WHERE datname = '{{ db_name }}';" | psql -d postgres
register: result
@@ -209,7 +209,7 @@
- name: Cleanup test DB
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
name: '{{ db_name }}'
state: 'absent'
@@ -217,7 +217,7 @@
- shell: echo "select datname, pg_encoding_to_char(encoding), datcollate, datctype from pg_database where datname = '{{ db_name }}';" | psql -d postgres
become_user: "{{ pg_user }}"
- become: yes
+ become: true
register: result
- assert:
@@ -229,10 +229,10 @@
#
- name: Create an unprivileged user to own a DB
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_user:
name: "{{ item }}"
- encrypted: 'yes'
+ encrypted: 'true'
password: "md55c8ccfd9d6711fc69a7eae647fc54f51"
login_user: "{{ pg_user }}"
db: postgres
@@ -242,7 +242,7 @@
- name: Create db with user ownership
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
name: "{{ db_name }}"
state: "present"
@@ -257,7 +257,7 @@
- name: Check that the user owns the newly created DB
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
@@ -273,7 +273,7 @@
- name: Change the owner on an existing db, username with dots
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
name: "{{ db_name }}"
state: "present"
@@ -288,7 +288,7 @@
- name: Check the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
login_user: "{{ pg_user }}"
db: postgres
@@ -304,7 +304,7 @@
- name: Change the owner on an existing db
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
name: "{{ db_name }}"
state: "present"
@@ -319,7 +319,7 @@
- name: Check that the user owns the newly created DB
become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "select pg_catalog.pg_get_userbyid(datdba) from pg_catalog.pg_database where datname = '{{ db_name }}';" | psql -d postgres
register: result
@@ -330,7 +330,7 @@
- name: Cleanup db
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
name: "{{ db_name }}"
state: "absent"
@@ -338,7 +338,7 @@
- name: Check that database was destroyed
become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "select datname from pg_database where datname = '{{ db_name }}';" | psql -d postgres
register: result
@@ -348,7 +348,7 @@
- name: Cleanup test user
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_user:
name: "{{ db_user1 }}"
state: 'absent'
@@ -357,7 +357,7 @@
- name: Check that they were removed
become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "select * from pg_user where usename='{{ db_user1 }}';" | psql -d postgres
register: result
diff --git a/tests/integration/targets/postgresql_db/tasks/postgresql_db_session_role.yml b/tests/integration/targets/postgresql_db/tasks/postgresql_db_session_role.yml
index 4cdef73f..74f9e3ff 100644
--- a/tests/integration/targets/postgresql_db/tasks/postgresql_db_session_role.yml
+++ b/tests/integration/targets/postgresql_db/tasks/postgresql_db_session_role.yml
@@ -1,20 +1,20 @@
- name: Check that becoming an non-existing user throws an error
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
state: present
name: must_fail
login_user: "{{ pg_user }}"
session_role: "{{ db_session_role1 }}"
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
- result is failed
- name: Create a high privileged user
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_user:
name: "{{ db_session_role1 }}"
@@ -25,7 +25,7 @@
db: postgres
- name: Create a low privileged user using the newly created user
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_user:
name: "{{ db_session_role2 }}"
@@ -38,7 +38,7 @@
- name: Create DB as session_role
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
state: present
name: "{{ db_session_role1 }}"
@@ -48,7 +48,7 @@
- name: Check that database created and is owned by correct user
become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "select rolname from pg_database join pg_roles on datdba = pg_roles.oid where datname = '{{ db_session_role1 }}';" | psql -AtXq postgres
register: result
@@ -58,14 +58,14 @@
- name: Fail when creating database as low privileged user
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
state: present
name: "{{ db_session_role2 }}"
login_user: "{{ pg_user }}"
session_role: "{{ db_session_role2 }}"
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -73,7 +73,7 @@
- name: Drop test db
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
state: absent
name: "{{ db_session_role1 }}"
diff --git a/tests/integration/targets/postgresql_db/tasks/state_dump_restore.yml b/tests/integration/targets/postgresql_db/tasks/state_dump_restore.yml
index 6c62cce6..0292ca31 100644
--- a/tests/integration/targets/postgresql_db/tasks/state_dump_restore.yml
+++ b/tests/integration/targets/postgresql_db/tasks/state_dump_restore.yml
@@ -20,12 +20,12 @@
# ============================================================
- name: Create a test user
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_user:
name: "{{ db_user1 }}"
state: "present"
- encrypted: 'yes'
+ encrypted: 'true'
password: "password"
role_attr_flags: "CREATEDB,LOGIN,CREATEROLE"
login_user: "{{ pg_user }}"
@@ -81,7 +81,7 @@
dump_extra_args: --exclude-table=fake
register: result
become_user: "{{ pg_user }}"
- become: yes
+ become: true
- name: assert output message backup the database
assert:
@@ -123,7 +123,7 @@
state: restore
register: result
become_user: "{{ pg_user }}"
- become: yes
+ become: true
- name: assert output message restore the database
assert:
@@ -145,31 +145,31 @@
# 2. Test db name containing dots
- name: state dump/restore - create database, trust_input no
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_db:
state: present
name: "{{ suspicious_db_name }}"
owner: "{{ db_user1 }}"
login_user: "{{ pg_user }}"
- trust_input: no
+ trust_input: false
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
- result is failed
- result.msg == 'Passed input \'{{ suspicious_db_name }}\' is potentially dangerous'
-- name: state dump/restore - create database, trust_input yes explicitly
- become: yes
+- name: state dump/restore - create database, trust_input true explicitly
+ become: true
become_user: "{{ pg_user }}"
postgresql_db:
state: present
name: "{{ suspicious_db_name }}"
owner: "{{ db_user1 }}"
login_user: "{{ pg_user }}"
- trust_input: yes
+ trust_input: true
register: result
- assert:
@@ -177,7 +177,7 @@
- result is changed
- name: test state=restore to restore the database (expect changed=true)
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_db:
name: "{{ db_name_with_dot }}"
@@ -196,14 +196,14 @@
- result is changed
- name: state dump/restore - remove databases
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_db:
state: absent
name: "{{ db_name_with_dot }}"
owner: "{{ db_user1 }}"
login_user: "{{ pg_user }}"
- trust_input: yes
+ trust_input: true
register: result
- assert:
@@ -226,7 +226,7 @@
file: name={{ db_file_name }} state=absent
- name: Remove the test user
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_user:
name: "{{ db_user1 }}"
diff --git a/tests/integration/targets/postgresql_db/tasks/state_rename.yml b/tests/integration/targets/postgresql_db/tasks/state_rename.yml
index 749cf9db..dc87b76f 100644
--- a/tests/integration/targets/postgresql_db/tasks/state_rename.yml
+++ b/tests/integration/targets/postgresql_db/tasks/state_rename.yml
@@ -25,7 +25,7 @@
<<: *pg_parameters
name: '{{ db_source_name }}'
state: rename
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -39,7 +39,7 @@
name: '{{ db_source_name }}'
state: rename
target: '{{ db_source_name }}'
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -53,7 +53,7 @@
name: postgres
state: rename
target: '{{ db_source_name }}'
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -68,7 +68,7 @@
name: '{{ db_source_name }}'
state: rename
target: '{{ db_target_name}}'
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -82,8 +82,8 @@
name: '{{ db_source_name }}'
state: rename
target: '{{ db_target_name}}'
- ignore_errors: yes
- check_mode: yes
+ ignore_errors: true
+ check_mode: true
- assert:
that:
@@ -108,7 +108,7 @@
name: '{{ db_source_name }}'
state: rename
target: '{{ db_target_name}}'
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -122,7 +122,7 @@
name: '{{ db_source_name }}'
state: rename
target: '{{ db_target_name}}'
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -145,7 +145,7 @@
name: '{{ db_source_name }}'
state: rename
target: '{{ db_target_name }}'
- check_mode: yes
+ check_mode: true
- assert:
that:
@@ -212,7 +212,7 @@
name: '{{ db_source_name }}'
state: rename
target: '{{ db_target_name}}'
- check_mode: yes
+ check_mode: true
- assert:
that:
diff --git a/tests/integration/targets/postgresql_ext/tasks/postgresql_ext_initial.yml b/tests/integration/targets/postgresql_ext/tasks/postgresql_ext_initial.yml
index cabf1f49..3e3eeda8 100644
--- a/tests/integration/targets/postgresql_ext/tasks/postgresql_ext_initial.yml
+++ b/tests/integration/targets/postgresql_ext/tasks/postgresql_ext_initial.yml
@@ -198,7 +198,7 @@
db: postgres
name: postgis
session_role: 'curious.anonymous"; SELECT * FROM information_schema.tables; --'
- trust_input: no
+ trust_input: false
ignore_errors: true
register: result
diff --git a/tests/integration/targets/postgresql_ext/tasks/postgresql_ext_session_role.yml b/tests/integration/targets/postgresql_ext/tasks/postgresql_ext_session_role.yml
index c1fed5bf..29173fd0 100644
--- a/tests/integration/targets/postgresql_ext/tasks/postgresql_ext_session_role.yml
+++ b/tests/integration/targets/postgresql_ext/tasks/postgresql_ext_session_role.yml
@@ -1,5 +1,5 @@
- name: Create a high privileged user
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_user:
name: "{{ db_session_role1 }}"
@@ -11,7 +11,7 @@
- name: Create DB as session_role
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
state: present
name: "{{ db_session_role1 }}"
@@ -21,13 +21,13 @@
- name: Check that pg_extension exists (PostgreSQL >= 9.1)
become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "select count(*) from pg_class where relname='pg_extension' and relkind='r'" | psql -AtXq postgres
register: pg_extension
- name: Remove plpgsql from testdb using postgresql_ext
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_ext:
name: plpgsql
db: "{{ db_session_role1 }}"
@@ -38,13 +38,13 @@
- name: Fail when trying to create an extension as a mere mortal user
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_ext:
name: plpgsql
db: "{{ db_session_role1 }}"
login_user: "{{ pg_user }}"
session_role: "{{ db_session_role2 }}"
- ignore_errors: yes
+ ignore_errors: true
register: result
when:
"pg_extension.stdout_lines[-1] == '1'"
@@ -57,19 +57,19 @@
- name: Install extension as session_role
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_ext:
name: plpgsql
db: "{{ db_session_role1 }}"
login_user: "{{ pg_user }}"
session_role: "{{ db_session_role1 }}"
- trust_input: no
+ trust_input: false
when:
"pg_extension.stdout_lines[-1] == '1'"
- name: Check that extension is created and is owned by session_role
become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "select rolname from pg_extension join pg_roles on extowner=pg_roles.oid where extname='plpgsql';" | psql -AtXq "{{ db_session_role1 }}"
register: result
when:
@@ -83,26 +83,26 @@
- name: Remove plpgsql from testdb using postgresql_ext
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_ext:
name: plpgsql
db: "{{ db_session_role1 }}"
login_user: "{{ pg_user }}"
state: absent
- trust_input: no
+ trust_input: false
when:
"pg_extension.stdout_lines[-1] == '1'"
- name: Drop test db
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
state: absent
name: "{{ db_session_role1 }}"
login_user: "{{ pg_user }}"
- name: Drop test users
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_user:
name: "{{ item }}"
diff --git a/tests/integration/targets/postgresql_ext/tasks/postgresql_ext_version_opt.yml b/tests/integration/targets/postgresql_ext/tasks/postgresql_ext_version_opt.yml
index 36249627..64aa188d 100644
--- a/tests/integration/targets/postgresql_ext/tasks/postgresql_ext_version_opt.yml
+++ b/tests/integration/targets/postgresql_ext/tasks/postgresql_ext_version_opt.yml
@@ -7,7 +7,7 @@
test_schema: schema1
task_parameters: &task_parameters
become_user: '{{ pg_user }}'
- become: yes
+ become: true
register: result
pg_parameters: &pg_parameters
login_user: '{{ pg_user }}'
@@ -29,8 +29,8 @@
name: "{{ test_ext }}"
schema: "{{ test_schema }}"
version: '1.0'
- trust_input: no
- check_mode: yes
+ trust_input: false
+ check_mode: true
- assert:
that:
@@ -53,7 +53,7 @@
name: "{{ test_ext }}"
schema: "{{ test_schema }}"
version: '1.0'
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -77,8 +77,8 @@
name: "{{ test_ext }}"
schema: "{{ test_schema }}"
version: '1.0'
- trust_input: no
- check_mode: yes
+ trust_input: false
+ check_mode: true
- assert:
that:
@@ -101,7 +101,7 @@
name: "{{ test_ext }}"
schema: "{{ test_schema }}"
version: '1.0'
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -124,8 +124,8 @@
name: "{{ test_ext }}"
schema: "{{ test_schema }}"
version: '2.0'
- trust_input: no
- check_mode: yes
+ trust_input: false
+ check_mode: true
- assert:
that:
@@ -148,7 +148,7 @@
name: "{{ test_ext }}"
schema: "{{ test_schema }}"
version: '2.0'
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -171,7 +171,7 @@
<<: *pg_parameters
name: "{{ test_ext }}"
schema: "{{ test_schema }}"
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -194,7 +194,7 @@
name: "{{ test_ext }}"
schema: "{{ test_schema }}"
version: latest
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -218,7 +218,7 @@
name: "{{ test_ext }}"
schema: "{{ test_schema }}"
version: latest
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -241,8 +241,8 @@
name: "{{ test_ext }}"
schema: "{{ test_schema }}"
version: '1.0'
- trust_input: no
- ignore_errors: yes
+ trust_input: false
+ ignore_errors: true
- assert:
that:
@@ -254,8 +254,8 @@
<<: *pg_parameters
name: "{{ test_ext }}"
state: absent
- trust_input: no
- check_mode: yes
+ trust_input: false
+ check_mode: true
- assert:
that:
@@ -277,7 +277,7 @@
<<: *pg_parameters
name: "{{ test_ext }}"
state: absent
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -299,7 +299,7 @@
<<: *pg_parameters
name: "{{ test_ext }}"
state: absent
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -310,7 +310,7 @@
postgresql_ext:
<<: *pg_parameters
name: "{{ test_ext }}"
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -332,8 +332,8 @@
postgresql_ext:
<<: *pg_parameters
name: non_existent
- trust_input: no
- ignore_errors: yes
+ trust_input: false
+ ignore_errors: true
- assert:
that:
@@ -411,7 +411,7 @@
<<: *pg_parameters
name: "{{ test_ext }}"
state: absent
- trust_input: no
+ trust_input: false
- name: postgresql_ext_version - drop the schema
<<: *task_parameters
diff --git a/tests/integration/targets/postgresql_idx/tasks/postgresql_idx_initial.yml b/tests/integration/targets/postgresql_idx/tasks/postgresql_idx_initial.yml
index 31d16627..3c2dc3fb 100644
--- a/tests/integration/targets/postgresql_idx/tasks/postgresql_idx_initial.yml
+++ b/tests/integration/targets/postgresql_idx/tasks/postgresql_idx_initial.yml
@@ -92,7 +92,7 @@
table: test_table
columns: id, story
idxname: Test0_idx
- trust_input: no
+ trust_input: false
register: result
ignore_errors: true
@@ -159,7 +159,7 @@
idxname: foo_test_idx
tablespace: ssd
storage_params: fillfactor=90
- trust_input: no
+ trust_input: false
register: result
ignore_errors: true
when: tablespace.rc == 0
@@ -190,7 +190,7 @@
columns: id
idxname: test_brin_idx
concurrent: false
- trust_input: no
+ trust_input: false
register: result
ignore_errors: true
@@ -217,7 +217,7 @@
columns: id
idxname: test1_idx
cond: id > 1 AND id != 10
- trust_input: no
+ trust_input: false
register: result
ignore_errors: true
@@ -243,7 +243,7 @@
columns: story
idxname: test_unique0_idx
unique: true
- trust_input: no
+ trust_input: false
register: result
ignore_errors: true
@@ -290,7 +290,7 @@
cascade: true
state: absent
concurrent: false
- trust_input: yes
+ trust_input: true
check_mode: true
register: result
ignore_errors: true
diff --git a/tests/integration/targets/postgresql_info/tasks/postgresql_info_initial.yml b/tests/integration/targets/postgresql_info/tasks/postgresql_info_initial.yml
index 36c4015a..8f122d4a 100644
--- a/tests/integration/targets/postgresql_info/tasks/postgresql_info_initial.yml
+++ b/tests/integration/targets/postgresql_info/tasks/postgresql_info_initial.yml
@@ -4,7 +4,7 @@
- vars:
task_parameters: &task_parameters
become_user: '{{ pg_user }}'
- become: yes
+ become: true
register: result
pg_parameters: &pg_parameters
login_user: '{{ pg_user }}'
@@ -204,7 +204,7 @@
<<: *pg_parameters
login_db: '{{ test_db }}'
login_port: '{{ primary_port }}'
- trust_input: yes
+ trust_input: true
- assert:
that:
@@ -226,10 +226,10 @@
<<: *pg_parameters
login_db: '{{ test_db }}'
login_port: '{{ primary_port }}'
- trust_input: no
+ trust_input: false
session_role: 'curious.anonymous"; SELECT * FROM information_schema.tables; --'
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
diff --git a/tests/integration/targets/postgresql_info/tasks/setup_publication.yml b/tests/integration/targets/postgresql_info/tasks/setup_publication.yml
index 1a1bea5d..3d8fed92 100644
--- a/tests/integration/targets/postgresql_info/tasks/setup_publication.yml
+++ b/tests/integration/targets/postgresql_info/tasks/setup_publication.yml
@@ -5,7 +5,7 @@
- vars:
task_parameters: &task_parameters
become_user: '{{ pg_user }}'
- become: yes
+ become: true
register: result
pg_parameters: &pg_parameters
login_user: '{{ pg_user }}'
diff --git a/tests/integration/targets/postgresql_lang/tasks/postgresql_lang_add_owner_param.yml b/tests/integration/targets/postgresql_lang/tasks/postgresql_lang_add_owner_param.yml
index 5d21db56..a08ff82f 100644
--- a/tests/integration/targets/postgresql_lang/tasks/postgresql_lang_add_owner_param.yml
+++ b/tests/integration/targets/postgresql_lang/tasks/postgresql_lang_add_owner_param.yml
@@ -8,7 +8,7 @@
non_existent_role: fake_role
task_parameters: &task_parameters
become_user: '{{ pg_user }}'
- become: yes
+ become: true
register: result
pg_parameters: &pg_parameters
login_user: '{{ pg_user }}'
@@ -30,8 +30,8 @@
<<: *pg_parameters
name: '{{ test_lang }}'
owner: '{{ test_user1 }}'
- trust_input: no
- check_mode: yes
+ trust_input: false
+ check_mode: true
- assert:
that:
@@ -58,7 +58,7 @@
<<: *pg_parameters
name: '{{ test_lang }}'
owner: '{{ test_user1 }}'
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -85,8 +85,8 @@
<<: *pg_parameters
name: '{{ test_lang }}'
owner: '{{ test_user2 }}'
- trust_input: yes
- check_mode: yes
+ trust_input: true
+ check_mode: true
- assert:
that:
diff --git a/tests/integration/targets/postgresql_lang/tasks/postgresql_lang_initial.yml b/tests/integration/targets/postgresql_lang/tasks/postgresql_lang_initial.yml
index 66023de8..1d24778b 100644
--- a/tests/integration/targets/postgresql_lang/tasks/postgresql_lang_initial.yml
+++ b/tests/integration/targets/postgresql_lang/tasks/postgresql_lang_initial.yml
@@ -3,7 +3,7 @@
# Preparation for tests:
- name: Install PostgreSQL support packages
- become: yes
+ become: true
action: "{{ ansible_facts.pkg_mgr }}"
args:
name: "{{ postgresql_lang_packages }}"
@@ -16,14 +16,14 @@
# Create language in check_mode:
- name: postgresql_lang - create plperl in check_mode
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_lang:
db: postgres
login_user: "{{ pg_user }}"
name: plperl
register: result
- ignore_errors: yes
- check_mode: yes
+ ignore_errors: true
+ check_mode: true
- assert:
that:
@@ -32,7 +32,7 @@
- name: postgresql_lang - check that lang doesn't exist after previous step, rowcount must be 0
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
@@ -46,13 +46,13 @@
# Create language:
- name: postgresql_lang - create plperl
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_lang:
db: postgres
login_user: "{{ pg_user }}"
name: plperl
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -61,7 +61,7 @@
- name: postgresql_lang - check that lang exists after previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
@@ -75,15 +75,15 @@
# Drop language in check_mode:
- name: postgresql_lang - drop plperl in check_mode
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_lang:
db: postgres
login_user: "{{ pg_user }}"
name: plperl
state: absent
register: result
- ignore_errors: yes
- check_mode: yes
+ ignore_errors: true
+ check_mode: true
- assert:
that:
@@ -92,7 +92,7 @@
- name: postgresql_lang - check that lang exists after previous step, rowcount must be 1
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
@@ -106,14 +106,14 @@
# Drop language:
- name: postgresql_lang - drop plperl
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_lang:
db: postgres
login_user: "{{ pg_user }}"
name: plperl
state: absent
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -122,7 +122,7 @@
- name: postgresql_lang - check that lang doesn't exist after previous step, rowcount must be 0
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
@@ -133,18 +133,18 @@
that:
- result.rowcount == 0
-# Check fail_on_drop yes
-- name: postgresql_lang - drop c language to check fail_on_drop yes
+# Check fail_on_drop true
+- name: postgresql_lang - drop c language to check fail_on_drop true
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_lang:
db: postgres
login_user: "{{ pg_user }}"
name: c
state: absent
- fail_on_drop: yes
+ fail_on_drop: true
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -153,15 +153,15 @@
# Check fail_on_drop no
- name: postgresql_lang - drop c language to check fail_on_drop no
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_lang:
db: postgres
login_user: "{{ pg_user }}"
name: c
state: absent
- fail_on_drop: no
+ fail_on_drop: false
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -170,15 +170,15 @@
# Create trusted language:
- name: postgresql_lang - create plpythonu
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_lang:
db: postgres
login_user: "{{ pg_user }}"
name: plpythonu
- trust: yes
- force_trust: yes
+ trust: true
+ force_trust: true
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -187,7 +187,7 @@
- name: postgresql_lang - check that lang exists and it's trusted after previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
@@ -201,16 +201,16 @@
# Drop language cascade, tests of aliases:
- name: postgresql_lang - drop plpythonu cascade
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_lang:
login_db: postgres
login_user: "{{ pg_user }}"
login_port: 5432
lang: plpythonu
state: absent
- cascade: yes
+ cascade: true
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -219,7 +219,7 @@
- name: postgresql_lang - check that lang doesn't exist after previous step, rowcount must be 0
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
diff --git a/tests/integration/targets/postgresql_membership/tasks/postgresql_membership_initial.yml b/tests/integration/targets/postgresql_membership/tasks/postgresql_membership_initial.yml
deleted file mode 100644
index d8d7bb6b..00000000
--- a/tests/integration/targets/postgresql_membership/tasks/postgresql_membership_initial.yml
+++ /dev/null
@@ -1,390 +0,0 @@
-# Copyright: (c) 2019, Andrew Klychkov (@Andersson007) <aaklychkov@mail.ru>
-# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
-
-####################
-# Prepare for tests:
-
-# Create test roles:
-- name: postgresql_membership - create test roles
- become_user: "{{ pg_user }}"
- become: yes
- postgresql_user:
- login_user: "{{ pg_user }}"
- db: postgres
- name: "{{ item }}"
- ignore_errors: yes
- with_items:
- - "{{ test_group1 }}"
- - "{{ test_group2 }}"
- - "{{ test_group3 }}"
- - "{{ test_user1 }}"
- - "{{ test_user2 }}"
-
-################
-# Do main tests:
-
-### Test check_mode
-# Grant test_group1 to test_user1 in check_mode:
-- name: postgresql_membership - grant test_group1 to test_user1 in check_mode
- become_user: "{{ pg_user }}"
- become: yes
- postgresql_membership:
- login_user: "{{ pg_user }}"
- db: postgres
- group: "{{ test_group1 }}"
- user: "{{ test_user1 }}"
- state: present
- register: result
- ignore_errors: yes
- check_mode: yes
-
-- assert:
- that:
- - result is changed
- - result.groups == ["{{ test_group1 }}"]
- - result.queries == ["GRANT \"{{ test_group1 }}\" TO \"{{ test_user1 }}\""]
- - result.granted.{{ test_group1 }} == ["{{ test_user1 }}"]
- - result.state == "present"
- - result.target_roles == ["{{ test_user1 }}"]
-
-# Try to revoke test_group1 from test_user1 to check that
-# nothing actually changed in check_mode at the previous step:
-- name: postgresql_membership - try to revoke test_group1 from test_user1 for checking check_mode
- become_user: "{{ pg_user }}"
- become: yes
- postgresql_membership:
- login_user: "{{ pg_user }}"
- db: postgres
- group: "{{ test_group1 }}"
- user: "{{ test_user1 }}"
- state: absent
- register: result
- ignore_errors: yes
- check_mode: yes
-
-- assert:
- that:
- - result is not changed
- - result.groups == ["{{ test_group1 }}"]
- - result.queries == []
- - result.revoked.{{ test_group1 }} == []
- - result.state == "absent"
- - result.target_roles == ["{{ test_user1 }}"]
-### End of test check_mode
-
-# Grant test_group1 to test_user1:
-- name: postgresql_membership - grant test_group1 to test_user1
- become_user: "{{ pg_user }}"
- become: yes
- postgresql_membership:
- login_user: "{{ pg_user }}"
- db: postgres
- group: "{{ test_group1 }}"
- user: "{{ test_user1 }}"
- state: present
- register: result
- ignore_errors: yes
-
-- assert:
- that:
- - result is changed
- - result.groups == ["{{ test_group1 }}"]
- - result.queries == ["GRANT \"{{ test_group1 }}\" TO \"{{ test_user1 }}\""]
- - result.granted.{{ test_group1 }} == ["{{ test_user1 }}"]
- - result.state == "present"
- - result.target_roles == ["{{ test_user1 }}"]
-
-# Grant test_group1 to test_user1 again to check that nothing changes:
-- name: postgresql_membership - grant test_group1 to test_user1 again
- become_user: "{{ pg_user }}"
- become: yes
- postgresql_membership:
- login_user: "{{ pg_user }}"
- db: postgres
- group: "{{ test_group1 }}"
- user: "{{ test_user1 }}"
- state: present
- register: result
- ignore_errors: yes
-
-- assert:
- that:
- - result is not changed
- - result.groups == ["{{ test_group1 }}"]
- - result.queries == []
- - result.granted.{{ test_group1 }} == []
- - result.state == "present"
- - result.target_roles == ["{{ test_user1 }}"]
-
-# Revoke test_group1 from test_user1:
-- name: postgresql_membership - revoke test_group1 from test_user1
- become_user: "{{ pg_user }}"
- become: yes
- postgresql_membership:
- login_user: "{{ pg_user }}"
- db: postgres
- group: "{{ test_group1 }}"
- user: "{{ test_user1 }}"
- state: absent
- register: result
- ignore_errors: yes
-
-- assert:
- that:
- - result is changed
- - result.groups == ["{{ test_group1 }}"]
- - result.queries == ["REVOKE \"{{ test_group1 }}\" FROM \"{{ test_user1 }}\""]
- - result.revoked.{{ test_group1 }} == ["{{ test_user1 }}"]
- - result.state == "absent"
- - result.target_roles == ["{{ test_user1 }}"]
-
-# Revoke test_group1 from test_user1 again to check that nothing changes:
-- name: postgresql_membership - revoke test_group1 from test_user1 again
- become_user: "{{ pg_user }}"
- become: yes
- postgresql_membership:
- login_user: "{{ pg_user }}"
- db: postgres
- group: "{{ test_group1 }}"
- user: "{{ test_user1 }}"
- state: absent
- register: result
- ignore_errors: yes
-
-- assert:
- that:
- - result is not changed
- - result.groups == ["{{ test_group1 }}"]
- - result.queries == []
- - result.revoked.{{ test_group1 }} == []
- - result.state == "absent"
- - result.target_roles == ["{{ test_user1 }}"]
-
-# Grant test_group1 and test_group2 to test_user1 and test_user2:
-- name: postgresql_membership - grant two groups to two users
- become_user: "{{ pg_user }}"
- become: yes
- postgresql_membership:
- login_user: "{{ pg_user }}"
- db: postgres
- group:
- - "{{ test_group1 }}"
- - "{{ test_group2 }}"
- user:
- - "{{ test_user1 }}"
- - "{{ test_user2 }}"
- state: present
- register: result
- ignore_errors: yes
-
-- assert:
- that:
- - result is changed
- - result.groups == ["{{ test_group1 }}", "{{ test_group2 }}"]
- - result.queries == ["GRANT \"{{ test_group1 }}\" TO \"{{ test_user1 }}\"", "GRANT \"{{ test_group1 }}\" TO \"{{ test_user2 }}\"", "GRANT \"{{ test_group2 }}\" TO \"{{ test_user1 }}\"", "GRANT \"{{ test_group2 }}\" TO \"{{ test_user2 }}\""]
- - result.granted.{{ test_group1 }} == ["{{ test_user1 }}", "{{ test_user2 }}"]
- - result.granted.{{ test_group2 }} == ["{{ test_user1 }}", "{{ test_user2 }}"]
- - result.state == "present"
- - result.target_roles == ["{{ test_user1 }}", "{{ test_user2 }}"]
-
-# Grant test_group1 and test_group2 to test_user1 and test_user2 again to check that nothing changes:
-- name: postgresql_membership - grant two groups to two users again
- become_user: "{{ pg_user }}"
- become: yes
- postgresql_membership:
- login_user: "{{ pg_user }}"
- db: postgres
- group:
- - "{{ test_group1 }}"
- - "{{ test_group2 }}"
- user:
- - "{{ test_user1 }}"
- - "{{ test_user2 }}"
- state: present
- register: result
- ignore_errors: yes
-
-- assert:
- that:
- - result is not changed
- - result.groups == ["{{ test_group1 }}", "{{ test_group2 }}"]
- - result.queries == []
- - result.granted.{{ test_group1 }} == []
- - result.granted.{{ test_group2 }} == []
- - result.state == "present"
- - result.target_roles == ["{{ test_user1 }}", "{{ test_user2 }}"]
-
-# Revoke only test_group1 from test_user1:
-- name: postgresql_membership - revoke one group from one user
- become_user: "{{ pg_user }}"
- become: yes
- postgresql_membership:
- login_user: "{{ pg_user }}"
- db: postgres
- group: "{{ test_group1 }}"
- user: "{{ test_user1 }}"
- state: absent
- register: result
- ignore_errors: yes
-
-- assert:
- that:
- - result is changed
- - result.groups == ["{{ test_group1 }}"]
- - result.queries == ["REVOKE \"{{ test_group1 }}\" FROM \"{{ test_user1 }}\""]
- - result.revoked.{{ test_group1 }} == ["{{ test_user1 }}"]
- - result.state == "absent"
- - result.target_roles == ["{{ test_user1 }}"]
-
-# Try to grant test_group1 and test_group2 to test_user1 and test_user2 again
-# to check that nothing changes with test_user2:
-- name: postgresql_membership - grant two groups to two users again
- become_user: "{{ pg_user }}"
- become: yes
- postgresql_membership:
- login_user: "{{ pg_user }}"
- db: postgres
- group:
- - "{{ test_group1 }}"
- - "{{ test_group2 }}"
- user:
- - "{{ test_user1 }}"
- - "{{ test_user2 }}"
- state: present
- register: result
- ignore_errors: yes
-
-- assert:
- that:
- - result is changed
- - result.groups == ["{{ test_group1 }}", "{{ test_group2 }}"]
- - result.queries == ["GRANT \"{{ test_group1 }}\" TO \"{{ test_user1 }}\""]
- - result.granted.{{ test_group1 }} == ["{{ test_user1 }}"]
- - result.granted.{{ test_group2 }} == []
- - result.state == "present"
- - result.target_roles == ["{{ test_user1 }}", "{{ test_user2 }}"]
-
-#####################
-# Check fail_on_role:
-
-# Try to grant non existent group to non existent role with fail_on_role=yes:
-- name: postgresql_membership - revoke non existen group from non existen role
- become_user: "{{ pg_user }}"
- become: yes
- postgresql_membership:
- login_user: "{{ pg_user }}"
- db: postgres
- group: fake_group
- user: fake_user
- state: present
- fail_on_role: yes
- register: result
- ignore_errors: yes
-
-- assert:
- that:
- - result is not changed
-
-# Try to grant non existent group to non existent role with fail_on_role=no:
-- name: postgresql_membership - revoke non existen group from non existen role
- become_user: "{{ pg_user }}"
- become: yes
- postgresql_membership:
- login_user: "{{ pg_user }}"
- db: postgres
- group: fake_group
- user: fake_user
- state: present
- fail_on_role: no
- register: result
- ignore_errors: yes
-
-- assert:
- that:
- - result is not changed
- - result.granted == {}
- - result.groups == []
- - result.target_roles == []
- - result.state == 'present'
-
-# Try to revoke non existent group from non existent role with fail_on_role=no:
-- name: postgresql_membership - revoke non existen group from non existen role
- become_user: "{{ pg_user }}"
- become: yes
- postgresql_membership:
- login_user: "{{ pg_user }}"
- db: postgres
- group: fake_group
- user: fake_user
- state: absent
- fail_on_role: no
- register: result
- ignore_errors: yes
-
-- assert:
- that:
- - result is not changed
- - result.revoked == {}
- - result.groups == []
- - result.target_roles == []
- - result.state == 'absent'
-
-# Grant test_group3 with a name containing dots to test_user1.
-- name: postgresql_membership - grant test_group3 with dots to test_user1
- become_user: "{{ pg_user }}"
- become: yes
- postgresql_membership:
- login_user: "{{ pg_user }}"
- db: postgres
- group: "{{ test_group3 }}"
- user: "{{ test_user1 }}"
- state: present
- register: result
-
-- assert:
- that:
- - result is changed
- - result.queries == ["GRANT \"{{ test_group3 }}\" TO \"{{ test_user1 }}\""]
-
-#############################
-# Check trust_input parameter
-
-- name: postgresql_membership - try to use dangerous input, don't trust
- become_user: "{{ pg_user }}"
- become: yes
- postgresql_membership:
- login_user: "{{ pg_user }}"
- db: postgres
- group:
- - "{{ test_group3}}"
- - "{{ dangerous_name }}"
- user: "{{ test_user1 }}"
- state: present
- trust_input: no
- register: result
- ignore_errors: yes
-
-- assert:
- that:
- - result is failed
- - result.msg == 'Passed input \'{{ dangerous_name }}\' is potentially dangerous'
-
-- name: postgresql_membership - try to use dangerous input, trust explicitly
- become_user: "{{ pg_user }}"
- become: yes
- postgresql_membership:
- login_user: "{{ pg_user }}"
- db: postgres
- group:
- - "{{ test_group3}}"
- - "{{ dangerous_name }}"
- user: "{{ test_user1 }}"
- state: present
- trust_input: yes
- register: result
- ignore_errors: yes
-
-- assert:
- that:
- - result is failed
- - result.msg == 'Role {{ dangerous_name }} does not exist'
diff --git a/tests/integration/targets/postgresql_owner/tasks/postgresql_owner_initial.yml b/tests/integration/targets/postgresql_owner/tasks/postgresql_owner_initial.yml
index 65623675..a2116028 100644
--- a/tests/integration/targets/postgresql_owner/tasks/postgresql_owner_initial.yml
+++ b/tests/integration/targets/postgresql_owner/tasks/postgresql_owner_initial.yml
@@ -196,7 +196,7 @@
db: acme
new_owner: alice
reassign_owned_by: bob
- trust_input: yes
+ trust_input: true
register: result
- assert:
@@ -221,7 +221,7 @@
###########################
# Test trust_inpt parameter
-- name: postgresql_owner - reassign_owned_by, trust_input no
+- name: postgresql_owner - reassign_owned_by, trust_input false
become_user: '{{ pg_user }}'
become: true
postgresql_owner:
@@ -229,16 +229,16 @@
db: acme
new_owner: '{{ dangerous_name }}'
reassign_owned_by: alice
- trust_input: no
+ trust_input: false
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
- result is failed
- result.msg == 'Passed input \'{{ dangerous_name }}\' is potentially dangerous'
-- name: postgresql_owner - reassign_owned_by, trust_input yes by default
+- name: postgresql_owner - reassign_owned_by, trust_input true by default
become_user: '{{ pg_user }}'
become: true
postgresql_owner:
@@ -247,7 +247,7 @@
new_owner: '{{ dangerous_name }}'
reassign_owned_by: alice
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
diff --git a/tests/integration/targets/postgresql_pg_hba/tasks/postgresql_pg_hba_initial.yml b/tests/integration/targets/postgresql_pg_hba/tasks/postgresql_pg_hba_initial.yml
index 583717e0..12758738 100644
--- a/tests/integration/targets/postgresql_pg_hba/tasks/postgresql_pg_hba_initial.yml
+++ b/tests/integration/targets/postgresql_pg_hba/tasks/postgresql_pg_hba_initial.yml
@@ -13,7 +13,7 @@
backup: 'True'
order: sud
state: "{{item}}"
- check_mode: yes
+ check_mode: true
with_items:
- present
- absent
@@ -150,7 +150,7 @@
source: all
state: present
register: pg_hba_fail_src_all_with_netmask
- ignore_errors: yes
+ ignore_errors: true
- debug:
var: pg_hba.pg_hba
@@ -197,7 +197,7 @@
fetch:
src: /tmp/pg_hba2.conf
dest: /tmp/pg_hba2.conf
- flat: yes
+ flat: true
- name: Read pg_hba2.conf
set_fact:
content: "{{ lookup('file', '/tmp/pg_hba2.conf') }}"
@@ -221,7 +221,7 @@
fetch:
src: /tmp/pg_hba2.conf
dest: /tmp/pg_hba2.conf
- flat: yes
+ flat: true
- name: Read pg_hba2.conf
set_fact:
content: "{{ lookup('file', '/tmp/pg_hba2.conf') }}"
@@ -246,7 +246,7 @@
fetch:
src: /tmp/pg_hba2.conf
dest: /tmp/pg_hba2.conf
- flat: yes
+ flat: true
- name: Read pg_hba2.conf
set_fact:
content: "{{ lookup('file', '/tmp/pg_hba2.conf') }}"
diff --git a/tests/integration/targets/postgresql_ping/tasks/postgresql_ping_initial.yml b/tests/integration/targets/postgresql_ping/tasks/postgresql_ping_initial.yml
index af1c3a00..30628d06 100644
--- a/tests/integration/targets/postgresql_ping/tasks/postgresql_ping_initial.yml
+++ b/tests/integration/targets/postgresql_ping/tasks/postgresql_ping_initial.yml
@@ -4,12 +4,12 @@
- name: postgresql_ping - test return values
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_ping:
db: "{{ db_default }}"
login_user: "{{ pg_user }}"
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -33,12 +33,12 @@
- name: postgresql_ping - check ping of non-existing database doesn't return anything
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_ping:
db: "{{ db_name_nonexist }}"
login_user: "{{ pg_user }}"
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -48,7 +48,7 @@
- name: postgresql_ping - ping DB with SSL
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_ping:
db: "{{ ssl_db }}"
login_user: "{{ ssl_user }}"
@@ -57,7 +57,7 @@
login_port: 5432
ssl_mode: require
ca_cert: '{{ ssl_rootcert }}'
- trust_input: yes
+ trust_input: true
register: result
when:
- ansible_os_family == 'Debian'
@@ -73,14 +73,14 @@
- name: postgresql_ping - check trust_input
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_ping:
db: "{{ db_default }}"
login_user: "{{ pg_user }}"
- trust_input: no
+ trust_input: false
session_role: 'curious.anonymous"; SELECT * FROM information_schema.tables; --'
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -90,7 +90,7 @@
# Check conn_err_msg return value
- name: Try to connect to non-existent DB
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_ping:
db: blahblah
login_user: "{{ pg_user }}"
diff --git a/tests/integration/targets/postgresql_privs/tasks/pg_authid_not_readable.yml b/tests/integration/targets/postgresql_privs/tasks/pg_authid_not_readable.yml
index f5d502d0..3f810d47 100644
--- a/tests/integration/targets/postgresql_privs/tasks/pg_authid_not_readable.yml
+++ b/tests/integration/targets/postgresql_privs/tasks/pg_authid_not_readable.yml
@@ -1,9 +1,9 @@
- name: "Admin user is allowed to access pg_authid relation: password comparison will succeed, password won't be updated"
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_user:
name: "{{ db_user1 }}"
- encrypted: 'yes'
+ encrypted: 'true'
password: "md5{{ (db_password ~ db_user1) | hash('md5')}}"
db: "{{ db_name }}"
priv: 'test_table1:INSERT,SELECT,UPDATE,DELETE,TRUNCATE,REFERENCES,TRIGGER/test_table2:INSERT/CREATE,CONNECT,TEMP'
@@ -21,7 +21,7 @@
shell: 'psql -c "select * from pg_authid;" {{ db_name }} {{ db_user1 }}'
environment:
PGPASSWORD: '{{ db_password }}'
- ignore_errors: yes
+ ignore_errors: true
register: pg_authid
- assert:
@@ -31,10 +31,10 @@
- name: "Normal user isn't allowed to access pg_authid relation: password comparison will fail, password will be updated"
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_user:
name: "{{ db_user1 }}"
- encrypted: 'yes'
+ encrypted: 'true'
password: "md5{{ (db_password ~ db_user1) | hash('md5')}}"
db: "{{ db_name }}"
priv: 'test_table1:INSERT,SELECT,UPDATE,DELETE,TRUNCATE,REFERENCES,TRIGGER/test_table2:INSERT/CREATE,CONNECT,TEMP'
diff --git a/tests/integration/targets/postgresql_privs/tasks/postgresql_privs_general.yml b/tests/integration/targets/postgresql_privs/tasks/postgresql_privs_general.yml
index 530e0d1e..b0e80af2 100644
--- a/tests/integration/targets/postgresql_privs/tasks/postgresql_privs_general.yml
+++ b/tests/integration/targets/postgresql_privs/tasks/postgresql_privs_general.yml
@@ -1,7 +1,7 @@
# Setup
- name: Create DB
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
state: present
name: "{{ db_name }}"
@@ -11,7 +11,7 @@
postgresql_user:
name: "{{ db_user3 }}"
state: present
- encrypted: yes
+ encrypted: true
password: password
role_attr_flags: CREATEDB,LOGIN
db: "{{ db_name }}"
@@ -21,7 +21,7 @@
postgresql_user:
name: "{{ db_user2 }}"
state: present
- encrypted: yes
+ encrypted: true
password: password
role_attr_flags: LOGIN
db: "{{ db_name }}"
@@ -32,7 +32,7 @@
#############################
- name: Create DB with hyphen in the name
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
state: present
name: "{{ db_name_with_hyphens }}"
@@ -47,7 +47,7 @@
postgresql_user:
name: "{{ db_user_with_hyphens }}"
state: present
- encrypted: yes
+ encrypted: true
password: password
role_attr_flags: CREATEDB,LOGIN
db: "{{ db_name_with_hyphens }}"
@@ -83,9 +83,9 @@
obj: TABLES
privs: all
state: present
- usage_on_types: yes
+ usage_on_types: true
register: result
- check_mode: yes
+ check_mode: true
- assert:
that:
@@ -104,7 +104,7 @@
obj: TABLES
privs: all
state: present
- usage_on_types: no
+ usage_on_types: false
register: result
- assert:
@@ -146,7 +146,7 @@
postgresql_user:
name: "{{ db_user_with_hyphens }}"
state: absent
- encrypted: yes
+ encrypted: true
password: password
role_attr_flags: CREATEDB,LOGIN
db: "{{ db_name_with_hyphens }}"
@@ -159,7 +159,7 @@
- name: Delete DB with hyphen in the name
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
state: absent
name: "{{ db_name_with_hyphens }}"
@@ -176,7 +176,7 @@
# Create the test table and view:
- name: Create table
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_table:
login_user: "{{ pg_user }}"
@@ -186,7 +186,7 @@
- id int
- name: Create view
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_query:
login_user: "{{ pg_user }}"
@@ -195,7 +195,7 @@
# Test check_mode:
- name: Grant SELECT on test_view, check_mode
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_privs:
login_user: "{{ pg_user }}"
@@ -205,8 +205,8 @@
type: table
objs: test_view
roles: "{{ db_user2 }}"
- trust_input: no
- check_mode: yes
+ trust_input: false
+ check_mode: true
register: result
- assert:
@@ -215,7 +215,7 @@
# Check:
- name: Check that nothing was changed after the prev step
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_query:
login_user: "{{ pg_user }}"
@@ -229,7 +229,7 @@
# Test true mode:
- name: Grant SELECT on test_view
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_privs:
login_user: "{{ pg_user }}"
@@ -239,7 +239,7 @@
type: table
objs: test_view
roles: "{{ db_user2 }}"
- trust_input: no
+ trust_input: false
register: result
- assert:
@@ -248,7 +248,7 @@
# Check:
- name: Check that nothing was changed after the prev step
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_query:
login_user: "{{ pg_user }}"
@@ -262,7 +262,7 @@
# Test true mode:
- name: Try to grant SELECT again
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_privs:
login_user: "{{ pg_user }}"
@@ -272,7 +272,7 @@
type: table
objs: test_view
roles: "{{ db_user2 }}"
- trust_input: no
+ trust_input: false
register: result
- assert:
@@ -281,7 +281,7 @@
# Cleanup:
- name: Drop test view
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_query:
login_user: "{{ pg_user }}"
@@ -289,7 +289,7 @@
query: "DROP VIEW test_view"
- name: Drop test table
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_table:
login_user: "{{ pg_user }}"
@@ -303,17 +303,17 @@
# Foreign data wrapper setup
- name: Create foreign data wrapper extension
- become: yes
+ become: true
become_user: "{{ pg_user }}"
shell: echo "CREATE EXTENSION postgres_fdw" | psql -d "{{ db_name }}"
- name: Create dummy foreign data wrapper
- become: yes
+ become: true
become_user: "{{ pg_user }}"
shell: echo "CREATE FOREIGN DATA WRAPPER dummy" | psql -d "{{ db_name }}"
- name: Create foreign server
- become: yes
+ become: true
become_user: "{{ pg_user }}"
shell: echo "CREATE SERVER dummy_server FOREIGN DATA WRAPPER dummy" | psql -d "{{ db_name }}"
@@ -327,9 +327,9 @@
objs: dummy
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
- trust_input: no
+ trust_input: false
register: result
- ignore_errors: yes
+ ignore_errors: true
# Checks
- assert:
@@ -337,7 +337,7 @@
- result is changed
- name: Get foreign data wrapper privileges
- become: yes
+ become: true
become_user: "{{ pg_user }}"
shell: echo "{{ fdw_query }}" | psql -d "{{ db_name }}"
vars:
@@ -361,9 +361,9 @@
objs: dummy
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
- trust_input: no
+ trust_input: false
register: result
- ignore_errors: yes
+ ignore_errors: true
# Checks
- assert:
@@ -380,9 +380,9 @@
objs: dummy
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
- trust_input: no
+ trust_input: false
register: result
- ignore_errors: yes
+ ignore_errors: true
# Checks
- assert:
@@ -390,7 +390,7 @@
- result is changed
- name: Get foreign data wrapper privileges
- become: yes
+ become: true
become_user: "{{ pg_user }}"
shell: echo "{{ fdw_query }}" | psql -d "{{ db_name }}"
vars:
@@ -414,9 +414,9 @@
objs: dummy
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
- trust_input: no
+ trust_input: false
register: result
- ignore_errors: yes
+ ignore_errors: true
# Checks
- assert:
@@ -433,9 +433,9 @@
objs: dummy_server
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
- trust_input: no
+ trust_input: false
register: result
- ignore_errors: yes
+ ignore_errors: true
# Checks
- assert:
@@ -443,7 +443,7 @@
- result is changed
- name: Get foreign server privileges
- become: yes
+ become: true
become_user: "{{ pg_user }}"
shell: echo "{{ fdw_query }}" | psql -d "{{ db_name }}"
vars:
@@ -467,9 +467,9 @@
objs: dummy_server
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
- trust_input: no
+ trust_input: false
register: result
- ignore_errors: yes
+ ignore_errors: true
# Checks
- assert:
@@ -486,9 +486,9 @@
objs: dummy_server
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
- trust_input: no
+ trust_input: false
register: result
- ignore_errors: yes
+ ignore_errors: true
# Checks
- assert:
@@ -496,7 +496,7 @@
- result is changed
- name: Get foreign server privileges
- become: yes
+ become: true
become_user: "{{ pg_user }}"
shell: echo "{{ fdw_query }}" | psql -d "{{ db_name }}"
vars:
@@ -520,9 +520,9 @@
objs: dummy_server
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
- trust_input: no
+ trust_input: false
register: result
- ignore_errors: yes
+ ignore_errors: true
# Checks
- assert:
@@ -531,17 +531,17 @@
# Foreign data wrapper cleanup
- name: Drop foreign server
- become: yes
+ become: true
become_user: "{{ pg_user }}"
shell: echo "DROP SERVER dummy_server" | psql -d "{{ db_name }}"
- name: Drop dummy foreign data wrapper
- become: yes
+ become: true
become_user: "{{ pg_user }}"
shell: echo "DROP FOREIGN DATA WRAPPER dummy" | psql -d "{{ db_name }}"
- name: Drop foreign data wrapper extension
- become: yes
+ become: true
become_user: "{{ pg_user }}"
shell: echo "DROP EXTENSION postgres_fdw" | psql -d "{{ db_name }}"
@@ -569,16 +569,16 @@
db: "{{ db_name }}"
login_user: "{{ db_user3 }}"
login_password: password
- trust_input: no
+ trust_input: false
register: result
- ignore_errors: yes
+ ignore_errors: true
# Checks
- assert:
that: result is changed
- name: Check that all functions have execute privileges
- become: yes
+ become: true
become_user: "{{ pg_user }}"
shell: psql {{ db_name }} -c "SELECT proacl FROM pg_proc WHERE proname = 'a'" -t
register: result
@@ -598,9 +598,9 @@
db: "{{ db_name }}"
login_user: "{{ db_user3 }}"
login_password: password
- trust_input: no
+ trust_input: false
register: result
- ignore_errors: yes
+ ignore_errors: true
# Checks
- assert:
@@ -618,9 +618,9 @@
db: "{{ db_name }}"
login_user: "{{ db_user3 }}"
login_password: password
- trust_input: no
+ trust_input: false
register: result
- ignore_errors: yes
+ ignore_errors: true
# Checks
- assert:
@@ -638,9 +638,9 @@
db: "{{ db_name }}"
login_user: "{{ db_user3 }}"
login_password: password
- trust_input: no
+ trust_input: false
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that: result is not changed
@@ -855,11 +855,11 @@
db: "{{ db_name }}"
login_user: "{{ db_user3 }}"
login_password: password
- trust_input: no
+ trust_input: false
register: result
- ignore_errors: yes
+ ignore_errors: true
when: postgres_version_resp.stdout is version('10', '>=')
- check_mode: yes
+ check_mode: true
# Checks
- name: Check that all partitioned tables don't have select privileges after the check mode task
@@ -870,7 +870,7 @@
login_password: password
named_args:
grantuser: '{{ db_user2 }}'
- become: yes
+ become: true
become_user: "{{ pg_user }}"
register: result
when: postgres_version_resp.stdout is version('10', '>=')
@@ -890,9 +890,9 @@
db: "{{ db_name }}"
roles: "{{ db_user2 }}"
login_user: "{{ pg_user }}"
- grant_option: yes
+ grant_option: true
state: present
- become: yes
+ become: true
become_user: "{{ pg_user }}"
register: result
@@ -906,7 +906,7 @@
db: "{{ db_name }}"
login_user: "{{ db_user2 }}"
login_password: password
- become: yes
+ become: true
become_user: "{{ pg_user }}"
register: result
@@ -924,7 +924,7 @@
roles: "{{ db_user2 }}"
login_user: "{{ pg_user }}"
state: present
- become: yes
+ become: true
become_user: "{{ pg_user }}"
register: result
@@ -938,7 +938,7 @@
db: "{{ db_name }}"
login_user: "{{ db_user2 }}"
login_password: password
- become: yes
+ become: true
become_user: "{{ pg_user }}"
register: result
@@ -955,9 +955,9 @@
db: "{{ db_name }}"
roles: "{{ db_user2 }}"
login_user: "{{ pg_user }}"
- grant_option: no
+ grant_option: false
state: present
- become: yes
+ become: true
become_user: "{{ pg_user }}"
register: result
@@ -971,7 +971,7 @@
db: "{{ db_name }}"
login_user: "{{ db_user2 }}"
login_password: password
- become: yes
+ become: true
become_user: "{{ pg_user }}"
register: result
@@ -989,7 +989,7 @@
roles: "{{ db_user2 }}"
login_user: "{{ pg_user }}"
state: absent
- become: yes
+ become: true
become_user: "{{ pg_user }}"
register: result
@@ -1003,7 +1003,7 @@
db: "{{ db_name }}"
login_user: "{{ db_user2 }}"
login_password: password
- become: yes
+ become: true
become_user: "{{ pg_user }}"
register: result
@@ -1022,9 +1022,9 @@
db: "{{ db_name }}"
login_user: "{{ db_user3 }}"
login_password: password
- trust_input: no
+ trust_input: false
register: result
- ignore_errors: yes
+ ignore_errors: true
when: postgres_version_resp.stdout is version('10', '>=')
# Checks
@@ -1040,7 +1040,7 @@
login_password: password
named_args:
grantuser: '{{ db_user2 }}'
- become: yes
+ become: true
become_user: "{{ pg_user }}"
register: result
when: postgres_version_resp.stdout is version('10', '>=')
@@ -1062,9 +1062,9 @@
db: "{{ db_name }}"
login_user: "{{ db_user3 }}"
login_password: password
- trust_input: no
+ trust_input: false
register: result
- ignore_errors: yes
+ ignore_errors: true
when: postgres_version_resp.stdout is version('10', '>=')
# Checks
@@ -1084,9 +1084,9 @@
db: "{{ db_name }}"
login_user: "{{ db_user3 }}"
login_password: password
- trust_input: no
+ trust_input: false
register: result
- ignore_errors: yes
+ ignore_errors: true
when: postgres_version_resp.stdout is version('10', '>=')
# Checks
@@ -1102,7 +1102,7 @@
login_password: password
named_args:
grantuser: '{{ db_user2 }}'
- become: yes
+ become: true
become_user: "{{ pg_user }}"
register: result
when: postgres_version_resp.stdout is version('10', '>=')
@@ -1124,9 +1124,9 @@
db: "{{ db_name }}"
login_user: "{{ db_user3 }}"
login_password: password
- trust_input: no
+ trust_input: false
register: result
- ignore_errors: yes
+ ignore_errors: true
when: postgres_version_resp.stdout is version('10', '>=')
- assert:
@@ -1140,8 +1140,8 @@
db: "{{ db_name }}"
login_user: "{{ db_user3 }}"
login_password: password
- trust_input: no
- ignore_errors: yes
+ trust_input: false
+ ignore_errors: true
when: postgres_version_resp.stdout is version('10', '>=')
###########################################
@@ -1150,7 +1150,7 @@
# Test
- name: Grant type privileges
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_privs:
state: present
@@ -1161,7 +1161,7 @@
schema: pg_catalog
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
- trust_input: no
+ trust_input: false
register: result
when: postgres_version_resp.stdout is version('10', '>=')
@@ -1172,7 +1172,7 @@
when: postgres_version_resp.stdout is version('10', '>=')
- name: Get type privileges
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_query:
login_user: "{{ pg_user }}"
@@ -1187,7 +1187,7 @@
when: postgres_version_resp.stdout is version('10', '>=')
- name: Grant type privileges again using check_mode
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_privs:
state: present
@@ -1198,9 +1198,9 @@
schema: pg_catalog
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
- trust_input: no
+ trust_input: false
register: result
- check_mode: yes
+ check_mode: true
when: postgres_version_resp.stdout is version('10', '>=')
# Checks
@@ -1210,7 +1210,7 @@
when: postgres_version_resp.stdout is version('10', '>=')
- name: Get type privileges
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_query:
login_user: "{{ pg_user }}"
@@ -1225,7 +1225,7 @@
when: postgres_version_resp.stdout is version('10', '>=')
- name: Grant type privileges again
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_privs:
state: present
@@ -1236,7 +1236,7 @@
schema: pg_catalog
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
- trust_input: no
+ trust_input: false
register: result
when: postgres_version_resp.stdout is version('10', '>=')
@@ -1247,7 +1247,7 @@
when: postgres_version_resp.stdout is version('10', '>=')
- name: Get type privileges
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_query:
login_user: "{{ pg_user }}"
@@ -1262,7 +1262,7 @@
when: postgres_version_resp.stdout is version('10', '>=')
- name: Revoke type privileges in check_mode
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_privs:
state: absent
@@ -1273,9 +1273,9 @@
schema: pg_catalog
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
- trust_input: no
+ trust_input: false
register: result
- check_mode: yes
+ check_mode: true
when: postgres_version_resp.stdout is version('10', '>=')
# Checks
@@ -1285,7 +1285,7 @@
when: postgres_version_resp.stdout is version('10', '>=')
- name: Get type privileges
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_query:
login_user: "{{ pg_user }}"
@@ -1300,7 +1300,7 @@
when: postgres_version_resp.stdout is version('10', '>=')
- name: Revoke type privileges
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_privs:
state: absent
@@ -1311,7 +1311,7 @@
schema: pg_catalog
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
- trust_input: no
+ trust_input: false
register: result
when: postgres_version_resp.stdout is version('10', '>=')
@@ -1322,7 +1322,7 @@
when: postgres_version_resp.stdout is version('10', '>=')
- name: Get type privileges
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_query:
login_user: "{{ pg_user }}"
@@ -1338,7 +1338,7 @@
# type with default schema (public):
- name: Create custom type in schema public
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_query:
login_user: "{{ pg_user }}"
@@ -1348,7 +1348,7 @@
# Test
- name: Grant type privileges with default schema
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_privs:
state: present
@@ -1358,7 +1358,7 @@
objs: compfoo
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
- trust_input: no
+ trust_input: false
register: result
when: postgres_version_resp.stdout is version('10', '>=')
@@ -1369,7 +1369,7 @@
when: postgres_version_resp.stdout is version('10', '>=')
- name: Get type privileges
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_query:
login_user: "{{ pg_user }}"
@@ -1388,7 +1388,7 @@
######################################################################
# https://github.com/ansible-collections/community.general/issues/1058
- name: Create user for test
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_user:
login_user: "{{ pg_user }}"
@@ -1397,7 +1397,7 @@
role_attr_flags: "NOLOGIN,NOSUPERUSER,INHERIT,NOCREATEDB,NOCREATEROLE,NOREPLICATION"
- name: Test community.general/issue/1058 GRANT with hyphen
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_privs:
login_user: "{{ pg_user }}"
@@ -1413,7 +1413,7 @@
- result.queries == ["GRANT \"{{ pg_user }}\" TO \"test-role\";"]
- name: Test community.general/issue/1058 REVOKE
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_privs:
login_user: "{{ pg_user }}"
@@ -1430,7 +1430,7 @@
- result.queries == ["REVOKE \"{{ pg_user }}\" FROM \"test-role\";"]
- name: Test community.general/issue/1058 GRANT without hyphen
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_privs:
login_user: "{{ pg_user }}"
@@ -1446,7 +1446,7 @@
- result.queries == ["GRANT \"{{ pg_user }}\" TO \"{{ db_user3 }}\";"]
- name: Test community.general/issue/1058 GRANT with hyphen as an object
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_privs:
login_user: "{{ pg_user }}"
@@ -1462,7 +1462,7 @@
- result.queries == ["GRANT \"test-role\",\"{{ db_user2 }}\" TO \"{{ db_user3 }}\";"]
- name: Test community.general/issue/1058 GRANT with hyphen as an object
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_privs:
login_user: "{{ pg_user }}"
@@ -1478,7 +1478,7 @@
# Cleanup
- name: Remove privs
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_privs:
state: absent
@@ -1488,12 +1488,12 @@
objs: compfoo
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
- trust_input: no
+ trust_input: false
when: postgres_version_resp.stdout is version('10', '>=')
- name: Reassign ownership
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_owner:
login_user: "{{ pg_user }}"
db: "{{ db_name }}"
@@ -1504,7 +1504,7 @@
- "{{ db_user3 }}"
- name: Remove user given permissions
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_user:
name: "{{ db_user2 }}"
@@ -1513,7 +1513,7 @@
login_user: "{{ pg_user }}"
- name: Remove user owner of objects
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_user:
name: "{{ item }}"
@@ -1526,7 +1526,7 @@
- name: Destroy DB
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
state: absent
name: "{{ db_name }}"
diff --git a/tests/integration/targets/postgresql_privs/tasks/postgresql_privs_initial.yml b/tests/integration/targets/postgresql_privs/tasks/postgresql_privs_initial.yml
index 8aa6b409..814bc348 100644
--- a/tests/integration/targets/postgresql_privs/tasks/postgresql_privs_initial.yml
+++ b/tests/integration/targets/postgresql_privs/tasks/postgresql_privs_initial.yml
@@ -7,7 +7,7 @@
#
- name: Create db
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
name: "{{ db_name }}"
state: "present"
@@ -15,11 +15,11 @@
- name: Create some tables on the db
become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "create table test_table1 (field text);" | psql {{ db_name }}
- become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "create table test_table2 (field text);" | psql {{ db_name }}
- vars:
@@ -27,10 +27,10 @@
block:
- name: Create a user with some permissions on the db
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_user:
name: "{{ db_user1 }}"
- encrypted: 'yes'
+ encrypted: 'true'
password: "md5{{ (db_password ~ db_user1) | hash('md5')}}"
db: "{{ db_name }}"
priv: 'test_table1:INSERT,SELECT,UPDATE,DELETE,TRUNCATE,REFERENCES,TRIGGER/test_table2:INSERT/CREATE,CONNECT,TEMP'
@@ -40,19 +40,19 @@
- name: Check that the user has the requested permissions (table1)
become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "select privilege_type from information_schema.role_table_grants where grantee='{{ db_user1 }}' and table_name='test_table1';" | psql {{ db_name }}
register: result_table1
- name: Check that the user has the requested permissions (table2)
become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "select privilege_type from information_schema.role_table_grants where grantee='{{ db_user1 }}' and table_name='test_table2';" | psql {{ db_name }}
register: result_table2
- name: Check that the user has the requested permissions (database)
become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "select datacl from pg_database where datname='{{ db_name }}';" | psql {{ db_name }}
register: result_database
@@ -73,10 +73,10 @@
- name: Add another permission for the user
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_user:
name: "{{ db_user1 }}"
- encrypted: 'yes'
+ encrypted: 'true'
password: "md55c8ccfd9d6711fc69a7eae647fc54f51"
db: "{{ db_name }}"
priv: 'test_table2:select'
@@ -90,7 +90,7 @@
- name: Check that the user has the requested permissions (table2)
become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "select privilege_type from information_schema.role_table_grants where grantee='{{ db_user1 }}' and table_name='test_table2';" | psql {{ db_name }}
register: result_table2
@@ -107,7 +107,7 @@
- name: Revoke a privilege
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_privs:
type: "table"
state: "absent"
@@ -116,7 +116,7 @@
objs: "test_table2"
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
- trust_input: no
+ trust_input: false
register: result
- name: Check that ansible reports it changed the user
@@ -126,7 +126,7 @@
- name: Check that the user has the requested permissions (table2)
become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "select privilege_type from information_schema.role_table_grants where grantee='{{ db_user1 }}' and table_name='test_table2';" | psql {{ db_name }}
register: result_table2
@@ -137,7 +137,7 @@
- name: Revoke many privileges on multiple tables
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_privs:
state: "absent"
roles: "{{ db_user1 }}"
@@ -145,7 +145,7 @@
objs: "test_table2,test_table1"
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
- trust_input: no
+ trust_input: false
register: result
- name: Check that ansible reports it changed the user
@@ -155,13 +155,13 @@
- name: Check that permissions were revoked (table1)
become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "select privilege_type from information_schema.role_table_grants where grantee='{{ db_user1 }}' and table_name='test_table1';" | psql {{ db_name }}
register: result_table1
- name: Check that permissions were revoked (table2)
become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "select privilege_type from information_schema.role_table_grants where grantee='{{ db_user1 }}' and table_name='test_table2';" | psql {{ db_name }}
register: result_table2
@@ -172,7 +172,7 @@
- name: Revoke database privileges
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_privs:
type: "database"
state: "absent"
@@ -181,11 +181,11 @@
objs: "{{ db_name }}"
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
- trust_input: no
+ trust_input: false
- name: Check that the user has the requested permissions (database)
become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "select datacl from pg_database where datname='{{ db_name }}';" | psql {{ db_name }}
register: result_database
@@ -196,7 +196,7 @@
- name: Grant database privileges
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_privs:
type: "database"
state: "present"
@@ -205,7 +205,7 @@
objs: "{{ db_name }}"
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
- trust_input: no
+ trust_input: false
register: result
- name: Check that ansible reports it changed the user
@@ -215,7 +215,7 @@
- name: Check that the user has the requested permissions (database)
become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "select datacl from pg_database where datname='{{ db_name }}';" | psql {{ db_name }}
register: result_database
@@ -226,7 +226,7 @@
- name: Grant a single privilege on a table
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_privs:
state: "present"
roles: "{{ db_user1 }}"
@@ -234,11 +234,11 @@
objs: "test_table1"
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
- trust_input: no
+ trust_input: false
- name: Check that permissions were added (table1)
become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "select privilege_type from information_schema.role_table_grants where grantee='{{ db_user1 }}' and table_name='test_table1';" | psql {{ db_name }}
register: result_table1
@@ -249,7 +249,7 @@
- name: Grant many privileges on multiple tables
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_privs:
state: "present"
roles: "{{ db_user1 }}"
@@ -257,17 +257,17 @@
objs: "test_table2,test_table1"
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
- trust_input: no
+ trust_input: false
- name: Check that permissions were added (table1)
become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "select privilege_type from information_schema.role_table_grants where grantee='{{ db_user1 }}' and table_name='test_table1';" | psql {{ db_name }}
register: result_table1
- name: Check that permissions were added (table2)
become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "select privilege_type from information_schema.role_table_grants where grantee='{{ db_user1 }}' and table_name='test_table2';" | psql {{ db_name }}
register: result_table2
@@ -294,7 +294,7 @@
# https://github.com/ansible/ansible/issues/63204
- name: Create roles for further tests
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_user:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -305,7 +305,7 @@
- name: Pass role with dots in its name to roles parameter
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_privs:
state: "present"
roles: "{{ db_user_with_dots1 }}"
@@ -313,11 +313,11 @@
objs: "test_table1"
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
- trust_input: no
+ trust_input: false
- name: Check that permissions were added (table1)
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -331,7 +331,7 @@
# We don't need to check anything here, only that nothing failed
- name: Pass role with dots in its name to target_roles parameter
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_privs:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -341,12 +341,12 @@
objs: TABLES
type: default_privs
target_roles: "{{ db_user_with_dots2 }}"
- trust_input: no
+ trust_input: false
# Bugfix for https://github.com/ansible-collections/community.general/issues/857
- name: Test passing lowercase PUBLIC role
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_privs:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -365,7 +365,7 @@
#
- name: Cleanup db
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
name: "{{ db_name }}"
state: "absent"
@@ -373,7 +373,7 @@
- name: Check that database was destroyed
become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "select datname from pg_database where datname = '{{ db_name }}';" | psql -d postgres
register: result
@@ -383,7 +383,7 @@
- name: Cleanup test user
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_user:
name: "{{ item }}"
state: 'absent'
@@ -398,7 +398,7 @@
- name: Check that they were removed
become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "select * from pg_user where usename='{{ db_user1 }}';" | psql -d postgres
register: result
diff --git a/tests/integration/targets/postgresql_privs/tasks/postgresql_privs_session_role.yml b/tests/integration/targets/postgresql_privs/tasks/postgresql_privs_session_role.yml
index 9a06c9d2..e0c083e9 100644
--- a/tests/integration/targets/postgresql_privs/tasks/postgresql_privs_session_role.yml
+++ b/tests/integration/targets/postgresql_privs/tasks/postgresql_privs_session_role.yml
@@ -1,5 +1,5 @@
- name: Create a high privileged user
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_user:
name: "{{ db_session_role1 }}"
@@ -10,7 +10,7 @@
db: postgres
- name: Create a low privileged user using the newly created user
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_user:
name: "{{ db_session_role2 }}"
@@ -23,7 +23,7 @@
- name: Create DB as session_role
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
state: present
name: "{{ db_session_role1 }}"
@@ -33,12 +33,12 @@
- name: Create table to be able to grant privileges
become_user: "{{ pg_user }}"
- become: yes
+ become: true
shell: echo "CREATE TABLE test(i int); CREATE TABLE test2(i int);" | psql -AtXq "{{ db_session_role1 }}"
- name: Grant all privileges on test1 table to low privileged user
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_privs:
db: "{{ db_session_role1 }}"
type: table
@@ -46,11 +46,11 @@
roles: "{{ db_session_role2 }}"
login_user: "{{ pg_user }}"
privs: select
- admin_option: yes
+ admin_option: true
- name: Verify admin option was successful for grants
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_privs:
db: "{{ db_session_role1 }}"
type: table
@@ -62,7 +62,7 @@
- name: Verify no grants can be granted for test2 table
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_privs:
db: "{{ db_session_role1 }}"
type: table
@@ -71,7 +71,7 @@
login_user: "{{ pg_user }}"
privs: update
session_role: "{{ db_session_role2 }}"
- ignore_errors: yes
+ ignore_errors: true
register: result
- assert:
@@ -83,7 +83,7 @@
- name: Verify trust_input parameter
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_privs:
db: "{{ db_session_role1 }}"
type: table
@@ -92,8 +92,8 @@
login_user: "{{ pg_user }}"
privs: update
session_role: "{{ dangerous_name }}"
- trust_input: no
- ignore_errors: yes
+ trust_input: false
+ ignore_errors: true
register: result
- assert:
diff --git a/tests/integration/targets/postgresql_privs/tasks/test_target_role.yml b/tests/integration/targets/postgresql_privs/tasks/test_target_role.yml
index a1d2805a..42ece0ba 100644
--- a/tests/integration/targets/postgresql_privs/tasks/test_target_role.yml
+++ b/tests/integration/targets/postgresql_privs/tasks/test_target_role.yml
@@ -1,7 +1,7 @@
# Setup
- name: Create a test user
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_user:
name: "{{ db_user1 }}"
login_user: "{{ pg_user }}"
@@ -9,7 +9,7 @@
- name: Create DB
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
state: present
name: "{{ db_name }}"
@@ -20,7 +20,7 @@
postgresql_user:
name: "{{ db_user2 }}"
state: present
- encrypted: yes
+ encrypted: true
password: password
role_attr_flags: LOGIN
db: "{{ db_name }}"
@@ -33,7 +33,7 @@
# Test
- name: Grant default privileges for new table objects
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_privs:
db: "{{ db_name }}"
objs: TABLES
@@ -49,7 +49,7 @@
that: result is changed
- name: Check that default privileges are set
- become: yes
+ become: true
become_user: "{{ pg_user }}"
shell: psql {{ db_name }} -c "SELECT defaclrole, defaclobjtype, defaclacl FROM pg_default_acl a JOIN pg_roles b ON a.defaclrole=b.oid;" -t
register: result
@@ -60,7 +60,7 @@
# Test
- name: Revoke default privileges for new table objects
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_privs:
db: "{{ db_name }}"
state: absent
@@ -79,7 +79,7 @@
# Cleanup
- name: Remove user given permissions
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_user:
name: "{{ db_user2 }}"
state: absent
@@ -88,7 +88,7 @@
- name: Remove user owner of objects
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_user:
name: "{{ db_user3 }}"
state: absent
@@ -97,7 +97,7 @@
- name: Destroy DBs
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
state: absent
name: "{{ item }}"
@@ -108,7 +108,7 @@
- name: Remove test users
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_user:
name: "{{ item }}"
state: absent
diff --git a/tests/integration/targets/postgresql_publication/tasks/postgresql_publication_initial.yml b/tests/integration/targets/postgresql_publication/tasks/postgresql_publication_initial.yml
index 0300fc07..584a4848 100644
--- a/tests/integration/targets/postgresql_publication/tasks/postgresql_publication_initial.yml
+++ b/tests/integration/targets/postgresql_publication/tasks/postgresql_publication_initial.yml
@@ -13,7 +13,7 @@
test_db: acme_db
task_parameters: &task_parameters
become_user: '{{ pg_user }}'
- become: yes
+ become: true
register: result
pg_parameters: &pg_parameters
login_user: '{{ pg_user }}'
@@ -64,8 +64,8 @@
postgresql_publication:
<<: *pg_parameters
name: '{{ test_pub }}'
- trust_input: no
- check_mode: yes
+ trust_input: false
+ check_mode: true
- assert:
that:
@@ -90,7 +90,7 @@
postgresql_publication:
<<: *pg_parameters
name: '{{ test_pub }}'
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -122,8 +122,8 @@
<<: *pg_parameters
name: '{{ test_pub }}'
state: absent
- trust_input: no
- check_mode: yes
+ trust_input: false
+ check_mode: true
- assert:
that:
@@ -153,7 +153,7 @@
<<: *pg_parameters
name: '{{ test_pub }}'
state: absent
- cascade: yes
+ cascade: true
- assert:
that:
@@ -184,7 +184,7 @@
- '{{ test_schema }}.{{ test_table2 }}'
parameters:
publish: 'insert'
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -238,8 +238,8 @@
name: '{{ test_pub }}'
session_role: '{{ dangerous_name }}'
owner: '{{ dangerous_name }}'
- trust_input: no
- ignore_errors: yes
+ trust_input: false
+ ignore_errors: true
- assert:
that:
@@ -257,8 +257,8 @@
- '{{ test_table1 }}'
- '{{ test_schema }}.{{ test_table2 }}'
- '{{ test_table3 }}'
- trust_input: no
- check_mode: yes
+ trust_input: false
+ check_mode: true
- assert:
that:
@@ -301,7 +301,7 @@
- '{{ test_table1 }}'
- '{{ test_schema }}.{{ test_table2 }}'
- '{{ test_table3 }}'
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -343,8 +343,8 @@
- '{{ test_schema }}.{{ test_table2 }}'
parameters:
publish: 'insert'
- trust_input: no
- check_mode: yes
+ trust_input: false
+ check_mode: true
- assert:
that:
@@ -385,7 +385,7 @@
- '{{ test_schema }}.{{ test_table2 }}'
parameters:
publish: 'delete'
- trust_input: no
+ trust_input: false
- assert:
that:
diff --git a/tests/integration/targets/postgresql_query/tasks/postgresql_query_initial.yml b/tests/integration/targets/postgresql_query/tasks/postgresql_query_initial.yml
deleted file mode 100644
index f5d0bd0c..00000000
--- a/tests/integration/targets/postgresql_query/tasks/postgresql_query_initial.yml
+++ /dev/null
@@ -1,608 +0,0 @@
-- name: postgresql_query - drop test table if exists
- become_user: '{{ pg_user }}'
- become: true
- shell: psql postgres -U "{{ pg_user }}" -t -c "DROP TABLE IF EXISTS test_table;"
- ignore_errors: true
-
-- name: postgresql_query - create test table called test_table
- become_user: '{{ pg_user }}'
- become: true
- shell: psql postgres -U "{{ pg_user }}" -t -c "CREATE TABLE test_table (id int, story text);"
- ignore_errors: true
-
-- name: postgresql_query - insert some data into test_table
- become_user: '{{ pg_user }}'
- become: true
- shell: psql postgres -U "{{ pg_user }}" -t -c "INSERT INTO test_table (id, story) VALUES (1, 'first'), (2, 'second'), (3, 'third');"
- ignore_errors: true
-
-- name: Copy script files
- become: yes
- copy:
- src: '{{ item }}'
- dest: '~{{ pg_user }}/{{ item }}'
- owner: '{{ pg_user }}'
- force: yes
- loop:
- - test0.sql
- - test1.sql
- register: sql_file_created
- ignore_errors: yes
-
-- name: postgresql_query - analyze test_table
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- db: postgres
- query: ANALYZE test_table
- register: result
- ignore_errors: true
-
-- assert:
- that:
- - result is changed
- - result.query == 'ANALYZE test_table'
- - result.query_list == ['ANALYZE test_table']
- - result.rowcount == 0
- - result.statusmessage == 'ANALYZE'
- - result.query_result == {}
- - result.query_all_results == [{}]
-
-- name: postgresql_query - run queries from SQL script
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- db: postgres
- path_to_script: ~{{ pg_user }}/test0.sql
- positional_args:
- - 1
- encoding: UTF-8
- as_single_query: no
- register: result
- ignore_errors: true
- when: sql_file_created
-
-- assert:
- that:
- - result is not changed
- - result.query == "\n\nSELECT story FROM test_table\n WHERE id = 1 OR story = 'Данные'"
- - result.query_result[0].story == 'first'
- - result.query_all_results[0][0].version is search('PostgreSQL')
- - result.query_all_results[1][0].story == 'first'
- - result.rowcount == 2
- - result.statusmessage == 'SELECT 1' or result.statusmessage == 'SELECT'
- when: sql_file_created
-
-- name: postgresql_query - simple select query to test_table
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- db: postgres
- query: SELECT * FROM test_table
- register: result
- ignore_errors: true
-
-- assert:
- that:
- - result is not changed
- - result.query == 'SELECT * FROM test_table'
- - result.rowcount == 3
- - result.statusmessage == 'SELECT 3' or result.statusmessage == 'SELECT'
- - result.query_result[0].id == 1
- - result.query_result[1].id == 2
- - result.query_result[2].id == 3
- - result.query_result[0].story == 'first'
- - result.query_result[1].story == 'second'
- - result.query_result[2].story == 'third'
-
-- name: postgresql_query - select query with named args
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- db: postgres
- query: SELECT id FROM test_table WHERE id = %(id_val)s AND story = %(story_val)s
- named_args:
- id_val: 1
- story_val: first
- register: result
- ignore_errors: true
-
-- assert:
- that:
- - result is not changed
- - result.query == "SELECT id FROM test_table WHERE id = 1 AND story = 'first'" or result.query == "SELECT id FROM test_table WHERE id = 1 AND story = E'first'"
- - result.rowcount == 1
- - result.statusmessage == 'SELECT 1' or result.statusmessage == 'SELECT'
- - result.query_result[0].id == 1
-
-- name: postgresql_query - select query with positional arguments
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- db: postgres
- query: SELECT story FROM test_table WHERE id = %s AND story = %s
- positional_args:
- - 2
- - second
- register: result
- ignore_errors: true
-
-- assert:
- that:
- - result is not changed
- - result.query == "SELECT story FROM test_table WHERE id = 2 AND story = 'second'" or result.query == "SELECT story FROM test_table WHERE id = 2 AND story = E'second'"
- - result.rowcount == 1
- - result.statusmessage == 'SELECT 1' or result.statusmessage == 'SELECT'
- - result.query_result[0].story == 'second'
-
-- name: postgresql_query - simple update query
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- db: postgres
- query: UPDATE test_table SET story = 'new' WHERE id = 3
- register: result
- ignore_errors: true
-
-- assert:
- that:
- - result is changed
- - result.query == "UPDATE test_table SET story = 'new' WHERE id = 3"
- - result.rowcount == 1
- - result.statusmessage == 'UPDATE 1'
- - result.query_result == {}
-
-- name: check the previous update
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- db: postgres
- query: SELECT * FROM test_table WHERE story = 'new' AND id = 3
- register: result
-
-- assert:
- that:
- - result.rowcount == 1
-
-- name: postgresql_query - simple update query in check_mode
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- db: postgres
- query: UPDATE test_table SET story = 'CHECK_MODE' WHERE id = 3
- register: result
- check_mode: true
-
-- assert:
- that:
- - result is changed
- - result.query == "UPDATE test_table SET story = 'CHECK_MODE' WHERE id = 3"
- - result.rowcount == 1
- - result.statusmessage == 'UPDATE 1'
- - result.query_result == {}
-
-- name: check the previous update that nothing has been changed
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- db: postgres
- query: SELECT * FROM test_table WHERE story = 'CHECK_MODE' AND id = 3
- register: result
-
-- assert:
- that:
- - result.rowcount == 0
-
-- name: postgresql_query - try to update not existing row
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- db: postgres
- query: UPDATE test_table SET story = 'new' WHERE id = 100
- register: result
- ignore_errors: true
-
-- assert:
- that:
- - result is not changed
- - result.query == "UPDATE test_table SET story = 'new' WHERE id = 100"
- - result.rowcount == 0
- - result.statusmessage == 'UPDATE 0'
- - result.query_result == {}
-
-- name: postgresql_query - insert query
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- db: postgres
- query: INSERT INTO test_table (id, story) VALUES (%s, %s)
- positional_args:
- - 4
- - fourth
- register: result
- ignore_errors: true
-
-- assert:
- that:
- - result is changed
- - result.query == "INSERT INTO test_table (id, story) VALUES (4, 'fourth')" or result.query == "INSERT INTO test_table (id, story) VALUES (4, E'fourth')"
- - result.rowcount == 1
- - result.statusmessage == 'INSERT 0 1'
- - result.query_result == {}
-
-- name: postgresql_query - truncate test_table
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- db: postgres
- query: TRUNCATE test_table
- register: result
- ignore_errors: true
-
-- assert:
- that:
- - result is changed
- - result.query == "TRUNCATE test_table"
- - result.rowcount == 0
- - result.statusmessage == 'TRUNCATE TABLE'
- - result.query_result == {}
-
-- name: postgresql_query - alter test_table
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- db: postgres
- query: ALTER TABLE test_table ADD COLUMN foo int
- register: result
- ignore_errors: true
-
-- assert:
- that:
- - result is changed
- - result.query == "ALTER TABLE test_table ADD COLUMN foo int"
- - result.rowcount == 0
- - result.statusmessage == 'ALTER TABLE'
-
-- name: postgresql_query - vacuum without autocommit must fail
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- db: postgres
- query: VACUUM
- register: result
- ignore_errors: true
-
-- assert:
- that:
- - result.failed == true
-
-- name: postgresql_query - autocommit in check_mode must fail
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- db: postgres
- query: VACUUM
- autocommit: true
- check_mode: true
- register: result
- ignore_errors: true
-
-- assert:
- that:
- - result.failed == true
- - result.msg == "Using autocommit is mutually exclusive with check_mode"
-
-- name: postgresql_query - vacuum with autocommit
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- db: postgres
- query: VACUUM
- autocommit: true
- register: result
-
-- assert:
- that:
- - result is changed
- - result.query == "VACUUM"
- - result.rowcount == 0
- - result.statusmessage == 'VACUUM'
- - result.query_result == {}
-
-- name: postgresql_query - create test table for issue 59955
- become_user: '{{ pg_user }}'
- become: true
- postgresql_table:
- login_user: '{{ pg_user }}'
- login_db: postgres
- name: test_array_table
- columns:
- - arr_col int[]
- when: postgres_version_resp.stdout is version('9.4', '>=')
-
-- set_fact:
- my_list:
- - 1
- - 2
- - 3
- my_arr: '{1, 2, 3}'
- when: postgres_version_resp.stdout is version('9.4', '>=')
-
-- name: postgresql_query - insert array into test table by positional args
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- login_db: postgres
- query: INSERT INTO test_array_table (arr_col) VALUES (%s)
- positional_args:
- - '{{ my_list }}'
- register: result
- when: postgres_version_resp.stdout is version('9.4', '>=')
-
-- assert:
- that:
- - result is changed
- - result.query == "INSERT INTO test_array_table (arr_col) VALUES ('{1, 2, 3}')"
- when: postgres_version_resp.stdout is version('9.4', '>=')
-
-- name: postgresql_query - select array from test table by passing positional_args
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- login_db: postgres
- query: SELECT * FROM test_array_table WHERE arr_col = %s
- positional_args:
- - '{{ my_list }}'
- register: result
- when: postgres_version_resp.stdout is version('9.4', '>=')
-
-- assert:
- that:
- - result is not changed
- - result.query == "SELECT * FROM test_array_table WHERE arr_col = '{1, 2, 3}'"
- - result.rowcount == 1
- when: postgres_version_resp.stdout is version('9.4', '>=')
-
-- name: postgresql_query - select array from test table by passing named_args
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- login_db: postgres
- query: SELECT * FROM test_array_table WHERE arr_col = %(arr_val)s
- named_args:
- arr_val:
- - '{{ my_list }}'
- register: result
- when: postgres_version_resp.stdout is version('9.4', '>=')
-
-- assert:
- that:
- - result is not changed
- - result.query == "SELECT * FROM test_array_table WHERE arr_col = '{1, 2, 3}'"
- - result.rowcount == 1
- when: postgres_version_resp.stdout is version('9.4', '>=')
-
-- name: postgresql_query - select array from test table by passing positional_args as a string
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- login_db: postgres
- query: SELECT * FROM test_array_table WHERE arr_col = %s
- positional_args:
- - '{{ my_arr|string }}'
- trust_input: yes
- register: result
- when: postgres_version_resp.stdout is version('9.4', '>=')
-
-- assert:
- that:
- - result is not changed
- - result.query == "SELECT * FROM test_array_table WHERE arr_col = '{1, 2, 3}'"
- - result.rowcount == 1
- when: postgres_version_resp.stdout is version('9.4', '>=')
-
-- name: postgresql_query - test trust_input parameter
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- login_db: postgres
- session_role: 'curious.anonymous"; SELECT * FROM information_schema.tables; --'
- query: SELECT version()
- trust_input: no
- ignore_errors: yes
- register: result
-
-- assert:
- that:
- - result is failed
- - result.msg is search('is potentially dangerous')
-
-- name: postgresql_query - clean up
- become_user: '{{ pg_user }}'
- become: true
- postgresql_table:
- login_user: '{{ pg_user }}'
- login_db: postgres
- name: test_array_table
- state: absent
- when: postgres_version_resp.stdout is version('9.4', '>=')
-
-#############################
-# Check search_path parameter
-
-- name: postgresql_set - create test schemas
- become_user: '{{ pg_user }}'
- become: true
- postgresql_schema:
- login_user: '{{ pg_user }}'
- login_db: postgres
- name: '{{ item }}'
- loop:
- - query_test1
- - query_test2
-
-- name: postgresql_set - create test tables
- become_user: '{{ pg_user }}'
- become: true
- postgresql_table:
- login_user: '{{ pg_user }}'
- login_db: postgres
- name: '{{ item }}'
- columns:
- - id int
- loop:
- - 'query_test1.test1'
- - 'query_test2.test2'
-
-- name: postgresql_query - insert data
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- login_db: postgres
- query: 'INSERT INTO {{ item }} (id) VALUES (1)'
- search_path:
- - query_test1
- - query_test2
- loop:
- - test1
- - test2
-
-- name: postgresql_query - get data
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- login_db: postgres
- query: 'SELECT id FROM test1'
- search_path:
- - query_test1
- - query_test2
- register: result
-
-- assert:
- that:
- - result.rowcount == 1
-
-- name: postgresql_query - get data, must fail
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- login_db: postgres
- query: 'SELECT id FROM test1'
- register: result
- ignore_errors: yes
-
-- assert:
- that:
- - result is failed
-
-# Tests for the as_single_query option
-- name: Run queries from SQL script as a single query
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- db: postgres
- path_to_script: ~{{ pg_user }}/test1.sql
- positional_args:
- - 1
- encoding: UTF-8
- as_single_query: yes
- register: result
-
-- name: >
- Must pass. Not changed because we can only
- check statusmessage of the last query
- assert:
- that:
- - result is not changed
- - result.statusmessage == 'SELECT 1' or result.statusmessage == 'SELECT'
- - result.query_list[0] == "CREATE FUNCTION add(integer, integer) RETURNS integer\n AS 'select $1 + $2;'\n LANGUAGE SQL\n IMMUTABLE\n RETURNS NULL ON NULL INPUT;\n\nSELECT story FROM test_table\n WHERE id = %s OR story = 'Данные';\n\nSELECT version();\n"
-
-#############################################################################
-# Issue https://github.com/ansible-collections/community.postgresql/issues/45
-- name: Create table containing a decimal value
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- db: postgres
- query: CREATE TABLE blabla (id int, num decimal)
-
-- name: Insert data
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- db: postgres
- query: INSERT INTO blabla (id, num) VALUES (1, 1::decimal)
-
-- name: Get data
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- db: postgres
- query: SELECT * FROM blabla
- register: result
-
-- assert:
- that:
- - result.rowcount == 1
-
-#############################################################################
-# Issue https://github.com/ansible-collections/community.postgresql/issues/47
-- name: Get datetime.timedelta value
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- db: postgres
- query: "SELECT EXTRACT(epoch from make_interval(secs => 3)) AS extract"
- register: result
- when: postgres_version_resp.stdout is version('10', '>=')
-
-- assert:
- that:
- - result.rowcount == 1
- - result.query_result[0]["extract"] == 3 or result.query_result[0]["extract"] == 3.0
- when: postgres_version_resp.stdout is version('10', '>=')
-
-- name: Get interval value
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- login_user: '{{ pg_user }}'
- db: postgres
- query: "SELECT make_interval(secs => 3)"
- register: result
- when: postgres_version_resp.stdout is version('10', '>=')
-
-- assert:
- that:
- - result.rowcount == 1
- - result.query_result[0]["make_interval"] == "0:00:03"
- when: postgres_version_resp.stdout is version('10', '>=')
diff --git a/tests/integration/targets/postgresql_schema/tasks/postgresql_schema_initial.yml b/tests/integration/targets/postgresql_schema/tasks/postgresql_schema_initial.yml
index 7d73ddb5..58832f04 100644
--- a/tests/integration/targets/postgresql_schema/tasks/postgresql_schema_initial.yml
+++ b/tests/integration/targets/postgresql_schema/tasks/postgresql_schema_initial.yml
@@ -5,7 +5,7 @@
postgresql_user:
name: "{{ item }}"
state: present
- encrypted: yes
+ encrypted: true
password: password
role_attr_flags: LOGIN
db: postgres
@@ -16,7 +16,7 @@
- name: Create DB
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
state: present
name: "{{ db_name }}"
@@ -26,8 +26,8 @@
# Test: CREATE SCHEMA in checkmode
- name: Create a new schema with name "acme" in check_mode
become_user: "{{ pg_user }}"
- become: yes
- check_mode: yes
+ become: true
+ check_mode: true
postgresql_schema:
database: "{{ db_name }}"
name: acme
@@ -41,7 +41,7 @@
- result.schema == 'acme'
- name: Check that the new schema "acme" not exists
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_query:
db: "{{ db_name }}"
@@ -56,12 +56,12 @@
# Test: CREATE SCHEMA
- name: Create a new schema with name "acme"
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_schema:
database: "{{ db_name }}"
name: acme
login_user: "{{ pg_user }}"
- trust_input: yes
+ trust_input: true
register: result
# Checks
@@ -72,7 +72,7 @@
- result.queries == [ 'CREATE SCHEMA "acme"' ]
- name: Check that the new schema "acme" exists
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_query:
db: "{{ db_name }}"
@@ -87,8 +87,8 @@
# Test: DROP SCHEMA in checkmode
- name: Drop schema "acme" in check_mode
become_user: "{{ pg_user }}"
- become: yes
- check_mode: yes
+ become: true
+ check_mode: true
postgresql_schema:
database: "{{ db_name }}"
name: acme
@@ -102,7 +102,7 @@
- result is not changed
- name: Check that the new schema "acme" still exists
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_query:
db: "{{ db_name }}"
@@ -117,7 +117,7 @@
# Test: DROP SCHEMA
- name: Drop schema "acme"
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_schema:
database: "{{ db_name }}"
name: acme
@@ -132,14 +132,14 @@
- result.queries == [ 'DROP SCHEMA "acme"' ]
- name: Check that no schema "acme" exists
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_query:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
query: "SELECT schema_name FROM information_schema.schemata WHERE schema_name = 'acme'"
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -148,15 +148,15 @@
# Test: trust_input parameter
- name: Create a new schema with potentially dangerous owner name
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_schema:
database: "{{ db_name }}"
name: acme
login_user: "{{ pg_user }}"
owner: "{{ dangerous_name }}"
- trust_input: no
+ trust_input: false
register: result
- ignore_errors: yes
+ ignore_errors: true
# Checks
- assert:
@@ -167,7 +167,7 @@
# Test: CREATE SCHEMA; WITH TABLE for DROP CASCADE test
- name: Create a new schema "acme"
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_schema:
database: "{{ db_name }}"
name: acme
@@ -176,7 +176,7 @@
- name: Create table in schema for DROP CASCADE check
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -193,7 +193,7 @@
- result2.statusmessage == 'CREATE TABLE'
- name: Check that the new schema "acme" exists
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_query:
db: "{{ db_name }}"
@@ -206,7 +206,7 @@
- result.rowcount == 1
- name: Check that the new table "table1" in schema 'acme' exists
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_query:
db: "{{ db_name }}"
@@ -221,12 +221,12 @@
# Test: DROP SCHEMA ... CASCADE;
- name: Drop schema "acme" with cascade
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_schema:
database: "{{ db_name }}"
name: acme
state: absent
- cascade_drop: yes
+ cascade_drop: true
login_user: "{{ pg_user }}"
register: result
@@ -237,14 +237,14 @@
- result.queries == [ 'DROP SCHEMA "acme" CASCADE' ]
- name: Check that no schema "acme" exists
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_query:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
query: "SELECT schema_name FROM information_schema.schemata WHERE schema_name = 'acme'"
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -253,7 +253,7 @@
# Test: CREATE SCHEMA WITH OWNER ...;
- name: Create a new schema "acme" with a user "{{ db_user2 }}" who will own it
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_schema:
database: "{{ db_name }}"
name: acme
@@ -269,14 +269,14 @@
- result.queries == [ 'CREATE SCHEMA "acme" AUTHORIZATION "{{ db_user2 }}"' ]
- name: Check that the new schema "acme" exists and "{{ db_user2 }}" own it
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_query:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
query: "SELECT schema_name,schema_owner FROM information_schema.schemata WHERE schema_name = 'acme' AND schema_owner = '{{ db_user2 }}'"
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -285,7 +285,7 @@
# Test: DROP SCHEMA
- name: Drop schema "acme"
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_schema:
database: "{{ db_name }}"
name: acme
@@ -300,14 +300,14 @@
- result.queries == [ 'DROP SCHEMA "acme"' ]
- name: Check that no schema "acme" exists
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_query:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
query: "SELECT schema_name FROM information_schema.schemata WHERE schema_name = 'acme'"
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -324,7 +324,7 @@
- name: Destroy DB
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
state: absent
name: "{{ db_name }}"
diff --git a/tests/integration/targets/postgresql_schema/tasks/postgresql_schema_session_role.yml b/tests/integration/targets/postgresql_schema/tasks/postgresql_schema_session_role.yml
index 6aaefff5..4b8af75f 100644
--- a/tests/integration/targets/postgresql_schema/tasks/postgresql_schema_session_role.yml
+++ b/tests/integration/targets/postgresql_schema/tasks/postgresql_schema_session_role.yml
@@ -1,5 +1,5 @@
- name: Create a high privileged user
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_user:
name: "{{ db_session_role1 }}"
@@ -11,7 +11,7 @@
- name: Create DB as session_role
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
state: present
name: "{{ db_session_role1 }}"
@@ -21,7 +21,7 @@
- name: Create schema in own database
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_schema:
database: "{{ db_session_role1 }}"
login_user: "{{ pg_user }}"
@@ -30,7 +30,7 @@
- name: Create schema in own database, should be owned by session_role
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_schema:
database: "{{ db_session_role1 }}"
login_user: "{{ pg_user }}"
@@ -44,13 +44,13 @@
- name: Fail when creating schema in postgres database as a regular user
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_schema:
database: postgres
login_user: "{{ pg_user }}"
name: "{{ db_session_role1 }}"
session_role: "{{ db_session_role1 }}"
- ignore_errors: yes
+ ignore_errors: true
register: result
- assert:
@@ -59,14 +59,14 @@
- name: Drop test db
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
state: absent
name: "{{ db_session_role1 }}"
login_user: "{{ pg_user }}"
- name: Drop test users
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_user:
name: "{{ item }}"
diff --git a/tests/integration/targets/postgresql_sequence/tasks/postgresql_sequence_initial.yml b/tests/integration/targets/postgresql_sequence/tasks/postgresql_sequence_initial.yml
index f3672f26..c498033b 100644
--- a/tests/integration/targets/postgresql_sequence/tasks/postgresql_sequence_initial.yml
+++ b/tests/integration/targets/postgresql_sequence/tasks/postgresql_sequence_initial.yml
@@ -5,11 +5,11 @@
# Preparation for tests.
- name: postgresql_sequence - create a user to be owner of a database
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_user:
name: "{{ db_user1 }}"
state: present
- encrypted: yes
+ encrypted: true
password: password
role_attr_flags: LOGIN
db: "{{ db_default }}"
@@ -17,7 +17,7 @@
- name: postgresql_sequence - create DB
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
state: present
name: "{{ db_name }}"
@@ -26,11 +26,11 @@
- name: Create a user to be owner of a sequence
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_user:
name: "{{ db_user2 }}"
state: present
- encrypted: yes
+ encrypted: true
password: password
role_attr_flags: LOGIN
db: "{{ db_name }}"
@@ -38,7 +38,7 @@
- name: postgresql_sequence - create a schema
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_schema:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -48,8 +48,8 @@
# Test: create sequence in checkmode
- name: postgresql_sequence - create a new sequence with name "foobar" in check_mode
become_user: "{{ pg_user }}"
- become: yes
- check_mode: yes
+ become: true
+ check_mode: true
postgresql_sequence:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -66,7 +66,7 @@
# Real SQL check
- name: postgresql_sequence - check that the new sequence "foobar" not exists
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_query:
db: "{{ db_name }}"
@@ -84,7 +84,7 @@
# Test: create sequence
- name: postgresql_sequence - create a new sequence with name "foobar"
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_sequence:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -102,7 +102,7 @@
# Real SQL check
- name: postgresql_sequence - check that the new sequence "foobar" exists
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -118,8 +118,8 @@
# Test: drop sequence in checkmode
- name: postgresql_sequence - drop a sequence called foobar
become_user: "{{ pg_user }}"
- become: yes
- check_mode: yes
+ become: true
+ check_mode: true
postgresql_sequence:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -138,7 +138,7 @@
# Real SQL check
- name: postgresql_sequence - check that the sequence "foobar" still exists
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -154,7 +154,7 @@
# Test: drop sequence
- name: postgresql_sequence - drop a sequence called foobar
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_sequence:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -173,7 +173,7 @@
# Real SQL check
- name: postgresql_sequence - check that the sequence "foobar" not exists
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -189,7 +189,7 @@
# Test: drop nonexistent sequence
- name: postgresql_sequence - drop a sequence called foobar which does not exists
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_sequence:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -208,7 +208,7 @@
# Real SQL check
- name: postgresql_sequence - check that the sequence "foobar" not exists
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -224,7 +224,7 @@
# Test: create sequence with options
- name: postgresql_sequence - create an descending sequence called foobar_desc, starting at 101 and which cycle between 1 to 1000
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_sequence:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -233,7 +233,7 @@
start: 101
minvalue: 1
maxvalue: 1000
- cycle: yes
+ cycle: true
register: result
# Checks
@@ -265,8 +265,8 @@
# Test: rename a sequence in checkmode
- name: postgresql_sequence - rename an existing sequence named foobar_desc to foobar_with_options
become_user: "{{ pg_user }}"
- become: yes
- check_mode: yes
+ become: true
+ check_mode: true
postgresql_sequence:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -286,7 +286,7 @@
# Real SQL check
- name: postgresql_sequence - check that the sequence "foobar_desc" still exists and is not renamed
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -302,7 +302,7 @@
# Test: rename a sequence
- name: postgresql_sequence - rename an existing sequence named foobar_desc to foobar_with_options
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_sequence:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -322,7 +322,7 @@
# Real SQL check
- name: postgresql_sequence - check that the renamed sequence "foobar_with_options" exists
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -338,8 +338,8 @@
# Test: change schema of a sequence in checkmode
- name: postgresql_sequence - change schema of an existing sequence from public to foobar_schema
become_user: "{{ pg_user }}"
- become: yes
- check_mode: yes
+ become: true
+ check_mode: true
postgresql_sequence:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -360,7 +360,7 @@
# Real SQL check
- name: postgresql_sequence - check that the sequence "foobar_with_options" still exists in the old schema
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -376,7 +376,7 @@
# Test: change schema of a sequence
- name: postgresql_sequence - change schema of an existing sequence from public to foobar_schema
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_sequence:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -397,7 +397,7 @@
# Real SQL check
- name: postgresql_sequence - check that the sequence "foobar_with_options" exists in new schema
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -413,8 +413,8 @@
# Test: change owner of a sequence in checkmode
- name: postgresql_sequence - change owner of an existing sequence from "{{ pg_user }}" to "{{ db_user1 }}"
become_user: "{{ pg_user }}"
- become: yes
- check_mode: yes
+ become: true
+ check_mode: true
postgresql_sequence:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -435,7 +435,7 @@
# Real SQL check
- name: postgresql_sequence - check that the sequence "foobar_with_options" has still the old owner
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -458,7 +458,7 @@
# Test: change owner of a sequence
- name: postgresql_sequence - change owner of an existing sequence from "{{ pg_user }}" to "{{ db_user1 }}"
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_sequence:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -479,7 +479,7 @@
# Real SQL check
- name: postgresql_sequence - check that the sequence "foobar_with_options" has a new owner
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -506,7 +506,7 @@
# DROP SEQUENCE seq1 CASCADE;
- name: postgresql_sequence - create sequence for drop cascade test
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_sequence:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -514,7 +514,7 @@
- name: postgresql_sequence - create table which use sequence for drop cascade test
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_table:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -526,14 +526,14 @@
# Test: drop sequence with cascade in checkmode
- name: postgresql_sequence - drop with cascade a sequence called seq1
become_user: "{{ pg_user }}"
- become: yes
- check_mode: yes
+ become: true
+ check_mode: true
postgresql_sequence:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
name: seq1
state: absent
- cascade: yes
+ cascade: true
register: result
# Checks
@@ -547,7 +547,7 @@
# Real SQL check
- name: postgresql_sequence - check that the sequence "seq1" still exists
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -563,13 +563,13 @@
# Test: drop sequence with cascade
- name: postgresql_sequence - drop with cascade a sequence called seq1
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_sequence:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
name: seq1
state: absent
- cascade: yes
+ cascade: true
register: result
# Checks
@@ -583,7 +583,7 @@
# Real SQL check
- name: postgresql_sequence - check that the sequence "seq1" not exists
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -599,8 +599,8 @@
# Test: create sequence with owner in checkmode
- name: postgresql_sequence - create a new sequence with name "foobar2" with owner "{{ db_user2 }}"
become_user: "{{ pg_user }}"
- become: yes
- check_mode: yes
+ become: true
+ check_mode: true
postgresql_sequence:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -619,7 +619,7 @@
# Real SQL check
- name: postgresql_sequence - check that the new sequence "foobar2" does not exists
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -635,7 +635,7 @@
# Test: create sequence with owner
- name: postgresql_sequence - create a new sequence with name "foobar2" with owner "{{ db_user2 }}"
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_sequence:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -654,7 +654,7 @@
# Real SQL check
- name: postgresql_sequence - check that the new sequence "foobar2" exists
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -668,7 +668,7 @@
- name: postgresql_sequence - check that the sequence "foobar2" has owner "{{ db_user2 }}"
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
@@ -691,14 +691,14 @@
# Test: create sequence with trust_input
- name: postgresql_sequence - check that trust_input works as expected
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_sequence:
db: "{{ db_name }}"
login_user: "{{ pg_user }}"
name: 'just_a_name"; SELECT * FROM information_schema.tables; --'
- trust_input: no
+ trust_input: false
owner: "{{ db_user2 }}"
- ignore_errors: yes
+ ignore_errors: true
register: result
# Checks
@@ -711,7 +711,7 @@
# Cleanup
- name: postgresql_sequence - destroy DB
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_db:
state: absent
name: "{{ db_name }}"
@@ -719,7 +719,7 @@
- name: remove test roles
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_user:
state: absent
login_db: "{{ db_default }}"
diff --git a/tests/integration/targets/postgresql_set/tasks/options_coverage.yml b/tests/integration/targets/postgresql_set/tasks/options_coverage.yml
index acb940e5..ad666b07 100644
--- a/tests/integration/targets/postgresql_set/tasks/options_coverage.yml
+++ b/tests/integration/targets/postgresql_set/tasks/options_coverage.yml
@@ -5,7 +5,7 @@
- vars:
task_parameters: &task_parameters
become_user: '{{ pg_user }}'
- become: yes
+ become: true
pg_parameters: &pg_parameters
login_user: '{{ pg_user }}'
login_db: postgres
@@ -37,7 +37,7 @@
<<: *pg_parameters
name: '{{ item.key }}'
value: '{{ item.value }}'
- check_mode: yes
+ check_mode: true
with_dict: '{{ setting_map }}'
# Actual mode:
diff --git a/tests/integration/targets/postgresql_set/tasks/postgresql_set_initial.yml b/tests/integration/targets/postgresql_set/tasks/postgresql_set_initial.yml
index 125e1dab..ddff916a 100644
--- a/tests/integration/targets/postgresql_set/tasks/postgresql_set_initial.yml
+++ b/tests/integration/targets/postgresql_set/tasks/postgresql_set_initial.yml
@@ -10,7 +10,7 @@
- vars:
task_parameters: &task_parameters
become_user: '{{ pg_user }}'
- become: yes
+ become: true
pg_parameters: &pg_parameters
login_user: '{{ pg_user }}'
login_db: postgres
@@ -19,11 +19,11 @@
- name: postgresql_set - preparation to the next step
<<: *task_parameters
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_set:
<<: *pg_parameters
name: work_mem
- reset: yes
+ reset: true
#####################
# Testing check_mode:
@@ -41,7 +41,7 @@
name: work_mem
value: 12MB
register: set_wm
- check_mode: yes
+ check_mode: true
- assert:
that:
@@ -100,7 +100,7 @@
postgresql_set:
<<: *pg_parameters
name: work_mem
- reset: yes
+ reset: true
register: reset_wm
- assert:
@@ -129,7 +129,7 @@
postgresql_set:
<<: *pg_parameters
name: work_mem
- reset: yes
+ reset: true
register: reset_wm2
- assert:
@@ -226,7 +226,7 @@
name: autovacuum
value: on
register: set_aut
- check_mode: yes
+ check_mode: true
- assert:
that:
@@ -243,7 +243,7 @@
name: autovacuum
value: off
register: set_aut
- check_mode: yes
+ check_mode: true
- assert:
that:
@@ -265,7 +265,7 @@
- result.query_result[0].autovacuum == 'off'
# Test check_mode, step 3. It is different from
- # the prev test - it runs without check_mode: yes.
+ # the prev test - it runs without check_mode: true.
# Before the check_mode tests autovacuum was off
- name: postgresql - check that autovacuum wasn't actually changed after change in check_mode
<<: *task_parameters
@@ -288,7 +288,7 @@
<<: *task_parameters
postgresql_set:
<<: *pg_parameters
- trust_input: yes
+ trust_input: true
name: archive_command
value: 'test ! -f /mnt/postgres/mb/%f && cp %p /mnt/postgres/mb/%f'
@@ -312,10 +312,10 @@
<<: *pg_parameters
name: shared_buffers
value: 111MB
- trust_input: no
+ trust_input: false
session_role: 'curious.anonymous"; SELECT * FROM information_schema.tables; --'
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -332,7 +332,7 @@
value: 'on'
- name: Restart PostgreSQL
- become: yes
+ become: true
service:
name: "{{ postgresql_service }}"
state: restarted
@@ -368,7 +368,7 @@
name: archive_command
value: ''
register: result
- check_mode: yes
+ check_mode: true
- assert:
that:
@@ -381,7 +381,7 @@
name: Timezone
value: utc
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -397,7 +397,7 @@
name: archive_command
value: '/usr/bin/touch %f'
register: result
- check_mode: yes
+ check_mode: true
- assert:
that:
@@ -422,7 +422,7 @@
name: track_activity_query_size
value: '4096B'
register: result
- check_mode: yes
+ check_mode: true
- assert:
that:
@@ -435,7 +435,7 @@
name: track_activity_query_size
value: '2048b'
register: result
- check_mode: yes
+ check_mode: true
- assert:
that:
diff --git a/tests/integration/targets/postgresql_slot/tasks/postgresql_slot_initial.yml b/tests/integration/targets/postgresql_slot/tasks/postgresql_slot_initial.yml
index 4f009ac0..23a1cfb0 100644
--- a/tests/integration/targets/postgresql_slot/tasks/postgresql_slot_initial.yml
+++ b/tests/integration/targets/postgresql_slot/tasks/postgresql_slot_initial.yml
@@ -4,7 +4,7 @@
- name: postgresql_slot - set max_replication_slots
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_set:
login_user: "{{ pg_user }}"
db: postgres
@@ -13,7 +13,7 @@
- name: postgresql_slot - set wal_level to logical
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_set:
login_user: "{{ pg_user }}"
db: postgres
@@ -23,12 +23,12 @@
# To avoid CI timeouts
- name: Kill all postgres processes
shell: 'pkill -u {{ pg_user }}'
- become: yes
+ become: true
when: ansible_facts.distribution == 'CentOS' and ansible_facts.distribution_major_version == '8'
- ignore_errors: yes
+ ignore_errors: true
- name: postgresql_slot - stop PostgreSQL
- become: yes
+ become: true
service:
name: "{{ postgresql_service }}"
state: stopped
@@ -39,7 +39,7 @@
seconds: 5
- name: postgresql_slot - start PostgreSQL
- become: yes
+ become: true
service:
name: "{{ postgresql_service }}"
state: started
@@ -51,12 +51,12 @@
# check_mode
- name: postgresql_slot - create slot in check_mode
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_slot:
login_user: "{{ pg_user }}"
db: postgres
name: slot0
- check_mode: yes
+ check_mode: true
register: result
- assert:
@@ -67,12 +67,12 @@
# Check, rowcount must be 0
- name: postgresql_slot - check that nothing changed after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_replication_slots WHERE slot_name = 'slot0'"
- ignore_errors: yes
+ ignore_errors: true
register: result
- assert:
@@ -82,7 +82,7 @@
# true mode
- name: postgresql_slot - create physical slot
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_slot:
login_user: "{{ pg_user }}"
db: postgres
@@ -104,12 +104,12 @@
# Check, rowcount must be 1
- name: postgresql_slot - check that the slot exists after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_replication_slots WHERE slot_name = 'slot0' and slot_type = 'physical'"
- ignore_errors: yes
+ ignore_errors: true
register: result
- assert:
@@ -119,12 +119,12 @@
# check mode
- name: postgresql_slot - try create physical slot again in check_mode
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_slot:
login_user: "{{ pg_user }}"
db: postgres
name: slot0
- check_mode: yes
+ check_mode: true
register: result
- assert:
@@ -135,12 +135,12 @@
# Check, rowcount must be 1
- name: postgresql_slot - check that nothing changed after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_replication_slots WHERE slot_name = 'slot0' and slot_type = 'physical'"
- ignore_errors: yes
+ ignore_errors: true
register: result
- assert:
@@ -150,7 +150,7 @@
# true mode
- name: postgresql_slot - try create physical slot again
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_slot:
login_user: "{{ pg_user }}"
db: postgres
@@ -166,12 +166,12 @@
# Check, rowcount must be 1
- name: postgresql_slot - check that nothing changed after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_replication_slots WHERE slot_name = 'slot0' and slot_type = 'physical'"
- ignore_errors: yes
+ ignore_errors: true
register: result
- assert:
@@ -184,12 +184,12 @@
- name: postgresql_slot - create physical slot with immediately_reserve
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_slot:
login_user: "{{ pg_user }}"
db: postgres
name: slot1
- immediately_reserve: yes
+ immediately_reserve: true
register: result
when: postgres_version_resp.stdout is version('9.6', '>=')
@@ -202,12 +202,12 @@
# Check, rowcount must be 1
- name: postgresql_slot - check that the slot exists after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_replication_slots WHERE slot_name = 'slot1' and slot_type = 'physical' and restart_lsn is not NULL"
- ignore_errors: yes
+ ignore_errors: true
register: result
when: postgres_version_resp.stdout is version('9.6', '>=')
@@ -230,13 +230,13 @@
# check_mode
- name: postgresql_slot - create slot in check_mode
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_slot:
login_user: "{{ pg_user }}"
db: postgres
name: slot2
slot_type: logical
- check_mode: yes
+ check_mode: true
register: result
when: postgres_version_resp.stdout is version('10', '>=') and ansible_distribution == 'Ubuntu'
@@ -249,12 +249,12 @@
# Check, rowcount must be 0
- name: postgresql_slot - check that nothing changed after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_replication_slots WHERE slot_name = 'slot2'"
- ignore_errors: yes
+ ignore_errors: true
register: result
when: postgres_version_resp.stdout is version('10', '>=') and ansible_distribution == 'Ubuntu'
@@ -266,7 +266,7 @@
# true mode
- name: postgresql_slot - create logical slot
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_slot:
login_user: "{{ pg_user }}"
db: postgres
@@ -284,12 +284,12 @@
# Check, rowcount must be 1
- name: postgresql_slot - check that the slot exists after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_replication_slots WHERE slot_name = 'slot2' and slot_type = 'logical'"
- ignore_errors: yes
+ ignore_errors: true
register: result
when: postgres_version_resp.stdout is version('10', '>=') and ansible_distribution == 'Ubuntu'
@@ -301,13 +301,13 @@
# check mode
- name: postgresql_slot - try create logical slot again in check_mode
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_slot:
login_user: "{{ pg_user }}"
db: postgres
name: slot2
slot_type: logical
- check_mode: yes
+ check_mode: true
register: result
when: postgres_version_resp.stdout is version('10', '>=') and ansible_distribution == 'Ubuntu'
@@ -320,12 +320,12 @@
# Check, rowcount must be 1
- name: postgresql_slot - check that nothing changed after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_replication_slots WHERE slot_name = 'slot2' and slot_type = 'logical'"
- ignore_errors: yes
+ ignore_errors: true
register: result
when: postgres_version_resp.stdout is version('10', '>=')
@@ -337,7 +337,7 @@
# true mode
- name: postgresql_slot - try create logical slot again
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_slot:
login_user: "{{ pg_user }}"
db: postgres
@@ -355,12 +355,12 @@
# Check, rowcount must be 1
- name: postgresql_slot - check that nothing changed after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_replication_slots WHERE slot_name = 'slot2' and slot_type = 'logical'"
- ignore_errors: yes
+ ignore_errors: true
register: result
when: postgres_version_resp.stdout is version('10', '>=') and ansible_distribution == 'Ubuntu'
@@ -375,7 +375,7 @@
- name: postgresql_slot - create logical slot with output_plugin
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_slot:
login_user: "{{ pg_user }}"
db: postgres
@@ -394,12 +394,12 @@
# Check, rowcount must be 1
- name: postgresql_slot - check that the slot exists after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_replication_slots WHERE slot_name = 'slot3' and slot_type = 'logical' and plugin = 'test_decoding'"
- ignore_errors: yes
+ ignore_errors: true
register: result
when: postgres_version_resp.stdout is version('10', '>=') and ansible_distribution == 'Ubuntu'
@@ -415,13 +415,13 @@
# check_mode
- name: postgresql_slot - drop logical slot in check_mode
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_slot:
login_user: "{{ pg_user }}"
db: postgres
name: slot2
state: absent
- check_mode: yes
+ check_mode: true
register: result
when: postgres_version_resp.stdout is version('10', '>=') and ansible_distribution == 'Ubuntu'
@@ -434,12 +434,12 @@
# Check, rowcount must be 1
- name: postgresql_slot - check that nothing changed after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_replication_slots WHERE slot_name = 'slot2'"
- ignore_errors: yes
+ ignore_errors: true
register: result
when: postgres_version_resp.stdout is version('10', '>=') and ansible_distribution == 'Ubuntu'
@@ -451,7 +451,7 @@
# true mode
- name: postgresql_slot - drop logical slot
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_slot:
login_user: "{{ pg_user }}"
db: postgres
@@ -469,12 +469,12 @@
# Check, rowcount must be 0
- name: postgresql_slot - check that the slot does not exist after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_replication_slots WHERE slot_name = 'slot2' and slot_type = 'logical'"
- ignore_errors: yes
+ ignore_errors: true
register: result
when: postgres_version_resp.stdout is version('10', '>=') and ansible_distribution == 'Ubuntu'
@@ -486,13 +486,13 @@
# check mode
- name: postgresql_slot - try drop logical slot again in check_mode
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_slot:
login_user: "{{ pg_user }}"
db: postgres
name: slot2
state: absent
- check_mode: yes
+ check_mode: true
register: result
when: postgres_version_resp.stdout is version('10', '>=') and ansible_distribution == 'Ubuntu'
@@ -505,12 +505,12 @@
# Check, rowcount must be 0
- name: postgresql_slot - check that nothing changed after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_replication_slots WHERE slot_name = 'slot2' and slot_type = 'logical'"
- ignore_errors: yes
+ ignore_errors: true
register: result
when: postgres_version_resp.stdout is version('10', '>=')
@@ -522,7 +522,7 @@
# true mode
- name: postgresql_slot - try drop logical slot again
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_slot:
login_user: "{{ pg_user }}"
db: postgres
@@ -540,12 +540,12 @@
# Check, rowcount must be 0
- name: postgresql_slot - check that nothing changed after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_replication_slots WHERE slot_name = 'slot2' and slot_type = 'logical'"
- ignore_errors: yes
+ ignore_errors: true
register: result
when: postgres_version_resp.stdout is version('10', '>=') and ansible_distribution == 'Ubuntu'
@@ -561,13 +561,13 @@
# check_mode
- name: postgresql_slot - drop physical slot in check_mode
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_slot:
login_user: "{{ pg_user }}"
db: postgres
name: slot1
state: absent
- check_mode: yes
+ check_mode: true
register: result
- assert:
@@ -579,12 +579,12 @@
# Check, rowcount must be 1
- name: postgresql_slot - check that nothing changed after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_replication_slots WHERE slot_name = 'slot1'"
- ignore_errors: yes
+ ignore_errors: true
register: result
when: postgres_version_resp.stdout is version('9.6', '>=')
@@ -596,7 +596,7 @@
# true mode
- name: postgresql_slot - drop physical slot
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_slot:
login_user: "{{ pg_user }}"
db: postgres
@@ -614,12 +614,12 @@
# Check, rowcount must be 0
- name: postgresql_slot - check that the slot does not exist after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_replication_slots WHERE slot_name = 'slot1' and slot_type = 'physical'"
- ignore_errors: yes
+ ignore_errors: true
register: result
when: postgres_version_resp.stdout is version('9.6', '>=')
@@ -631,13 +631,13 @@
# check mode
- name: postgresql_slot - try drop physical slot again in check_mode
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_slot:
login_user: "{{ pg_user }}"
db: postgres
name: slot1
state: absent
- check_mode: yes
+ check_mode: true
register: result
when: postgres_version_resp.stdout is version('9.6', '>=')
@@ -650,12 +650,12 @@
# Check, rowcount must be 0
- name: postgresql_slot - check that nothing changed after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_replication_slots WHERE slot_name = 'slot1' and slot_type = 'physical'"
- ignore_errors: yes
+ ignore_errors: true
register: result
when: postgres_version_resp.stdout is version('9.6', '>=')
@@ -667,7 +667,7 @@
# true mode
- name: postgresql_slot - try drop physical slot again
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_slot:
login_user: "{{ pg_user }}"
db: postgres
@@ -685,12 +685,12 @@
# Check, rowcount must be 0
- name: postgresql_slot - check that nothing changed after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_replication_slots WHERE slot_name = 'slot1' and slot_type = 'physical'"
- ignore_errors: yes
+ ignore_errors: true
register: result
when: postgres_version_resp.stdout is version('9.6', '>=')
@@ -705,7 +705,7 @@
session_role: 'curious.anonymous"; SELECT * FROM information_schema.tables; --'
db: postgres
name: slot1
- trust_input: no
+ trust_input: false
register: result
ignore_errors: true
when: postgres_version_resp.stdout is version('9.6', '>=')
@@ -722,13 +722,13 @@
#
- name: postgresql_slot - clean up
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_slot:
login_user: "{{ pg_user }}"
db: postgres
name: "{{ item }}"
state: absent
- ignore_errors: yes
+ ignore_errors: true
when: postgres_version_resp.stdout is version('10', '>=') and ansible_distribution == 'Ubuntu'
with_items:
- slot0
diff --git a/tests/integration/targets/postgresql_subscription/tasks/postgresql_subscription_initial.yml b/tests/integration/targets/postgresql_subscription/tasks/postgresql_subscription_initial.yml
index ac8f35ba..b464c3db 100644
--- a/tests/integration/targets/postgresql_subscription/tasks/postgresql_subscription_initial.yml
+++ b/tests/integration/targets/postgresql_subscription/tasks/postgresql_subscription_initial.yml
@@ -5,7 +5,7 @@
dangerous_name: 'curious.anonymous"; SELECT * FROM information_schema.tables; --'
task_parameters: &task_parameters
become_user: '{{ pg_user }}'
- become: yes
+ become: true
register: result
pg_parameters: &pg_parameters
login_user: '{{ pg_user }}'
@@ -41,7 +41,7 @@
user: '{{ replication_role }}'
password: '{{ replication_pass }}'
dbname: '{{ test_db }}'
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -83,8 +83,8 @@
login_port: '{{ replica_port }}'
name: '{{ test_subscription }}'
state: absent
- trust_input: no
- check_mode: yes
+ trust_input: false
+ check_mode: true
- assert:
that:
@@ -147,7 +147,7 @@
user: '{{ replication_role }}'
password: '{{ replication_pass }}'
dbname: '{{ test_db }}'
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -163,7 +163,7 @@
state: present
publications: '{{ test_pub }}'
owner: '{{ test_role1 }}'
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -194,8 +194,8 @@
state: present
publications: '{{ test_pub }}'
owner: '{{ test_role2 }}'
- trust_input: no
- check_mode: yes
+ trust_input: false
+ check_mode: true
- assert:
that:
@@ -227,7 +227,7 @@
state: present
publications: '{{ test_pub }}'
owner: '{{ test_role2 }}'
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -264,14 +264,14 @@
publications: '{{ test_pub }}'
session_role: '{{ dangerous_name }}'
owner: '{{ test_role1 }}'
- trust_input: no
+ trust_input: false
connparams:
host: 127.0.0.1
port: '{{ primary_port }}'
user: '{{ replication_role }}'
password: '{{ replication_pass }}'
dbname: '{{ test_db }}'
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -289,9 +289,9 @@
login_port: '{{ replica_port }}'
name: '{{ test_subscription }}'
state: absent
- cascade: yes
- trust_input: no
- check_mode: yes
+ cascade: true
+ trust_input: false
+ check_mode: true
- assert:
that:
@@ -317,7 +317,7 @@
login_port: '{{ replica_port }}'
name: '{{ test_subscription }}'
state: absent
- cascade: yes
+ cascade: true
- assert:
that:
@@ -355,9 +355,9 @@
password: '{{ replication_pass }}'
dbname: '{{ test_db }}'
subsparams:
- enabled: no
- synchronous_commit: no
- trust_input: no
+ enabled: false
+ synchronous_commit: false
+ trust_input: false
- assert:
that:
@@ -389,9 +389,9 @@
name: '{{ test_subscription }}'
publications: '{{ test_pub }}'
subsparams:
- enabled: yes
- synchronous_commit: yes
- trust_input: no
+ enabled: true
+ synchronous_commit: true
+ trust_input: false
- assert:
that:
@@ -423,9 +423,9 @@
name: '{{ test_subscription }}'
publications: '{{ test_pub }}'
subsparams:
- enabled: yes
- synchronous_commit: yes
- trust_input: no
+ enabled: true
+ synchronous_commit: true
+ trust_input: false
- assert:
that:
@@ -451,8 +451,8 @@
publications:
- '{{ test_pub }}'
- '{{ test_pub2 }}'
- trust_input: no
- check_mode: yes
+ trust_input: false
+ check_mode: true
- assert:
that:
@@ -485,7 +485,7 @@
publications:
- '{{ test_pub }}'
- '{{ test_pub2 }}'
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -518,7 +518,7 @@
publications:
- '{{ test_pub }}'
- '{{ test_pub2 }}'
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -559,8 +559,8 @@
password: '{{ replication_pass }}'
dbname: '{{ test_db }}'
connect_timeout: '{{ conn_timeout }}'
- trust_input: no
- check_mode: yes
+ trust_input: false
+ check_mode: true
- assert:
that:
@@ -583,7 +583,7 @@
password: '{{ replication_pass }}'
dbname: '{{ test_db }}'
connect_timeout: '{{ conn_timeout }}'
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -617,7 +617,7 @@
password: '{{ replication_pass }}'
dbname: '{{ test_db }}'
connect_timeout: '{{ conn_timeout }}'
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -638,7 +638,7 @@
login_port: '{{ replica_port }}'
name: '{{ test_subscription }}'
state: refresh
- check_mode: yes
+ check_mode: true
- assert:
that:
diff --git a/tests/integration/targets/postgresql_subscription/tasks/setup_publication.yml b/tests/integration/targets/postgresql_subscription/tasks/setup_publication.yml
index 47b2e348..2eafac57 100644
--- a/tests/integration/targets/postgresql_subscription/tasks/setup_publication.yml
+++ b/tests/integration/targets/postgresql_subscription/tasks/setup_publication.yml
@@ -5,7 +5,7 @@
- vars:
task_parameters: &task_parameters
become_user: '{{ pg_user }}'
- become: yes
+ become: true
register: result
pg_parameters: &pg_parameters
login_user: '{{ pg_user }}'
diff --git a/tests/integration/targets/postgresql_table/tasks/postgresql_table_initial.yml b/tests/integration/targets/postgresql_table/tasks/postgresql_table_initial.yml
index c06403a4..db0f2732 100644
--- a/tests/integration/targets/postgresql_table/tasks/postgresql_table_initial.yml
+++ b/tests/integration/targets/postgresql_table/tasks/postgresql_table_initial.yml
@@ -6,7 +6,7 @@
# Create a role for tests:
- name: postgresql_table - create a role for tests
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_user:
db: postgres
login_user: "{{ pg_user }}"
@@ -14,7 +14,7 @@
- name: postgresql_table - create test schema
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_schema:
database: postgres
login_user: "{{ pg_user }}"
@@ -27,7 +27,7 @@
# Create a simple table in check_mode:
- name: postgresql_table - create table in check_mode
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_table:
login_db: postgres
login_port: 5432
@@ -36,8 +36,8 @@
owner: alice
columns: id int
register: result
- ignore_errors: yes
- check_mode: yes
+ ignore_errors: true
+ check_mode: true
- assert:
that:
@@ -49,12 +49,12 @@
# Check that the table doesn't exist after the previous step, rowcount must be 0
- name: postgresql_table - check that table doesn't exist after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_stat_all_tables WHERE relname = 'test1'"
- ignore_errors: yes
+ ignore_errors: true
register: result
- assert:
@@ -64,7 +64,7 @@
# Create a simple table:
- name: postgresql_table - create table
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_table:
login_db: postgres
login_port: 5432
@@ -73,7 +73,7 @@
owner: alice
columns: id int
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -88,12 +88,12 @@
# Check that the table exists after the previous step, rowcount must be 1
- name: postgresql_table - check that table exists after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_stat_all_tables WHERE relname = 'test1'"
- ignore_errors: yes
+ ignore_errors: true
register: result
- assert:
@@ -103,12 +103,12 @@
# Check that the tableowner is alice
- name: postgresql_table - check that table owner is alice
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_tables WHERE tablename = 'test1' AND tableowner = 'alice'"
- ignore_errors: yes
+ ignore_errors: true
register: result
- assert:
@@ -122,15 +122,15 @@
# Create a table LIKE another table without any additional parameters in check_mode:
- name: postgresql_table - create table like in check_mode
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_table:
db: postgres
login_user: "{{ pg_user }}"
name: test2
like: test1
register: result
- ignore_errors: yes
- check_mode: yes
+ ignore_errors: true
+ check_mode: true
- assert:
that:
@@ -142,12 +142,12 @@
# Check that the table doesn't exist after the previous step, rowcount must be 0
- name: postgresql_table - check that table doesn't exist after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_stat_all_tables WHERE relname = 'test2'"
- ignore_errors: yes
+ ignore_errors: true
register: result
- assert:
@@ -157,14 +157,14 @@
# Create a table LIKE another table without any additional parameters:
- name: postgresql_table - create table like
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_table:
db: postgres
login_user: "{{ pg_user }}"
name: test2
like: test1
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -179,12 +179,12 @@
# Check that the table exists after the previous step, rowcount must be 1
- name: postgresql_table - check that table exists after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_stat_all_tables WHERE relname = 'test2'"
- ignore_errors: yes
+ ignore_errors: true
register: result
- assert:
@@ -198,15 +198,15 @@
# Drop a table in check_mode:
- name: postgresql_table - drop table in check_mode
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_table:
db: postgres
login_user: "{{ pg_user }}"
name: test2
state: absent
register: result
- ignore_errors: yes
- check_mode: yes
+ ignore_errors: true
+ check_mode: true
- assert:
that:
@@ -220,12 +220,12 @@
# Check that the table exists after the previous step, rowcount must be 1
- name: postgresql_table - check that table exists after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_stat_all_tables WHERE relname = 'test2'"
- ignore_errors: yes
+ ignore_errors: true
register: result
- assert:
@@ -235,14 +235,14 @@
# Drop a table:
- name: postgresql_table - drop table
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_table:
db: postgres
login_user: "{{ pg_user }}"
name: test2
state: absent
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -253,12 +253,12 @@
# Check that the table doesn't exist after the previous step, rowcount must be 0
- name: postgresql_table - check that table doesn't exist after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_stat_all_tables WHERE relname = 'test2'"
- ignore_errors: yes
+ ignore_errors: true
register: result
- assert:
@@ -268,7 +268,7 @@
# Create a table like another table including:
- name: postgresql_table - create table like with including indexes
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_table:
db: postgres
login_user: "{{ pg_user }}"
@@ -276,7 +276,7 @@
like: test1
including: indexes
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -290,7 +290,7 @@
# Check to create table if it exists:
- name: postgresql_table - try to create existing table again
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_table:
db: postgres
login_user: "{{ pg_user }}"
@@ -298,7 +298,7 @@
like: test1
including: indexes
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -307,26 +307,26 @@
# Drop the table to prepare for the next step:
- name: postgresql_table - drop table
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_table:
db: postgres
login_user: "{{ pg_user }}"
name: test2
state: absent
register: result
- ignore_errors: yes
+ ignore_errors: true
# Try to drop non existing table:
- name: postgresql_table - try drop dropped table again
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_table:
db: postgres
login_user: "{{ pg_user }}"
name: test2
state: absent
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -338,18 +338,18 @@
# Create user to prepare for the next step:
- name: postgresql_table - create the new user test_user
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_user:
login_user: "{{ pg_user }}"
db: postgres
name: test_user
state: present
- ignore_errors: yes
+ ignore_errors: true
# Try to change owner to test_user in check_mode
- name: postgresql_table - change table ownership to test_user in check_mode
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_table:
db: postgres
@@ -357,8 +357,8 @@
name: test1
owner: test_user
register: result
- ignore_errors: yes
- check_mode: yes
+ ignore_errors: true
+ check_mode: true
- assert:
that:
@@ -370,12 +370,12 @@
# Check that the tableowner was not changed to test_user
- name: postgresql_table - check that table owner was not changed
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_tables WHERE tablename = 'test1' AND tableowner = 'test_user'"
- ignore_errors: yes
+ ignore_errors: true
register: result
- assert:
@@ -384,7 +384,7 @@
# Try to change owner to test_user
- name: postgresql_table - change table ownership to test_user
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_table:
db: postgres
@@ -392,7 +392,7 @@
name: test1
owner: test_user
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -404,12 +404,12 @@
# Check that the tableowner was changed to test_user
- name: postgresql_table - check that table owner was changed
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_tables WHERE tablename = 'test1' AND tableowner = 'test_user'"
- ignore_errors: yes
+ ignore_errors: true
register: result
- assert:
@@ -422,7 +422,7 @@
# Create a table with additional storage parameters:
- name: postgresql_table - create table with storage_params
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_table:
db: postgres
@@ -435,7 +435,7 @@
- fillfactor=10
- autovacuum_analyze_threshold=1
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -447,12 +447,12 @@
# Check storage parameters
- name: postgresql_table - check storage parameters
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT reloptions FROM pg_class WHERE relname = 'test3'"
- ignore_errors: yes
+ ignore_errors: true
register: result
- assert:
@@ -465,7 +465,7 @@
# Insert a row to test table:
- name: postgresql_table - insert a row
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
@@ -473,16 +473,16 @@
# Truncate a table in check_mode:
- name: postgresql_table - truncate table
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_table:
db: postgres
login_user: "{{ pg_user }}"
name: test3
- truncate: yes
+ truncate: true
register: result
- ignore_errors: yes
- check_mode: yes
+ ignore_errors: true
+ check_mode: true
- assert:
that:
@@ -493,12 +493,12 @@
# Check the row exists:
- name: postgresql_table - check that row exists after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT * FROM test3 WHERE id = '1'"
- ignore_errors: yes
+ ignore_errors: true
register: result
- assert:
@@ -508,15 +508,15 @@
# Truncate a table. It always returns changed == true
# because it always creates a new table with the same schema and drop the old table:
- name: postgresql_table - truncate table
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_table:
db: postgres
login_user: "{{ pg_user }}"
name: test3
- truncate: yes
+ truncate: true
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -527,12 +527,12 @@
# Check the row exists:
- name: postgresql_table - check that row doesn't exist after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT * FROM test3 WHERE id = '1'"
- ignore_errors: yes
+ ignore_errors: true
register: result
- assert:
@@ -547,7 +547,7 @@
# In check_mode test4 won't be exist after the following playbook,
# so result.changed == 'absent' for the table with this name
- name: postgresql_table - rename table in check_mode
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_table:
db: postgres
@@ -555,8 +555,8 @@
name: test3
rename: test4
register: result
- ignore_errors: yes
- check_mode: yes
+ ignore_errors: true
+ check_mode: true
- assert:
that:
@@ -567,12 +567,12 @@
# Check that the table exists after the previous step, rowcount must be 1
- name: postgresql_table - check that table exists after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_stat_all_tables WHERE relname = 'test3'"
- ignore_errors: yes
+ ignore_errors: true
register: result
- assert:
@@ -581,7 +581,7 @@
# Rename a table:
- name: postgresql_table - rename table
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_table:
db: postgres
@@ -589,7 +589,7 @@
name: test3
rename: test4
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -600,12 +600,12 @@
# Check that the table test 3 doesn't exist after the previous step, rowcount must be - 0
- name: postgresql_table - check that table exists after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_stat_all_tables WHERE relname = 'test3'"
- ignore_errors: yes
+ ignore_errors: true
register: result
- assert:
@@ -615,12 +615,12 @@
# Check that the table test 4 exists after the previous step, rowcount must be - 1
- name: postgresql_table - check that table exists after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_stat_all_tables WHERE relname = 'test4'"
- ignore_errors: yes
+ ignore_errors: true
register: result
- assert:
@@ -633,16 +633,16 @@
# Create unlogged table in check_mode:
- name: postgresql_table - create unlogged table in check_mode
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_table:
db: postgres
login_user: "{{ pg_user }}"
name: test5
- unlogged: yes
+ unlogged: true
register: result
- ignore_errors: yes
- check_mode: yes
+ ignore_errors: true
+ check_mode: true
- assert:
that:
@@ -653,12 +653,12 @@
# Check that the table doesn't exist after the previous step, rowcount must be - 0
- name: postgresql_table - check that table doesn't exist after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_stat_all_tables WHERE relname = 'test5'"
- ignore_errors: yes
+ ignore_errors: true
register: result
- assert:
@@ -667,15 +667,15 @@
# Create unlogged table:
- name: postgresql_table - create unlogged table
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_table:
db: postgres
login_user: "{{ pg_user }}"
name: test5
- unlogged: yes
+ unlogged: true
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -686,12 +686,12 @@
# Check that the table exists after the previous step, rowcount must be - 1
- name: postgresql_table - check that table exists after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_stat_all_tables WHERE relname = 'test5'"
- ignore_errors: yes
+ ignore_errors: true
register: result
when: postgres_version_resp.stdout is version('9.1', '>=')
@@ -702,16 +702,16 @@
# Drop table CASCADE:
- name: postgresql_table - drop table cascade
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_table:
db: postgres
login_user: "{{ pg_user }}"
name: test5
state: absent
- cascade: yes
+ cascade: true
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -722,12 +722,12 @@
# Check that the table doesn't exist after the previous step, rowcount must be - 0
- name: postgresql_table - check that table doesn't exist after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_stat_all_tables WHERE relname = 'test5'"
- ignore_errors: yes
+ ignore_errors: true
register: result
when: postgres_version_resp.stdout is version('9.1', '>=')
@@ -753,12 +753,12 @@
- name: postgresql_table - check that table exists after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_stat_all_tables WHERE relname = 'test_schema_table' and schemaname = 'acme'"
- ignore_errors: yes
+ ignore_errors: true
register: result
- assert:
@@ -802,12 +802,12 @@
- name: postgresql_table - check that the table doesn't exist after the previous step
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_stat_all_tables WHERE relname = 'test_schema_table' and schemaname = 'acme'"
- ignore_errors: yes
+ ignore_errors: true
register: result
- assert:
@@ -828,12 +828,12 @@
- name: postgresql_table - check that the table with the same name in schema public exists
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_query:
db: postgres
login_user: "{{ pg_user }}"
query: "SELECT 1 FROM pg_stat_all_tables WHERE relname = 'test_schema_table' and schemaname = 'public'"
- ignore_errors: yes
+ ignore_errors: true
register: result
- assert:
@@ -846,7 +846,7 @@
login_user: "{{ pg_user }}"
name: public.test_schema_table
rename: new_test_schema_table
- trust_input: yes
+ trust_input: true
register: result
- assert:
@@ -862,10 +862,10 @@
login_user: "{{ pg_user }}"
name: postgres.acme.test_schema_table
state: absent
- trust_input: no
+ trust_input: false
session_role: 'curious.anonymous"; SELECT * FROM information_schema.tables; --'
register: result
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -877,17 +877,17 @@
#
- name: postgresql_table - drop test schema
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_schema:
database: postgres
login_user: "{{ pg_user }}"
name: acme
state: absent
- cascade_drop: yes
+ cascade_drop: true
- name: postgresql_table - drop test role
become_user: "{{ pg_user }}"
- become: yes
+ become: true
postgresql_user:
db: postgres
login_user: "{{ pg_user }}"
@@ -896,4 +896,4 @@
loop:
- test_user
- alice
- ignore_errors: yes
+ ignore_errors: true
diff --git a/tests/integration/targets/postgresql_tablespace/tasks/postgresql_tablespace_initial.yml b/tests/integration/targets/postgresql_tablespace/tasks/postgresql_tablespace_initial.yml
index f5884d99..b8e6d0b5 100644
--- a/tests/integration/targets/postgresql_tablespace/tasks/postgresql_tablespace_initial.yml
+++ b/tests/integration/targets/postgresql_tablespace/tasks/postgresql_tablespace_initial.yml
@@ -201,7 +201,7 @@
login_user: '{{ pg_user }}'
name: foo
rename_to: '{{ dangerous_name }}'
- trust_input: no
+ trust_input: false
register: result
ignore_errors: true
@@ -218,7 +218,7 @@
login_user: '{{ pg_user }}'
name: foo
state: absent
- trust_input: yes
+ trust_input: true
register: result
ignore_errors: true
diff --git a/tests/integration/targets/postgresql_user/tasks/postgresql_user_general.yml b/tests/integration/targets/postgresql_user/tasks/postgresql_user_general.yml
index f1fcdf71..cde95b0c 100644
--- a/tests/integration/targets/postgresql_user/tasks/postgresql_user_general.yml
+++ b/tests/integration/targets/postgresql_user/tasks/postgresql_user_general.yml
@@ -12,7 +12,7 @@
test_comment2: 'comment2'
task_parameters: &task_parameters
become_user: '{{ pg_user }}'
- become: yes
+ become: true
register: result
pg_parameters: &pg_parameters
login_user: '{{ pg_user }}'
@@ -24,11 +24,11 @@
#
- name: Create role in check_mode
<<: *task_parameters
- check_mode: yes
+ check_mode: true
postgresql_user:
<<: *pg_parameters
name: '{{ test_user }}'
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -97,7 +97,7 @@
<<: *pg_parameters
name: '{{ test_user }}'
comment: '{{ test_comment1 }}'
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -130,7 +130,7 @@
- name: Try to create role again in check_mode
<<: *task_parameters
- check_mode: yes
+ check_mode: true
postgresql_user:
<<: *pg_parameters
name: '{{ test_user }}'
@@ -173,7 +173,7 @@
- name: Drop role in check_mode
<<: *task_parameters
- check_mode: yes
+ check_mode: true
postgresql_user:
<<: *pg_parameters
name: '{{ test_user }}'
@@ -218,7 +218,7 @@
- name: Try to drop role in check mode again
<<: *task_parameters
- check_mode: yes
+ check_mode: true
postgresql_user:
<<: *pg_parameters
name: '{{ test_user }}'
@@ -273,7 +273,7 @@
<<: *pg_parameters
name: '{{ test_user }}'
password: u123
- no_password_changes: yes
+ no_password_changes: true
- assert:
that:
@@ -298,7 +298,7 @@
<<: *pg_parameters
name: '{{ test_user }}'
password: myunencryptedpass
- encrypted: no
+ encrypted: false
when: postgres_version_resp.stdout is version('10', '<')
- assert:
@@ -319,13 +319,13 @@
- result.rowcount == 1
when: postgres_version_resp.stdout is version('10', '<')
- - name: Change password, explicit encrypted=yes
+ - name: Change password, explicit encrypted=true
<<: *task_parameters
postgresql_user:
<<: *pg_parameters
name: '{{ test_user }}'
password: myunencryptedpass
- encrypted: yes
+ encrypted: true
- assert:
that:
@@ -348,7 +348,7 @@
<<: *pg_parameters
name: '{{ test_user }}'
expires: 'Jan 31 2020'
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -400,7 +400,7 @@
<<: *pg_parameters
name: '{{ test_user }}'
role_attr_flags: CREATEROLE,CREATEDB
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -507,7 +507,7 @@
login_user: '{{ pg_user }}'
session_role: '{{ test_user }}'
query: 'SELECT * FROM {{ test_table }}'
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -520,7 +520,7 @@
<<: *pg_parameters
name: '{{ test_user }}'
priv: '{{ test_table }}:SELECT'
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -578,7 +578,7 @@
<<: *pg_parameters
name: '{{ test_user2 }}'
state: absent
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -590,7 +590,7 @@
postgresql_user:
<<: *pg_parameters
name: '{{ test_user }}'
- fail_on_user: no
+ fail_on_user: false
- assert:
that:
@@ -613,7 +613,7 @@
name: '{{ test_group1 }}'
groups: '{{ test_group2 }}'
role_attr_flags: NOLOGIN
- check_mode: yes
+ check_mode: true
- assert:
that:
@@ -648,7 +648,7 @@
name: '{{ test_group1 }}'
groups: '{{ test_group2 }}'
role_attr_flags: NOLOGIN
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -706,7 +706,7 @@
groups:
- '{{ test_group1 }}'
- '{{ test_group2 }}'
- trust_input: no
+ trust_input: false
- assert:
that:
@@ -732,8 +732,8 @@
postgresql_user:
<<: *pg_parameters
name: '{{ dangerous_name }}'
- trust_input: no
- ignore_errors: yes
+ trust_input: false
+ ignore_errors: true
- assert:
that:
diff --git a/tests/integration/targets/postgresql_user/tasks/postgresql_user_initial.yml b/tests/integration/targets/postgresql_user/tasks/postgresql_user_initial.yml
index 79be2237..89028619 100644
--- a/tests/integration/targets/postgresql_user/tasks/postgresql_user_initial.yml
+++ b/tests/integration/targets/postgresql_user/tasks/postgresql_user_initial.yml
@@ -5,10 +5,10 @@
# do not run the encrypted: no tests if on 10+
- ansible.builtin.set_fact:
encryption_values:
- - 'yes'
+ - 'true'
- ansible.builtin.set_fact:
- encryption_values: '{{ encryption_values + ["no"]}}'
+ encryption_values: '{{ encryption_values + ["false"]}}'
when: postgres_version_resp.stdout is version('10', '<=')
- include_tasks: test_password.yml
@@ -30,8 +30,8 @@
vars:
no_password_changes: '{{ loop_item }}'
loop:
- - 'yes'
- - 'no'
+ - 'true'
+ - 'false'
loop_control:
loop_var: loop_item
@@ -41,16 +41,16 @@
# Test login_user functionality
#
- name: Create a user to test login module parameters
- become: yes
+ become: true
become_user: "{{ pg_user }}"
postgresql_user:
name: "{{ db_user1 }}"
state: "present"
- encrypted: 'yes'
+ encrypted: 'true'
password: "password"
role_attr_flags: "CREATEDB,LOGIN,CREATEROLE"
login_user: "{{ pg_user }}"
- trust_input: no
+ trust_input: false
db: postgres
- name: Create db
@@ -62,7 +62,7 @@
login_host: "localhost"
- name: Check that database created
- become: yes
+ become: true
become_user: "{{ pg_user }}"
shell: echo "select datname from pg_database where datname = '{{ db_name }}';" | psql -d postgres
register: result
@@ -75,16 +75,16 @@
postgresql_user:
name: "{{ db_user2 }}"
state: "present"
- encrypted: 'yes'
+ encrypted: 'true'
password: "md55c8ccfd9d6711fc69a7eae647fc54f51"
db: "{{ db_name }}"
login_user: "{{ db_user1 }}"
login_password: "password"
login_host: "localhost"
- trust_input: no
+ trust_input: false
- name: Check that it was created
- become: yes
+ become: true
become_user: "{{ pg_user }}"
shell: echo "select * from pg_user where usename='{{ db_user2 }}';" | psql -d postgres
register: result
@@ -106,7 +106,7 @@
host: "localhost"
- name: Check that the user has the requested permissions (database)
- become: yes
+ become: true
become_user: "{{ pg_user }}"
shell: echo "select datacl from pg_database where datname='{{ db_name }}';" | psql {{ db_name }}
register: result_database
@@ -125,10 +125,10 @@
login_user: "{{ db_user1 }}"
login_password: "password"
login_host: "localhost"
- trust_input: no
+ trust_input: false
- name: Check that they were removed
- become: yes
+ become: true
become_user: "{{ pg_user }}"
shell: echo "select * from pg_user where usename='{{ db_user2 }}';" | psql -d postgres
register: result
@@ -146,7 +146,7 @@
login_host: "localhost"
- name: Check that database was destroyed
- become: yes
+ become: true
become_user: "{{ pg_user }}"
shell: echo "select datname from pg_database where datname = '{{ db_name }}';" | psql -d postgres
register: result
diff --git a/tests/integration/targets/postgresql_user/tasks/test_no_password_change.yml b/tests/integration/targets/postgresql_user/tasks/test_no_password_change.yml
index c296c0ea..41ecbe61 100644
--- a/tests/integration/targets/postgresql_user/tasks/test_no_password_change.yml
+++ b/tests/integration/targets/postgresql_user/tasks/test_no_password_change.yml
@@ -1,7 +1,7 @@
- vars:
task_parameters: &task_parameters
become_user: "{{ pg_user }}"
- become: yes
+ become: true
register: result
postgresql_parameters: ¶meters
db: postgres
@@ -84,7 +84,7 @@
state: "present"
role_attr_flags: "NOSUPERUSER,NOCREATEROLE,NOCREATEDB,noinherit,NOLOGIN{{ bypassrls_supported | ternary(',NOBYPASSRLS', '') }},INVALID"
no_password_changes: '{{ no_password_changes }}'
- ignore_errors: yes
+ ignore_errors: true
- name: Check that ansible reports failure
assert:
diff --git a/tests/integration/targets/postgresql_user/tasks/test_password.yml b/tests/integration/targets/postgresql_user/tasks/test_password.yml
index 63bea3d6..aece258f 100644
--- a/tests/integration/targets/postgresql_user/tasks/test_password.yml
+++ b/tests/integration/targets/postgresql_user/tasks/test_password.yml
@@ -1,7 +1,7 @@
- vars:
task_parameters: &task_parameters
become_user: "{{ pg_user }}"
- become: yes
+ become: true
register: result
postgresql_query_parameters: &query_parameters
db: postgres
@@ -93,7 +93,7 @@
postgresql_user:
<<: *parameters
password: '{{ db_password1 }}'
- encrypted: 'yes'
+ encrypted: 'true'
environment:
PGCLIENTENCODING: 'UTF8'
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
@@ -105,7 +105,7 @@
postgresql_user:
<<: *parameters
password: "md5{{ (db_password1 ~ db_user1) | hash('md5')}}"
- encrypted: 'yes'
+ encrypted: 'true'
environment:
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
@@ -116,7 +116,7 @@
postgresql_user:
<<: *parameters
password: "md5{{ (db_password1 ~ db_user1) | hash('md5')}}"
- encrypted: 'no'
+ encrypted: 'false'
environment:
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
@@ -126,7 +126,7 @@
<<: *task_parameters
postgresql_user:
<<: *parameters
- encrypted: 'yes'
+ encrypted: 'true'
password: "md5{{ (db_password1 ~ db_user1) | hash('md5')}}"
expires: '2025-01-01'
environment:
@@ -139,7 +139,7 @@
postgresql_user:
<<: *parameters
password: 'prefix{{ db_password1 }}'
- encrypted: 'yes'
+ encrypted: 'true'
environment:
PGCLIENTENCODING: 'UTF8'
@@ -150,7 +150,7 @@
postgresql_user:
<<: *parameters
password: "md5{{ ('prefix1' ~ db_password1 ~ db_user1) | hash('md5')}}"
- encrypted: 'yes'
+ encrypted: 'true'
- <<: *changed
@@ -159,7 +159,7 @@
postgresql_user:
<<: *parameters
password: "md5{{ ('prefix2' ~ db_password1 ~ db_user1) | hash('md5')}}"
- encrypted: 'no'
+ encrypted: 'false'
register: change_pass_unencrypted
failed_when:
- change_pass_unencrypted is failed
@@ -173,7 +173,7 @@
postgresql_user:
<<: *parameters
password: ''
- encrypted: 'yes'
+ encrypted: 'true'
environment:
PGCLIENTENCODING: 'UTF8'
@@ -184,7 +184,7 @@
postgresql_user:
<<: *parameters
password: ''
- encrypted: 'yes'
+ encrypted: 'true'
environment:
PGCLIENTENCODING: 'UTF8'
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
@@ -196,7 +196,7 @@
postgresql_user:
<<: *parameters
password: ''
- encrypted: 'no'
+ encrypted: 'false'
environment:
PGCLIENTENCODING: 'UTF8'
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
@@ -208,13 +208,13 @@
postgresql_user:
<<: *parameters
password: '{{ db_password1 }}'
- encrypted: 'yes'
+ encrypted: 'true'
environment:
PGCLIENTENCODING: 'UTF8'
- <<: *changed
- when: encrypted == 'yes' and postgres_version_resp.stdout is version('14', '<')
+ when: encrypted == 'true' and postgres_version_resp.stdout is version('14', '<')
- block:
@@ -223,7 +223,7 @@
postgresql_user:
<<: *parameters
password: "{{ db_password1 }}"
- encrypted: 'no'
+ encrypted: 'false'
environment:
PGCLIENTENCODING: 'UTF8'
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
@@ -235,7 +235,7 @@
postgresql_user:
<<: *parameters
password: "{{ db_password1 }}"
- encrypted: 'no'
+ encrypted: 'false'
expires: '2025-01-01'
environment:
PGCLIENTENCODING: 'UTF8'
@@ -248,7 +248,7 @@
postgresql_user:
<<: *parameters
password: "changed{{ db_password1 }}"
- encrypted: 'no'
+ encrypted: 'false'
environment:
PGCLIENTENCODING: 'UTF8'
@@ -259,7 +259,7 @@
postgresql_user:
<<: *parameters
password: ''
- encrypted: 'no'
+ encrypted: 'false'
environment:
PGCLIENTENCODING: 'UTF8'
@@ -270,7 +270,7 @@
postgresql_user:
<<: *parameters
password: ''
- encrypted: 'no'
+ encrypted: 'false'
environment:
PGCLIENTENCODING: 'UTF8'
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
@@ -282,7 +282,7 @@
postgresql_user:
<<: *parameters
password: ''
- encrypted: 'yes'
+ encrypted: 'true'
environment:
PGCLIENTENCODING: 'UTF8'
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
@@ -294,13 +294,13 @@
postgresql_user:
<<: *parameters
password: "{{ db_password1 }}"
- encrypted: 'no'
+ encrypted: 'false'
environment:
PGCLIENTENCODING: 'UTF8'
- <<: *changed
- when: encrypted == 'no'
+ when: encrypted == 'false'
# start of block scram-sha-256
# scram-sha-256 password encryption type is supported since PostgreSQL 10
diff --git a/tests/integration/targets/postgresql_user_obj_stat_info/tasks/postgresql_user_obj_stat_info.yml b/tests/integration/targets/postgresql_user_obj_stat_info/tasks/postgresql_user_obj_stat_info.yml
index 6e6ff212..62f72d9e 100644
--- a/tests/integration/targets/postgresql_user_obj_stat_info/tasks/postgresql_user_obj_stat_info.yml
+++ b/tests/integration/targets/postgresql_user_obj_stat_info/tasks/postgresql_user_obj_stat_info.yml
@@ -5,7 +5,7 @@
- vars:
task_parameters: &task_parameters
become_user: '{{ pg_user }}'
- become: yes
+ become: true
register: result
pg_parameters: &pg_parameters
login_user: '{{ pg_user }}'
@@ -64,12 +64,12 @@
# To avoid CI timeouts
- name: Kill all postgres processes
shell: 'pkill -u {{ pg_user }}'
- become: yes
+ become: true
when: ansible_facts.distribution == 'CentOS' and ansible_facts.distribution_major_version == '8'
- ignore_errors: yes
+ ignore_errors: true
- name: Stop PostgreSQL
- become: yes
+ become: true
service:
name: "{{ postgresql_service }}"
state: stopped
@@ -80,7 +80,7 @@
seconds: 5
- name: Start PostgreSQL
- become: yes
+ become: true
service:
name: "{{ postgresql_service }}"
state: started
@@ -168,7 +168,7 @@
postgresql_user_obj_stat_info:
<<: *pg_parameters
schema: nonexistent
- ignore_errors: yes
+ ignore_errors: true
- assert:
that:
@@ -181,8 +181,8 @@
postgresql_user_obj_stat_info:
<<: *pg_parameters
session_role: 'curious.anonymous"; SELECT * FROM information_schema.tables; --'
- trust_input: no
- ignore_errors: yes
+ trust_input: false
+ ignore_errors: true
- assert:
that:
@@ -198,7 +198,7 @@
<<: *pg_parameters
name: '{{ test_schema1 }}'
state: absent
- cascade_drop: yes
+ cascade_drop: true
- name: Drop test tables
<<: *task_parameters
@@ -219,4 +219,4 @@
- '{{ test_func1 }}'
- '{{ test_func2 }}'
- '{{ test_schema1 }}.{{ test_func3 }}'
- ignore_errors: yes
+ ignore_errors: true
diff --git a/tests/integration/targets/setup_pkg_mgr/tasks/main.yml b/tests/integration/targets/setup_pkg_mgr/tasks/main.yml
index 24d02228..cc4e3b0d 100644
--- a/tests/integration/targets/setup_pkg_mgr/tasks/main.yml
+++ b/tests/integration/targets/setup_pkg_mgr/tasks/main.yml
@@ -7,11 +7,11 @@
- set_fact:
pkg_mgr: community.general.pkgng
ansible_pkg_mgr: community.general.pkgng
- cacheable: yes
+ cacheable: true
when: ansible_os_family == "FreeBSD"
- set_fact:
pkg_mgr: community.general.zypper
ansible_pkg_mgr: community.general.zypper
- cacheable: yes
+ cacheable: true
when: ansible_os_family == "Suse"
diff --git a/tests/integration/targets/setup_postgresql_db/tasks/main.yml b/tests/integration/targets/setup_postgresql_db/tasks/main.yml
index 5491d552..57384962 100644
--- a/tests/integration/targets/setup_postgresql_db/tasks/main.yml
+++ b/tests/integration/targets/setup_postgresql_db/tasks/main.yml
@@ -27,7 +27,7 @@
- name: Make sure the dbus service is enabled under systemd
shell: systemctl enable dbus || systemctl enable dbus-broker
- ignore_errors: yes
+ ignore_errors: true
when: ansible_service_mgr == 'systemd' and ansible_distribution == 'Fedora'
- name: Make sure the dbus service is started under systemd
@@ -38,9 +38,9 @@
- name: Kill all postgres processes
shell: 'pkill -u {{ pg_user }}'
- become: yes
+ become: true
when: ansible_facts.distribution == 'CentOS' and ansible_facts.distribution_major_version == '8'
- ignore_errors: yes
+ ignore_errors: true
- name: stop postgresql service
service: name={{ postgresql_service }} state=stopped
@@ -190,9 +190,9 @@
- name: Kill all postgres processes
shell: 'pkill -u {{ pg_user }}'
- become: yes
+ become: true
when: ansible_facts.distribution == 'CentOS' and ansible_facts.distribution_major_version == '8'
- ignore_errors: yes
+ ignore_errors: true
register: terminate
- name: Stop postgresql service
diff --git a/tests/integration/targets/setup_postgresql_replication/handlers/main.yml b/tests/integration/targets/setup_postgresql_replication/handlers/main.yml
index 9d68f7de..29460208 100644
--- a/tests/integration/targets/setup_postgresql_replication/handlers/main.yml
+++ b/tests/integration/targets/setup_postgresql_replication/handlers/main.yml
@@ -1,5 +1,5 @@
- name: Stop services
- become: yes
+ become: true
become_user: '{{ pg_user }}'
shell: '{{ pg_ctl }} -D {{ item.datadir }} -o "-p {{ item.port }}" -m immediate stop'
loop:
From 5a4c502826fbb214c023f4af886e38d78a6f5e7a Mon Sep 17 00:00:00 2001
From: Douglas J Hunley <doug.hunley@gmail.com>
Date: Mon, 29 Aug 2022 10:06:57 -0400
Subject: [PATCH 4/7] backptch of 337
---
.../tasks/postgresql_membership_initial.yml | 736 ++++++++++++++++++
.../tasks/postgresql_query_initial.yml | 585 ++++++++++++++
2 files changed, 1321 insertions(+)
create mode 100644 tests/integration/targets/postgresql_membership/tasks/postgresql_membership_initial.yml
create mode 100644 tests/integration/targets/postgresql_query/tasks/postgresql_query_initial.yml
diff --git a/tests/integration/targets/postgresql_membership/tasks/postgresql_membership_initial.yml b/tests/integration/targets/postgresql_membership/tasks/postgresql_membership_initial.yml
new file mode 100644
index 00000000..3c8ef17a
--- /dev/null
+++ b/tests/integration/targets/postgresql_membership/tasks/postgresql_membership_initial.yml
@@ -0,0 +1,736 @@
+# Copyright: (c) 2019, Andrew Klychkov (@Andersson007) <aaklychkov@mail.ru>
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+
+####################
+# Prepare for tests:
+
+# Create test roles:
+- name: postgresql_membership - create test roles
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_user:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ name: "{{ item }}"
+ ignore_errors: true
+ with_items:
+ - "{{ test_group1 }}"
+ - "{{ test_group2 }}"
+ - "{{ test_group3 }}"
+ - "{{ test_user1 }}"
+ - "{{ test_user2 }}"
+
+################
+# Do main tests:
+
+### Test check_mode
+# Grant test_group1 to test_user1 in check_mode:
+- name: postgresql_membership - grant test_group1 to test_user1 in check_mode
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_membership:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ group: "{{ test_group1 }}"
+ user: "{{ test_user1 }}"
+ state: present
+ register: result
+ ignore_errors: true
+ check_mode: true
+
+- assert:
+ that:
+ - result is changed
+ - result.groups == ["{{ test_group1 }}"]
+ - result.queries == ["GRANT \"{{ test_group1 }}\" TO \"{{ test_user1 }}\""]
+ - result.granted.{{ test_group1 }} == ["{{ test_user1 }}"]
+ - result.state == "present"
+ - result.target_roles == ["{{ test_user1 }}"]
+
+# Try to revoke test_group1 from test_user1 to check that
+# nothing actually changed in check_mode at the previous step:
+- name: postgresql_membership - try to revoke test_group1 from test_user1 for checking check_mode
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_membership:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ group: "{{ test_group1 }}"
+ user: "{{ test_user1 }}"
+ state: absent
+ register: result
+ ignore_errors: true
+ check_mode: true
+
+- assert:
+ that:
+ - result is not changed
+ - result.groups == ["{{ test_group1 }}"]
+ - result.queries == []
+ - result.revoked.{{ test_group1 }} == []
+ - result.state == "absent"
+ - result.target_roles == ["{{ test_user1 }}"]
+### End of test check_mode
+
+# Grant test_group1 to test_user1:
+- name: postgresql_membership - grant test_group1 to test_user1
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_membership:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ group: "{{ test_group1 }}"
+ user: "{{ test_user1 }}"
+ state: present
+ register: result
+ ignore_errors: true
+
+- assert:
+ that:
+ - result is changed
+ - result.groups == ["{{ test_group1 }}"]
+ - result.queries == ["GRANT \"{{ test_group1 }}\" TO \"{{ test_user1 }}\""]
+ - result.granted.{{ test_group1 }} == ["{{ test_user1 }}"]
+ - result.state == "present"
+ - result.target_roles == ["{{ test_user1 }}"]
+
+# Grant test_group1 to test_user1 again to check that nothing changes:
+- name: postgresql_membership - grant test_group1 to test_user1 again
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_membership:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ group: "{{ test_group1 }}"
+ user: "{{ test_user1 }}"
+ state: present
+ register: result
+ ignore_errors: true
+
+- assert:
+ that:
+ - result is not changed
+ - result.groups == ["{{ test_group1 }}"]
+ - result.queries == []
+ - result.granted.{{ test_group1 }} == []
+ - result.state == "present"
+ - result.target_roles == ["{{ test_user1 }}"]
+
+# Revoke test_group1 from test_user1:
+- name: postgresql_membership - revoke test_group1 from test_user1
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_membership:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ group: "{{ test_group1 }}"
+ user: "{{ test_user1 }}"
+ state: absent
+ register: result
+ ignore_errors: true
+
+- assert:
+ that:
+ - result is changed
+ - result.groups == ["{{ test_group1 }}"]
+ - result.queries == ["REVOKE \"{{ test_group1 }}\" FROM \"{{ test_user1 }}\""]
+ - result.revoked.{{ test_group1 }} == ["{{ test_user1 }}"]
+ - result.state == "absent"
+ - result.target_roles == ["{{ test_user1 }}"]
+
+# Revoke test_group1 from test_user1 again to check that nothing changes:
+- name: postgresql_membership - revoke test_group1 from test_user1 again
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_membership:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ group: "{{ test_group1 }}"
+ user: "{{ test_user1 }}"
+ state: absent
+ register: result
+ ignore_errors: true
+
+- assert:
+ that:
+ - result is not changed
+ - result.groups == ["{{ test_group1 }}"]
+ - result.queries == []
+ - result.revoked.{{ test_group1 }} == []
+ - result.state == "absent"
+ - result.target_roles == ["{{ test_user1 }}"]
+
+# Grant test_group1 and test_group2 to test_user1 and test_user2:
+- name: postgresql_membership - grant two groups to two users
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_membership:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ group:
+ - "{{ test_group1 }}"
+ - "{{ test_group2 }}"
+ user:
+ - "{{ test_user1 }}"
+ - "{{ test_user2 }}"
+ state: present
+ register: result
+ ignore_errors: true
+
+- assert:
+ that:
+ - result is changed
+ - result.groups == ["{{ test_group1 }}", "{{ test_group2 }}"]
+ - result.queries == ["GRANT \"{{ test_group1 }}\" TO \"{{ test_user1 }}\"", "GRANT \"{{ test_group1 }}\" TO \"{{ test_user2 }}\"", "GRANT \"{{ test_group2 }}\" TO \"{{ test_user1 }}\"", "GRANT \"{{ test_group2 }}\" TO \"{{ test_user2 }}\""]
+ - result.granted.{{ test_group1 }} == ["{{ test_user1 }}", "{{ test_user2 }}"]
+ - result.granted.{{ test_group2 }} == ["{{ test_user1 }}", "{{ test_user2 }}"]
+ - result.state == "present"
+ - result.target_roles == ["{{ test_user1 }}", "{{ test_user2 }}"]
+
+# Grant test_group1 and test_group2 to test_user1 and test_user2 again to check that nothing changes:
+- name: postgresql_membership - grant two groups to two users again
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_membership:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ group:
+ - "{{ test_group1 }}"
+ - "{{ test_group2 }}"
+ user:
+ - "{{ test_user1 }}"
+ - "{{ test_user2 }}"
+ state: present
+ register: result
+ ignore_errors: true
+
+- assert:
+ that:
+ - result is not changed
+ - result.groups == ["{{ test_group1 }}", "{{ test_group2 }}"]
+ - result.queries == []
+ - result.granted.{{ test_group1 }} == []
+ - result.granted.{{ test_group2 }} == []
+ - result.state == "present"
+ - result.target_roles == ["{{ test_user1 }}", "{{ test_user2 }}"]
+
+# Revoke only test_group1 from test_user1:
+- name: postgresql_membership - revoke one group from one user
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_membership:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ group: "{{ test_group1 }}"
+ user: "{{ test_user1 }}"
+ state: absent
+ register: result
+ ignore_errors: true
+
+- assert:
+ that:
+ - result is changed
+ - result.groups == ["{{ test_group1 }}"]
+ - result.queries == ["REVOKE \"{{ test_group1 }}\" FROM \"{{ test_user1 }}\""]
+ - result.revoked.{{ test_group1 }} == ["{{ test_user1 }}"]
+ - result.state == "absent"
+ - result.target_roles == ["{{ test_user1 }}"]
+
+# Try to grant test_group1 and test_group2 to test_user1 and test_user2 again
+# to check that nothing changes with test_user2:
+- name: postgresql_membership - grant two groups to two users again
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_membership:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ group:
+ - "{{ test_group1 }}"
+ - "{{ test_group2 }}"
+ user:
+ - "{{ test_user1 }}"
+ - "{{ test_user2 }}"
+ state: present
+ register: result
+ ignore_errors: true
+
+- assert:
+ that:
+ - result is changed
+ - result.groups == ["{{ test_group1 }}", "{{ test_group2 }}"]
+ - result.queries == ["GRANT \"{{ test_group1 }}\" TO \"{{ test_user1 }}\""]
+ - result.granted.{{ test_group1 }} == ["{{ test_user1 }}"]
+ - result.granted.{{ test_group2 }} == []
+ - result.state == "present"
+ - result.target_roles == ["{{ test_user1 }}", "{{ test_user2 }}"]
+
+#####################
+# Check fail_on_role:
+
+# Try to grant non existent group to non existent role with fail_on_role=true:
+- name: postgresql_membership - revoke non existen group from non existen role
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_membership:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ group: fake_group
+ user: fake_user
+ state: present
+ fail_on_role: true
+ register: result
+ ignore_errors: true
+
+- assert:
+ that:
+ - result is not changed
+
+# Try to grant non existent group to non existent role with fail_on_role=no:
+- name: postgresql_membership - revoke non existen group from non existen role
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_membership:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ group: fake_group
+ user: fake_user
+ state: present
+ fail_on_role: false
+ register: result
+ ignore_errors: true
+
+- assert:
+ that:
+ - result is not changed
+ - result.granted == {}
+ - result.groups == []
+ - result.target_roles == []
+ - result.state == 'present'
+
+# Try to revoke non existent group from non existent role with fail_on_role=no:
+- name: postgresql_membership - revoke non existen group from non existen role
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_membership:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ group: fake_group
+ user: fake_user
+ state: absent
+ fail_on_role: false
+ register: result
+ ignore_errors: true
+
+- assert:
+ that:
+ - result is not changed
+ - result.revoked == {}
+ - result.groups == []
+ - result.target_roles == []
+ - result.state == 'absent'
+
+# Grant test_group3 with a name containing dots to test_user1.
+- name: postgresql_membership - grant test_group3 with dots to test_user1
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_membership:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ group: "{{ test_group3 }}"
+ user: "{{ test_user1 }}"
+ state: present
+ register: result
+
+- assert:
+ that:
+ - result is changed
+ - result.queries == ["GRANT \"{{ test_group3 }}\" TO \"{{ test_user1 }}\""]
+
+#############################
+# Check trust_input parameter
+
+- name: postgresql_membership - try to use dangerous input, don't trust
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_membership:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ group:
+ - "{{ test_group3}}"
+ - "{{ dangerous_name }}"
+ user: "{{ test_user1 }}"
+ state: present
+ trust_input: false
+ register: result
+ ignore_errors: true
+
+- assert:
+ that:
+ - result is failed
+ - result.msg == 'Passed input \'{{ dangerous_name }}\' is potentially dangerous'
+
+- name: postgresql_membership - try to use dangerous input, trust explicitly
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_membership:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ group:
+ - "{{ test_group3}}"
+ - "{{ dangerous_name }}"
+ user: "{{ test_user1 }}"
+ state: present
+ trust_input: true
+ register: result
+ ignore_errors: true
+
+- assert:
+ that:
+ - result is failed
+ - result.msg == 'Role {{ dangerous_name }} does not exist'
+
+########################
+# Tests for match method
+- name: Revoke all groups from a role check mode
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_membership:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ groups: []
+ user: "{{ test_user1 }}"
+ state: exact
+ register: result
+ check_mode: true
+
+- assert:
+ that:
+ - result is changed
+ - result.queries == ["REVOKE \"{{ test_group1 }}\" FROM \"{{ test_user1 }}\"", "REVOKE \"{{ test_group2 }}\" FROM \"{{ test_user1 }}\"", "REVOKE \"{{ test_group3 }}\" FROM \"{{ test_user1 }}\""],
+ - result.revoked["group.with.dots"] == ["{{ test_user1 }}"]
+ - result.revoked["group1"] == ["{{ test_user1 }}"]
+ - result.revoked["group2"] == ["{{ test_user1 }}"]
+ - result.granted == {}
+
+
+- name: Check result of prev task
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_query:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ query: "SELECT ARRAY(SELECT b.rolname FROM pg_catalog.pg_auth_members m JOIN pg_catalog.pg_roles b ON (m.roleid = b.oid) WHERE m.member = r.oid) FROM pg_catalog.pg_roles r WHERE r.rolname = '{{ test_user1 }}'"
+ register: result
+
+- assert:
+ that:
+ - result.query_result.0.array == ['{{ test_group1 }}', '{{ test_group2 }}', '{{ test_group3 }}']
+
+- name: Revoke all groups from a role actual mode
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_membership:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ groups: []
+ user: "{{ test_user1 }}"
+ state: exact
+ register: result
+
+- assert:
+ that:
+ - result is changed
+ - result.queries == ["REVOKE \"{{ test_group1 }}\" FROM \"{{ test_user1 }}\"", "REVOKE \"{{ test_group2 }}\" FROM \"{{ test_user1 }}\"", "REVOKE \"{{ test_group3 }}\" FROM \"{{ test_user1 }}\""],
+ - result.revoked["group.with.dots"] == ["{{ test_user1 }}"]
+ - result.revoked["group1"] == ["{{ test_user1 }}"]
+ - result.revoked["group2"] == ["{{ test_user1 }}"]
+ - result.granted == {}
+
+
+- name: Check result of prev task
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_query:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ query: "SELECT ARRAY(SELECT b.rolname FROM pg_catalog.pg_auth_members m JOIN pg_catalog.pg_roles b ON (m.roleid = b.oid) WHERE m.member = r.oid) FROM pg_catalog.pg_roles r WHERE r.rolname = '{{ test_user1 }}'"
+ register: result
+
+- assert:
+ that:
+ - result.query_result.0.array == []
+
+- name: Grant all groups to a role check mode
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_membership:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ groups:
+ - "{{ test_group1 }}"
+ - "{{ test_group2 }}"
+ - "{{ test_group3 }}"
+ user: "{{ test_user1 }}"
+ state: exact
+ register: result
+ check_mode: true
+
+- assert:
+ that:
+ - result is changed
+ - result.queries == ["GRANT \"{{ test_group1 }}\" TO \"{{ test_user1 }}\"", "GRANT \"{{ test_group2 }}\" TO \"{{ test_user1 }}\"", "GRANT \"{{ test_group3 }}\" TO \"{{ test_user1 }}\""],
+ - result.granted["group.with.dots"] == ["{{ test_user1 }}"]
+ - result.granted["group1"] == ["{{ test_user1 }}"]
+ - result.granted["group2"] == ["{{ test_user1 }}"]
+ - result.revoked == {}
+
+
+- name: Check result of prev task
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_query:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ query: "SELECT ARRAY(SELECT b.rolname FROM pg_catalog.pg_auth_members m JOIN pg_catalog.pg_roles b ON (m.roleid = b.oid) WHERE m.member = r.oid) FROM pg_catalog.pg_roles r WHERE r.rolname = '{{ test_user1 }}'"
+ register: result
+
+- assert:
+ that:
+ - result.query_result.0.array == []
+
+- name: Grant all groups to a role real mode
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_membership:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ groups:
+ - "{{ test_group1 }}"
+ - "{{ test_group2 }}"
+ - "{{ test_group3 }}"
+ user: "{{ test_user1 }}"
+ state: exact
+ register: result
+
+- assert:
+ that:
+ - result is changed
+ - result.queries == ["GRANT \"{{ test_group1 }}\" TO \"{{ test_user1 }}\"", "GRANT \"{{ test_group2 }}\" TO \"{{ test_user1 }}\"", "GRANT \"{{ test_group3 }}\" TO \"{{ test_user1 }}\""],
+ - result.granted["group.with.dots"] == ["{{ test_user1 }}"]
+ - result.granted["group1"] == ["{{ test_user1 }}"]
+ - result.granted["group2"] == ["{{ test_user1 }}"]
+ - result.revoked == {}
+
+
+- name: Check result of prev task
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_query:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ query: "SELECT ARRAY(SELECT b.rolname FROM pg_catalog.pg_auth_members m JOIN pg_catalog.pg_roles b ON (m.roleid = b.oid) WHERE m.member = r.oid) FROM pg_catalog.pg_roles r WHERE r.rolname = '{{ test_user1 }}'"
+ register: result
+
+- assert:
+ that:
+ - result.query_result.0.array == ['{{ test_group1 }}', '{{ test_group2 }}', '{{ test_group3 }}']
+
+- name: Change groups 1
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_membership:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ groups:
+ - "{{ test_group1 }}"
+ user: "{{ test_user1 }}"
+ state: exact
+ register: result
+
+- assert:
+ that:
+ - result is changed
+ - result.queries == ["REVOKE \"{{ test_group2 }}\" FROM \"{{ test_user1 }}\"", "REVOKE \"{{ test_group3 }}\" FROM \"{{ test_user1 }}\""],
+ - result.revoked["group.with.dots"] == ["{{ test_user1 }}"]
+ - result.revoked["group2"] == ["{{ test_user1 }}"]
+ - result.granted == {}
+
+
+- name: Check result of prev task
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_query:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ query: "SELECT ARRAY(SELECT b.rolname FROM pg_catalog.pg_auth_members m JOIN pg_catalog.pg_roles b ON (m.roleid = b.oid) WHERE m.member = r.oid) FROM pg_catalog.pg_roles r WHERE r.rolname = '{{ test_user1 }}'"
+ register: result
+
+- assert:
+ that:
+ - result.query_result.0.array == ['{{ test_group1 }}']
+
+- name: Change groups 2
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_membership:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ groups:
+ - "{{ test_group2 }}"
+ - "{{ test_group3 }}"
+ user: "{{ test_user1 }}"
+ state: exact
+ register: result
+
+- assert:
+ that:
+ - result is changed
+ - result.queries == ["REVOKE \"{{ test_group1 }}\" FROM \"{{ test_user1 }}\"", "GRANT \"{{ test_group2 }}\" TO \"{{ test_user1 }}\"", "GRANT \"{{ test_group3 }}\" TO \"{{ test_user1 }}\""],
+ - result.granted["group.with.dots"] == ["{{ test_user1 }}"]
+ - result.granted["group2"] == ["{{ test_user1 }}"]
+ - result.revoked["group1"] == ["{{ test_user1 }}"]
+
+- name: Check result of prev task
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_query:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ query: "SELECT ARRAY(SELECT b.rolname FROM pg_catalog.pg_auth_members m JOIN pg_catalog.pg_roles b ON (m.roleid = b.oid) WHERE m.member = r.oid) FROM pg_catalog.pg_roles r WHERE r.rolname = '{{ test_user1 }}'"
+ register: result
+
+- assert:
+ that:
+ - result.query_result.0.array == ['{{ test_group2 }}', '{{ test_group3 }}']
+
+- name: Change groups 2 again
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_membership:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ groups:
+ - "{{ test_group2 }}"
+ - "{{ test_group3 }}"
+ user: "{{ test_user1 }}"
+ state: exact
+ register: result
+
+- assert:
+ that:
+ - result is not changed
+ - result.queries == [],
+ - result.granted == {}
+ - result.revoked == {}
+
+
+- name: Check result of prev task
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_query:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ query: "SELECT ARRAY(SELECT b.rolname FROM pg_catalog.pg_auth_members m JOIN pg_catalog.pg_roles b ON (m.roleid = b.oid) WHERE m.member = r.oid) FROM pg_catalog.pg_roles r WHERE r.rolname = '{{ test_user1 }}'"
+ register: result
+
+- assert:
+ that:
+ - result.query_result.0.array == ['{{ test_group2 }}', '{{ test_group3 }}']
+
+- name: Change groups for two users
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_membership:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ groups:
+ - "{{ test_group1 }}"
+ - "{{ test_group2 }}"
+ - "{{ test_group3 }}"
+ users:
+ - "{{ test_user1 }}"
+ - "{{ test_user2 }}"
+ state: exact
+ register: result
+
+- assert:
+ that:
+ - result is changed
+ - result.queries == ["GRANT \"{{ test_group1 }}\" TO \"{{ test_user1 }}\"", "GRANT \"{{ test_group3 }}\" TO \"{{ test_user2 }}\""],
+ - result.granted["group1"] == ["{{ test_user1 }}"]
+ - result.granted["group.with.dots"] == ["{{ test_user2 }}"]
+ - result.revoked == {}
+
+- name: Check result of prev task for {{ test_user1 }}
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_query:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ query: "SELECT ARRAY(SELECT b.rolname FROM pg_catalog.pg_auth_members m JOIN pg_catalog.pg_roles b ON (m.roleid = b.oid) WHERE m.member = r.oid) FROM pg_catalog.pg_roles r WHERE r.rolname = '{{ test_user1 }}'"
+ register: result
+
+- assert:
+ that:
+ - result.query_result.0.array == ['{{ test_group1 }}', '{{ test_group2 }}', '{{ test_group3 }}']
+
+- name: Check result of prev task for {{ test_user2 }}
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_query:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ query: "SELECT ARRAY(SELECT b.rolname FROM pg_catalog.pg_auth_members m JOIN pg_catalog.pg_roles b ON (m.roleid = b.oid) WHERE m.member = r.oid) FROM pg_catalog.pg_roles r WHERE r.rolname = '{{ test_user2 }}'"
+ register: result
+
+- assert:
+ that:
+ - result.query_result.0.array == ['{{ test_group1 }}', '{{ test_group2 }}', '{{ test_group3 }}']
+
+- name: Change groups for two users 2
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_membership:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ groups:
+ - "{{ test_group2 }}"
+ - "{{ test_group3 }}"
+ users:
+ - "{{ test_user1 }}"
+ - "{{ test_user2 }}"
+ state: exact
+ register: result
+
+- assert:
+ that:
+ - result is changed
+ - result.queries == ["REVOKE \"{{ test_group1 }}\" FROM \"{{ test_user1 }}\"", "REVOKE \"{{ test_group1 }}\" FROM \"{{ test_user2 }}\""],
+ - result.revoked["group1"] == ["{{ test_user1 }}", "{{ test_user2 }}"]
+ - result.granted == {}
+
+- name: Check result of prev task for {{ test_user1 }}
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_query:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ query: "SELECT ARRAY(SELECT b.rolname FROM pg_catalog.pg_auth_members m JOIN pg_catalog.pg_roles b ON (m.roleid = b.oid) WHERE m.member = r.oid) FROM pg_catalog.pg_roles r WHERE r.rolname = '{{ test_user1 }}'"
+ register: result
+
+- assert:
+ that:
+ - result.query_result.0.array == ['{{ test_group2 }}', '{{ test_group3 }}']
+
+- name: Check result of prev task for {{ test_user2 }}
+ become_user: "{{ pg_user }}"
+ become: true
+ postgresql_query:
+ login_user: "{{ pg_user }}"
+ db: postgres
+ query: "SELECT ARRAY(SELECT b.rolname FROM pg_catalog.pg_auth_members m JOIN pg_catalog.pg_roles b ON (m.roleid = b.oid) WHERE m.member = r.oid) FROM pg_catalog.pg_roles r WHERE r.rolname = '{{ test_user2 }}'"
+ register: result
+
+- assert:
+ that:
+ - result.query_result.0.array == ['{{ test_group2 }}', '{{ test_group3 }}']
diff --git a/tests/integration/targets/postgresql_query/tasks/postgresql_query_initial.yml b/tests/integration/targets/postgresql_query/tasks/postgresql_query_initial.yml
new file mode 100644
index 00000000..f15f4ae8
--- /dev/null
+++ b/tests/integration/targets/postgresql_query/tasks/postgresql_query_initial.yml
@@ -0,0 +1,585 @@
+- vars:
+ pg_parameters: &pg_parameters
+ login_user: '{{ pg_user }}'
+ login_db: postgres
+ connect_params:
+ connect_timeout: 30
+
+ block:
+
+ - name: postgresql_query - drop test table if exists
+ become_user: '{{ pg_user }}'
+ become: true
+ shell: psql postgres -U "{{ pg_user }}" -t -c "DROP TABLE IF EXISTS test_table;"
+ ignore_errors: true
+
+ - name: postgresql_query - create test table called test_table
+ become_user: '{{ pg_user }}'
+ become: true
+ shell: psql postgres -U "{{ pg_user }}" -t -c "CREATE TABLE test_table (id int, story text);"
+ ignore_errors: true
+
+ - name: postgresql_query - insert some data into test_table
+ become_user: '{{ pg_user }}'
+ become: true
+ shell: psql postgres -U "{{ pg_user }}" -t -c "INSERT INTO test_table (id, story) VALUES (1, 'first'), (2, 'second'), (3, 'third');"
+ ignore_errors: true
+
+ - name: Copy script files
+ become: true
+ copy:
+ src: '{{ item }}'
+ dest: '~{{ pg_user }}/{{ item }}'
+ owner: '{{ pg_user }}'
+ force: true
+ loop:
+ - test0.sql
+ - test1.sql
+ register: sql_file_created
+ ignore_errors: true
+
+ - name: postgresql_query - analyze test_table
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: ANALYZE test_table
+ register: result
+ ignore_errors: true
+
+ - assert:
+ that:
+ - result is changed
+ - result.query == 'ANALYZE test_table'
+ - result.query_list == ['ANALYZE test_table']
+ - result.rowcount == 0
+ - result.statusmessage == 'ANALYZE'
+ - result.query_result == {}
+ - result.query_all_results == [{}]
+
+ - name: postgresql_query - run queries from SQL script
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ path_to_script: ~{{ pg_user }}/test0.sql
+ positional_args:
+ - 1
+ encoding: UTF-8
+ as_single_query: false
+ register: result
+ ignore_errors: true
+ when: sql_file_created
+
+ - assert:
+ that:
+ - result is not changed
+ - result.query == "\n\nSELECT story FROM test_table\n WHERE id = 1 OR story = 'Данные'"
+ - result.query_result[0].story == 'first'
+ - result.rowcount == 2
+ - result.statusmessage == 'SELECT 1' or result.statusmessage == 'SELECT'
+ when: sql_file_created
+
+ - name: postgresql_query - simple select query to test_table
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: SELECT * FROM test_table
+ register: result
+ ignore_errors: true
+
+ - assert:
+ that:
+ - result is not changed
+ - result.query == 'SELECT * FROM test_table'
+ - result.rowcount == 3
+ - result.statusmessage == 'SELECT 3' or result.statusmessage == 'SELECT'
+ - result.query_result[0].id == 1
+ - result.query_result[1].id == 2
+ - result.query_result[2].id == 3
+ - result.query_result[0].story == 'first'
+ - result.query_result[1].story == 'second'
+ - result.query_result[2].story == 'third'
+
+ - name: postgresql_query - select query with named args
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: SELECT id FROM test_table WHERE id = %(id_val)s AND story = %(story_val)s
+ named_args:
+ id_val: 1
+ story_val: first
+ register: result
+ ignore_errors: true
+
+ - assert:
+ that:
+ - result is not changed
+ - result.query == "SELECT id FROM test_table WHERE id = 1 AND story = 'first'" or result.query == "SELECT id FROM test_table WHERE id = 1 AND story = E'first'"
+ - result.rowcount == 1
+ - result.statusmessage == 'SELECT 1' or result.statusmessage == 'SELECT'
+ - result.query_result[0].id == 1
+
+ - name: postgresql_query - select query with positional arguments
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: SELECT story FROM test_table WHERE id = %s AND story = %s
+ positional_args:
+ - 2
+ - second
+ register: result
+ ignore_errors: true
+
+ - assert:
+ that:
+ - result is not changed
+ - result.query == "SELECT story FROM test_table WHERE id = 2 AND story = 'second'" or result.query == "SELECT story FROM test_table WHERE id = 2 AND story = E'second'"
+ - result.rowcount == 1
+ - result.statusmessage == 'SELECT 1' or result.statusmessage == 'SELECT'
+ - result.query_result[0].story == 'second'
+
+ - name: postgresql_query - simple update query
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: UPDATE test_table SET story = 'new' WHERE id = 3
+ register: result
+ ignore_errors: true
+
+ - assert:
+ that:
+ - result is changed
+ - result.query == "UPDATE test_table SET story = 'new' WHERE id = 3"
+ - result.rowcount == 1
+ - result.statusmessage == 'UPDATE 1'
+ - result.query_result == {}
+
+ - name: check the previous update
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: SELECT * FROM test_table WHERE story = 'new' AND id = 3
+ register: result
+
+ - assert:
+ that:
+ - result.rowcount == 1
+
+ - name: postgresql_query - simple update query in check_mode
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: UPDATE test_table SET story = 'CHECK_MODE' WHERE id = 3
+ register: result
+ check_mode: true
+
+ - assert:
+ that:
+ - result is changed
+ - result.query == "UPDATE test_table SET story = 'CHECK_MODE' WHERE id = 3"
+ - result.rowcount == 1
+ - result.statusmessage == 'UPDATE 1'
+ - result.query_result == {}
+
+ - name: check the previous update that nothing has been changed
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: SELECT * FROM test_table WHERE story = 'CHECK_MODE' AND id = 3
+ register: result
+
+ - assert:
+ that:
+ - result.rowcount == 0
+
+ - name: postgresql_query - try to update not existing row
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: UPDATE test_table SET story = 'new' WHERE id = 100
+ register: result
+ ignore_errors: true
+
+ - assert:
+ that:
+ - result is not changed
+ - result.query == "UPDATE test_table SET story = 'new' WHERE id = 100"
+ - result.rowcount == 0
+ - result.statusmessage == 'UPDATE 0'
+ - result.query_result == {}
+
+ - name: postgresql_query - insert query
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: INSERT INTO test_table (id, story) VALUES (%s, %s)
+ positional_args:
+ - 4
+ - fourth
+ register: result
+ ignore_errors: true
+
+ - assert:
+ that:
+ - result is changed
+ - result.query == "INSERT INTO test_table (id, story) VALUES (4, 'fourth')" or result.query == "INSERT INTO test_table (id, story) VALUES (4, E'fourth')"
+ - result.rowcount == 1
+ - result.statusmessage == 'INSERT 0 1'
+ - result.query_result == {}
+
+ - name: postgresql_query - truncate test_table
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: TRUNCATE test_table
+ register: result
+ ignore_errors: true
+
+ - assert:
+ that:
+ - result is changed
+ - result.query == "TRUNCATE test_table"
+ - result.rowcount == 0
+ - result.statusmessage == 'TRUNCATE TABLE'
+ - result.query_result == {}
+
+ - name: postgresql_query - alter test_table
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: ALTER TABLE test_table ADD COLUMN foo int
+ register: result
+ ignore_errors: true
+
+ - assert:
+ that:
+ - result is changed
+ - result.query == "ALTER TABLE test_table ADD COLUMN foo int"
+ - result.rowcount == 0
+ - result.statusmessage == 'ALTER TABLE'
+
+ - name: postgresql_query - vacuum without autocommit must fail
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: VACUUM
+ register: result
+ ignore_errors: true
+
+ - assert:
+ that:
+ - result.failed == true
+
+ - name: postgresql_query - autocommit in check_mode must fail
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: VACUUM
+ autocommit: true
+ check_mode: true
+ register: result
+ ignore_errors: true
+
+ - assert:
+ that:
+ - result.failed == true
+ - result.msg == "Using autocommit is mutually exclusive with check_mode"
+
+ - name: postgresql_query - vacuum with autocommit
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: VACUUM
+ autocommit: true
+ register: result
+
+ - assert:
+ that:
+ - result is changed
+ - result.query == "VACUUM"
+ - result.rowcount == 0
+ - result.statusmessage == 'VACUUM'
+ - result.query_result == {}
+
+ - name: postgresql_query - create test table for issue 59955
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_table:
+ login_user: '{{ pg_user }}'
+ login_db: postgres
+ name: test_array_table
+ columns:
+ - arr_col int[]
+ when: postgres_version_resp.stdout is version('9.4', '>=')
+
+ - set_fact:
+ my_list:
+ - 1
+ - 2
+ - 3
+ my_arr: '{1, 2, 3}'
+ when: postgres_version_resp.stdout is version('9.4', '>=')
+
+ - name: postgresql_query - insert array into test table by positional args
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: INSERT INTO test_array_table (arr_col) VALUES (%s)
+ positional_args:
+ - '{{ my_list }}'
+ register: result
+ when: postgres_version_resp.stdout is version('9.4', '>=')
+
+ - assert:
+ that:
+ - result is changed
+ - result.query == "INSERT INTO test_array_table (arr_col) VALUES ('{1, 2, 3}')"
+ when: postgres_version_resp.stdout is version('9.4', '>=')
+
+ - name: postgresql_query - select array from test table by passing positional_args
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: SELECT * FROM test_array_table WHERE arr_col = %s
+ positional_args:
+ - '{{ my_list }}'
+ register: result
+ when: postgres_version_resp.stdout is version('9.4', '>=')
+
+ - assert:
+ that:
+ - result is not changed
+ - result.query == "SELECT * FROM test_array_table WHERE arr_col = '{1, 2, 3}'"
+ - result.rowcount == 1
+ when: postgres_version_resp.stdout is version('9.4', '>=')
+
+ - name: postgresql_query - select array from test table by passing named_args
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: SELECT * FROM test_array_table WHERE arr_col = %(arr_val)s
+ named_args:
+ arr_val:
+ - '{{ my_list }}'
+ register: result
+ when: postgres_version_resp.stdout is version('9.4', '>=')
+
+ - assert:
+ that:
+ - result is not changed
+ - result.query == "SELECT * FROM test_array_table WHERE arr_col = '{1, 2, 3}'"
+ - result.rowcount == 1
+ when: postgres_version_resp.stdout is version('9.4', '>=')
+
+ - name: postgresql_query - select array from test table by passing positional_args as a string
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: SELECT * FROM test_array_table WHERE arr_col = %s
+ positional_args:
+ - '{{ my_arr|string }}'
+ trust_input: true
+ register: result
+ when: postgres_version_resp.stdout is version('9.4', '>=')
+
+ - assert:
+ that:
+ - result is not changed
+ - result.query == "SELECT * FROM test_array_table WHERE arr_col = '{1, 2, 3}'"
+ - result.rowcount == 1
+ when: postgres_version_resp.stdout is version('9.4', '>=')
+
+ - name: postgresql_query - test trust_input parameter
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ session_role: 'curious.anonymous"; SELECT * FROM information_schema.tables; --'
+ query: SELECT version()
+ trust_input: false
+ ignore_errors: true
+ register: result
+
+ - assert:
+ that:
+ - result is failed
+ - result.msg is search('is potentially dangerous')
+
+ - name: postgresql_query - clean up
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_table:
+ login_user: '{{ pg_user }}'
+ login_db: postgres
+ name: test_array_table
+ state: absent
+ when: postgres_version_resp.stdout is version('9.4', '>=')
+
+ #############################
+ # Check search_path parameter
+
+ - name: postgresql_set - create test schemas
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_schema:
+ login_user: '{{ pg_user }}'
+ login_db: postgres
+ name: '{{ item }}'
+ loop:
+ - query_test1
+ - query_test2
+
+ - name: postgresql_set - create test tables
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_table:
+ login_user: '{{ pg_user }}'
+ login_db: postgres
+ name: '{{ item }}'
+ columns:
+ - id int
+ loop:
+ - 'query_test1.test1'
+ - 'query_test2.test2'
+
+ - name: postgresql_query - insert data
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: 'INSERT INTO {{ item }} (id) VALUES (1)'
+ search_path:
+ - query_test1
+ - query_test2
+ loop:
+ - test1
+ - test2
+
+ - name: postgresql_query - get data
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: 'SELECT id FROM test1'
+ search_path:
+ - query_test1
+ - query_test2
+ register: result
+
+ - assert:
+ that:
+ - result.rowcount == 1
+
+ - name: postgresql_query - get data, must fail
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: 'SELECT id FROM test1'
+ register: result
+ ignore_errors: true
+
+ - assert:
+ that:
+ - result is failed
+
+ # Tests for the as_single_query option
+ - name: Run queries from SQL script as a single query
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ path_to_script: ~{{ pg_user }}/test1.sql
+ positional_args:
+ - 1
+ encoding: UTF-8
+ as_single_query: true
+ register: result
+
+ - name: >
+ Must pass. Not changed because we can only
+ check statusmessage of the last query
+ assert:
+ that:
+ - result is not changed
+ - result.statusmessage == 'SELECT 1' or result.statusmessage == 'SELECT'
+ - result.query_list[0] == "CREATE FUNCTION add(integer, integer) RETURNS integer\n AS 'select $1 + $2;'\n LANGUAGE SQL\n IMMUTABLE\n RETURNS NULL ON NULL INPUT;\n\nSELECT story FROM test_table\n WHERE id = %s OR story = 'Данные';\n\nSELECT version();\n"
+
+ #############################################################################
+ # Issue https://github.com/ansible-collections/community.postgresql/issues/45
+ - name: Create table containing a decimal value
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: CREATE TABLE blabla (id int, num decimal)
+
+ - name: Insert data
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: INSERT INTO blabla (id, num) VALUES (1, 1::decimal)
+
+ - name: Get data
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: SELECT * FROM blabla
+ register: result
+
+ - assert:
+ that:
+ - result.rowcount == 1
+
+ #############################################################################
+ # Issue https://github.com/ansible-collections/community.postgresql/issues/47
+ - name: Get datetime.timedelta value
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: "SELECT EXTRACT(epoch from make_interval(secs => 3)) AS extract"
+ register: result
+ when: postgres_version_resp.stdout is version('10', '>=')
+
+ - assert:
+ that:
+ - result.rowcount == 1
+ - result.query_result[0]["extract"] == 3 or result.query_result[0]["extract"] == 3.0
+ when: postgres_version_resp.stdout is version('10', '>=')
+
+ - name: Get interval value
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ <<: *pg_parameters
+ query: "SELECT make_interval(secs => 3)"
+ register: result
+ when: postgres_version_resp.stdout is version('10', '>=')
+
+ - assert:
+ that:
+ - result.rowcount == 1
+ - result.query_result[0]["make_interval"] == "0:00:03"
+ when: postgres_version_resp.stdout is version('10', '>=')
From 1fb5da37122c5a0bd869b8ace727d63bb8d91313 Mon Sep 17 00:00:00 2001
From: Douglas J Hunley <doug.hunley@gmail.com>
Date: Mon, 29 Aug 2022 10:20:57 -0400
Subject: [PATCH 5/7] fix: update argspec to match docs
---
plugins/modules/postgresql_query.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/plugins/modules/postgresql_query.py b/plugins/modules/postgresql_query.py
index 0ba19146..2ceae72a 100644
--- a/plugins/modules/postgresql_query.py
+++ b/plugins/modules/postgresql_query.py
@@ -370,7 +370,7 @@ def main():
encoding=dict(type='str'),
trust_input=dict(type='bool', default=True),
search_path=dict(type='list', elements='str'),
- as_single_query=dict(type='bool'),
+ as_single_query=dict(type='bool', default=True),
)
module = AnsibleModule(
From cf71cebcb09dfa7b605ebc2ef04fa12cfd4724ec Mon Sep 17 00:00:00 2001
From: Douglas J Hunley <doug.hunley@gmail.com>
Date: Fri, 9 Sep 2022 09:36:15 -0400
Subject: [PATCH 6/7] fix: backport of #337
---
plugins/modules/postgresql_pg_hba.py | 2 +-
plugins/modules/postgresql_ping.py | 2 +-
plugins/modules/postgresql_query.py | 9 +-
.../tasks/postgresql_db_initial.yml | 2 +-
.../tasks/state_dump_restore.yml | 2 +-
.../tasks/postgresql_membership_initial.yml | 346 -----
.../tasks/pg_authid_not_readable.yml | 4 +-
.../tasks/postgresql_privs_initial.yml | 4 +-
.../tasks/postgresql_query_initial.yml | 1187 +++++++++--------
.../tasks/postgresql_user_initial.yml | 4 +-
.../postgresql_user/tasks/test_password.yml | 40 +-
11 files changed, 637 insertions(+), 965 deletions(-)
diff --git a/plugins/modules/postgresql_pg_hba.py b/plugins/modules/postgresql_pg_hba.py
index 86bc0aac..4a8d50f1 100644
--- a/plugins/modules/postgresql_pg_hba.py
+++ b/plugins/modules/postgresql_pg_hba.py
@@ -580,7 +580,7 @@ def source(self):
try:
return ipaddress.ip_network(u'{0}'.format(sourcenw), strict=False)
except ValueError:
- raise PgHbaValueError('{0} is not valid address range'.format(sourcenw))
+ raise PgHbaValueError('{0} is not a valid address range'.format(sourcenw))
try:
return ipaddress.ip_network(u'{0}'.format(self['src']), strict=False)
diff --git a/plugins/modules/postgresql_ping.py b/plugins/modules/postgresql_ping.py
index 9a475f63..ef65de91 100644
--- a/plugins/modules/postgresql_ping.py
+++ b/plugins/modules/postgresql_ping.py
@@ -69,7 +69,7 @@
# You can use the registered result with another task
- name: This task should be executed only if the server is available
# ...
- when: result.is_available == true
+ when: result.is_available
'''
RETURN = r'''
diff --git a/plugins/modules/postgresql_query.py b/plugins/modules/postgresql_query.py
index 2ceae72a..03ced09a 100644
--- a/plugins/modules/postgresql_query.py
+++ b/plugins/modules/postgresql_query.py
@@ -87,13 +87,8 @@
version_added: '1.0.0'
as_single_query:
description:
- - This option has been B(deprecated) and will be removed in community.postgresql 3.0.0,
- please use the M(community.postgresql.postgresql_script) module to execute
- statements from scripts.
- If C(true), when reading from the I(path_to_script) file,
- executes its whole content in a single query (not splitting it up
- into separate queries by semicolons). It brings the following changes in
- the module's behavior.
+ executes its whole content in a single query.
- When C(true), the C(query_all_results) return value
contains only the result of the last statement.
- Whether the state is reported as changed or not
@@ -370,7 +365,7 @@ def main():
encoding=dict(type='str'),
trust_input=dict(type='bool', default=True),
search_path=dict(type='list', elements='str'),
- as_single_query=dict(type='bool', default=True),
+ as_single_query=dict(type='bool'),
)
module = AnsibleModule(
diff --git a/tests/integration/targets/postgresql_db/tasks/postgresql_db_initial.yml b/tests/integration/targets/postgresql_db/tasks/postgresql_db_initial.yml
index 472524a2..8babc056 100644
--- a/tests/integration/targets/postgresql_db/tasks/postgresql_db_initial.yml
+++ b/tests/integration/targets/postgresql_db/tasks/postgresql_db_initial.yml
@@ -232,7 +232,7 @@
become: true
postgresql_user:
name: "{{ item }}"
- encrypted: 'true'
+ encrypted: true
password: "md55c8ccfd9d6711fc69a7eae647fc54f51"
login_user: "{{ pg_user }}"
db: postgres
diff --git a/tests/integration/targets/postgresql_db/tasks/state_dump_restore.yml b/tests/integration/targets/postgresql_db/tasks/state_dump_restore.yml
index 0292ca31..54560592 100644
--- a/tests/integration/targets/postgresql_db/tasks/state_dump_restore.yml
+++ b/tests/integration/targets/postgresql_db/tasks/state_dump_restore.yml
@@ -25,7 +25,7 @@
postgresql_user:
name: "{{ db_user1 }}"
state: "present"
- encrypted: 'true'
+ encrypted: true
password: "password"
role_attr_flags: "CREATEDB,LOGIN,CREATEROLE"
login_user: "{{ pg_user }}"
diff --git a/tests/integration/targets/postgresql_membership/tasks/postgresql_membership_initial.yml b/tests/integration/targets/postgresql_membership/tasks/postgresql_membership_initial.yml
index 3c8ef17a..7ed21b2b 100644
--- a/tests/integration/targets/postgresql_membership/tasks/postgresql_membership_initial.yml
+++ b/tests/integration/targets/postgresql_membership/tasks/postgresql_membership_initial.yml
@@ -388,349 +388,3 @@
that:
- result is failed
- result.msg == 'Role {{ dangerous_name }} does not exist'
-
-########################
-# Tests for match method
-- name: Revoke all groups from a role check mode
- become_user: "{{ pg_user }}"
- become: true
- postgresql_membership:
- login_user: "{{ pg_user }}"
- db: postgres
- groups: []
- user: "{{ test_user1 }}"
- state: exact
- register: result
- check_mode: true
-
-- assert:
- that:
- - result is changed
- - result.queries == ["REVOKE \"{{ test_group1 }}\" FROM \"{{ test_user1 }}\"", "REVOKE \"{{ test_group2 }}\" FROM \"{{ test_user1 }}\"", "REVOKE \"{{ test_group3 }}\" FROM \"{{ test_user1 }}\""],
- - result.revoked["group.with.dots"] == ["{{ test_user1 }}"]
- - result.revoked["group1"] == ["{{ test_user1 }}"]
- - result.revoked["group2"] == ["{{ test_user1 }}"]
- - result.granted == {}
-
-
-- name: Check result of prev task
- become_user: "{{ pg_user }}"
- become: true
- postgresql_query:
- login_user: "{{ pg_user }}"
- db: postgres
- query: "SELECT ARRAY(SELECT b.rolname FROM pg_catalog.pg_auth_members m JOIN pg_catalog.pg_roles b ON (m.roleid = b.oid) WHERE m.member = r.oid) FROM pg_catalog.pg_roles r WHERE r.rolname = '{{ test_user1 }}'"
- register: result
-
-- assert:
- that:
- - result.query_result.0.array == ['{{ test_group1 }}', '{{ test_group2 }}', '{{ test_group3 }}']
-
-- name: Revoke all groups from a role actual mode
- become_user: "{{ pg_user }}"
- become: true
- postgresql_membership:
- login_user: "{{ pg_user }}"
- db: postgres
- groups: []
- user: "{{ test_user1 }}"
- state: exact
- register: result
-
-- assert:
- that:
- - result is changed
- - result.queries == ["REVOKE \"{{ test_group1 }}\" FROM \"{{ test_user1 }}\"", "REVOKE \"{{ test_group2 }}\" FROM \"{{ test_user1 }}\"", "REVOKE \"{{ test_group3 }}\" FROM \"{{ test_user1 }}\""],
- - result.revoked["group.with.dots"] == ["{{ test_user1 }}"]
- - result.revoked["group1"] == ["{{ test_user1 }}"]
- - result.revoked["group2"] == ["{{ test_user1 }}"]
- - result.granted == {}
-
-
-- name: Check result of prev task
- become_user: "{{ pg_user }}"
- become: true
- postgresql_query:
- login_user: "{{ pg_user }}"
- db: postgres
- query: "SELECT ARRAY(SELECT b.rolname FROM pg_catalog.pg_auth_members m JOIN pg_catalog.pg_roles b ON (m.roleid = b.oid) WHERE m.member = r.oid) FROM pg_catalog.pg_roles r WHERE r.rolname = '{{ test_user1 }}'"
- register: result
-
-- assert:
- that:
- - result.query_result.0.array == []
-
-- name: Grant all groups to a role check mode
- become_user: "{{ pg_user }}"
- become: true
- postgresql_membership:
- login_user: "{{ pg_user }}"
- db: postgres
- groups:
- - "{{ test_group1 }}"
- - "{{ test_group2 }}"
- - "{{ test_group3 }}"
- user: "{{ test_user1 }}"
- state: exact
- register: result
- check_mode: true
-
-- assert:
- that:
- - result is changed
- - result.queries == ["GRANT \"{{ test_group1 }}\" TO \"{{ test_user1 }}\"", "GRANT \"{{ test_group2 }}\" TO \"{{ test_user1 }}\"", "GRANT \"{{ test_group3 }}\" TO \"{{ test_user1 }}\""],
- - result.granted["group.with.dots"] == ["{{ test_user1 }}"]
- - result.granted["group1"] == ["{{ test_user1 }}"]
- - result.granted["group2"] == ["{{ test_user1 }}"]
- - result.revoked == {}
-
-
-- name: Check result of prev task
- become_user: "{{ pg_user }}"
- become: true
- postgresql_query:
- login_user: "{{ pg_user }}"
- db: postgres
- query: "SELECT ARRAY(SELECT b.rolname FROM pg_catalog.pg_auth_members m JOIN pg_catalog.pg_roles b ON (m.roleid = b.oid) WHERE m.member = r.oid) FROM pg_catalog.pg_roles r WHERE r.rolname = '{{ test_user1 }}'"
- register: result
-
-- assert:
- that:
- - result.query_result.0.array == []
-
-- name: Grant all groups to a role real mode
- become_user: "{{ pg_user }}"
- become: true
- postgresql_membership:
- login_user: "{{ pg_user }}"
- db: postgres
- groups:
- - "{{ test_group1 }}"
- - "{{ test_group2 }}"
- - "{{ test_group3 }}"
- user: "{{ test_user1 }}"
- state: exact
- register: result
-
-- assert:
- that:
- - result is changed
- - result.queries == ["GRANT \"{{ test_group1 }}\" TO \"{{ test_user1 }}\"", "GRANT \"{{ test_group2 }}\" TO \"{{ test_user1 }}\"", "GRANT \"{{ test_group3 }}\" TO \"{{ test_user1 }}\""],
- - result.granted["group.with.dots"] == ["{{ test_user1 }}"]
- - result.granted["group1"] == ["{{ test_user1 }}"]
- - result.granted["group2"] == ["{{ test_user1 }}"]
- - result.revoked == {}
-
-
-- name: Check result of prev task
- become_user: "{{ pg_user }}"
- become: true
- postgresql_query:
- login_user: "{{ pg_user }}"
- db: postgres
- query: "SELECT ARRAY(SELECT b.rolname FROM pg_catalog.pg_auth_members m JOIN pg_catalog.pg_roles b ON (m.roleid = b.oid) WHERE m.member = r.oid) FROM pg_catalog.pg_roles r WHERE r.rolname = '{{ test_user1 }}'"
- register: result
-
-- assert:
- that:
- - result.query_result.0.array == ['{{ test_group1 }}', '{{ test_group2 }}', '{{ test_group3 }}']
-
-- name: Change groups 1
- become_user: "{{ pg_user }}"
- become: true
- postgresql_membership:
- login_user: "{{ pg_user }}"
- db: postgres
- groups:
- - "{{ test_group1 }}"
- user: "{{ test_user1 }}"
- state: exact
- register: result
-
-- assert:
- that:
- - result is changed
- - result.queries == ["REVOKE \"{{ test_group2 }}\" FROM \"{{ test_user1 }}\"", "REVOKE \"{{ test_group3 }}\" FROM \"{{ test_user1 }}\""],
- - result.revoked["group.with.dots"] == ["{{ test_user1 }}"]
- - result.revoked["group2"] == ["{{ test_user1 }}"]
- - result.granted == {}
-
-
-- name: Check result of prev task
- become_user: "{{ pg_user }}"
- become: true
- postgresql_query:
- login_user: "{{ pg_user }}"
- db: postgres
- query: "SELECT ARRAY(SELECT b.rolname FROM pg_catalog.pg_auth_members m JOIN pg_catalog.pg_roles b ON (m.roleid = b.oid) WHERE m.member = r.oid) FROM pg_catalog.pg_roles r WHERE r.rolname = '{{ test_user1 }}'"
- register: result
-
-- assert:
- that:
- - result.query_result.0.array == ['{{ test_group1 }}']
-
-- name: Change groups 2
- become_user: "{{ pg_user }}"
- become: true
- postgresql_membership:
- login_user: "{{ pg_user }}"
- db: postgres
- groups:
- - "{{ test_group2 }}"
- - "{{ test_group3 }}"
- user: "{{ test_user1 }}"
- state: exact
- register: result
-
-- assert:
- that:
- - result is changed
- - result.queries == ["REVOKE \"{{ test_group1 }}\" FROM \"{{ test_user1 }}\"", "GRANT \"{{ test_group2 }}\" TO \"{{ test_user1 }}\"", "GRANT \"{{ test_group3 }}\" TO \"{{ test_user1 }}\""],
- - result.granted["group.with.dots"] == ["{{ test_user1 }}"]
- - result.granted["group2"] == ["{{ test_user1 }}"]
- - result.revoked["group1"] == ["{{ test_user1 }}"]
-
-- name: Check result of prev task
- become_user: "{{ pg_user }}"
- become: true
- postgresql_query:
- login_user: "{{ pg_user }}"
- db: postgres
- query: "SELECT ARRAY(SELECT b.rolname FROM pg_catalog.pg_auth_members m JOIN pg_catalog.pg_roles b ON (m.roleid = b.oid) WHERE m.member = r.oid) FROM pg_catalog.pg_roles r WHERE r.rolname = '{{ test_user1 }}'"
- register: result
-
-- assert:
- that:
- - result.query_result.0.array == ['{{ test_group2 }}', '{{ test_group3 }}']
-
-- name: Change groups 2 again
- become_user: "{{ pg_user }}"
- become: true
- postgresql_membership:
- login_user: "{{ pg_user }}"
- db: postgres
- groups:
- - "{{ test_group2 }}"
- - "{{ test_group3 }}"
- user: "{{ test_user1 }}"
- state: exact
- register: result
-
-- assert:
- that:
- - result is not changed
- - result.queries == [],
- - result.granted == {}
- - result.revoked == {}
-
-
-- name: Check result of prev task
- become_user: "{{ pg_user }}"
- become: true
- postgresql_query:
- login_user: "{{ pg_user }}"
- db: postgres
- query: "SELECT ARRAY(SELECT b.rolname FROM pg_catalog.pg_auth_members m JOIN pg_catalog.pg_roles b ON (m.roleid = b.oid) WHERE m.member = r.oid) FROM pg_catalog.pg_roles r WHERE r.rolname = '{{ test_user1 }}'"
- register: result
-
-- assert:
- that:
- - result.query_result.0.array == ['{{ test_group2 }}', '{{ test_group3 }}']
-
-- name: Change groups for two users
- become_user: "{{ pg_user }}"
- become: true
- postgresql_membership:
- login_user: "{{ pg_user }}"
- db: postgres
- groups:
- - "{{ test_group1 }}"
- - "{{ test_group2 }}"
- - "{{ test_group3 }}"
- users:
- - "{{ test_user1 }}"
- - "{{ test_user2 }}"
- state: exact
- register: result
-
-- assert:
- that:
- - result is changed
- - result.queries == ["GRANT \"{{ test_group1 }}\" TO \"{{ test_user1 }}\"", "GRANT \"{{ test_group3 }}\" TO \"{{ test_user2 }}\""],
- - result.granted["group1"] == ["{{ test_user1 }}"]
- - result.granted["group.with.dots"] == ["{{ test_user2 }}"]
- - result.revoked == {}
-
-- name: Check result of prev task for {{ test_user1 }}
- become_user: "{{ pg_user }}"
- become: true
- postgresql_query:
- login_user: "{{ pg_user }}"
- db: postgres
- query: "SELECT ARRAY(SELECT b.rolname FROM pg_catalog.pg_auth_members m JOIN pg_catalog.pg_roles b ON (m.roleid = b.oid) WHERE m.member = r.oid) FROM pg_catalog.pg_roles r WHERE r.rolname = '{{ test_user1 }}'"
- register: result
-
-- assert:
- that:
- - result.query_result.0.array == ['{{ test_group1 }}', '{{ test_group2 }}', '{{ test_group3 }}']
-
-- name: Check result of prev task for {{ test_user2 }}
- become_user: "{{ pg_user }}"
- become: true
- postgresql_query:
- login_user: "{{ pg_user }}"
- db: postgres
- query: "SELECT ARRAY(SELECT b.rolname FROM pg_catalog.pg_auth_members m JOIN pg_catalog.pg_roles b ON (m.roleid = b.oid) WHERE m.member = r.oid) FROM pg_catalog.pg_roles r WHERE r.rolname = '{{ test_user2 }}'"
- register: result
-
-- assert:
- that:
- - result.query_result.0.array == ['{{ test_group1 }}', '{{ test_group2 }}', '{{ test_group3 }}']
-
-- name: Change groups for two users 2
- become_user: "{{ pg_user }}"
- become: true
- postgresql_membership:
- login_user: "{{ pg_user }}"
- db: postgres
- groups:
- - "{{ test_group2 }}"
- - "{{ test_group3 }}"
- users:
- - "{{ test_user1 }}"
- - "{{ test_user2 }}"
- state: exact
- register: result
-
-- assert:
- that:
- - result is changed
- - result.queries == ["REVOKE \"{{ test_group1 }}\" FROM \"{{ test_user1 }}\"", "REVOKE \"{{ test_group1 }}\" FROM \"{{ test_user2 }}\""],
- - result.revoked["group1"] == ["{{ test_user1 }}", "{{ test_user2 }}"]
- - result.granted == {}
-
-- name: Check result of prev task for {{ test_user1 }}
- become_user: "{{ pg_user }}"
- become: true
- postgresql_query:
- login_user: "{{ pg_user }}"
- db: postgres
- query: "SELECT ARRAY(SELECT b.rolname FROM pg_catalog.pg_auth_members m JOIN pg_catalog.pg_roles b ON (m.roleid = b.oid) WHERE m.member = r.oid) FROM pg_catalog.pg_roles r WHERE r.rolname = '{{ test_user1 }}'"
- register: result
-
-- assert:
- that:
- - result.query_result.0.array == ['{{ test_group2 }}', '{{ test_group3 }}']
-
-- name: Check result of prev task for {{ test_user2 }}
- become_user: "{{ pg_user }}"
- become: true
- postgresql_query:
- login_user: "{{ pg_user }}"
- db: postgres
- query: "SELECT ARRAY(SELECT b.rolname FROM pg_catalog.pg_auth_members m JOIN pg_catalog.pg_roles b ON (m.roleid = b.oid) WHERE m.member = r.oid) FROM pg_catalog.pg_roles r WHERE r.rolname = '{{ test_user2 }}'"
- register: result
-
-- assert:
- that:
- - result.query_result.0.array == ['{{ test_group2 }}', '{{ test_group3 }}']
diff --git a/tests/integration/targets/postgresql_privs/tasks/pg_authid_not_readable.yml b/tests/integration/targets/postgresql_privs/tasks/pg_authid_not_readable.yml
index 3f810d47..b5e6870c 100644
--- a/tests/integration/targets/postgresql_privs/tasks/pg_authid_not_readable.yml
+++ b/tests/integration/targets/postgresql_privs/tasks/pg_authid_not_readable.yml
@@ -3,7 +3,7 @@
become: true
postgresql_user:
name: "{{ db_user1 }}"
- encrypted: 'true'
+ encrypted: true
password: "md5{{ (db_password ~ db_user1) | hash('md5')}}"
db: "{{ db_name }}"
priv: 'test_table1:INSERT,SELECT,UPDATE,DELETE,TRUNCATE,REFERENCES,TRIGGER/test_table2:INSERT/CREATE,CONNECT,TEMP'
@@ -34,7 +34,7 @@
become: true
postgresql_user:
name: "{{ db_user1 }}"
- encrypted: 'true'
+ encrypted: true
password: "md5{{ (db_password ~ db_user1) | hash('md5')}}"
db: "{{ db_name }}"
priv: 'test_table1:INSERT,SELECT,UPDATE,DELETE,TRUNCATE,REFERENCES,TRIGGER/test_table2:INSERT/CREATE,CONNECT,TEMP'
diff --git a/tests/integration/targets/postgresql_privs/tasks/postgresql_privs_initial.yml b/tests/integration/targets/postgresql_privs/tasks/postgresql_privs_initial.yml
index 814bc348..87b0b8c0 100644
--- a/tests/integration/targets/postgresql_privs/tasks/postgresql_privs_initial.yml
+++ b/tests/integration/targets/postgresql_privs/tasks/postgresql_privs_initial.yml
@@ -30,7 +30,7 @@
become: true
postgresql_user:
name: "{{ db_user1 }}"
- encrypted: 'true'
+ encrypted: true
password: "md5{{ (db_password ~ db_user1) | hash('md5')}}"
db: "{{ db_name }}"
priv: 'test_table1:INSERT,SELECT,UPDATE,DELETE,TRUNCATE,REFERENCES,TRIGGER/test_table2:INSERT/CREATE,CONNECT,TEMP'
@@ -76,7 +76,7 @@
become: true
postgresql_user:
name: "{{ db_user1 }}"
- encrypted: 'true'
+ encrypted: true
password: "md55c8ccfd9d6711fc69a7eae647fc54f51"
db: "{{ db_name }}"
priv: 'test_table2:select'
diff --git a/tests/integration/targets/postgresql_query/tasks/postgresql_query_initial.yml b/tests/integration/targets/postgresql_query/tasks/postgresql_query_initial.yml
index f15f4ae8..fb2340d7 100644
--- a/tests/integration/targets/postgresql_query/tasks/postgresql_query_initial.yml
+++ b/tests/integration/targets/postgresql_query/tasks/postgresql_query_initial.yml
@@ -1,585 +1,608 @@
-- vars:
- pg_parameters: &pg_parameters
- login_user: '{{ pg_user }}'
- login_db: postgres
- connect_params:
- connect_timeout: 30
-
- block:
-
- - name: postgresql_query - drop test table if exists
- become_user: '{{ pg_user }}'
- become: true
- shell: psql postgres -U "{{ pg_user }}" -t -c "DROP TABLE IF EXISTS test_table;"
- ignore_errors: true
-
- - name: postgresql_query - create test table called test_table
- become_user: '{{ pg_user }}'
- become: true
- shell: psql postgres -U "{{ pg_user }}" -t -c "CREATE TABLE test_table (id int, story text);"
- ignore_errors: true
-
- - name: postgresql_query - insert some data into test_table
- become_user: '{{ pg_user }}'
- become: true
- shell: psql postgres -U "{{ pg_user }}" -t -c "INSERT INTO test_table (id, story) VALUES (1, 'first'), (2, 'second'), (3, 'third');"
- ignore_errors: true
-
- - name: Copy script files
- become: true
- copy:
- src: '{{ item }}'
- dest: '~{{ pg_user }}/{{ item }}'
- owner: '{{ pg_user }}'
- force: true
- loop:
- - test0.sql
- - test1.sql
- register: sql_file_created
- ignore_errors: true
-
- - name: postgresql_query - analyze test_table
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: ANALYZE test_table
- register: result
- ignore_errors: true
-
- - assert:
- that:
- - result is changed
- - result.query == 'ANALYZE test_table'
- - result.query_list == ['ANALYZE test_table']
- - result.rowcount == 0
- - result.statusmessage == 'ANALYZE'
- - result.query_result == {}
- - result.query_all_results == [{}]
-
- - name: postgresql_query - run queries from SQL script
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- path_to_script: ~{{ pg_user }}/test0.sql
- positional_args:
- - 1
- encoding: UTF-8
- as_single_query: false
- register: result
- ignore_errors: true
- when: sql_file_created
-
- - assert:
- that:
- - result is not changed
- - result.query == "\n\nSELECT story FROM test_table\n WHERE id = 1 OR story = 'Данные'"
- - result.query_result[0].story == 'first'
- - result.rowcount == 2
- - result.statusmessage == 'SELECT 1' or result.statusmessage == 'SELECT'
- when: sql_file_created
-
- - name: postgresql_query - simple select query to test_table
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: SELECT * FROM test_table
- register: result
- ignore_errors: true
-
- - assert:
- that:
- - result is not changed
- - result.query == 'SELECT * FROM test_table'
- - result.rowcount == 3
- - result.statusmessage == 'SELECT 3' or result.statusmessage == 'SELECT'
- - result.query_result[0].id == 1
- - result.query_result[1].id == 2
- - result.query_result[2].id == 3
- - result.query_result[0].story == 'first'
- - result.query_result[1].story == 'second'
- - result.query_result[2].story == 'third'
-
- - name: postgresql_query - select query with named args
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: SELECT id FROM test_table WHERE id = %(id_val)s AND story = %(story_val)s
- named_args:
- id_val: 1
- story_val: first
- register: result
- ignore_errors: true
-
- - assert:
- that:
- - result is not changed
- - result.query == "SELECT id FROM test_table WHERE id = 1 AND story = 'first'" or result.query == "SELECT id FROM test_table WHERE id = 1 AND story = E'first'"
- - result.rowcount == 1
- - result.statusmessage == 'SELECT 1' or result.statusmessage == 'SELECT'
- - result.query_result[0].id == 1
-
- - name: postgresql_query - select query with positional arguments
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: SELECT story FROM test_table WHERE id = %s AND story = %s
- positional_args:
- - 2
- - second
- register: result
- ignore_errors: true
-
- - assert:
- that:
- - result is not changed
- - result.query == "SELECT story FROM test_table WHERE id = 2 AND story = 'second'" or result.query == "SELECT story FROM test_table WHERE id = 2 AND story = E'second'"
- - result.rowcount == 1
- - result.statusmessage == 'SELECT 1' or result.statusmessage == 'SELECT'
- - result.query_result[0].story == 'second'
-
- - name: postgresql_query - simple update query
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: UPDATE test_table SET story = 'new' WHERE id = 3
- register: result
- ignore_errors: true
-
- - assert:
- that:
- - result is changed
- - result.query == "UPDATE test_table SET story = 'new' WHERE id = 3"
- - result.rowcount == 1
- - result.statusmessage == 'UPDATE 1'
- - result.query_result == {}
-
- - name: check the previous update
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: SELECT * FROM test_table WHERE story = 'new' AND id = 3
- register: result
-
- - assert:
- that:
- - result.rowcount == 1
-
- - name: postgresql_query - simple update query in check_mode
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: UPDATE test_table SET story = 'CHECK_MODE' WHERE id = 3
- register: result
- check_mode: true
-
- - assert:
- that:
- - result is changed
- - result.query == "UPDATE test_table SET story = 'CHECK_MODE' WHERE id = 3"
- - result.rowcount == 1
- - result.statusmessage == 'UPDATE 1'
- - result.query_result == {}
-
- - name: check the previous update that nothing has been changed
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: SELECT * FROM test_table WHERE story = 'CHECK_MODE' AND id = 3
- register: result
-
- - assert:
- that:
- - result.rowcount == 0
-
- - name: postgresql_query - try to update not existing row
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: UPDATE test_table SET story = 'new' WHERE id = 100
- register: result
- ignore_errors: true
-
- - assert:
- that:
- - result is not changed
- - result.query == "UPDATE test_table SET story = 'new' WHERE id = 100"
- - result.rowcount == 0
- - result.statusmessage == 'UPDATE 0'
- - result.query_result == {}
-
- - name: postgresql_query - insert query
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: INSERT INTO test_table (id, story) VALUES (%s, %s)
- positional_args:
- - 4
- - fourth
- register: result
- ignore_errors: true
-
- - assert:
- that:
- - result is changed
- - result.query == "INSERT INTO test_table (id, story) VALUES (4, 'fourth')" or result.query == "INSERT INTO test_table (id, story) VALUES (4, E'fourth')"
- - result.rowcount == 1
- - result.statusmessage == 'INSERT 0 1'
- - result.query_result == {}
-
- - name: postgresql_query - truncate test_table
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: TRUNCATE test_table
- register: result
- ignore_errors: true
-
- - assert:
- that:
- - result is changed
- - result.query == "TRUNCATE test_table"
- - result.rowcount == 0
- - result.statusmessage == 'TRUNCATE TABLE'
- - result.query_result == {}
-
- - name: postgresql_query - alter test_table
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: ALTER TABLE test_table ADD COLUMN foo int
- register: result
- ignore_errors: true
-
- - assert:
- that:
- - result is changed
- - result.query == "ALTER TABLE test_table ADD COLUMN foo int"
- - result.rowcount == 0
- - result.statusmessage == 'ALTER TABLE'
-
- - name: postgresql_query - vacuum without autocommit must fail
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: VACUUM
- register: result
- ignore_errors: true
-
- - assert:
- that:
- - result.failed == true
-
- - name: postgresql_query - autocommit in check_mode must fail
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: VACUUM
- autocommit: true
- check_mode: true
- register: result
- ignore_errors: true
-
- - assert:
- that:
- - result.failed == true
- - result.msg == "Using autocommit is mutually exclusive with check_mode"
-
- - name: postgresql_query - vacuum with autocommit
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: VACUUM
- autocommit: true
- register: result
-
- - assert:
- that:
- - result is changed
- - result.query == "VACUUM"
- - result.rowcount == 0
- - result.statusmessage == 'VACUUM'
- - result.query_result == {}
-
- - name: postgresql_query - create test table for issue 59955
- become_user: '{{ pg_user }}'
- become: true
- postgresql_table:
- login_user: '{{ pg_user }}'
- login_db: postgres
- name: test_array_table
- columns:
- - arr_col int[]
- when: postgres_version_resp.stdout is version('9.4', '>=')
-
- - set_fact:
- my_list:
- - 1
- - 2
- - 3
- my_arr: '{1, 2, 3}'
- when: postgres_version_resp.stdout is version('9.4', '>=')
-
- - name: postgresql_query - insert array into test table by positional args
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: INSERT INTO test_array_table (arr_col) VALUES (%s)
- positional_args:
+- name: postgresql_query - drop test table if exists
+ become_user: '{{ pg_user }}'
+ become: true
+ shell: psql postgres -U "{{ pg_user }}" -t -c "DROP TABLE IF EXISTS test_table;"
+ ignore_errors: true
+
+- name: postgresql_query - create test table called test_table
+ become_user: '{{ pg_user }}'
+ become: true
+ shell: psql postgres -U "{{ pg_user }}" -t -c "CREATE TABLE test_table (id int, story text);"
+ ignore_errors: true
+
+- name: postgresql_query - insert some data into test_table
+ become_user: '{{ pg_user }}'
+ become: true
+ shell: psql postgres -U "{{ pg_user }}" -t -c "INSERT INTO test_table (id, story) VALUES (1, 'first'), (2, 'second'), (3, 'third');"
+ ignore_errors: true
+
+- name: Copy script files
+ become: true
+ copy:
+ src: '{{ item }}'
+ dest: '~{{ pg_user }}/{{ item }}'
+ owner: '{{ pg_user }}'
+ force: true
+ loop:
+ - test0.sql
+ - test1.sql
+ register: sql_file_created
+ ignore_errors: true
+
+- name: postgresql_query - analyze test_table
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ db: postgres
+ query: ANALYZE test_table
+ register: result
+ ignore_errors: true
+
+- assert:
+ that:
+ - result is changed
+ - result.query == 'ANALYZE test_table'
+ - result.query_list == ['ANALYZE test_table']
+ - result.rowcount == 0
+ - result.statusmessage == 'ANALYZE'
+ - result.query_result == {}
+ - result.query_all_results == [{}]
+
+- name: postgresql_query - run queries from SQL script
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ db: postgres
+ path_to_script: ~{{ pg_user }}/test0.sql
+ positional_args:
+ - 1
+ encoding: UTF-8
+ as_single_query: false
+ register: result
+ ignore_errors: true
+ when: sql_file_created
+
+- assert:
+ that:
+ - result is not changed
+ - result.query == "\n\nSELECT story FROM test_table\n WHERE id = 1 OR story = 'Данные'"
+ - result.query_result[0].story == 'first'
+ - result.query_all_results[0][0].version is search('PostgreSQL')
+ - result.query_all_results[1][0].story == 'first'
+ - result.rowcount == 2
+ - result.statusmessage == 'SELECT 1' or result.statusmessage == 'SELECT'
+ when: sql_file_created
+
+- name: postgresql_query - simple select query to test_table
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ db: postgres
+ query: SELECT * FROM test_table
+ register: result
+ ignore_errors: true
+
+- assert:
+ that:
+ - result is not changed
+ - result.query == 'SELECT * FROM test_table'
+ - result.rowcount == 3
+ - result.statusmessage == 'SELECT 3' or result.statusmessage == 'SELECT'
+ - result.query_result[0].id == 1
+ - result.query_result[1].id == 2
+ - result.query_result[2].id == 3
+ - result.query_result[0].story == 'first'
+ - result.query_result[1].story == 'second'
+ - result.query_result[2].story == 'third'
+
+- name: postgresql_query - select query with named args
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ db: postgres
+ query: SELECT id FROM test_table WHERE id = %(id_val)s AND story = %(story_val)s
+ named_args:
+ id_val: 1
+ story_val: first
+ register: result
+ ignore_errors: true
+
+- assert:
+ that:
+ - result is not changed
+ - result.query == "SELECT id FROM test_table WHERE id = 1 AND story = 'first'" or result.query == "SELECT id FROM test_table WHERE id = 1 AND story = E'first'"
+ - result.rowcount == 1
+ - result.statusmessage == 'SELECT 1' or result.statusmessage == 'SELECT'
+ - result.query_result[0].id == 1
+
+- name: postgresql_query - select query with positional arguments
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ db: postgres
+ query: SELECT story FROM test_table WHERE id = %s AND story = %s
+ positional_args:
+ - 2
+ - second
+ register: result
+ ignore_errors: true
+
+- assert:
+ that:
+ - result is not changed
+ - result.query == "SELECT story FROM test_table WHERE id = 2 AND story = 'second'" or result.query == "SELECT story FROM test_table WHERE id = 2 AND story = E'second'"
+ - result.rowcount == 1
+ - result.statusmessage == 'SELECT 1' or result.statusmessage == 'SELECT'
+ - result.query_result[0].story == 'second'
+
+- name: postgresql_query - simple update query
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ db: postgres
+ query: UPDATE test_table SET story = 'new' WHERE id = 3
+ register: result
+ ignore_errors: true
+
+- assert:
+ that:
+ - result is changed
+ - result.query == "UPDATE test_table SET story = 'new' WHERE id = 3"
+ - result.rowcount == 1
+ - result.statusmessage == 'UPDATE 1'
+ - result.query_result == {}
+
+- name: check the previous update
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ db: postgres
+ query: SELECT * FROM test_table WHERE story = 'new' AND id = 3
+ register: result
+
+- assert:
+ that:
+ - result.rowcount == 1
+
+- name: postgresql_query - simple update query in check_mode
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ db: postgres
+ query: UPDATE test_table SET story = 'CHECK_MODE' WHERE id = 3
+ register: result
+ check_mode: true
+
+- assert:
+ that:
+ - result is changed
+ - result.query == "UPDATE test_table SET story = 'CHECK_MODE' WHERE id = 3"
+ - result.rowcount == 1
+ - result.statusmessage == 'UPDATE 1'
+ - result.query_result == {}
+
+- name: check the previous update that nothing has been changed
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ db: postgres
+ query: SELECT * FROM test_table WHERE story = 'CHECK_MODE' AND id = 3
+ register: result
+
+- assert:
+ that:
+ - result.rowcount == 0
+
+- name: postgresql_query - try to update not existing row
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ db: postgres
+ query: UPDATE test_table SET story = 'new' WHERE id = 100
+ register: result
+ ignore_errors: true
+
+- assert:
+ that:
+ - result is not changed
+ - result.query == "UPDATE test_table SET story = 'new' WHERE id = 100"
+ - result.rowcount == 0
+ - result.statusmessage == 'UPDATE 0'
+ - result.query_result == {}
+
+- name: postgresql_query - insert query
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ db: postgres
+ query: INSERT INTO test_table (id, story) VALUES (%s, %s)
+ positional_args:
+ - 4
+ - fourth
+ register: result
+ ignore_errors: true
+
+- assert:
+ that:
+ - result is changed
+ - result.query == "INSERT INTO test_table (id, story) VALUES (4, 'fourth')" or result.query == "INSERT INTO test_table (id, story) VALUES (4, E'fourth')"
+ - result.rowcount == 1
+ - result.statusmessage == 'INSERT 0 1'
+ - result.query_result == {}
+
+- name: postgresql_query - truncate test_table
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ db: postgres
+ query: TRUNCATE test_table
+ register: result
+ ignore_errors: true
+
+- assert:
+ that:
+ - result is changed
+ - result.query == "TRUNCATE test_table"
+ - result.rowcount == 0
+ - result.statusmessage == 'TRUNCATE TABLE'
+ - result.query_result == {}
+
+- name: postgresql_query - alter test_table
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ db: postgres
+ query: ALTER TABLE test_table ADD COLUMN foo int
+ register: result
+ ignore_errors: true
+
+- assert:
+ that:
+ - result is changed
+ - result.query == "ALTER TABLE test_table ADD COLUMN foo int"
+ - result.rowcount == 0
+ - result.statusmessage == 'ALTER TABLE'
+
+- name: postgresql_query - vacuum without autocommit must fail
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ db: postgres
+ query: VACUUM
+ register: result
+ ignore_errors: true
+
+- assert:
+ that:
+ - result.failed == true
+
+- name: postgresql_query - autocommit in check_mode must fail
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ db: postgres
+ query: VACUUM
+ autocommit: true
+ check_mode: true
+ register: result
+ ignore_errors: true
+
+- assert:
+ that:
+ - result.failed == true
+ - result.msg == "Using autocommit is mutually exclusive with check_mode"
+
+- name: postgresql_query - vacuum with autocommit
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ db: postgres
+ query: VACUUM
+ autocommit: true
+ register: result
+
+- assert:
+ that:
+ - result is changed
+ - result.query == "VACUUM"
+ - result.rowcount == 0
+ - result.statusmessage == 'VACUUM'
+ - result.query_result == {}
+
+- name: postgresql_query - create test table for issue 59955
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_table:
+ login_user: '{{ pg_user }}'
+ login_db: postgres
+ name: test_array_table
+ columns:
+ - arr_col int[]
+ when: postgres_version_resp.stdout is version('9.4', '>=')
+
+- set_fact:
+ my_list:
+ - 1
+ - 2
+ - 3
+ my_arr: '{1, 2, 3}'
+ when: postgres_version_resp.stdout is version('9.4', '>=')
+
+- name: postgresql_query - insert array into test table by positional args
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ login_db: postgres
+ query: INSERT INTO test_array_table (arr_col) VALUES (%s)
+ positional_args:
+ - '{{ my_list }}'
+ register: result
+ when: postgres_version_resp.stdout is version('9.4', '>=')
+
+- assert:
+ that:
+ - result is changed
+ - result.query == "INSERT INTO test_array_table (arr_col) VALUES ('{1, 2, 3}')"
+ when: postgres_version_resp.stdout is version('9.4', '>=')
+
+- name: postgresql_query - select array from test table by passing positional_args
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ login_db: postgres
+ query: SELECT * FROM test_array_table WHERE arr_col = %s
+ positional_args:
+ - '{{ my_list }}'
+ register: result
+ when: postgres_version_resp.stdout is version('9.4', '>=')
+
+- assert:
+ that:
+ - result is not changed
+ - result.query == "SELECT * FROM test_array_table WHERE arr_col = '{1, 2, 3}'"
+ - result.rowcount == 1
+ when: postgres_version_resp.stdout is version('9.4', '>=')
+
+- name: postgresql_query - select array from test table by passing named_args
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ login_db: postgres
+ query: SELECT * FROM test_array_table WHERE arr_col = %(arr_val)s
+ named_args:
+ arr_val:
- '{{ my_list }}'
- register: result
- when: postgres_version_resp.stdout is version('9.4', '>=')
-
- - assert:
- that:
- - result is changed
- - result.query == "INSERT INTO test_array_table (arr_col) VALUES ('{1, 2, 3}')"
- when: postgres_version_resp.stdout is version('9.4', '>=')
-
- - name: postgresql_query - select array from test table by passing positional_args
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: SELECT * FROM test_array_table WHERE arr_col = %s
- positional_args:
- - '{{ my_list }}'
- register: result
- when: postgres_version_resp.stdout is version('9.4', '>=')
-
- - assert:
- that:
- - result is not changed
- - result.query == "SELECT * FROM test_array_table WHERE arr_col = '{1, 2, 3}'"
- - result.rowcount == 1
- when: postgres_version_resp.stdout is version('9.4', '>=')
-
- - name: postgresql_query - select array from test table by passing named_args
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: SELECT * FROM test_array_table WHERE arr_col = %(arr_val)s
- named_args:
- arr_val:
- - '{{ my_list }}'
- register: result
- when: postgres_version_resp.stdout is version('9.4', '>=')
-
- - assert:
- that:
- - result is not changed
- - result.query == "SELECT * FROM test_array_table WHERE arr_col = '{1, 2, 3}'"
- - result.rowcount == 1
- when: postgres_version_resp.stdout is version('9.4', '>=')
-
- - name: postgresql_query - select array from test table by passing positional_args as a string
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: SELECT * FROM test_array_table WHERE arr_col = %s
- positional_args:
- - '{{ my_arr|string }}'
- trust_input: true
- register: result
- when: postgres_version_resp.stdout is version('9.4', '>=')
-
- - assert:
- that:
- - result is not changed
- - result.query == "SELECT * FROM test_array_table WHERE arr_col = '{1, 2, 3}'"
- - result.rowcount == 1
- when: postgres_version_resp.stdout is version('9.4', '>=')
-
- - name: postgresql_query - test trust_input parameter
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- session_role: 'curious.anonymous"; SELECT * FROM information_schema.tables; --'
- query: SELECT version()
- trust_input: false
- ignore_errors: true
- register: result
-
- - assert:
- that:
- - result is failed
- - result.msg is search('is potentially dangerous')
-
- - name: postgresql_query - clean up
- become_user: '{{ pg_user }}'
- become: true
- postgresql_table:
- login_user: '{{ pg_user }}'
- login_db: postgres
- name: test_array_table
- state: absent
- when: postgres_version_resp.stdout is version('9.4', '>=')
-
- #############################
- # Check search_path parameter
-
- - name: postgresql_set - create test schemas
- become_user: '{{ pg_user }}'
- become: true
- postgresql_schema:
- login_user: '{{ pg_user }}'
- login_db: postgres
- name: '{{ item }}'
- loop:
+ register: result
+ when: postgres_version_resp.stdout is version('9.4', '>=')
+
+- assert:
+ that:
+ - result is not changed
+ - result.query == "SELECT * FROM test_array_table WHERE arr_col = '{1, 2, 3}'"
+ - result.rowcount == 1
+ when: postgres_version_resp.stdout is version('9.4', '>=')
+
+- name: postgresql_query - select array from test table by passing positional_args as a string
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ login_db: postgres
+ query: SELECT * FROM test_array_table WHERE arr_col = %s
+ positional_args:
+ - '{{ my_arr|string }}'
+ trust_input: true
+ register: result
+ when: postgres_version_resp.stdout is version('9.4', '>=')
+
+- assert:
+ that:
+ - result is not changed
+ - result.query == "SELECT * FROM test_array_table WHERE arr_col = '{1, 2, 3}'"
+ - result.rowcount == 1
+ when: postgres_version_resp.stdout is version('9.4', '>=')
+
+- name: postgresql_query - test trust_input parameter
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ login_db: postgres
+ session_role: 'curious.anonymous"; SELECT * FROM information_schema.tables; --'
+ query: SELECT version()
+ trust_input: false
+ ignore_errors: true
+ register: result
+
+- assert:
+ that:
+ - result is failed
+ - result.msg is search('is potentially dangerous')
+
+- name: postgresql_query - clean up
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_table:
+ login_user: '{{ pg_user }}'
+ login_db: postgres
+ name: test_array_table
+ state: absent
+ when: postgres_version_resp.stdout is version('9.4', '>=')
+
+#############################
+# Check search_path parameter
+
+- name: postgresql_set - create test schemas
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_schema:
+ login_user: '{{ pg_user }}'
+ login_db: postgres
+ name: '{{ item }}'
+ loop:
+ - query_test1
+ - query_test2
+
+- name: postgresql_set - create test tables
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_table:
+ login_user: '{{ pg_user }}'
+ login_db: postgres
+ name: '{{ item }}'
+ columns:
+ - id int
+ loop:
+ - 'query_test1.test1'
+ - 'query_test2.test2'
+
+- name: postgresql_query - insert data
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ login_db: postgres
+ query: 'INSERT INTO {{ item }} (id) VALUES (1)'
+ search_path:
- query_test1
- query_test2
-
- - name: postgresql_set - create test tables
- become_user: '{{ pg_user }}'
- become: true
- postgresql_table:
- login_user: '{{ pg_user }}'
- login_db: postgres
- name: '{{ item }}'
- columns:
- - id int
- loop:
- - 'query_test1.test1'
- - 'query_test2.test2'
-
- - name: postgresql_query - insert data
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: 'INSERT INTO {{ item }} (id) VALUES (1)'
- search_path:
- - query_test1
- - query_test2
- loop:
- - test1
- - test2
-
- - name: postgresql_query - get data
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: 'SELECT id FROM test1'
- search_path:
- - query_test1
- - query_test2
- register: result
-
- - assert:
- that:
- - result.rowcount == 1
-
- - name: postgresql_query - get data, must fail
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: 'SELECT id FROM test1'
- register: result
- ignore_errors: true
-
- - assert:
- that:
- - result is failed
-
- # Tests for the as_single_query option
- - name: Run queries from SQL script as a single query
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- path_to_script: ~{{ pg_user }}/test1.sql
- positional_args:
- - 1
- encoding: UTF-8
- as_single_query: true
- register: result
-
- - name: >
- Must pass. Not changed because we can only
- check statusmessage of the last query
- assert:
- that:
- - result is not changed
- - result.statusmessage == 'SELECT 1' or result.statusmessage == 'SELECT'
- - result.query_list[0] == "CREATE FUNCTION add(integer, integer) RETURNS integer\n AS 'select $1 + $2;'\n LANGUAGE SQL\n IMMUTABLE\n RETURNS NULL ON NULL INPUT;\n\nSELECT story FROM test_table\n WHERE id = %s OR story = 'Данные';\n\nSELECT version();\n"
-
- #############################################################################
- # Issue https://github.com/ansible-collections/community.postgresql/issues/45
- - name: Create table containing a decimal value
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: CREATE TABLE blabla (id int, num decimal)
-
- - name: Insert data
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: INSERT INTO blabla (id, num) VALUES (1, 1::decimal)
-
- - name: Get data
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: SELECT * FROM blabla
- register: result
-
- - assert:
- that:
- - result.rowcount == 1
-
- #############################################################################
- # Issue https://github.com/ansible-collections/community.postgresql/issues/47
- - name: Get datetime.timedelta value
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: "SELECT EXTRACT(epoch from make_interval(secs => 3)) AS extract"
- register: result
- when: postgres_version_resp.stdout is version('10', '>=')
-
- - assert:
- that:
- - result.rowcount == 1
- - result.query_result[0]["extract"] == 3 or result.query_result[0]["extract"] == 3.0
- when: postgres_version_resp.stdout is version('10', '>=')
-
- - name: Get interval value
- become_user: '{{ pg_user }}'
- become: true
- postgresql_query:
- <<: *pg_parameters
- query: "SELECT make_interval(secs => 3)"
- register: result
- when: postgres_version_resp.stdout is version('10', '>=')
-
- - assert:
- that:
- - result.rowcount == 1
- - result.query_result[0]["make_interval"] == "0:00:03"
- when: postgres_version_resp.stdout is version('10', '>=')
+ loop:
+ - test1
+ - test2
+
+- name: postgresql_query - get data
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ login_db: postgres
+ query: 'SELECT id FROM test1'
+ search_path:
+ - query_test1
+ - query_test2
+ register: result
+
+- assert:
+ that:
+ - result.rowcount == 1
+
+- name: postgresql_query - get data, must fail
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ login_db: postgres
+ query: 'SELECT id FROM test1'
+ register: result
+ ignore_errors: true
+
+- assert:
+ that:
+ - result is failed
+
+# Tests for the as_single_query option
+- name: Run queries from SQL script as a single query
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ db: postgres
+ path_to_script: ~{{ pg_user }}/test1.sql
+ positional_args:
+ - 1
+ encoding: UTF-8
+ as_single_query: true
+ register: result
+
+- name: >
+ Must pass. Not changed because we can only
+ check statusmessage of the last query
+ assert:
+ that:
+ - result is not changed
+ - result.statusmessage == 'SELECT 1' or result.statusmessage == 'SELECT'
+ - result.query_list[0] == "CREATE FUNCTION add(integer, integer) RETURNS integer\n AS 'select $1 + $2;'\n LANGUAGE SQL\n IMMUTABLE\n RETURNS NULL ON NULL INPUT;\n\nSELECT story FROM test_table\n WHERE id = %s OR story = 'Данные';\n\nSELECT version();\n"
+
+#############################################################################
+# Issue https://github.com/ansible-collections/community.postgresql/issues/45
+- name: Create table containing a decimal value
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ db: postgres
+ query: CREATE TABLE blabla (id int, num decimal)
+
+- name: Insert data
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ db: postgres
+ query: INSERT INTO blabla (id, num) VALUES (1, 1::decimal)
+
+- name: Get data
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ db: postgres
+ query: SELECT * FROM blabla
+ register: result
+
+- assert:
+ that:
+ - result.rowcount == 1
+
+#############################################################################
+# Issue https://github.com/ansible-collections/community.postgresql/issues/47
+- name: Get datetime.timedelta value
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ db: postgres
+ query: "SELECT EXTRACT(epoch from make_interval(secs => 3)) AS extract"
+ register: result
+ when: postgres_version_resp.stdout is version('10', '>=')
+
+- assert:
+ that:
+ - result.rowcount == 1
+ - result.query_result[0]["extract"] == 3 or result.query_result[0]["extract"] == 3.0
+ when: postgres_version_resp.stdout is version('10', '>=')
+
+- name: Get interval value
+ become_user: '{{ pg_user }}'
+ become: true
+ postgresql_query:
+ login_user: '{{ pg_user }}'
+ db: postgres
+ query: "SELECT make_interval(secs => 3)"
+ register: result
+ when: postgres_version_resp.stdout is version('10', '>=')
+
+- assert:
+ that:
+ - result.rowcount == 1
+ - result.query_result[0]["make_interval"] == "0:00:03"
+ when: postgres_version_resp.stdout is version('10', '>=')
diff --git a/tests/integration/targets/postgresql_user/tasks/postgresql_user_initial.yml b/tests/integration/targets/postgresql_user/tasks/postgresql_user_initial.yml
index 89028619..9678214a 100644
--- a/tests/integration/targets/postgresql_user/tasks/postgresql_user_initial.yml
+++ b/tests/integration/targets/postgresql_user/tasks/postgresql_user_initial.yml
@@ -46,7 +46,7 @@
postgresql_user:
name: "{{ db_user1 }}"
state: "present"
- encrypted: 'true'
+ encrypted: true
password: "password"
role_attr_flags: "CREATEDB,LOGIN,CREATEROLE"
login_user: "{{ pg_user }}"
@@ -75,7 +75,7 @@
postgresql_user:
name: "{{ db_user2 }}"
state: "present"
- encrypted: 'true'
+ encrypted: true
password: "md55c8ccfd9d6711fc69a7eae647fc54f51"
db: "{{ db_name }}"
login_user: "{{ db_user1 }}"
diff --git a/tests/integration/targets/postgresql_user/tasks/test_password.yml b/tests/integration/targets/postgresql_user/tasks/test_password.yml
index aece258f..7b97ae5d 100644
--- a/tests/integration/targets/postgresql_user/tasks/test_password.yml
+++ b/tests/integration/targets/postgresql_user/tasks/test_password.yml
@@ -93,7 +93,7 @@
postgresql_user:
<<: *parameters
password: '{{ db_password1 }}'
- encrypted: 'true'
+ encrypted: true
environment:
PGCLIENTENCODING: 'UTF8'
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
@@ -105,7 +105,7 @@
postgresql_user:
<<: *parameters
password: "md5{{ (db_password1 ~ db_user1) | hash('md5')}}"
- encrypted: 'true'
+ encrypted: true
environment:
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
@@ -116,7 +116,7 @@
postgresql_user:
<<: *parameters
password: "md5{{ (db_password1 ~ db_user1) | hash('md5')}}"
- encrypted: 'false'
+ encrypted: false
environment:
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
@@ -126,7 +126,7 @@
<<: *task_parameters
postgresql_user:
<<: *parameters
- encrypted: 'true'
+ encrypted: true
password: "md5{{ (db_password1 ~ db_user1) | hash('md5')}}"
expires: '2025-01-01'
environment:
@@ -139,7 +139,7 @@
postgresql_user:
<<: *parameters
password: 'prefix{{ db_password1 }}'
- encrypted: 'true'
+ encrypted: true
environment:
PGCLIENTENCODING: 'UTF8'
@@ -150,7 +150,7 @@
postgresql_user:
<<: *parameters
password: "md5{{ ('prefix1' ~ db_password1 ~ db_user1) | hash('md5')}}"
- encrypted: 'true'
+ encrypted: true
- <<: *changed
@@ -159,7 +159,7 @@
postgresql_user:
<<: *parameters
password: "md5{{ ('prefix2' ~ db_password1 ~ db_user1) | hash('md5')}}"
- encrypted: 'false'
+ encrypted: false
register: change_pass_unencrypted
failed_when:
- change_pass_unencrypted is failed
@@ -173,7 +173,7 @@
postgresql_user:
<<: *parameters
password: ''
- encrypted: 'true'
+ encrypted: true
environment:
PGCLIENTENCODING: 'UTF8'
@@ -184,7 +184,7 @@
postgresql_user:
<<: *parameters
password: ''
- encrypted: 'true'
+ encrypted: true
environment:
PGCLIENTENCODING: 'UTF8'
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
@@ -196,7 +196,7 @@
postgresql_user:
<<: *parameters
password: ''
- encrypted: 'false'
+ encrypted: false
environment:
PGCLIENTENCODING: 'UTF8'
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
@@ -208,13 +208,13 @@
postgresql_user:
<<: *parameters
password: '{{ db_password1 }}'
- encrypted: 'true'
+ encrypted: true
environment:
PGCLIENTENCODING: 'UTF8'
- <<: *changed
- when: encrypted == 'true' and postgres_version_resp.stdout is version('14', '<')
+ when: encrypted and postgres_version_resp.stdout is version('14', '<')
- block:
@@ -223,7 +223,7 @@
postgresql_user:
<<: *parameters
password: "{{ db_password1 }}"
- encrypted: 'false'
+ encrypted: false
environment:
PGCLIENTENCODING: 'UTF8'
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
@@ -235,7 +235,7 @@
postgresql_user:
<<: *parameters
password: "{{ db_password1 }}"
- encrypted: 'false'
+ encrypted: false
expires: '2025-01-01'
environment:
PGCLIENTENCODING: 'UTF8'
@@ -248,7 +248,7 @@
postgresql_user:
<<: *parameters
password: "changed{{ db_password1 }}"
- encrypted: 'false'
+ encrypted: false
environment:
PGCLIENTENCODING: 'UTF8'
@@ -259,7 +259,7 @@
postgresql_user:
<<: *parameters
password: ''
- encrypted: 'false'
+ encrypted: false
environment:
PGCLIENTENCODING: 'UTF8'
@@ -270,7 +270,7 @@
postgresql_user:
<<: *parameters
password: ''
- encrypted: 'false'
+ encrypted: false
environment:
PGCLIENTENCODING: 'UTF8'
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
@@ -282,7 +282,7 @@
postgresql_user:
<<: *parameters
password: ''
- encrypted: 'true'
+ encrypted: true
environment:
PGCLIENTENCODING: 'UTF8'
PGOPTIONS: '-c default_transaction_read_only=on' # ensure 'alter user' query isn't executed
@@ -294,13 +294,13 @@
postgresql_user:
<<: *parameters
password: "{{ db_password1 }}"
- encrypted: 'false'
+ encrypted: false
environment:
PGCLIENTENCODING: 'UTF8'
- <<: *changed
- when: encrypted == 'false'
+ when: encrypted == false
# start of block scram-sha-256
# scram-sha-256 password encryption type is supported since PostgreSQL 10
From 03063477c00f775ebbdd530f4216c30d7a82c1d2 Mon Sep 17 00:00:00 2001
From: Douglas J Hunley <doug.hunley@gmail.com>
Date: Fri, 9 Sep 2022 09:41:27 -0400
Subject: [PATCH 7/7] fix: re-fix argspec
---
plugins/modules/postgresql_query.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/plugins/modules/postgresql_query.py b/plugins/modules/postgresql_query.py
index 03ced09a..a28fc977 100644
--- a/plugins/modules/postgresql_query.py
+++ b/plugins/modules/postgresql_query.py
@@ -365,7 +365,7 @@ def main():
encoding=dict(type='str'),
trust_input=dict(type='bool', default=True),
search_path=dict(type='list', elements='str'),
- as_single_query=dict(type='bool'),
+ as_single_query=dict(type='bool', default=True),
)
module = AnsibleModule(