Introduce a mysql_role resource for creating MySQL roles #53

joestump · 2018-10-27T01:48:26Z

What does this PR change?

Adds a mysql_role resource that maps to CREATE ROLE. Fixes Create a mysql_role resource for creating roles #46.
Fixes the provider to work with MySQL 8.0.
Introduces parallel Travis-CI tests that run tests against MySQL 8.0, 5.7, and 5.6.
Adds role and roles arguments to mysql_grant to manage permissions on roles and to assign roles to users. Only works with MySQL 8+.

Proposed HCL

resource "mysql_role" "developer" {
  name = "developer"
}

resource "mysql_grant" "developer" {
  role       = "${mysql_role.developer.name}"
  database   = "${mysql_database.test.name}"
  privileges = ["SELECT", "UPDATE"]
}

resource "mysql_user" "jdoe" {
  user     = "jdoe"
  host     = "example.com"
}

resource "mysql_grant" "test" {
  user     = "${mysql_user.jdoe.user}"
  host     = "${mysql_user.jdoe.host}"
  database = "${mysql_database.test.name}"
  roles    = ["${mysql_role.developer.name}"]
}

TODO

Add tests to mysql_grant for role and roles attributes
Add documentation
Document that tls_option doesn't work for MySQL 8.0

commit 7018847 Merge: 8688e49 b9ec6e7 Author: Joe Stump <joe.stump@salesforce.com> Date: Fri Oct 26 20:40:03 2018 -0500 Merge branch 'master' into jstump-mysql-role commit 8688e49 Author: Joe Stump <joe.stump@salesforce.com> Date: Fri Oct 26 20:34:37 2018 -0500 Test against 5.6 as well. commit f3b2bc6 Author: Joe Stump <joe.stump@salesforce.com> Date: Fri Oct 26 20:29:48 2018 -0500 Give this a shot. commit a68ea68 Author: Joe Stump <joe.stump@salesforce.com> Date: Fri Oct 26 20:21:48 2018 -0500 One -e for each commit d6d0e4b Author: Joe Stump <joe.stump@salesforce.com> Date: Fri Oct 26 19:06:32 2018 -0500 Forgot image commit 3c0b030 Author: Joe Stump <joe.stump@salesforce.com> Date: Fri Oct 26 19:01:18 2018 -0500 Try without a password. commit 28d9115 Author: Joe Stump <joe.stump@salesforce.com> Date: Fri Oct 26 18:55:07 2018 -0500 Whoops commit 0c8ba18 Author: Joe Stump <joe.stump@salesforce.com> Date: Fri Oct 26 18:51:00 2018 -0500 Output what's going on commit a319707 Author: Joe Stump <joe.stump@salesforce.com> Date: Fri Oct 26 18:43:53 2018 -0500 Fix YAML issue commit 99cc4f9 Author: Joe Stump <joe.stump@salesforce.com> Date: Fri Oct 26 18:41:05 2018 -0500 Give this a shot. commit 4a257e6 Author: Joe Stump <joe.stump@salesforce.com> Date: Fri Oct 26 18:32:10 2018 -0500 Try a ping. commit bc82cd9 Author: Joe Stump <joe.stump@salesforce.com> Date: Fri Oct 26 18:23:37 2018 -0500 Try sleep commit f7f04a8 Author: Joe Stump <joe.stump@salesforce.com> Date: Fri Oct 26 18:20:41 2018 -0500 Get back to the basics. commit 599e27d Author: Joe Stump <joe.stump@salesforce.com> Date: Wed Oct 24 19:43:40 2018 -0500 Try a more robust example commit 560cfbb Author: Joe Stump <joe.stump@salesforce.com> Date: Wed Oct 24 19:23:02 2018 -0500 YOLO commit 6be16c2 Author: Joe Stump <joe.stump@salesforce.com> Date: Wed Oct 24 19:16:06 2018 -0500 mysqladmin needs this plugin commit 82c05ce Author: Joe Stump <joe.stump@salesforce.com> Date: Wed Oct 24 19:09:07 2018 -0500 Try again. commit b95a17f Author: Joe Stump <joe.stump@salesforce.com> Date: Wed Oct 24 19:05:11 2018 -0500 Tighten up tests commit c1032cc Author: Joe Stump <joe.stump@salesforce.com> Date: Wed Oct 24 18:56:04 2018 -0500 Derp: commit 9af3275 Author: Joe Stump <joe.stump@salesforce.com> Date: Wed Oct 24 18:52:32 2018 -0500 Add docker to services. commit 2757e7e Author: Joe Stump <joe.stump@salesforce.com> Date: Tue Oct 23 21:52:43 2018 -0500 Try again commit 6bc7ab0 Author: Joe Stump <joe.stump@salesforce.com> Date: Tue Oct 23 21:49:16 2018 -0500 Set the password commit aae18f6 Author: Joe Stump <joe.stump@salesforce.com> Date: Tue Oct 23 21:41:07 2018 -0500 Try another example that presumably works. commit e859565 Author: Joe Stump <joe.stump@salesforce.com> Date: Tue Oct 23 21:34:27 2018 -0500 Another try from the Git Issues thread commit 5994e3f Author: Joe Stump <joe.stump@salesforce.com> Date: Tue Oct 23 21:30:04 2018 -0500 Another try from the Git Issues thread commit 802f81c Author: Joe Stump <joe.stump@salesforce.com> Date: Tue Oct 23 21:24:33 2018 -0500 Use a ping and sleep to wait for MySQL commit 141805d Author: Joe Stump <joe.stump@salesforce.com> Date: Tue Oct 23 21:14:42 2018 -0500 Try again commit 00343a4 Author: Joe Stump <joe.stump@salesforce.com> Date: Tue Oct 23 21:09:53 2018 -0500 Add an IP address into the -p option commit 9d928cf Author: Joe Stump <joe.stump@salesforce.com> Date: Tue Oct 23 21:06:26 2018 -0500 Use variables and add a sleep commit 14f0ee5 Author: Joe Stump <joe.stump@salesforce.com> Date: Tue Oct 23 21:02:08 2018 -0500 Update Travis to run MySQL 5 and MySQL 8 tests. commit e7c6ba5 Author: Joe Stump <joe.stump@salesforce.com> Date: Tue Oct 23 20:58:28 2018 -0500 Fix mysql_user_password to work with MySQL 8. commit 195d7d8 Merge: 89eb09f 4a81725 Author: Joe Stump <joe.stump@salesforce.com> Date: Tue Oct 23 20:49:54 2018 -0500 Merge in master and fix conflicts. commit 89eb09f Author: Joe Stump <joe.stump@salesforce.com> Date: Sat Oct 20 22:40:51 2018 -0500 Update docs for mysql_grant to align with new attributes. commit 0ab0b03 Author: Joe Stump <joe.stump@salesforce.com> Date: Sat Oct 20 22:31:04 2018 -0500 These fields conflict with role. commit b85b6aa Author: Joe Stump <joe.stump@salesforce.com> Date: Sat Oct 20 22:29:35 2018 -0500 Add role and roles to the mysql_grant resource. commit 9c11b27 Author: Joe Stump <joe.stump@salesforce.com> Date: Sat Oct 20 22:04:11 2018 -0500 Add an option about tls_option and server versions. commit 95e9ebe Author: Joe Stump <joe.stump@salesforce.com> Date: Sat Oct 20 22:02:21 2018 -0500 Update CHANGELOG and add docs. commit 93eb4ab Author: Joe Stump <joe.stump@salesforce.com> Date: Sat Oct 20 21:54:03 2018 -0500 Add more version checking to make 8 and 5.7 work nicely. commit 1738fe7 Author: Joe Stump <joe.stump@salesforce.com> Date: Sat Oct 20 21:43:22 2018 -0500 Add tests for mysql_role and get tests passing on MySQL 8 commit 32518a3 Author: Joe Stump <joe.stump@salesforce.com> Date: Sat Oct 20 20:32:01 2018 -0500 Get resource compiling. commit 8efac07 Author: Joe Stump <joe.stump@salesforce.com> Date: Sat Oct 20 20:26:51 2018 -0500 Stub out a mysql_role resource. commit b88fd25 Merge: 6823664 625e3eb Author: Joe Stump <joe.stump@salesforce.com> Date: Sat Oct 20 19:51:53 2018 -0500 Merge branch 'jstump-connectin-fixes' of github.com:terraform-providers/terraform-provider-mysql into jstump-connectin-fixes commit 6823664 Author: Joe Stump <joe.stump@salesforce.com> Date: Sat Oct 20 19:51:36 2018 -0500 Cleaned up CHANGELOG. commit 90c4b45 Merge: 8ca6a93 13f7423 Author: Joe Stump <joe.stump@salesforce.com> Date: Sat Oct 20 19:49:29 2018 -0500 Merge branch 'master' into jstump-connectin-fixes commit 625e3eb Author: Joe Stump <joe.stump@salesforce.com> Date: Sat Oct 20 18:40:16 2018 -0500 Add the ability to import databases. commit b3494f3 Author: Joe Stump <joe.stump@salesforce.com> Date: Sat Oct 20 17:57:01 2018 -0500 Add docs for the new table attribute. commit 04d21af Merge: 2433cce 13f7423 Author: Joe Stump <joe.stump@salesforce.com> Date: Sat Oct 20 17:54:46 2018 -0500 Merge branch 'master' into jstump-connectin-fixes commit 2433cce Author: Joe Stump <joe.stump@salesforce.com> Date: Sat Oct 20 17:51:50 2018 -0500 Switch to detecting the version in a way that works with MySQL and MariaDB. commit 8ca6a93 Author: Joe Stump <joe.stump@salesforce.com> Date: Sat Oct 20 16:49:51 2018 -0500 Clean up docs and CHANGELOG. commit fb79936 Merge: 1b83e84 538e0f8 Author: Joe Stump <joe.stump@salesforce.com> Date: Sat Oct 20 16:39:19 2018 -0500 Merge in master and fix conflicts. commit 1b83e84 Author: Joe Stump <joe.stump@salesforce.com> Date: Sat Oct 20 15:35:24 2018 -0500 Add a retry to the MySQL connection logic. This lets the server be a little lazy in booting up without killing the provisioning processes that require it. commit d04db2c Author: Joe Stump <joe.stump@salesforce.com> Date: Sat Oct 20 14:47:47 2018 -0500 Add the TLS option to the provider docs. commit 0288fd4 Author: Joe Stump <joe.stump@salesforce.com> Date: Sat Oct 20 14:43:55 2018 -0500 Get make test passing. commit af23be2 Author: Joe Stump <joe.stump@salesforce.com> Date: Sat Oct 20 14:37:16 2018 -0500 Add the binary to gitignore. commit db53a37 Author: Joe Stump <joe.stump@salesforce.com> Date: Sat Oct 20 14:36:20 2018 -0500 Initial pass at lazy connections and TLS support. Refactors the provider to use Golang types for formatting the DSN.

davidji99 · 2018-10-30T01:23:07Z

mysql/resource_grant.go

+		return fmt.Errorf("One of privileges or roles is required")
+	}
+
+	user := d.Get("user").(string)


Don't want to use d.GetOk here?

davidji99 · 2018-10-30T01:25:10Z

mysql/resource_grant.go

@@ -77,44 +106,104 @@ func formatDatabaseName(database string) string {
 	return database
 }

+func userOrRole(user string, host string, role string, hasRoles bool) (string, bool, error) {


I'm not sure the Go conventions but could rename to isUserOrRole?

The second return argument is a bool. The primary purpose is to get a properly formatting role or user.

davidji99 · 2018-10-30T01:32:03Z

mysql/resource_role.go

+		Delete: DeleteRole,
+
+		Schema: map[string]*schema.Schema{
+			"name": &schema.Schema{


Are mysql roles case sensitive?

I don't know. But if you're changing the name I think it's safe to assume it should be recreated?

yeah probably a good idea.

davidji99 · 2018-10-30T01:38:52Z

mysql/resource_grant.go

+				ConflictsWith: []string{"role"},
+			},
+
+			"role": &schema.Schema{


Can someone have both role and roles attribute defined in the HCL?

I don't believe you can assign roles to a role.

joestump added enhancement new-resource technical-debt labels Oct 27, 2018

ghost added the size/XL label Oct 27, 2018

Joe Stump added 2 commits October 26, 2018 21:08

Add tests for mysql_grant related to roles.

34886e2

Make progress on mysql_grant roles tests.

e7f69e4

joestump added this to the v1.5.0 milestone Oct 27, 2018

Joe Stump added 2 commits October 27, 2018 20:37

mysql_grant tests for roles are passing

8948504

Update the CHANGELOG.

4e4a650

joestump requested a review from davidji99 October 28, 2018 01:49

davidji99 reviewed Oct 30, 2018

View reviewed changes

davidji99 approved these changes Nov 7, 2018

View reviewed changes

joestump merged commit e639b83 into master Nov 7, 2018

joestump deleted the jstump-mysql-role-squashed branch November 7, 2018 15:55

tinyzimmer mentioned this pull request Mar 28, 2019

Quietly failing to create MySQL users on Aurora DB #75

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Introduce a mysql_role resource for creating MySQL roles #53

Introduce a mysql_role resource for creating MySQL roles #53

joestump commented Oct 27, 2018 •

edited

Loading

davidji99 Oct 30, 2018

davidji99 Oct 30, 2018

joestump Oct 30, 2018

davidji99 Oct 30, 2018 •

edited

Loading

joestump Oct 30, 2018 •

edited

Loading

davidji99 Nov 5, 2018

davidji99 Oct 30, 2018

joestump Oct 30, 2018

Introduce a mysql_role resource for creating MySQL roles #53

Introduce a mysql_role resource for creating MySQL roles #53

Conversation

joestump commented Oct 27, 2018 • edited Loading

What does this PR change?

Proposed HCL

TODO

davidji99 Oct 30, 2018

Choose a reason for hiding this comment

davidji99 Oct 30, 2018

Choose a reason for hiding this comment

joestump Oct 30, 2018

Choose a reason for hiding this comment

davidji99 Oct 30, 2018 • edited Loading

Choose a reason for hiding this comment

joestump Oct 30, 2018 • edited Loading

Choose a reason for hiding this comment

davidji99 Nov 5, 2018

Choose a reason for hiding this comment

davidji99 Oct 30, 2018

Choose a reason for hiding this comment

joestump Oct 30, 2018

Choose a reason for hiding this comment

joestump commented Oct 27, 2018 •

edited

Loading

davidji99 Oct 30, 2018 •

edited

Loading

joestump Oct 30, 2018 •

edited

Loading