[MediaWiki-commits] [Gerrit] Add 'mysql::sql', 'mysql::user' & 'mysql::db' types - change (mediawiki/vagrant)

jenkins-bot (Code Review) Wed, 31 Jul 2013 00:13:52 -0700

jenkins-bot has submitted this change and it was merged.

Change subject: Add 'mysql::sql', 'mysql::user' & 'mysql::db' types
......................................................................



Add 'mysql::sql', 'mysql::user' & 'mysql::db' types

This patch adds three custom defines for working with MySQL. The base
define is 'mysql::sql', which is a wrapper around an Exec resource of
the 'mysql' command-line tool that executes arbitrary SQL code.
'mysql::user' and 'mysql::db' provide some additional syntactic sugar by
allowing for the concise creation of databases and users.

Change-Id: I2db984034d541fd31c558e81abe6b6b5fa0908db
---
A puppet/modules/mysql/manifests/db.pp
M puppet/modules/mysql/manifests/init.pp
A puppet/modules/mysql/manifests/sql.pp
A puppet/modules/mysql/manifests/user.pp
4 files changed, 142 insertions(+), 1 deletion(-)

Approvals:
  Ori.livneh: Looks good to me, approved
  jenkins-bot: Verified



diff --git a/puppet/modules/mysql/manifests/db.pp 
b/puppet/modules/mysql/manifests/db.pp
new file mode 100644
index 0000000..7e44591
--- /dev/null
+++ b/puppet/modules/mysql/manifests/db.pp
@@ -0,0 +1,37 @@
+# == Define: mysql::db
+#
+# Creates a database on the local MySQL database server.
+#
+# === Parameters
+#
+# [*ensure*]
+#   If 'present', creates the database. If 'absent', drops it.
+#   Defaults to present.
+#
+# [*dbname*]
+#   Database name. Defaults to resource title. Example: 'wikidb'.
+#
+# === Examples
+#
+# Creates a 'centralauth' database:
+#
+#  mysql::db { 'centralauth':
+#      ensure => present,
+#  }
+#
+define mysql::db(
+    $ensure = present,
+    $dbname = $title,
+) {
+    if $ensure == 'absent' {
+        $command = 'drop'
+        $unless  = 'not exists'
+    } else {
+        $command = 'create'
+        $unless  = 'exists'
+    }
+
+    mysql::sql { "${command} database ${dbname}":
+        unless => "select ${unless}(select * from information_schema.schemata 
where schema_name = '${dbname}')",
+    }
+}
diff --git a/puppet/modules/mysql/manifests/init.pp 
b/puppet/modules/mysql/manifests/init.pp
index 3735627..8199163 100644
--- a/puppet/modules/mysql/manifests/init.pp
+++ b/puppet/modules/mysql/manifests/init.pp
@@ -36,7 +36,7 @@
 
     exec { 'set mysql password':
         command => "mysqladmin -u root password \"${root_password}\"",
-        unless  => "mysqladmin -u root -p\"${root_password}\" status",
+        unless  => "mysqladmin -u root -p\"${root_password}\" ping",
         require => Service['mysql'],
     }
 
@@ -47,4 +47,8 @@
         mode    => '0600',
         content => template('mysql/my.cnf.erb'),
     }
+
+    # Create databases before creating users. User resources sometime
+    # depend on databases for GRANTs, but the reverse is never true.
+    Mysql::Db <| |> -> Mysql::User <| |>
 }
diff --git a/puppet/modules/mysql/manifests/sql.pp 
b/puppet/modules/mysql/manifests/sql.pp
new file mode 100644
index 0000000..56a2b01
--- /dev/null
+++ b/puppet/modules/mysql/manifests/sql.pp
@@ -0,0 +1,38 @@
+# == Define: mysql::sql
+#
+# This custom resource type allows you to execute arbitrary SQL against
+# the MySQL database as the database server's root user. No attempt is
+# made to sanitize input.
+#
+# === Parameters
+#
+# [*sql*]
+#   String containing SQL code to execute. Defaults to resource title.
+#
+# [*unless*]
+#   String containing SQL query. Its result will be used as the basis
+#   for determining whether or not to execute the code contained in
+#   the 'sql' param.
+#
+# === Examples
+#
+# Create a user named 'monty', unless one already exists:
+#
+#  mysql::sql { 'add user':
+#      sql    => "create user 'monty'@'localhost'",
+#      unless => "select 1 from mysql.user where user = 'monty'",
+#  }
+#
+define mysql::sql(
+    $unless,
+    $sql = $title,
+) {
+    $quoted_sql = regsubst($sql, '"', '\\"', 'G')
+    $quoted_unless = regsubst($unless, '"', '\\"', 'G')
+
+    exec { $title:
+        command => "mysql -uroot -p${mysql::root_password} -qfsAe 
\"${quoted_sql}\"",
+        unless  => "mysql -uroot -p${mysql::root_password} -qfsAe 
\"${quoted_unless}\" | tail -1 | grep -q 1",
+        require => Exec['set mysql password'],
+    }
+}
diff --git a/puppet/modules/mysql/manifests/user.pp 
b/puppet/modules/mysql/manifests/user.pp
new file mode 100644
index 0000000..dfe9ade
--- /dev/null
+++ b/puppet/modules/mysql/manifests/user.pp
@@ -0,0 +1,62 @@
+# == Define: mysql::user
+#
+# Creates a user on the local MySQL database server and (optionally)
+# grants the user privileges on some database.
+#
+# === Parameters
+#
+# [*ensure*]
+#   If 'present', creates the user. If 'absent', drops it.
+#   Defaults to present.
+#
+# [*username*]
+#   Account name of user to create. Defaults to resource title.
+#   Example: 'wikiadmin'.
+#
+# [*password*]
+#   Password for the new account. Example: 'hunter2'.
+#
+# [*hostname*]
+#   Hostname or host mask specifying from where the user may connect.
+#   Defaults to 'localhost'.
+#
+# [*grant*]
+#   SQL sub-expression of the form 'priv_type ON object_type'.
+#   Defaults to 'usage on *.*'. This allows combining user account
+#   creation with a database permission grant.
+#
+# === Examples
+#
+# Creates an 'wikiadmin' user with full privileges on 'wiki':
+#
+#  mysql::user { 'wikiadmin':
+#      password => 'hunter2',
+#      grant    => 'all on wiki.*',
+#  }
+#
+define mysql::user(
+    $password,
+    $ensure   = present,
+    $username = $title,
+    $grant    = 'usage on *.*',
+    $hostname = 'localhost',
+) {
+    if $ensure == 'absent' {
+        $command = 'drop'
+        $unless  = 'not exists'
+    } else {
+        $command = 'create'
+        $unless  = 'exists'
+    }
+
+    if $ensure == 'absent' {
+        mysql::sql { "drop user '${username}'":
+            unless => "select not exists(select 1 from mysql.user where user = 
'${username}')",
+        }
+    } else {
+        mysql::sql { "create user ${username}":
+            sql    => "grant ${grant} to '${username}'@'${hostname}' 
identified by '${password}'",
+            unless => "select exists(select 1 from mysql.user where user = 
'${username}')",
+        }
+    }
+}

-- 
To view, visit https://gerrit.wikimedia.org/r/76886
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I2db984034d541fd31c558e81abe6b6b5fa0908db
Gerrit-PatchSet: 2
Gerrit-Project: mediawiki/vagrant
Gerrit-Branch: master
Gerrit-Owner: Ori.livneh <o...@wikimedia.org>
Gerrit-Reviewer: Ori.livneh <o...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] Add 'mysql::sql', 'mysql::user' & 'mysql::db' types - change (mediawiki/vagrant)

Reply via email to