1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
|
# @summary
# Create and configure a MySQL database.
#
# @example Create a database
# mysql::db { 'mydb':
# user => 'myuser',
# password => 'mypass',
# host => 'localhost',
# grant => ['SELECT', 'UPDATE'],
# }
#
# @param name
# The name of the database to create. Database names must:
# * be longer than 64 characters.
# * not contain / \ or . characters.
# * not contain characters that are not permitted in file names.
# * not end with space characters.
# @param user
# The user for the database you're creating.
# @param password
# The password for $user for the database you're creating.
# @param tls_options
# The tls_options for $user for the database you're creating.
# @param dbname
# The name of the database to create.
# @param charset
# The character set for the database. Must have the same value as collate to avoid corrective changes. See https://dev.mysql.com/doc/refman/8.0/en/charset-mysql.html for charset and collation pairs.
# @param collate
# The collation for the database. Must have the same value as charset to avoid corrective changes. See https://dev.mysql.com/doc/refman/8.0/en/charset-mysql.html for charset and collation pairs.
# @param host
# The host to use as part of user@host for grants.
# @param grant
# The privileges to be granted for user@host on the database.
# @param grant_options
# The grant_options for the grant for user@host on the database.
# @param sql
# The path to the sqlfile you want to execute. This can be an array containing one or more file paths.
# @param enforce_sql
# Specifies whether executing the sqlfiles should happen on every run. If set to false, sqlfiles only run once.
# @param ensure
# Specifies whether to create the database. Valid values are 'present', 'absent'. Defaults to 'present'.
# @param import_timeout
# Timeout, in seconds, for loading the sqlfiles. Defaults to 300.
# @param import_cat_cmd
# Command to read the sqlfile for importing the database. Useful for compressed sqlfiles. For example, you can use 'zcat' for .gz files.
# @param mysql_exec_path
# Specify the path in which mysql has been installed if done in the non-standard bin/sbin path.
#
define mysql::db (
String[1] $user,
Variant[String, Sensitive[String]] $password,
Optional[Array[String[1]]] $tls_options = undef,
String $dbname = $name,
String[1] $charset = 'utf8',
String[1] $collate = 'utf8_general_ci',
String[1] $host = 'localhost',
Variant[String[1], Array[String[1]]] $grant = 'ALL',
Optional[Variant[String[1], Array[String[1]]]] $grant_options = undef,
Optional[Array] $sql = undef,
Boolean $enforce_sql = false,
Enum['absent', 'present'] $ensure = 'present',
Integer $import_timeout = 300,
Enum['cat', 'zcat', 'bzcat'] $import_cat_cmd = 'cat',
Optional[String] $mysql_exec_path = undef,
) {
include 'mysql::client'
# Ensure that the database name is valid.
if $dbname !~ /^[^\/?%*:|\""<>.\s;]{1,64}$/ {
$message = "The database name '${dbname}' is invalid. Values must:
* be longer than 64 characters.
* not contain // \\ or . characters.
* not contain characters that are not permitted in file names.
* not end with space characters."
fail($message)
}
# Ensure that the sql files passed are valid file paths.
if $sql {
$sql.each | $sqlfile | {
if $sqlfile !~ /^\/(?:.[.A-Za-z0-9_-]+\/?+)+(?:\.[.A-Za-z0-9]+)+$/ {
$message = "The file '${sqlfile}' is invalid. A valid file path is expected."
fail($message)
}
}
}
if ($mysql_exec_path) {
$_mysql_exec_path = $mysql_exec_path
} else {
$_mysql_exec_path = $mysql::params::exec_path
}
$db_resource = {
ensure => $ensure,
charset => $charset,
collate => $collate,
provider => 'mysql',
require => [Class['mysql::client']],
}
ensure_resource('mysql_database', $dbname, $db_resource)
$user_resource = {
ensure => $ensure,
password_hash => Deferred('mysql::password', [$password]),
tls_options => $tls_options,
}
ensure_resource('mysql_user', "${user}@${host}", $user_resource)
if $ensure == 'present' {
$table = "${dbname}.*"
mysql_grant { "${user}@${host}/${table}":
privileges => $grant,
provider => 'mysql',
user => "${user}@${host}",
table => $table,
options => $grant_options,
require => [
Mysql_database[$dbname],
Mysql_user["${user}@${host}"],
],
}
if $sql {
exec { "${dbname}-import":
command => "${import_cat_cmd} ${shell_join($sql)} | mysql ${dbname}",
logoutput => true,
environment => "HOME=${facts['root_home']}",
refreshonly => ! $enforce_sql,
path => "/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:${_mysql_exec_path}",
require => Mysql_grant["${user}@${host}/${table}"],
subscribe => Mysql_database[$dbname],
timeout => $import_timeout,
}
}
}
}
|
