Use host_access to provision mysql_user and mysql_grant

Improve logic to be able to reuse host_access for both the initial mysql user/grant and the additional ones for allowed_hosts. Change-Id: Ia42833a99ee0fab41a571cccaeb31f740176fce3
2014-09-29 16:18:34 -04:00
parent 5ecdc92222
commit a71ac3d371
2 changed files with 12 additions and 34 deletions
--- a/manifests/db/mysql.pp
+++ b/manifests/db/mysql.pp
@@ -43,7 +43,7 @@ define openstacklib::db::mysql (
  $host           = '127.0.0.1',
  $charset        = 'utf8',
  $collate        = 'utf8_unicode_ci',
-  $allowed_hosts  = undef,
+  $allowed_hosts  = [],
  $privileges     = 'ALL',
 ) {

@@ -56,35 +56,13 @@ define openstacklib::db::mysql (
    require => [ Class['mysql::server'], Class['mysql::client'] ],
  }

-  mysql_user { "${user}@${host}":
-    ensure        => present,
+  $allowed_hosts_list = unique(concat(any2array($allowed_hosts), $host))
+  $real_allowed_hosts = prefix($allowed_hosts_list, "${dbname}_")
+
+  openstacklib::db::mysql::host_access { $real_allowed_hosts:
+    user          => $user,
    password_hash => $password_hash,
-    require       => Class['mysql::server'],
+    database      => $dbname,
+    privileges    => $privileges,
  }
-
-  mysql_grant { "${user}@${host}/${dbname}.*":
-    privileges => $privileges,
-    user       => "${user}@${host}",
-    table      => "${dbname}.*",
-    require    => [Mysql_database[$dbname], Mysql_user["${user}@${host}"], Class['mysql::server'] ],
-  }
-
-  # Check allowed_hosts to avoid duplicate resource declarations
-  if is_array($allowed_hosts) and delete($allowed_hosts,$host) != [] {
-    $real_allowed_hosts = delete($allowed_hosts,$host)
-    $unique_real_allowed_hosts = prefix($real_allowed_hosts, "${dbname}_")
-  } elsif is_string($allowed_hosts) and ($allowed_hosts != $host) {
-    $real_allowed_hosts = $allowed_hosts
-    $unique_real_allowed_hosts = "${dbname}_${real_allowed_hosts}"
-  }
-
-  if $real_allowed_hosts {
-    openstacklib::db::mysql::host_access { $unique_real_allowed_hosts:
-      user          => $user,
-      password_hash => $password_hash,
-      database      => $dbname,
-      privileges    => $privileges,
-    }
-  }
-
 }
--- a/spec/defines/openstacklib_db_mysql_spec.rb
+++ b/spec/defines/openstacklib_db_mysql_spec.rb
@@ -82,7 +82,7 @@ describe 'openstacklib::db::mysql' do
        { :allowed_hosts  => ['127.0.0.1','%'] }.merge(required_params)
      end

-      it {should_not contain_openstacklib__db__mysql__host_access("#{title}_127.0.0.1").with(
+      it {should contain_openstacklib__db__mysql__host_access("#{title}_127.0.0.1").with(
        :user          => title,
        :password_hash => password_hash,
        :database      => title
@@ -117,7 +117,7 @@ describe 'openstacklib::db::mysql' do
        }
      end

-      it {should_not contain_openstacklib__db__mysql__host_access("#{title}_127.0.0.1").with(
+      it {should contain_openstacklib__db__mysql__host_access("#{title}_127.0.0.1").with(
        :user          => title,
        :password_hash => password_hash,
        :database      => title
@@ -184,7 +184,7 @@ describe 'openstacklib::db::mysql' do
        { :allowed_hosts  => ['127.0.0.1','%'] }.merge(required_params)
      end

-      it {should_not contain_openstacklib__db__mysql__host_access("#{title}_127.0.0.1").with(
+      it {should contain_openstacklib__db__mysql__host_access("#{title}_127.0.0.1").with(
        :user          => title,
        :password_hash => password_hash,
        :database      => title
@@ -219,7 +219,7 @@ describe 'openstacklib::db::mysql' do
        }
      end

-      it {should_not contain_openstacklib__db__mysql__host_access("#{title}_127.0.0.1").with(
+      it {should contain_openstacklib__db__mysql__host_access("#{title}_127.0.0.1").with(
        :user          => title,
        :password_hash => password_hash,
        :database      => title