d91a4c7b36
Previously if you wanted to use the openstack::db::mysql for to create a database and use the same user for multiple databases, the catalog would fail due to a duplicate mysql_user definition. This change adds the ability to disable the user creation as well as the grant if the user does not need it. Change-Id: Id04a622cc900254fe60bc257a9e42d16c676bf40 Related-Bug: 1649341
58 lines
1.4 KiB
Puppet
58 lines
1.4 KiB
Puppet
# Allow a user to access the database for the service
|
|
#
|
|
# == Namevar
|
|
# String with the form dbname_host. The host part of the string is the host
|
|
# to allow
|
|
#
|
|
# == Parameters
|
|
# [*user*]
|
|
# username to allow
|
|
#
|
|
# [*password_hash*]
|
|
# user password hash
|
|
#
|
|
# [*database*]
|
|
# the database name
|
|
#
|
|
# [*privileges*]
|
|
# the privileges to grant to this user
|
|
#
|
|
# [*create_user*]
|
|
# Flag to allow for the skipping of the user as part of the database setup.
|
|
# Set to false to skip the user creation.
|
|
# Defaults to true.
|
|
#
|
|
# [*create_grant*]
|
|
# Flag to allow for the skipping of the user grants as part of the database
|
|
# setup. Set to false to skip the user creation.
|
|
# Defaults to true.
|
|
#
|
|
define openstacklib::db::mysql::host_access (
|
|
$user,
|
|
$password_hash,
|
|
$database,
|
|
$privileges,
|
|
$create_user = true,
|
|
$create_grant = true,
|
|
) {
|
|
validate_re($title, '_', 'Title must be $dbname_$host')
|
|
|
|
$host = inline_template('<%= @title.split("_").last.downcase %>')
|
|
|
|
if $create_user {
|
|
mysql_user { "${user}@${host}":
|
|
password_hash => $password_hash,
|
|
require => Mysql_database[$database],
|
|
}
|
|
}
|
|
|
|
if $create_grant {
|
|
mysql_grant { "${user}@${host}/${database}.*":
|
|
privileges => $privileges,
|
|
table => "${database}.*",
|
|
require => Mysql_user["${user}@${host}"],
|
|
user => "${user}@${host}",
|
|
}
|
|
}
|
|
}
|