From 8ca9a51bda9c3342922564038270d0013091d09a Mon Sep 17 00:00:00 2001 From: Brett Delle Grazie Date: Thu, 11 Feb 2016 13:08:23 +0000 Subject: [PATCH 1/3] Support Adding / Removing Schemas --- README.md | 7 +++++++ defaults/main.yml | 1 + tasks/main.yml | 7 +++++++ 3 files changed, 15 insertions(+) diff --git a/README.md b/README.md index 0a1b6dd..08d51a7 100644 --- a/README.md +++ b/README.md @@ -58,6 +58,13 @@ Objects are configured via the following variables: - `postgresql_objects_databases`: A list of databases to create or drop. List items are dictionaries, keys match the [`postgresql_db`][pgdb] module parameters. +- `postgresql_objects_schemas`: A list of schemas to create or drop. List + items are dictionaries, keys are: + - `name`: name of schema (required) + - `authorization`: user to own schema (optional) + - `state`: `present` (default) or `absent` + - `database`: database to create schema in (required) + parameters. - `postgresql_objects_privileges`: A list of privileges to grant or revoke. List items are dictionaries, keys match the [`postgresql_privs`][pgprivs] module parameters. diff --git a/defaults/main.yml b/defaults/main.yml index 6186c91..36ca605 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -26,4 +26,5 @@ postgresql_objects_ignore_revoke_failure: true postgresql_objects_users: [] postgresql_objects_groups: [] postgresql_objects_databases: [] +postgresql_objects_schemas: [] postgresql_objects_privileges: [] diff --git a/tasks/main.yml b/tasks/main.yml index 524254d..dff7be8 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -93,6 +93,13 @@ with_items: postgresql_objects_databases when: item.state is not defined or (item.state is defined and item.state == 'present') +- name: Create or Drop Schemas + shell: echo {{ 'DROP' if item.state is defined and item.state == 'absent' else 'CREATE' }} SCHEMA '{{ item.name }}' {{ 'AUTHORIZATION '+item.authorization if item.authorization is defined}} | psql -w {{ '-h ' ~ postgresql_objects_login_host if postgresql_objects_login_host is defined else '' }} {{ '-U ' ~ postgresql_objects_login_user if postgresql_objects_login_user is defined else '' }} {{ '-p ' ~ postgresql_objects_port if postgresql_objects_port is defined else '' }} item.database + register: psql + failed_when: psql.stderr.startswith( 'ERROR:' ) + changed_when: psql.stderr == '' + with_items: postgresql_objects_schemas + - name: Grant user database privileges postgresql_user: name={{ item.name }} db={{ item.db }} From 551a9967493dc8c9aa613a6cc38c31a1d3682167 Mon Sep 17 00:00:00 2001 From: Brett Delle Grazie Date: Thu, 11 Feb 2016 13:08:23 +0000 Subject: [PATCH 2/3] Support Adding / Removing Schemas --- tasks/main.yml | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index dff7be8..94e9791 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -19,6 +19,14 @@ failed_when: "postgresql_objects_ignore_revoke_failure and revoke.failed is defined and ((revoke.failed and 'does not exist' not in revoke.msg) or (revoke.failed and ',' in item.roles))" when: item.state is defined and item.state == 'absent' +- name: Drop Schemas + shell: echo DROP SCHEMA IF EXISTS '{{ item.name }}' | psql -w {{ '-h ' ~ postgresql_objects_login_host if postgresql_objects_login_host is defined else '' }} {{ '-U ' ~ postgresql_objects_login_user if postgresql_objects_login_user is defined else '' }} {{ '-p ' ~ postgresql_objects_port if postgresql_objects_port is defined else '' }} {{ item.database }} + register: psql + failed_when: psql.stderr.startswith( 'ERROR:' ) + changed_when: psql.stderr == '' + with_items: postgresql_objects_schemas + when: item.database is defined and item.name is defined and item.state is defined and item.state == 'absent' + # Drop databases first so later user drop can succeed - name: Drop databases postgresql_db: name={{ item.name }} @@ -93,12 +101,13 @@ with_items: postgresql_objects_databases when: item.state is not defined or (item.state is defined and item.state == 'present') -- name: Create or Drop Schemas - shell: echo {{ 'DROP' if item.state is defined and item.state == 'absent' else 'CREATE' }} SCHEMA '{{ item.name }}' {{ 'AUTHORIZATION '+item.authorization if item.authorization is defined}} | psql -w {{ '-h ' ~ postgresql_objects_login_host if postgresql_objects_login_host is defined else '' }} {{ '-U ' ~ postgresql_objects_login_user if postgresql_objects_login_user is defined else '' }} {{ '-p ' ~ postgresql_objects_port if postgresql_objects_port is defined else '' }} item.database +- name: Create Schemas + shell: echo CREATE SCHEMA IF NOT EXISTS '{{ item.name }}' {{ 'AUTHORIZATION '+item.authorization if item.authorization is defined}} | psql -w {{ '-h ' ~ postgresql_objects_login_host if postgresql_objects_login_host is defined else '' }} {{ '-U ' ~ postgresql_objects_login_user if postgresql_objects_login_user is defined else '' }} {{ '-p ' ~ postgresql_objects_port if postgresql_objects_port is defined else '' }} {{ item.database }} register: psql failed_when: psql.stderr.startswith( 'ERROR:' ) changed_when: psql.stderr == '' with_items: postgresql_objects_schemas + when: item.database is defined and item.name is defined and item.state is not defined or item.state != 'absent' - name: Grant user database privileges postgresql_user: name={{ item.name }} From ff9a4b48537e4dc7c83c713b2014027a8699036e Mon Sep 17 00:00:00 2001 From: Brett Delle Grazie Date: Thu, 24 Mar 2016 22:21:44 +0000 Subject: [PATCH 3/3] fix deprecation warning Need to quote variables used with_items --- tasks/main.yml | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index 94e9791..670fac8 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -14,7 +14,7 @@ login_user={{ postgresql_objects_login_user | default( omit ) }} login_password={{ postgresql_objects_login_password | default( omit ) }} port={{ postgresql_objects_port | default( omit ) }} - with_items: postgresql_objects_privileges + with_items: '{{ postgresql_objects_privileges }}' register: revoke failed_when: "postgresql_objects_ignore_revoke_failure and revoke.failed is defined and ((revoke.failed and 'does not exist' not in revoke.msg) or (revoke.failed and ',' in item.roles))" when: item.state is defined and item.state == 'absent' @@ -24,7 +24,7 @@ register: psql failed_when: psql.stderr.startswith( 'ERROR:' ) changed_when: psql.stderr == '' - with_items: postgresql_objects_schemas + with_items: ' {{ postgresql_objects_schemas }}' when: item.database is defined and item.name is defined and item.state is defined and item.state == 'absent' # Drop databases first so later user drop can succeed @@ -40,7 +40,7 @@ login_user={{ postgresql_objects_login_user | default( omit ) }} login_password={{ postgresql_objects_login_password | default( omit ) }} port={{ postgresql_objects_port | default( omit ) }} - with_items: postgresql_objects_databases + with_items: '{{ postgresql_objects_databases }}' when: item.state is defined and item.state == 'absent' - name: Create and drop users @@ -53,7 +53,7 @@ login_user={{ postgresql_objects_login_user | default( omit ) }} login_password={{ postgresql_objects_login_password | default( omit ) }} port={{ postgresql_objects_port | default( omit ) }} - with_items: postgresql_objects_users + with_items: '{{ postgresql_objects_users }}' - name: Create groups postgresql_user: name={{ item.name }} @@ -64,7 +64,7 @@ login_user={{ postgresql_objects_login_user | default( omit ) }} login_password={{ postgresql_objects_login_password | default( omit ) }} port={{ postgresql_objects_port | default( omit ) }} - with_items: postgresql_objects_groups + with_items: '{{ postgresql_objects_groups }}' when: item.state is not defined or (item.state is defined and item.state == 'present') - name: Add or remove users from groups @@ -73,8 +73,8 @@ failed_when: psql.stderr.startswith( 'ERROR:' ) changed_when: psql.stderr == '' with_subelements: - - postgresql_objects_groups - - users + - '{{ postgresql_objects_groups }}' + - 'users' - name: Drop groups postgresql_user: name={{ item.name }} @@ -83,7 +83,7 @@ login_user={{ postgresql_objects_login_user | default( omit ) }} login_password={{ postgresql_objects_login_password | default( omit ) }} port={{ postgresql_objects_port | default( omit ) }} - with_items: postgresql_objects_groups + with_items: '{{ postgresql_objects_groups }}' when: item.state is defined and item.state == 'absent' - name: Create databases @@ -98,7 +98,7 @@ login_user={{ postgresql_objects_login_user | default( omit ) }} login_password={{ postgresql_objects_login_password | default( omit ) }} port={{ postgresql_objects_port | default( omit ) }} - with_items: postgresql_objects_databases + with_items: '{{ postgresql_objects_databases }}' when: item.state is not defined or (item.state is defined and item.state == 'present') - name: Create Schemas @@ -106,7 +106,7 @@ register: psql failed_when: psql.stderr.startswith( 'ERROR:' ) changed_when: psql.stderr == '' - with_items: postgresql_objects_schemas + with_items: '{{ postgresql_objects_schemas }}' when: item.database is defined and item.name is defined and item.state is not defined or item.state != 'absent' - name: Grant user database privileges @@ -117,7 +117,7 @@ login_user={{ postgresql_objects_login_user | default( omit ) }} login_password={{ postgresql_objects_login_password | default( omit ) }} port={{ postgresql_objects_port | default( omit ) }} - with_items: postgresql_objects_users + with_items: '{{ postgresql_objects_users }}' when: item.db is defined and item.priv is defined and not (item.state is defined and item.state == 'absent') - name: Grant extra privileges @@ -133,5 +133,5 @@ login_user={{ postgresql_objects_login_user | default( omit ) }} login_password={{ postgresql_objects_login_password | default( omit ) }} port={{ postgresql_objects_port | default( omit ) }} - with_items: postgresql_objects_privileges + with_items: '{{ postgresql_objects_privileges }}' when: (item.state is not defined or (item.state is defined and item.state == 'present'))