Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added a new module that can manage rules in pg_hba files. #32666

Open
wants to merge 1 commit into
base: devel
from

Conversation

@sebasmannem
Copy link

sebasmannem commented Nov 8, 2017

SUMMARY

Postgres pg_hba files are difficult to manage. They can best be related to iptables config:

  • first lines hit, will be applied
  • there are complexe datatypes involved, like ip addresses and subnets, which could have different notations for the same value.
    For these reasons (order is important, complex datatypes), lineinfile doesn't really work well.

On the other hand, templating does work, but overwrite the whole file. Any changes which are there, but are not part of the template, are basically reverted. With Ansible, you can manage only parts of config, but not for pg_hba rules.

This module fixes that. You an state that a hba rule should be there and the modules makes sure it is there and even on the on a logical place, so that it hits, without overriding other rules (other than what should be logical).

ISSUE TYPE
  • New Module Pull Request
COMPONENT NAME

pg_hba

ANSIBLE VERSION
ansible 2.4.1.0
  config file = None
  configured module search path = [u'/Users/smannem/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/Cellar/ansible/2.4.1.0/libexec/lib/python2.7/site-packages/ansible
  executable location = /usr/local/bin/ansible
  python version = 2.7.14 (default, Sep 25 2017, 09:53:22) [GCC 4.2.1 Compatible Apple LLVM 9.0.0 (clang-900.0.37)]
ADDITIONAL INFORMATION

This module already was created in juli 2015, and used internally on many occasions. I wanted to commit it to the community,since then, but never took the time too jump through all hoops. It has always been on my personal github account, for anyone to use. I just hope to help others to manag postgres databases in a more transparant way.

After this change, you can

ansible -m pg_hba -a 'dest=/tmp/pg_hba.conf contype=host source=192.168.8.0 netmask=255.255.255.0 method=md5 backup=true order=sud state=present create=true'
@ansibot

This comment has been minimized.

Copy link
Contributor

ansibot commented Nov 8, 2017

The test ansible-test sanity --test boilerplate [?] failed with the following error:

Command "test/sanity/code-smell/boilerplate.sh" returned exit status 2.
>>> Standard Output
== Missing __metaclass__ = type ==
./lib/ansible/modules/database/postgresql/pg_hba.py

== Missing from __future__ import (absolute_import, division, print_function) ==
./lib/ansible/modules/database/postgresql/pg_hba.py

The test ansible-test sanity --test no-wildcard-import [?] failed with the following error:

Command "test/sanity/code-smell/no-wildcard-import.sh" returned exit status 3.
>>> Standard Output
== Wildcard imports detected ==
./lib/ansible/modules/database/postgresql/pg_hba.py:from ansible.module_utils.basic import *
./lib/ansible/modules/database/postgresql/pg_hba.py:from ansible.module_utils.database import *

The test ansible-test sanity --test pep8 [?] failed with the following errors:

lib/ansible/modules/database/postgresql/pg_hba.py:162:1: E302 expected 2 blank lines, found 1
lib/ansible/modules/database/postgresql/pg_hba.py:165:1: E302 expected 2 blank lines, found 1
lib/ansible/modules/database/postgresql/pg_hba.py:172:10: E225 missing whitespace around operator
lib/ansible/modules/database/postgresql/pg_hba.py:186:13: E225 missing whitespace around operator
lib/ansible/modules/database/postgresql/pg_hba.py:186:27: E231 missing whitespace after ','
lib/ansible/modules/database/postgresql/pg_hba.py:199:1: E302 expected 2 blank lines, found 1
lib/ansible/modules/database/postgresql/pg_hba.py:202:1: E302 expected 2 blank lines, found 1
lib/ansible/modules/database/postgresql/pg_hba.py:209:11: E225 missing whitespace around operator
lib/ansible/modules/database/postgresql/pg_hba.py:212:18: E225 missing whitespace around operator
lib/ansible/modules/database/postgresql/pg_hba.py:215:17: E225 missing whitespace around operator
lib/ansible/modules/database/postgresql/pg_hba.py:215:24: E225 missing whitespace around operator
lib/ansible/modules/database/postgresql/pg_hba.py:217:15: E225 missing whitespace around operator
lib/ansible/modules/database/postgresql/pg_hba.py:217:18: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:217:22: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:222:1: E302 expected 2 blank lines, found 1
lib/ansible/modules/database/postgresql/pg_hba.py:229:28: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:229:34: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:229:37: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:232:1: E302 expected 2 blank lines, found 1
lib/ansible/modules/database/postgresql/pg_hba.py:234:13: E225 missing whitespace around operator
lib/ansible/modules/database/postgresql/pg_hba.py:234:30: E231 missing whitespace after ','
lib/ansible/modules/database/postgresql/pg_hba.py:236:13: E225 missing whitespace around operator
lib/ansible/modules/database/postgresql/pg_hba.py:239:32: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:239:39: E225 missing whitespace around operator
lib/ansible/modules/database/postgresql/pg_hba.py:239:45: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:241:1: E302 expected 2 blank lines, found 1
lib/ansible/modules/database/postgresql/pg_hba.py:244:9: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:246:34: E228 missing whitespace around modulo operator
lib/ansible/modules/database/postgresql/pg_hba.py:250:9: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:252:60: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:252:69: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:252:77: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:254:45: E231 missing whitespace after ','
lib/ansible/modules/database/postgresql/pg_hba.py:260:5: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:265:33: E231 missing whitespace after ','
lib/ansible/modules/database/postgresql/pg_hba.py:265:37: E231 missing whitespace after ','
lib/ansible/modules/database/postgresql/pg_hba.py:267:1: E302 expected 2 blank lines, found 1
lib/ansible/modules/database/postgresql/pg_hba.py:280:5: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:283:5: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:284:18: E201 whitespace after '['
lib/ansible/modules/database/postgresql/pg_hba.py:284:65: E202 whitespace before ']'
lib/ansible/modules/database/postgresql/pg_hba.py:290:5: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:302:1: E302 expected 2 blank lines, found 1
lib/ansible/modules/database/postgresql/pg_hba.py:304:13: E225 missing whitespace around operator
lib/ansible/modules/database/postgresql/pg_hba.py:304:30: E231 missing whitespace after ','
lib/ansible/modules/database/postgresql/pg_hba.py:306:13: E225 missing whitespace around operator
lib/ansible/modules/database/postgresql/pg_hba.py:309:32: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:309:39: E225 missing whitespace around operator
lib/ansible/modules/database/postgresql/pg_hba.py:309:46: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:312:17: E201 whitespace after '['
lib/ansible/modules/database/postgresql/pg_hba.py:312:127: E202 whitespace before ']'
lib/ansible/modules/database/postgresql/pg_hba.py:313:15: E201 whitespace after '['
lib/ansible/modules/database/postgresql/pg_hba.py:313:55: E202 whitespace before ']'
lib/ansible/modules/database/postgresql/pg_hba.py:314:16: E201 whitespace after '['
lib/ansible/modules/database/postgresql/pg_hba.py:315:13: E201 whitespace after '['
lib/ansible/modules/database/postgresql/pg_hba.py:321:8: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:323:9: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:323:16: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:323:24: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:323:35: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:325:8: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:327:9: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:327:17: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:327:25: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:327:35: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:327:43: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:328:16: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:328:24: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:329:16: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:329:24: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:329:35: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:329:43: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:330:16: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:330:24: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:330:36: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:330:44: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:331:16: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:331:24: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:331:36: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:331:44: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:332:16: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:332:24: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:332:36: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:332:44: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:333:16: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:333:24: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:333:36: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:333:44: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:334:20: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:334:27: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:334:35: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:335:19: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:335:27: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:336:22: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:336:30: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:337:43: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:337:52: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:337:161: E501 line too long (185 > 160 characters)
lib/ansible/modules/database/postgresql/pg_hba.py:338:16: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:338:24: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:338:35: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:338:44: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:340:8: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:340:32: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:340:41: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:342:8: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:342:32: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:342:41: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:345:1: E302 expected 2 blank lines, found 1
lib/ansible/modules/database/postgresql/pg_hba.py:348:1: E302 expected 2 blank lines, found 1
lib/ansible/modules/database/postgresql/pg_hba.py:359:19: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:360:21: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:361:19: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:362:20: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:365:23: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:366:23: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:367:22: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:367:41: E202 whitespace before ']'
lib/ansible/modules/database/postgresql/pg_hba.py:368:24: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:370:24: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:372:9: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:373:23: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:373:55: E231 missing whitespace after ','
lib/ansible/modules/database/postgresql/pg_hba.py:375:9: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:376:9: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:377:19: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:382:9: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:383:18: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:395:18: E225 missing whitespace around operator
lib/ansible/modules/database/postgresql/pg_hba.py:396:17: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:399:44: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:409:9: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:411:13: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:438:17: E201 whitespace after '['
lib/ansible/modules/database/postgresql/pg_hba.py:438:44: E202 whitespace before ']'
lib/ansible/modules/database/postgresql/pg_hba.py:450:28: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:450:32: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:452:37: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:454:37: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:454:41: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:459:28: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:459:32: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:461:37: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:463:37: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:463:41: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:477:13: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:478:28: E261 at least two spaces before inline comment
lib/ansible/modules/database/postgresql/pg_hba.py:478:29: E262 inline comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:481:17: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:485:16: E114 indentation is not a multiple of four (comment)
lib/ansible/modules/database/postgresql/pg_hba.py:485:16: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:489:17: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:490:32: E261 at least two spaces before inline comment
lib/ansible/modules/database/postgresql/pg_hba.py:490:33: E262 inline comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:493:17: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:497:16: E114 indentation is not a multiple of four (comment)
lib/ansible/modules/database/postgresql/pg_hba.py:497:16: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:501:17: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:502:32: E261 at least two spaces before inline comment
lib/ansible/modules/database/postgresql/pg_hba.py:502:33: E262 inline comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:504:13: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:504:161: E501 line too long (204 > 160 characters)
lib/ansible/modules/database/postgresql/pg_hba.py:508:32: E261 at least two spaces before inline comment
lib/ansible/modules/database/postgresql/pg_hba.py:508:33: E262 inline comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:510:17: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:511:17: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:512:17: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:513:31: E261 at least two spaces before inline comment
lib/ansible/modules/database/postgresql/pg_hba.py:513:32: E262 inline comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:516:31: E261 at least two spaces before inline comment
lib/ansible/modules/database/postgresql/pg_hba.py:516:32: E262 inline comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:518:17: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:519:32: E261 at least two spaces before inline comment
lib/ansible/modules/database/postgresql/pg_hba.py:519:33: E262 inline comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:521:9: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:522:9: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:523:36: E261 at least two spaces before inline comment
lib/ansible/modules/database/postgresql/pg_hba.py:523:37: E262 inline comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:529:29: E201 whitespace after '['
lib/ansible/modules/database/postgresql/pg_hba.py:584:78: E241 multiple spaces after ','
lib/ansible/modules/database/postgresql/pg_hba.py:602:25: E201 whitespace after '['
lib/ansible/modules/database/postgresql/pg_hba.py:602:71: E202 whitespace before ']'
lib/ansible/modules/database/postgresql/pg_hba.py:617:49: E225 missing whitespace around operator
lib/ansible/modules/database/postgresql/pg_hba.py:618:35: E201 whitespace after '['
lib/ansible/modules/database/postgresql/pg_hba.py:618:81: E202 whitespace before ']'
lib/ansible/modules/database/postgresql/pg_hba.py:646:33: E201 whitespace after '['
lib/ansible/modules/database/postgresql/pg_hba.py:646:65: E202 whitespace before ']'
lib/ansible/modules/database/postgresql/pg_hba.py:647:25: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:647:30: E226 missing whitespace around arithmetic operator
lib/ansible/modules/database/postgresql/pg_hba.py:648:9: E265 block comment should start with '# '
lib/ansible/modules/database/postgresql/pg_hba.py:663:1: E302 expected 2 blank lines, found 1
lib/ansible/modules/database/postgresql/pg_hba.py:672:47: E251 unexpected spaces around keyword / parameter equals
lib/ansible/modules/database/postgresql/pg_hba.py:672:49: E251 unexpected spaces around keyword / parameter equals
lib/ansible/modules/database/postgresql/pg_hba.py:682:28: E251 unexpected spaces around keyword / parameter equals
lib/ansible/modules/database/postgresql/pg_hba.py:682:30: E251 unexpected spaces around keyword / parameter equals
lib/ansible/modules/database/postgresql/pg_hba.py:685:12: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:689:15: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:691:9: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:693:11: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:694:12: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:695:12: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:696:10: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:697:11: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:698:10: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:699:10: E221 multiple spaces before operator
lib/ansible/modules/database/postgresql/pg_hba.py:701:8: E225 missing whitespace around operator
lib/ansible/modules/database/postgresql/pg_hba.py:707:23: E221 multiple spaces before operator

The test ansible-test sanity --test pylint [?] failed with the following errors:

lib/ansible/modules/database/postgresql/pg_hba.py:190:25: too-many-format-args Too many arguments for format string
lib/ansible/modules/database/postgresql/pg_hba.py:197:25: too-many-format-args Too many arguments for format string

The test ansible-test sanity --test use-argspec-type-path [?] failed with the following error:

Command "test/sanity/code-smell/use-argspec-type-path.sh" returned exit status 1.
>>> Standard Output
lib/ansible/modules/database/postgresql/pg_hba.py:    dest      = os.path.expanduser(module.params["dest"])
The module(s) listed above use expanduser.
This may indicate the module should be using an argpsec type="path" instead of type="str"
If this is a false positive, add to the whitelist in:
  test/sanity/code-smell/use-argspec-type-path.sh

The test ansible-test sanity --test validate-modules [?] failed with the following errors:

lib/ansible/modules/database/postgresql/pg_hba.py:0:0: E305 DOCUMENTATION.options.contype.choises: extra keys not allowed @ data['options']['contype']['choises']. Got ['local', 'host', 'hostssl', 'hostnossl', '']
lib/ansible/modules/database/postgresql/pg_hba.py:0:0: E307 version_added should be 2.5. Currently 2.2
lib/ansible/modules/database/postgresql/pg_hba.py:0:0: E312 No RETURN provided
lib/ansible/modules/database/postgresql/pg_hba.py:0:0: E316 ANSIBLE_METADATA.metadata_version: not a valid value for dictionary value @ data['metadata_version']. Got '1.0'
lib/ansible/modules/database/postgresql/pg_hba.py:203:0: E403 Type comparison using type() found. Use isinstance() instead
lib/ansible/modules/database/postgresql/pg_hba.py:205:0: E403 Type comparison using type() found. Use isinstance() instead
lib/ansible/modules/database/postgresql/pg_hba.py:233:0: E403 Type comparison using type() found. Use isinstance() instead
lib/ansible/modules/database/postgresql/pg_hba.py:303:0: E403 Type comparison using type() found. Use isinstance() instead
lib/ansible/modules/database/postgresql/pg_hba.py:741:0: E107 Imports should be directly below DOCUMENTATION/EXAMPLES/RETURN/ANSIBLE_METADATA.
lib/ansible/modules/database/postgresql/pg_hba.py:741:0: E208 module_utils imports should import specific components, not "*"
lib/ansible/modules/database/postgresql/pg_hba.py:742:0: E107 Imports should be directly below DOCUMENTATION/EXAMPLES/RETURN/ANSIBLE_METADATA.
lib/ansible/modules/database/postgresql/pg_hba.py:742:0: E208 module_utils imports should import specific components, not "*"

click here for bot help

@ansibot

This comment has been minimized.

Copy link
Contributor

ansibot commented Nov 8, 2017

The test ansible-test sanity --test boilerplate [?] failed with the following error:

Command "test/sanity/code-smell/boilerplate.sh" returned exit status 2.
>>> Standard Output
== Missing __metaclass__ = type ==
./lib/ansible/modules/database/postgresql/pg_hba.py

== Missing from __future__ import (absolute_import, division, print_function) ==
./lib/ansible/modules/database/postgresql/pg_hba.py

The test ansible-test sanity --test pep8 [?] failed with the following errors:

lib/ansible/modules/database/postgresql/pg_hba.py:346:161: E501 line too long (191 > 160 characters)
lib/ansible/modules/database/postgresql/pg_hba.py:515:161: E501 line too long (205 > 160 characters)

The test ansible-test sanity --test use-argspec-type-path [?] failed with the following error:

Command "test/sanity/code-smell/use-argspec-type-path.sh" returned exit status 1.
>>> Standard Output
lib/ansible/modules/database/postgresql/pg_hba.py:    dest = os.path.expanduser(module.params["dest"])
The module(s) listed above use expanduser.
This may indicate the module should be using an argpsec type="path" instead of type="str"
If this is a false positive, add to the whitelist in:
  test/sanity/code-smell/use-argspec-type-path.sh

The test ansible-test sanity --test validate-modules [?] failed with the following errors:

lib/ansible/modules/database/postgresql/pg_hba.py:0:0: E305 DOCUMENTATION.options.contype.choises: extra keys not allowed @ data['options']['contype']['choises']. Got ['local', 'host', 'hostssl', 'hostnossl', '']
lib/ansible/modules/database/postgresql/pg_hba.py:0:0: E307 version_added should be 2.5. Currently 2.2
lib/ansible/modules/database/postgresql/pg_hba.py:0:0: E312 No RETURN provided
lib/ansible/modules/database/postgresql/pg_hba.py:0:0: E316 ANSIBLE_METADATA.metadata_version: not a valid value for dictionary value @ data['metadata_version']. Got '1.0'
lib/ansible/modules/database/postgresql/pg_hba.py:207:0: E403 Type comparison using type() found. Use isinstance() instead
lib/ansible/modules/database/postgresql/pg_hba.py:209:0: E403 Type comparison using type() found. Use isinstance() instead
lib/ansible/modules/database/postgresql/pg_hba.py:239:0: E403 Type comparison using type() found. Use isinstance() instead
lib/ansible/modules/database/postgresql/pg_hba.py:312:0: E403 Type comparison using type() found. Use isinstance() instead
lib/ansible/modules/database/postgresql/pg_hba.py:750:0: E107 Imports should be directly below DOCUMENTATION/EXAMPLES/RETURN/ANSIBLE_METADATA.

click here for bot help

@ansibot

This comment has been minimized.

Copy link
Contributor

ansibot commented Nov 8, 2017

The test ansible-test sanity --test use-argspec-type-path [?] failed with the following error:

Command "test/sanity/code-smell/use-argspec-type-path.sh" returned exit status 1.
>>> Standard Output
lib/ansible/modules/database/postgresql/pg_hba.py:    dest = os.path.expanduser(module.params["dest"])
The module(s) listed above use expanduser.
This may indicate the module should be using an argpsec type="path" instead of type="str"
If this is a false positive, add to the whitelist in:
  test/sanity/code-smell/use-argspec-type-path.sh

The test ansible-test sanity --test validate-modules [?] failed with the following errors:

lib/ansible/modules/database/postgresql/pg_hba.py:0:0: E316 ANSIBLE_METADATA.metadata_version: not a valid value for dictionary value @ data['metadata_version']. Got '1.0'
lib/ansible/modules/database/postgresql/pg_hba.py:0:0: E319 RETURN.msgs.contains: required key not provided @ data['contains']. Got None
lib/ansible/modules/database/postgresql/pg_hba.py:0:0: E319 RETURN.pg_hba.contains: required key not provided @ data['contains']. Got None

click here for bot help

@ansibot

This comment has been minimized.

Copy link
Contributor

ansibot commented Nov 8, 2017

@b6d @dschep @jensdepuydt @matburt @nerzhul

As a maintainer of a module in the same namespace this new module has been submitted to, your vote counts for shipits. Please review this module and add shipit if you would like to see it merged.

click here for bot help

@ansibot

This comment has been minimized.

Copy link
Contributor

ansibot commented Nov 16, 2017

@b6d @dschep @jensdepuydt @matburt @nerzhul

As a maintainer of a module in the same namespace this new module has been submitted to, your vote counts for shipits. Please review this module and add shipit if you would like to see it merged.

click here for bot help

@ansibot ansibot added the stale_ci label Nov 16, 2017

@ansibot

This comment has been minimized.

Copy link
Contributor

ansibot commented Nov 16, 2017

@b6d @dschep @jensdepuydt @matburt @nerzhul

As a maintainer of a module in the same namespace this new module has been submitted to, your vote counts for shipits. Please review this module and add shipit if you would like to see it merged.

click here for bot help

@nerzhul

This comment has been minimized.

Copy link
Contributor

nerzhul commented Nov 17, 2017

@jctanner seems bot sent the same notification 3 times

@sebasmannem

This comment has been minimized.

Copy link
Author

sebasmannem commented Dec 31, 2017

@b6d @dschep @jensdepuydt @matburt @nerzhul : Can you tell me what the state is, that this merge request is in? Is it going to be merged? In what version? 2.5?

@sebasmannem

This comment has been minimized.

Copy link
Author

sebasmannem commented Dec 31, 2017

I'd like to be more active. I have some more ideaus:

  • postgres_query, to run a query on a postgres database (same as shell, but then for all pg clusters)
  • oracle_query, idem, but for oracle
  • oratab, to manage (read and modify) oratab files
    Let me know if there is any interest. For the oracle stuff, I need to create a test environment, but I'm happy to...
@pilou-

This comment has been minimized.

Copy link
Contributor

pilou- commented Jan 9, 2018

@sebasmannem about postgres_query there is an existing related pull-request: #25411.

@pilou-
Copy link
Contributor

pilou- left a comment

Tests should be added. There are already some integration tests related to PostgreSQL in test/integration/targets/postgresql directory.

lib/ansible/modules/database/postgresql/pg_hba.py Outdated

# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify

This comment has been minimized.

@pilou-

pilou- Jan 9, 2018

Contributor

Use shorter licence declaration (example).

This comment has been minimized.

@sebasmannem

sebasmannem Jan 16, 2018

Author

Fixed in new commit (coming up).

lib/ansible/modules/database/postgresql/pg_hba.py Outdated
description:
- Path to C(pg_hba) file to modify.
required: true
default: ''

This comment has been minimized.

@pilou-

pilou- Jan 9, 2018

Contributor

required parameter don't have default value.

This comment has been minimized.

@sebasmannem

sebasmannem Jan 16, 2018

Author

Fixed in new commit (coming up).

lib/ansible/modules/database/postgresql/pg_hba.py Outdated
default: false
owner:
description:
- Owner of the C(pg_hba) file (almost always postgres, or sometimes enterprisedb).

This comment has been minimized.

@pilou-

pilou- Jan 9, 2018

Contributor

Formatting function C() could be used with postgres and enterprisedb.

This comment has been minimized.

@sebasmannem

sebasmannem Jan 16, 2018

Author

Fixed in new commit (coming up).

This comment has been minimized.

@sebasmannem

sebasmannem May 10, 2018

Author

And extends_documentation_fragment has even removed owner from the docstring entirely.

lib/ansible/modules/database/postgresql/pg_hba.py Outdated

def main():
module = AnsibleModule(
argument_spec=dict(

This comment has been minimized.

@pilou-

pilou- Jan 9, 2018

Contributor

dest, owner, group, mode parameters are present: common file arguments must be used instead:

This comment has been minimized.

@sebasmannem

sebasmannem May 10, 2018

Author

Fixed in upcoming commit

This comment has been minimized.

@sebasmannem

sebasmannem May 10, 2018

Author

Also changing source to src parameter

lib/ansible/modules/database/postgresql/pg_hba.py Outdated
description:
- Type of the rule. Use emptystring C('') if you don't want to change file, but only want to read contents.
required: true
default: "host"

This comment has been minimized.

@pilou-

pilou- Jan 9, 2018

Contributor

required parameters don't have a default. Besides required isn't used in argument_spec for this parameter. I suggest to not require this parameter without any default value (thenNone would be the default value),meaning the default behavior would be to read contents unless contype is set.

This comment has been minimized.

@sebasmannem

sebasmannem Jan 16, 2018

Author

Good notion. I have changed as you suggestedin new commit (coming up).

lib/ansible/modules/database/postgresql/pg_hba.py Outdated
raise TouchError("Could not convert '{0}' form octal to int. Please specify a valid mode in octal form (e.a. 777, 640, etc.).".format(mode))
if mode > 511 or mode < 0:
raise TouchError("Please specify octal mode ({0}) between 000 and 777.".format(mode))
try:

This comment has been minimized.

@pilou-

pilou- Jan 9, 2018

Contributor

AnsibleModule.set_fs_attributes_if_different should be used instead of the touch method (related to the comment below about common file arguments).

lib/ansible/modules/database/postgresql/pg_hba.py Outdated


# See http://stackoverflow.com/questions/53497/regular-expression-that-matches-valid-ipv6-addresses for more info...
IPV4SEG = '(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])'

This comment has been minimized.

@pilou-

pilou- Jan 9, 2018

Contributor

ipaddress Python module should be used instead in order to check/handle IP addresses. This module is included in Python 3.3 and backport exists for previous versions.

This comment has been minimized.

@sebasmannem

sebasmannem May 10, 2018

Author

Yes, I like that module and I see the benefit in using that over my implementation. But I need some time on that.

This comment has been minimized.

@sebasmannem

sebasmannem May 11, 2018

Author

Modified in latest commit.

lib/ansible/modules/database/postgresql/pg_hba.py Outdated
self.create = False
self.unchanged()
# self.databases will be update by add_rule and gives some idea of the number of databases (at least that are handled by this pg_hba)
self.databases = set(['postgres', 'template0', 'template1'])

This comment has been minimized.

@pilou-

pilou- Jan 9, 2018

Contributor

postgres database could have been deleted.

lib/ansible/modules/database/postgresql/pg_hba.py Outdated
return tuple(ret)

def is_empty(self):
if len(self.rules) == 0:

This comment has been minimized.

@pilou-

pilou- Jan 9, 2018

Contributor

The if/else block be replaced by return not self.rules.

This comment has been minimized.

@sebasmannem

sebasmannem May 10, 2018

Author

I have enabled pylint and he tells me the same. Will fix all errors. This is fixed.

lib/ansible/modules/database/postgresql/pg_hba.py Outdated
return result

def changed(self):
if self.diff['before'] or self.diff['after']:

This comment has been minimized.

@pilou-

pilou- Jan 9, 2018

Contributor

this could be return self.diff['before'] or self.diff['after']

This comment has been minimized.

@sebasmannem

@sebasmannem sebasmannem force-pushed the sebasmannem:pg_hba branch May 10, 2018

@ansibot

This comment has been minimized.

Copy link
Contributor

ansibot commented May 10, 2018

The test ansible-test sanity --test pylint [explain] failed with 11 errors:

lib/ansible/modules/database/postgresql/pg_hba.py:234:22: ansible-format-automatic-specification Format string contains automatic field numbering specification
lib/ansible/modules/database/postgresql/pg_hba.py:307:22: ansible-format-automatic-specification Format string contains automatic field numbering specification
lib/ansible/modules/database/postgresql/pg_hba.py:316:0: anomalous-backslash-in-string Anomalous backslash in string: '\s'. String constant might be missing an r prefix.
lib/ansible/modules/database/postgresql/pg_hba.py:322:0: anomalous-backslash-in-string Anomalous backslash in string: '\.'. String constant might be missing an r prefix.
lib/ansible/modules/database/postgresql/pg_hba.py:339:0: anomalous-backslash-in-string Anomalous backslash in string: '\d'. String constant might be missing an r prefix.
lib/ansible/modules/database/postgresql/pg_hba.py:339:0: anomalous-backslash-in-string Anomalous backslash in string: '\s'. String constant might be missing an r prefix.
lib/ansible/modules/database/postgresql/pg_hba.py:339:0: anomalous-backslash-in-string Anomalous backslash in string: '\s'. String constant might be missing an r prefix.
lib/ansible/modules/database/postgresql/pg_hba.py:341:0: anomalous-backslash-in-string Anomalous backslash in string: '\d'. String constant might be missing an r prefix.
lib/ansible/modules/database/postgresql/pg_hba.py:341:0: anomalous-backslash-in-string Anomalous backslash in string: '\s'. String constant might be missing an r prefix.
lib/ansible/modules/database/postgresql/pg_hba.py:341:0: anomalous-backslash-in-string Anomalous backslash in string: '\s'. String constant might be missing an r prefix.
lib/ansible/modules/database/postgresql/pg_hba.py:342:0: anomalous-backslash-in-string Anomalous backslash in string: '\s'. String constant might be missing an r prefix.

The test ansible-test sanity --test validate-modules [explain] failed with 8 errors:

lib/ansible/modules/database/postgresql/pg_hba.py:0:0: E307 version_added should be 2.6. Currently 2.5
lib/ansible/modules/database/postgresql/pg_hba.py:0:0: E322 "dest" is listed in the argument_spec, but not documented in the module
lib/ansible/modules/database/postgresql/pg_hba.py:0:0: E324 Value for "default" from the argument_spec ('postgres') for "group" does not match the documentation (None)
lib/ansible/modules/database/postgresql/pg_hba.py:0:0: E324 Value for "default" from the argument_spec ('postgres') for "owner" does not match the documentation (None)
lib/ansible/modules/database/postgresql/pg_hba.py:0:0: E324 Value for "default" from the argument_spec (640) for "mode" does not match the documentation (None)
lib/ansible/modules/database/postgresql/pg_hba.py:0:0: E324 Value for "default" from the argument_spec (None) for "contype" does not match the documentation ('None')
lib/ansible/modules/database/postgresql/pg_hba.py:0:0: E325 argument_spec for "backup" defines type="bool" but documentation does not
lib/ansible/modules/database/postgresql/pg_hba.py:0:0: E325 argument_spec for "create" defines type="bool" but documentation does not

click here for bot help

@ansibot ansibot added the stale_ci label Jun 4, 2018

@kustodian

This comment has been minimized.

Copy link
Contributor

kustodian commented Feb 2, 2019

Would it make sense to rename this module to postgresql_hba, so that it has the same prefix as all Postgres modules?

@ansibot

This comment has been minimized.

@ansibot

This comment has been minimized.

Copy link
Contributor

ansibot commented Feb 13, 2019

@Andersson007

This comment has been minimized.

Copy link
Contributor

Andersson007 commented Feb 19, 2019

@sebasmannem Hello, I have a couple of questions for you:

  1. Can you complete this module if we make full reviews including manual tests?
  2. If you don't have enough time to do it soon, can anyone rewrite and complete this module later keeping your as an author?
    (the first point is the best choice because you are an author)

@sebasmannem sebasmannem force-pushed the sebasmannem:pg_hba branch from b3b7581 to 7f06b55 Feb 28, 2019

@sebasmannem

This comment has been minimized.

Copy link
Author

sebasmannem commented Feb 28, 2019

Hi, I have updated my pg_hba module:

  • Fixed a documentary thing (examples where broken / incomplete)
  • Renamed the module to postgresql_pg_hba
  • updated the version_added to 2.8
  • Added scram to methods
    Let's see what checks think, and after that I will bring it for review.
@sebasmannem

This comment has been minimized.

Copy link
Author

sebasmannem commented Feb 28, 2019

@Andersson007 : Do you happen to have any idea on why shippable is not running any checks?
Should somebody enable something?
Used to work up until May 2018.

@Andersson007

This comment has been minimized.

Copy link
Contributor

Andersson007 commented Feb 28, 2019

@sebasmannem I don't really know. Sometimes it happens. I think it depends on servers load. It will be handled later.

@ansibot

This comment has been minimized.

Copy link
Contributor

ansibot commented Feb 28, 2019

The test ansible-test sanity --test validate-modules [explain] failed with 1 error:

lib/ansible/modules/database/postgresql/postgresql_pg_hba.py:0:0: E319 RETURN.backup_file.type: not a valid value for dictionary value @ data['backup_file']['type']. Got 'string'

click here for bot help

@ansibot ansibot added the ci_verified label Feb 28, 2019

@Andersson007

This comment has been minimized.

Copy link
Contributor

Andersson007 commented Feb 28, 2019

you can check it locally before pushing, I'll sent you a short manual to your email during the next hour.
Done.

@sebasmannem sebasmannem force-pushed the sebasmannem:pg_hba branch from 7f06b55 to cbdcb32 Feb 28, 2019

@sebasmannem sebasmannem force-pushed the sebasmannem:pg_hba branch from cbdcb32 to 7b96a2b Feb 28, 2019

@Andersson007
Copy link
Contributor

Andersson007 left a comment

1. Formatting (these are recommendation from Ansible commiters):

1.0 Documentation = ''' => Documentation = r'''
Also for EXAMPLES and RETURN

Also we should add links to the official current documentation.

1.1

22 description:
23   - The fundamental function of the module is to create, or delete lines in pg_hba files.
24   - The lines in the file should be in a typical pg_hba form and lines should be unique per key (type, databases, users, source).
25     If they are not unique and the SID is 'the one to change', only one for C(state=present) or none for C(state=absent) of the SID's will remain.
26 extends_documentation_fragment: files

change it to (and so on to the end of the Documentation)

description:
- The fundamental function of the module is to create, or delete lines in pg_hba files.
- The lines in the file should be in a typical pg_hba form and lines should be unique per key (type, databases, users, source).
- If they are not unique and the SID is 'the one to change', only one for C(state=present) or none for C(state=absent) of the SID's will remain.
extends_documentation_fragment: files

90 notes:
91   - The default authentication assumes that on the host, you are either logging in as or

to

notes:
- The default authentication assumes that on the host, you are either logging in as or

also "requirements"

1.2 I(type)=C(local) => I(type=local), also C(state=present) => I(state=present), etc.

1.3

35 aliases: [ 'source', 'src' ] => aliases: [ source, src ]
64 choices: [ "trust", "reject", "md5", "password", "gss", "sspi", "krb5", "ident", "peer", "ldap", "radius", "cert", "pam", "scram-sha-256" ] => ... needs to be without quotes + use the alphabetical order
51 choices: [ "local", "host", "hostssl", "hostnossl", "" ] => choices: [ host, hostssl, hostnossl, local ]
...
Seems it's None by default, so, you don't need to pass an empty string

1.4 Add a type for each option and remove empty default values:

  options:
    description:
      - Additional options for the authentication I(method).
    default: ""

change to

69  options:
70    description:
71      - Additional options for the authentication I(method).
72    type: "str"

1.5 IMO, needs the more detailed description

69  options:
70    description:
71      - Additional options for the authentication I(method).
72    default: ""

1.6 Better to add more examples (with using each param; for detailed descriptions, use comments "# ..." above "- name:" where needed.

1.7 If there are mutually exclusive params, needs to notice about it in the documentation and check in the code. There is a special method to do this.

1.8 Needs to be changed

612    if not HAS_IPADDRESS:
613        module.fail_json(msg='Missing required libraries.')

to something like this:

    if not HAS_PSYCOPG2:
        module.fail_json(msg=missing_required_lib('psycopg2'), exception=PSYCOPG2_IMP_ERR)

1.9 The common way is to use to_native(e):

633    try:
634        pg_hba = PgHba(dest, order, backup=backup, create=create)
635    except PgHbaError as error:
636        module.fail_json(msg='Error reading file:\n{0}'.format(error))

for example:

    except Exception as e:
        module.fail_json(msg="unable to connect to database: %s" % to_native(e))

===
2. The code & logic

2.1 Maybe change the option backup: yes|no, to backup_file: '/path/to/file', type: 'path' ?

2.2 Maybe better to add a warning if the file doesn't exist?

42  create:
43    description:
44      - Create an C(pg_hba) file if none exists.
45      - When set to false, an error is raised when the C(pg_hba) file doesn't exist.
46    default: false
47    type: bool

2.3 Better check the database availability using psycopg2 to be able to reload the server configuration

2.4 We discussed it, probably we should use psycopg2 to check the location of pg_hba.conf if dest is not passed.

56  dest:
57    description:
58      - Path to C(pg_hba) file to modify.
60    required: true

2.5 Maybe to allow passing netmask with ipaddr like 10.10.10.1/32 ?

65  netmask:
66    description:
67      - The netmask of the source address.
68    default: ""

2.6 Remove default=None/"", etc. from module = AnsibleModule(argument_spec=dict(

2.7 Devide tests by spaces, add ignore_errors and assertions after each test (IMO, this is easy to sort out), etc.
You can use for test/integration/targets/postgresql/tasks/postgresql_idx.yml or test/integration/targets/postgresql/tasks/postgresql_query.yml for anology

Also your suggestions from our conversation sound good, particularly:

  • logs in using psycopg2.
  • Detects PGDATA from that
  • Changes pg_hba in that location (basically the way it currently works)
  • Runs pg_reload_conf()
  • Checks select * from pg_hba_file_rules where error is not null; (this is a PG10 feature, though)

Waiting for fixes and implementations.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.