Made the 'TRIGGER'privilege of mysqldump backups depend on whether or not we are actually backing up triggers

2015-04-30 12:37:38 -06:00 · 2015-04-30 12:37:38 -06:00 · 49f273a42c
commit 49f273a42c
parent ec14b87a81
2 changed files with 25 additions and 6 deletions
--- a/manifests/backup/mysqldump.pp
+++ b/manifests/backup/mysqldump.pp
@ -26,12 +26,22 @@ class mysql::backup::mysqldump (
    require       => Class['mysql::server::root_password'],
  }

-  mysql_grant { "${backupuser}@localhost/*.*":
-    ensure     => $ensure,
-    user       => "${backupuser}@localhost",
-    table      => '*.*',
-    privileges => [ 'SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS', 'TRIGGER' ],
-    require    => Mysql_user["${backupuser}@localhost"],
+  if $include_triggers {
+    mysql_grant { "${backupuser}@localhost/*.*":
+      ensure     => $ensure,
+      user       => "${backupuser}@localhost",
+      table      => '*.*',
+      privileges => [ 'SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS', 'TRIGGER' ],
+      require    => Mysql_user["${backupuser}@localhost"],
+    }
+  } else {
+    mysql_grant { "${backupuser}@localhost/*.*":
+      ensure     => $ensure,
+      user       => "${backupuser}@localhost",
+      table      => '*.*',
+      privileges => [ 'SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS' ],
+      require    => Mysql_user["${backupuser}@localhost"],
+    }
  }

  cron { 'mysql-backup':
--- a/spec/classes/mysql_server_backup_spec.rb
+++ b/spec/classes/mysql_server_backup_spec.rb
@ -27,6 +27,15 @@ describe 'mysql::server::backup' do
            :privileges => ['SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS', 'TRIGGER']
          ).that_requires('Mysql_user[testuser@localhost]') }

+          context 'with triggers excluded' do
+            let(:params) do
+              { :include_triggers => false }.merge(default_params)
+            end
+            it { is_expected.to contain_mysql_grant('testuser@localhost/*.*').with(
+              :privileges => ['SELECT', 'RELOAD', 'LOCK TABLES', 'SHOW VIEW', 'PROCESS']
+            ).that_requires('Mysql_user[testuser@localhost]') }
+          end
+
          it { is_expected.to contain_cron('mysql-backup').with(
            :command => '/usr/local/sbin/mysqlbackup.sh',
            :ensure  => 'present'