perf: Upgrade ansible postgresql

2 months ago · ee8d7cdcac
17 changed files with 22 additions and 14 deletions
--- a/4
+++ b/4
@ -43,14 +43,18 @@ RUN set -ex \
 WORKDIR /opt/jumpserver
 ARG PIP_MIRROR=https://pypi.org/simple
 ENV ANSIBLE_COLLECTIONS_PATHS=/opt/py3/lib/python3.11/site-packages/ansible_collections
 RUN --mount=type=cache,target=/root/.cache,sharing=locked,id=core \
    --mount=type=bind,source=poetry.lock,target=poetry.lock \
    --mount=type=bind,source=pyproject.toml,target=pyproject.toml \
    --mount=type=bind,source=utils/clean_site_packages.sh,target=clean_site_packages.sh \
    --mount=type=bind,source=requirements/collections.yml,target=collections.yml \
    set -ex \
    && python3 -m venv /opt/py3 \
    && pip install poetry -i ${PIP_MIRROR} \
    && poetry config virtualenvs.create false \
    && . /opt/py3/bin/activate \
    && poetry install --only main \
    && ansible-galaxy collection install -r collections.yml --force --ignore-certs \
    && bash clean_site_packages.sh
--- a/apps/accounts/automations/change_secret/database/mysql/main.yml
+++ b/apps/accounts/automations/change_secret/database/mysql/main.yml
@ -6,7 +6,7 @@
    check_ssl: "{{ jms_asset.spec_info.use_ssl and not jms_asset.spec_info.allow_invalid_cert }}"
    ca_cert: "{{ jms_asset.secret_info.ca_cert | default('') }}"
    ssl_cert: "{{ jms_asset.secret_info.client_cert | default('') }}"
-    ssl_key: "{{ jms_asset.secret_info.client_cert | default('') }}"
+    ssl_key: "{{ jms_asset.secret_info.client_key | default('') }}"
  tasks:
    - name: Test MySQL connection
--- a/apps/accounts/automations/change_secret/database/postgresql/main.yml
+++ b/apps/accounts/automations/change_secret/database/postgresql/main.yml
@ -6,7 +6,7 @@
    check_ca: "{{ check_ssl and not jms_asset.spec_info.allow_invalid_cert }}"
    ca_cert: "{{ jms_asset.secret_info.ca_cert | default('') }}"
    ssl_cert: "{{ jms_asset.secret_info.client_cert | default('') }}"
-    ssl_key: "{{ jms_asset.secret_info.client_cert | default('') }}"
+    ssl_key: "{{ jms_asset.secret_info.client_key | default('') }}"
  tasks:
    - name: Test PostgreSQL connection
--- a/apps/accounts/automations/gather_accounts/database/mysql/main.yml
+++ b/apps/accounts/automations/gather_accounts/database/mysql/main.yml
@ -5,7 +5,7 @@
    check_ssl: "{{ jms_asset.spec_info.use_ssl and not jms_asset.spec_info.allow_invalid_cert }}"
    ca_cert: "{{ jms_asset.secret_info.ca_cert | default('') }}"
    ssl_cert: "{{ jms_asset.secret_info.client_cert | default('') }}"
-    ssl_key: "{{ jms_asset.secret_info.client_cert | default('') }}"
+    ssl_key: "{{ jms_asset.secret_info.client_key | default('') }}"
  tasks:
    - name: Get info
--- a/apps/accounts/automations/gather_accounts/database/postgresql/main.yml
+++ b/apps/accounts/automations/gather_accounts/database/postgresql/main.yml
@ -6,7 +6,7 @@
    check_ca: "{{ check_ssl and not jms_asset.spec_info.allow_invalid_cert }}"
    ca_cert: "{{ jms_asset.secret_info.ca_cert | default('') }}"
    ssl_cert: "{{ jms_asset.secret_info.client_cert | default('') }}"
-    ssl_key: "{{ jms_asset.secret_info.client_cert | default('') }}"
+    ssl_key: "{{ jms_asset.secret_info.client_key | default('') }}"
  tasks:
    - name: Get info
--- a/apps/accounts/automations/push_account/database/mysql/main.yml
+++ b/apps/accounts/automations/push_account/database/mysql/main.yml
@ -6,7 +6,7 @@
    check_ssl: "{{ jms_asset.spec_info.use_ssl and not jms_asset.spec_info.allow_invalid_cert }}"
    ca_cert: "{{ jms_asset.secret_info.ca_cert | default('') }}"
    ssl_cert: "{{ jms_asset.secret_info.client_cert | default('') }}"
-    ssl_key: "{{ jms_asset.secret_info.client_cert | default('') }}"
+    ssl_key: "{{ jms_asset.secret_info.client_key | default('') }}"
  tasks:
    - name: Test MySQL connection
--- a/apps/accounts/automations/push_account/database/postgresql/main.yml
+++ b/apps/accounts/automations/push_account/database/postgresql/main.yml
@ -6,7 +6,7 @@
    check_ca: "{{ check_ssl and not jms_asset.spec_info.allow_invalid_cert }}"
    ca_cert: "{{ jms_asset.secret_info.ca_cert | default('') }}"
    ssl_cert: "{{ jms_asset.secret_info.client_cert | default('') }}"
-    ssl_key: "{{ jms_asset.secret_info.client_cert | default('') }}"
+    ssl_key: "{{ jms_asset.secret_info.client_key | default('') }}"
  tasks:
    - name: Test PostgreSQL connection
--- a/apps/accounts/automations/remove_account/database/mysql/main.yml
+++ b/apps/accounts/automations/remove_account/database/mysql/main.yml
@ -5,7 +5,7 @@
    check_ssl: "{{ jms_asset.spec_info.use_ssl and not jms_asset.spec_info.allow_invalid_cert }}"
    ca_cert: "{{ jms_asset.secret_info.ca_cert | default('') }}"
    ssl_cert: "{{ jms_asset.secret_info.client_cert | default('') }}"
-    ssl_key: "{{ jms_asset.secret_info.client_cert | default('') }}"
+    ssl_key: "{{ jms_asset.secret_info.client_key | default('') }}"
  tasks:
    - name: "Remove account"
--- a/apps/accounts/automations/remove_account/database/postgresql/main.yml
+++ b/apps/accounts/automations/remove_account/database/postgresql/main.yml
@ -6,7 +6,7 @@
    check_ca: "{{ check_ssl and not jms_asset.spec_info.allow_invalid_cert }}"
    ca_cert: "{{ jms_asset.secret_info.ca_cert | default('') }}"
    ssl_cert: "{{ jms_asset.secret_info.client_cert | default('') }}"
-    ssl_key: "{{ jms_asset.secret_info.client_cert | default('') }}"
+    ssl_key: "{{ jms_asset.secret_info.client_key | default('') }}"
  tasks:
    - name: "Remove account"
--- a/apps/accounts/automations/verify_account/database/mysql/main.yml
+++ b/apps/accounts/automations/verify_account/database/mysql/main.yml
@ -5,7 +5,7 @@
    check_ssl: "{{ jms_asset.spec_info.use_ssl and not jms_asset.spec_info.allow_invalid_cert }}"
    ca_cert: "{{ jms_asset.secret_info.ca_cert | default('') }}"
    ssl_cert: "{{ jms_asset.secret_info.client_cert | default('') }}"
-    ssl_key: "{{ jms_asset.secret_info.client_cert | default('') }}"
+    ssl_key: "{{ jms_asset.secret_info.client_key | default('') }}"
  tasks:
    - name: Verify account
--- a/apps/accounts/automations/verify_account/database/postgresql/main.yml
+++ b/apps/accounts/automations/verify_account/database/postgresql/main.yml
@ -6,7 +6,7 @@
    check_ca: "{{ check_ssl and not jms_asset.spec_info.allow_invalid_cert }}"
    ca_cert: "{{ jms_asset.secret_info.ca_cert | default('') }}"
    ssl_cert: "{{ jms_asset.secret_info.client_cert | default('') }}"
-    ssl_key: "{{ jms_asset.secret_info.client_cert | default('') }}"
+    ssl_key: "{{ jms_asset.secret_info.client_key | default('') }}"
  tasks:
    - name: Verify account
--- a/apps/assets/automations/base/manager.py
+++ b/apps/assets/automations/base/manager.py
@ -170,6 +170,7 @@ class BasePlaybookManager:
            result = self.write_cert_to_file(
                os.path.join(cert_dir, f), specific.get(f)
            )
            os.chmod(result, 0o600)
            host['jms_asset']['secret_info'][f] = result
        return host
--- a/apps/assets/automations/gather_facts/database/mysql/main.yml
+++ b/apps/assets/automations/gather_facts/database/mysql/main.yml
@ -5,7 +5,7 @@
    check_ssl: "{{ jms_asset.spec_info.use_ssl and not jms_asset.spec_info.allow_invalid_cert }}"
    ca_cert: "{{ jms_asset.secret_info.ca_cert | default('') }}"
    ssl_cert: "{{ jms_asset.secret_info.client_cert | default('') }}"
-    ssl_key: "{{ jms_asset.secret_info.client_cert | default('') }}"
+    ssl_key: "{{ jms_asset.secret_info.client_key | default('') }}"
  tasks:
    - name: Get info
--- a/apps/assets/automations/gather_facts/database/postgresql/main.yml
+++ b/apps/assets/automations/gather_facts/database/postgresql/main.yml
@ -6,7 +6,7 @@
    check_ca: "{{ check_ssl and not jms_asset.spec_info.allow_invalid_cert }}"
    ca_cert: "{{ jms_asset.secret_info.ca_cert | default('') }}"
    ssl_cert: "{{ jms_asset.secret_info.client_cert | default('') }}"
-    ssl_key: "{{ jms_asset.secret_info.client_cert | default('') }}"
+    ssl_key: "{{ jms_asset.secret_info.client_key | default('') }}"
  tasks:
    - name: Get info
--- a/apps/assets/automations/ping/database/mysql/main.yml
+++ b/apps/assets/automations/ping/database/mysql/main.yml
@ -5,7 +5,7 @@
    check_ssl: "{{ jms_asset.spec_info.use_ssl and not jms_asset.spec_info.allow_invalid_cert }}"
    ca_cert: "{{ jms_asset.secret_info.ca_cert | default('') }}"
    ssl_cert: "{{ jms_asset.secret_info.client_cert | default('') }}"
-    ssl_key: "{{ jms_asset.secret_info.client_cert | default('') }}"
+    ssl_key: "{{ jms_asset.secret_info.client_key | default('') }}"
  tasks:
    - name: Test MySQL connection
--- a/apps/assets/automations/ping/database/postgresql/main.yml
+++ b/apps/assets/automations/ping/database/postgresql/main.yml
@ -6,7 +6,7 @@
    check_ca: "{{ check_ssl and not jms_asset.spec_info.allow_invalid_cert }}"
    ca_cert: "{{ jms_asset.secret_info.ca_cert | default('') }}"
    ssl_cert: "{{ jms_asset.secret_info.client_cert | default('') }}"
-    ssl_key: "{{ jms_asset.secret_info.client_cert | default('') }}"
+    ssl_key: "{{ jms_asset.secret_info.client_key | default('') }}"
  tasks:
    - name: Test PostgreSQL connection
--- a/requirements/collections.yml
+++ b/requirements/collections.yml
@ -0,0 +1,3 @@
 collections:
  - name: community.postgresql
    version: 2.4.0