diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3b0a927fb..f983ba6f2 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -48,7 +48,7 @@ jobs: # - distro: rockylinux9 - distro: debian11 - distro: debian12 - - distro: ubuntu2004 + # - distro: ubuntu2004 - distro: ubuntu2204 - distro: ubuntu2404 diff --git a/tasks/users_privileges.yml b/tasks/users_privileges.yml index 94aaea245..ad0af2f8f 100644 --- a/tasks/users_privileges.yml +++ b/tasks/users_privileges.yml @@ -1,11 +1,10 @@ # file: postgresql/tasks/users_privileges.yml -- name: PostgreSQL | Update the user privileges +- name: PostgreSQL | Update users postgresql_user: name: "{{item.name}}" - db: "{{item.db | default(omit)}}" - port: "{{postgresql_port}}" - priv: "{{item.priv | default(omit)}}" + login_db: "{{item.db | default(omit)}}" + port: "{{ postgresql_port }}" state: present login_host: "{{item.host | default(omit)}}" login_user: "{{postgresql_admin_user}}" @@ -14,3 +13,19 @@ become_user: "{{postgresql_admin_user}}" with_items: "{{postgresql_user_privileges}}" when: postgresql_users|length > 0 + +- name: PostgreSQL | Grant privileges on databases/tables + postgresql_privs: + database: "{{item.db}}" + type: "{{item.priv_type}}" + privs: "{{item.priv | default(omit)}}" + roles: "{{item.name}}" + objs: "{{item.objs | default(omit)}}" + state: present + login_host: "{{item.host | default(omit)}}" + login_user: "{{postgresql_admin_user}}" + port: "{{postgresql_port}}" + become: yes + become_user: "{{postgresql_admin_user}}" + with_items: "{{postgresql_user_privileges}}" + when: postgresql_users|length > 0 and item.type is defined diff --git a/tests/playbook.yml b/tests/playbook.yml index 07ad2478a..9a80c28ef 100644 --- a/tests/playbook.yml +++ b/tests/playbook.yml @@ -5,5 +5,8 @@ vars_files: - ./vars.yml - ./vars.{{ ansible_distribution }}.{{ ansible_distribution_major_version }}.yml + # roles: + # - postgresql roles: - - postgresql + - role: ../../ +