From 3009a761824c1beb6211e099ce189deb708cc2aa Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Peter=20J=C3=BAno=C5=A1?= <petoju@gmail.com>
Date: Mon, 5 Sep 2022 21:27:12 +0200
Subject: [PATCH] Explicitly skip tls_option=none for grants

That removes SSL requirements from the user, so let's be careful about
that.
As none is the default, we'll skip it here.
---
 mysql/resource_grant.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mysql/resource_grant.go b/mysql/resource_grant.go
index 70cb0245d..7fe21a5e3 100644
--- a/mysql/resource_grant.go
+++ b/mysql/resource_grant.go
@@ -229,7 +229,7 @@ func CreateGrant(d *schema.ResourceData, meta interface{}) error {
 		userOrRole)
 
 	// MySQL 8+ doesn't allow REQUIRE on a GRANT statement.
-	if !hasRoles && d.Get("tls_option").(string) != "" {
+	if !hasRoles && d.Get("tls_option").(string) != "" && strings.ToLower(d.Get("tls_option").(string)) != "none" {
 		stmtSQL += fmt.Sprintf(" REQUIRE %s", d.Get("tls_option").(string))
 	}