sessionctx/variable: change default_authentication_plugin from mysql_native_password to caching_sha2_password

[ei-sugimoto]

Since caching_sha2_password is safer than the default mysql_native_password, it is better for tidb to support this compatibility with MySQL

What problem does this PR solve?

Issue Number: close #54138

Problem Summary:

What changed and how does it work?

Check List

Tests

• Unit test
• Integration test
• Manual test (add detailed scripts or steps below)
• No need to test

  • I checked and no code files have been changed.

Side effects

• Performance regression: Consumes more CPU
• Performance regression: Consumes more Memory
• Breaking backward compatibility

Documentation

• Affects user behaviors
• Contains syntax changes
• Contains variable changes
• Contains experimental features
• Changes MySQL compatibility

Release note

Please refer to Release Notes Language Style Guide to write a quality release note.

None

[ti-chi-bot]

Hi @ei-sugimoto. Thanks for your PR.

I'm waiting for a pingcap member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[tiprow]

Hi @ei-sugimoto. Thanks for your PR.

PRs from untrusted users cannot be marked as trusted with /ok-to-test in this repo meaning untrusted PR authors can never trigger tests themselves. Collaborators can still trigger tests on the PR using /test all.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[hawkingrei]

/ok-to-test

[codecov]

Codecov Report

Attention: Patch coverage is 71.42857% with 2 lines in your changes missing coverage. Please review.

Project coverage is 70.0640%. Comparing base (7cdf918) to head (ca717b7).

Additional details and impacted files

@@               Coverage Diff                @@
##             master     #54326        +/-   ##
================================================
- Coverage   72.8268%   70.0640%   -2.7628%     
================================================
  Files          1560       1567         +7     
  Lines        438616     467966     +29350     
================================================
+ Hits         319430     327876      +8446     
- Misses        99584     119427     +19843     
- Partials      19602      20663      +1061     

Flag	Coverage Δ
integration	18.9137% <0.0000%> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

Components	Coverage Δ
dumpling	52.9122% <ø> (-0.0445%)	⬇️
parser	∅ <ø> (∅)
br	45.5761% <ø> (-0.3030%)	⬇️

[ti-chi-bot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign easonn7, glorv for approval, ensuring that each of them provides their approval before proceeding. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS
• pkg/sessionctx/variable/OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[CbcWestwolf]

Please write in English in any string literal or code comment

[CbcWestwolf]

Hi, please refer to the update part in the issue description. Let's just change the code here like

diff --git a/pkg/executor/simple.go b/pkg/executor/simple.go
index 56432c4556..87c2f9b102 100644
--- a/pkg/executor/simple.go
+++ b/pkg/executor/simple.go
@@ -1151,7 +1151,10 @@ func (e *SimpleExec) executeCreateUser(ctx context.Context, s *ast.CreateUserStm
                        e.Ctx().GetSessionVars().StmtCtx.AppendNote(err)
                        continue
                }
-               authPlugin := mysql.AuthNativePassword
+               authPlugin, err := e.Ctx().GetSessionVars().GlobalVarsAccessor.GetGlobalSysVar(variable.DefaultAuthPlugin)
+               if err != nil {
+                       return err
+               }
                if spec.AuthOpt != nil && spec.AuthOpt.AuthPlugin != "" {
                        authPlugin = spec.AuthOpt.AuthPlugin
                }

[ti-chi-bot]

[LGTM Timeline notifier]

Timeline:

• 2024-07-04 13:44:01.719019647 +0000 UTC m=+1504768.204508479: ✖️🔁 reset by CbcWestwolf.

[ti-chi-bot]

[FORMAT CHECKER NOTIFICATION]

Notice: To remove the do-not-merge/needs-tests-checked label, please finished the tests then check the finished items in description.

For example:

Tests

• Unit test
• Integration test
• Manual test (add detailed scripts or steps below)
• No code

_{📖 For more info, you can check the "Contribute Code" section in the development guide.}

[tiprow]

@ei-sugimoto: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
fast_test_tiprow	ca717b7	link	true	/test fast_test_tiprow

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[ti-chi-bot]

@ei-sugimoto: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
idc-jenkins-ci-tidb/unit-test	ca717b7	link	true	/test unit-test
idc-jenkins-ci-tidb/mysql-test	ca717b7	link	true	/test mysql-test
idc-jenkins-ci-tidb/check_dev	ca717b7	link	true	/test check-dev
idc-jenkins-ci-tidb/check_dev_2	ca717b7	link	true	/test check-dev2

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.