search

hashicorp / terraform-provider-mysql

Terraform MySQL provider – This Terraform provider is archived per our provider archiving process: https://terraform.io/docs/internals/archiving.html
https://www.terraform.io/docs/providers/mysql/
Mozilla Public License 2.0
61 stars 189 forks source link

Provider is unable to change password for user using RDS MariaDB in version 10.0-10.1 #18

Closed krogon-dp closed 6 years ago

krogon-dp commented 7 years ago

Hi there,

Terraform Version

Terraform v0.10.7

Affected Resource(s)

Please list the resources as a list, for example:

Terraform Configuration Files

variable "jonny_password" {}

provider "mysql" {
  endpoint = "rds.aaaaaaaaaaaa.eu-west-1.rds.amazonaws.com:3306"
  username = "rds"
  password = "my-secret-pw"
}

resource "mysql_user" "account" {
  user     = "jonny"
  host     = "%"
  password = "${var.jonny_password}"
}

Debug Output

* mysql_user.account: 1 error(s) occurred:

* mysql_user.account: Received #1064 error from MySQL server: "You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'USER 'jonny'@'%' IDENTIFIED BY 'password2'' at line 1"

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

  1. Run RDS with MariaDB backend (10.0 or 10.1)
  2. terraform apply -var 'jonny_password=password1'
  3. terraform apply -var 'jonny_password=password2'

Important Factoids

Important. Test with MariaDB on RDS. Local MariaDB may suffer from https://github.com/terraform-providers/terraform-provider-mysql/issues/6 (server version contains illegal ~ character). As RDS instances does not include this character it is possible to connect to them.

The problem is that MariaDB versioning went above 10.X, while still basing on MySQL 5.6. That's why this conditional forces to use ALTER USER instead of SET PASSWORD. https://github.com/terraform-providers/terraform-provider-mysql/blob/bcf57cf35e2c4c2c9ed7a402c578327a4095c5df/mysql/resource_user.go#L97 MariaDB 10.2.X is already based 5.7 , but it is not yet available at RDS.

Instead of big change switching to alternative sql client https://github.com/terraform-providers/terraform-provider-mysql/issues/7#issuecomment-332924870 it should work just to check for innodb_version available on both engines. https://github.com/terraform-providers/terraform-provider-mysql/blob/b3cce7f4b0f17d046d822176b74b8c8ff3d82c1b/mysql/provider.go#L107

mysql> select version();
+-----------------+
| version()       |
+-----------------+
| 10.0.24-MariaDB |
+-----------------+
1 row in set (0.04 sec)

mysql> select @@GLOBAL.innodb_version;
+-------------------------+
| @@GLOBAL.innodb_version |
+-------------------------+
| 5.6.28-76.1             |
+-------------------------+
1 row in set (0.05 sec)