MODULES-8373 Fix mysql_grant resource to be idempodent on MySQL 8+

When the MySQL module is used against MySQL8, mysql_grant is no more idempodent.
This is because MySQL 8+ no more returns "ALL" for SHOW GRANTS, when all privileges
are granted. Instead, the separate privileges are shown.
Unfortunately, the tests were just adapted to not error in this situation.
This commit aims to fix the issue and also fixes the tests.

Author: Andre Ponert

lib/puppet/provider/mysql_grant/mysql.rb

@@ -45,6 +45,10 @@ def self.instances
             (priv == 'ALL PRIVILEGES') ? 'ALL' : priv.strip
           end
         end
+        sorted_privileges = stripped_privileges.sort
+        if self.newer_than('mysql' => '8.0.0')
+          sorted_privileges = (sorted_privileges == ['ALTER', 'ALTER ROUTINE', 'CREATE', 'CREATE ROLE', 'CREATE ROUTINE', 'CREATE TABLESPACE', 'CREATE TEMPORARY TABLES', 'CREATE USER', 'CREATE VIEW', 'DELETE', 'DROP', 'DROP ROLE', 'EVENT', 'EXECUTE', 'FILE', 'INDEX', 'INSERT', 'LOCK TABLES', 'PROCESS', 'REFERENCES', 'RELOAD', 'REPLICATION CLIENT', 'REPLICATION SLAVE', 'SELECT', 'SHOW DATABASES', 'SHOW VIEW', 'SHUTDOWN', 'SUPER', 'TRIGGER', 'UPDATE']) ? ['ALL'] : sorted_privileges
+        end
         # Same here, but to remove OPTION leaving just GRANT.
         options = if %r{WITH\sGRANT\sOPTION}.match?(rest)
                     ['GRANT']
@@ -57,7 +61,7 @@ def self.instances
         instances << new(
           name: "#{user}@#{host}/#{table}",
           ensure: :present,
-          privileges: stripped_privileges.sort,
+          privileges: sorted_privileges,
           table: table,
           user: "#{user}@#{host}",
           options: options,

spec/acceptance/00_mysql_server_spec.rb

@@ -39,7 +39,7 @@ class { 'mysql::server':
           databases => {
             'somedb' => {
               ensure  => 'present',
-              charset => 'utf8',
+              charset => #{$charset},
             },
           }
         }

spec/acceptance/01_mysql_db_spec.rb

@@ -4,6 +4,7 @@
 
 describe 'mysql::db define' do
   describe 'creating a database' do
+
     let(:pp) do
       <<-MANIFEST
         class { 'mysql::server':
@@ -14,6 +15,7 @@ class { 'mysql::server':
         mysql::db { 'spec1':
           user            => 'root1',
           password        => 'password',
+          charset         => #{$charset},
         }
       MANIFEST
     end
@@ -42,6 +44,7 @@ class { 'mysql::server': override_options => { 'root_password' => 'password' } }
           user     => 'root1',
           password => 'password',
           sql      => '/tmp/spec.sql',
+          charset  => #{$charset},
         }
       MANIFEST
     end
@@ -66,6 +69,7 @@ class { 'mysql::server': override_options => { 'root_password' => 'password' } }
           user     => 'root1',
           password => 'password',
           dbname   => 'realdb',
+          charset  => #{$charset},
         }
       MANIFEST
     end

spec/acceptance/04_mysql_backup_spec.rb

@@ -12,6 +12,7 @@ class { 'mysql::server': root_password => 'password' }
         ]:
           user     => 'backup',
           password => 'secret',
+          charset  => #{$charset},
         }
 
         class { 'mysql::server::backup':
@@ -72,6 +73,7 @@ class { 'mysql::server': root_password => 'password' }
           ]:
             user     => 'backup',
             password => 'secret',
+            charset  => #{$charset},
           }
 
           class { 'mysql::server::backup':
@@ -136,6 +138,7 @@ class { 'mysql::server': root_password => 'password' }
           ]:
             user     => 'backup',
             password => 'secret',
+            charset  => #{$charset},
           }
           case $facts['os']['family'] {
             /Debian/: {
@@ -260,6 +263,7 @@ class { 'mysql::server': root_password => 'password' }
           ]:
             user     => 'backup',
             password => 'secret',
+            charset  => #{$charset},
           }
           case $facts['os']['family'] {
             /Debian/: {

spec/acceptance/types/mysql_database_spec.rb

@@ -15,7 +15,8 @@ class { 'mysql::server': }
   describe 'creating database' do
     pp = <<-MANIFEST
         mysql_database { 'spec_db':
-          ensure => present,
+          ensure  => present,
+          charset => #{$charset},
         }
     MANIFEST
     it 'works without errors' do
@@ -37,7 +38,7 @@ class { 'mysql::server': }
           collate => 'latin1_swedish_ci',
         }
         mysql_database { 'spec_utf8':
-          charset => 'utf8',
+          charset => #{$charset},
           collate => 'utf8_general_ci',
         }
     MANIFEST
@@ -54,7 +55,7 @@ class { 'mysql::server': }
 
     it 'finds utf8 db #stdout' do
       run_shell("mysql -NBe \"SHOW VARIABLES LIKE '%_database'\" spec_utf8") do |r|
-        expect(r.stdout).to match(%r{^character_set_database\tutf8\ncollation_database\tutf8_general_ci$})
+        expect(r.stdout).to match(%r{^character_set_database\tutf8(mb3)?\ncollation_database\tutf8_general_ci$})
         expect(r.stderr).to be_empty
       end
     end

spec/acceptance/types/mysql_grant_spec.rb

@@ -268,51 +268,13 @@ class { 'mysql::server':
     end
   end
 
-  # On Ubuntu 20.04 'ALL' now returns as the sum of it's constitute parts and so require a specific test
-  describe 'ALL privilege on newer MySQL versions', if: os[:family] == 'ubuntu' && os[:release] =~ %r{^20\.04} do
-    pp_one = <<-MANIFEST
-        mysql_user { 'all@localhost':
-          ensure => present,
-        }
-        mysql_grant { 'all@localhost/*.*':
-          user       => 'all@localhost',
-          privileges => ['ALL'],
-          table      => '*.*',
-          require    => Mysql_user['all@localhost'],
-        }
-    MANIFEST
-    it "create ['ALL'] privs" do
-      apply_manifest(pp_one, catch_failures: true)
-    end
-
-    pp_two = <<-MANIFEST
-        mysql_user { 'all@localhost':
-          ensure => present,
-        }
-        mysql_grant { 'all@localhost/*.*':
-          user       => 'all@localhost',
-          privileges => ['ALTER', 'ALTER ROUTINE', 'CREATE', 'CREATE ROLE', 'CREATE ROUTINE', 'CREATE TABLESPACE', 'CREATE TEMPORARY TABLES', 'CREATE USER', 'CREATE VIEW', 'DELETE', 'DROP', 'DROP ROLE', 'EVENT', 'EXECUTE', 'FILE', 'INDEX', 'INSERT', 'LOCK TABLES', 'PROCESS', 'REFERENCES', 'RELOAD', 'REPLICATION CLIENT', 'REPLICATION SLAVE', 'SELECT', 'SHOW DATABASES', 'SHOW VIEW', 'SHUTDOWN', 'SUPER', 'TRIGGER', 'UPDATE'],
-          table      => '*.*',
-          require    => Mysql_user['all@localhost'],
-        }
-    MANIFEST
-    it "create ['ALL'] constitute parts privs" do
-      apply_manifest(pp_two, catch_changes: true)
-    end
-  end
-
   describe 'complex test' do
-    # On Ubuntu 20.04 'ALL' now returns as the sum of it's constitute parts and so is no longer idempotent when set
-    privileges = if os[:family] == 'ubuntu' && os[:release] =~ %r{^20\.04}
-                   "['SELECT', 'INSERT', 'UPDATE']"
-                 else
-                   "['ALL']"
-                 end
     pp = <<-MANIFEST
         $dbSubnet = '10.10.10.%'
 
         mysql_database { 'foo':
-          ensure => present,
+          ensure  => present,
+          charset => '#{$charset}',
         }
 
         exec { 'mysql-create-table':
@@ -325,7 +287,7 @@ class { 'mysql::server':
         Mysql_grant {
           ensure     => present,
           options    => ['GRANT'],
-          privileges => #{privileges},
+          privileges => ['ALL'],
           table      => '*.*',
           require    => [ Mysql_database['foo'], Exec['mysql-create-table'] ],
         }
@@ -724,6 +686,7 @@ class { 'mysql::server': override_options => { 'root_password' => 'password' } }
           user     => 'root1',
           password => 'password',
           sql      => '/tmp/grant_spec_table.sql',
+          charset  => #{$charset},
         }
     MANIFEST
     it 'creates table' do

spec/spec_helper_acceptance.rb

@@ -4,3 +4,10 @@
 require 'spec_helper_acceptance_local' if File.file?(File.join(File.dirname(__FILE__), 'spec_helper_acceptance_local.rb'))
 
 PuppetLitmus.configure!
+
+# On Ubuntu 20.04 'utf8' charset now sets 'utf8mb3' internally and breaks idempotence
+$charset = if os[:family] == 'ubuntu' && os[:release] =~ %r{^20\.04}
+                "utf8mb3"
+             else
+               "utf8"
+             end