From 5283779cf2aa510c0b6e471b029bd9a3037f7665 2020-12-23 22:20:08
From: Branko Majic <branko@majic.rs>
Date: 2020-12-23 22:20:08
Subject: [PATCH] MAR-168: Clean-up references to database_server root password:

- Updated role reference documentation.
- Updated usage instructions.
- Updated test configurations.
- Remvoed unused files/variables.
- Updated test site configuration.

---

diff --git a/docs/rolereference.rst b/docs/rolereference.rst
index 00286d3c22b478b56a8458af8cae22ca99d5ee0a..3840399d205c77bbd201d575f79c19ed5bf1ea6e 100644
--- a/docs/rolereference.rst
+++ b/docs/rolereference.rst
@@ -2000,16 +2000,8 @@ The role implements the following:
 
 * Installs MariaDB server and client.
 * Configures MariaDB server and client to use *UTF-8* encoding by default.
-* Sets password for the database root user.
-
-.. note::
-   On Debian Stretch it is possible to login into the database through
-   Unix socket as ``root`` operating system account as well - relying
-   on Unix socket user authentication without providing password. This
-   is the default set-up of MariaDB server on Debian Stretch
-
-* Deploys MariaDB client configuration in location ``/root/.my.cnf`` that
-  contains username and password for the root database user.
+* Sets-up the database root user for passwordless login via UNIX
+  socket authentication.
 
 
 Role dependencies
diff --git a/docs/usage.rst b/docs/usage.rst
index 5ede70652f3921d7850d236855348763a7481fcc..80ea4b3ee6954474e9aff6bbde5dd7947b80d4be 100644
--- a/docs/usage.rst
+++ b/docs/usage.rst
@@ -1343,18 +1343,8 @@ server.
           - web_server
           - database_server
 
-2. Now let's configure the role. This is rather simplistic, since we only need
-   to set the database server root (admin) password.
-
-   .. note::
-      Default MariaDB server configuration on Debian Stretch enables
-      the ``root`` OS user to login via Unix socket without providing
-      password as well.
-
-   :file:`~/mysite/group_vars/web.yml`
-   ::
-
-      db_root_password: root
+2. This particular role has no parameters, and no additional steps are
+   necessary to configure it. So move along...
 
 3. No TLS support has been implemented for this role (yet), so simply apply the
    changes::
diff --git a/roles/database/molecule/default/group_vars/parameters-mandatory.yml b/roles/database/molecule/default/group_vars/parameters-mandatory.yml
index c1ad193bdc9198b88b303e29590d2fc66ab2c1a7..0cfc118c5fbccf9a50a3e293d1c973d8ea68e16d 100644
--- a/roles/database/molecule/default/group_vars/parameters-mandatory.yml
+++ b/roles/database/molecule/default/group_vars/parameters-mandatory.yml
@@ -2,6 +2,3 @@
 
 db_name: testdb
 db_password: testdbpassword
-
-# database_server role
-db_root_password: "root_password"
diff --git a/roles/database/molecule/default/group_vars/parameters-optional.yml b/roles/database/molecule/default/group_vars/parameters-optional.yml
index 1907e44e1f6d3e545d28425b73939fac341a2802..2e88e88437559b01407341a9f87594a1c59601ac 100644
--- a/roles/database/molecule/default/group_vars/parameters-optional.yml
+++ b/roles/database/molecule/default/group_vars/parameters-optional.yml
@@ -4,9 +4,6 @@ db_name: testdb
 db_password: testdbpassword
 enable_backup: true
 
-# database_server
-db_root_password: "root_password"
-
 # backup_client
 backup_client_username: "bak-localhost"
 backup_encryption_key: "{{ lookup('file', 'tests/data/gnupg/parameters-optional.asc') }}"
diff --git a/roles/database_server/molecule/default/group_vars/deprecated.yml b/roles/database_server/molecule/default/group_vars/deprecated.yml
deleted file mode 100644
index a768013ebd0328cfd724db9a0d2d990c58f8076f..0000000000000000000000000000000000000000
--- a/roles/database_server/molecule/default/group_vars/deprecated.yml
+++ /dev/null
@@ -1,3 +0,0 @@
----
-
-db_root_password: "root_password"
diff --git a/roles/database_server/molecule/default/group_vars/parameters-mandatory.yml b/roles/database_server/molecule/default/group_vars/parameters-mandatory.yml
deleted file mode 100644
index a768013ebd0328cfd724db9a0d2d990c58f8076f..0000000000000000000000000000000000000000
--- a/roles/database_server/molecule/default/group_vars/parameters-mandatory.yml
+++ /dev/null
@@ -1,3 +0,0 @@
----
-
-db_root_password: "root_password"
diff --git a/roles/database_server/templates/root_my.cnf.j2 b/roles/database_server/templates/root_my.cnf.j2
deleted file mode 100644
index 56edaaa7e0705e47f2061e82a5ad6e2eac60f9d3..0000000000000000000000000000000000000000
--- a/roles/database_server/templates/root_my.cnf.j2
+++ /dev/null
@@ -1,3 +0,0 @@
-[client]
-user=root
-password={{ db_root_password }}
diff --git a/testsite/group_vars/web.yml b/testsite/group_vars/web.yml
index 380c3d06b5d74e9b7e045d2f8525d2bb50ac96b2..e03b359aef569c97c4e490e903b66ed219df8f6b 100644
--- a/testsite/group_vars/web.yml
+++ b/testsite/group_vars/web.yml
@@ -13,8 +13,6 @@ default_https_tls_certificate: "{{ lookup('file', inventory_dir + '/tls/web.' +
 web_default_title: "Welcome to Example Inc."
 web_default_message: "You are attempting to access the web server using a wrong name or an IP address. Please check your URL."
 
-db_root_password: "root"
-
 website_mail_recipients: "john.doe@example.com"
 
 environment_indicator: