AZP: add RHEL 10.0 to devel remote target (#859)

* AZP: add RHEL 10.0 to devel remote target

* Update README

* fix tests

* fix copy-paste thing

Author: Andersson007

.azure-pipelines/azure-pipelines.yml

@@ -191,6 +191,8 @@ stages:
         parameters:
           testFormat: devel/{0}/1
           targets:
+            - name: RHEL 10.0
+              test: rhel/10.0
             - name: RHEL 9.5
               test: rhel/9.5
 

README.md

@@ -119,6 +119,7 @@ Our AZP CI includes testing with the following docker images / PostgreSQL versio
 | Fedora 39    |           2.9.6 |               15   |
 | Ubuntu 22.04 |           3.1.9 |               16   |
 | Fedora 40/41 |           2.9.9 |               16   |
+| RHEL 10      |           2.9.9 |               16   |
 | Ubuntu 24.04 |           3.2.2 |               17   |
 
 ## Included content

tests/integration/targets/postgresql_privs/tasks/pg_authid_not_readable.yml

@@ -6,7 +6,6 @@
     encrypted: 'true'
     password: "md5{{ (db_password ~ db_user1) | hash('md5')}}"
     db: "{{ db_name }}"
-    priv: 'test_table1:INSERT,SELECT,UPDATE,DELETE,TRUNCATE,REFERENCES,TRIGGER/test_table2:INSERT/CREATE,CONNECT,TEMP'
     login_user: "{{ pg_user }}"
   register: redo_as_admin
 
@@ -37,7 +36,6 @@
     encrypted: 'true'
     password: "md5{{ (db_password ~ db_user1) | hash('md5')}}"
     db: "{{ db_name }}"
-    priv: 'test_table1:INSERT,SELECT,UPDATE,DELETE,TRUNCATE,REFERENCES,TRIGGER/test_table2:INSERT/CREATE,CONNECT,TEMP'
     login_user: "{{ db_user1 }}"
     login_password: "{{ db_password }}"
   register: redo_as_normal_user

tests/integration/targets/postgresql_privs/tasks/postgresql_privs_initial.yml

@@ -25,17 +25,38 @@
 - vars:
     db_password: 'secretù' # use UTF-8
   block:
-    - name: Create a user with some permissions on the db
+    - name: Create a user
       become_user: "{{ pg_user }}"
       become: true
       postgresql_user:
         name: "{{ db_user1 }}"
         encrypted: 'true'
         password: "md5{{ (db_password ~ db_user1) | hash('md5')}}"
         db: "{{ db_name }}"
-        priv: 'test_table1:INSERT,SELECT,UPDATE,DELETE,TRUNCATE,REFERENCES,TRIGGER/test_table2:INSERT/CREATE,CONNECT,TEMP'
         login_user: "{{ pg_user }}"
 
+    - name: Grant privs on test_table1
+      become_user: "{{ pg_user }}"
+      become: true
+      postgresql_privs:
+        db: "{{ db_name }}"
+        login_user: "{{ pg_user }}"
+        roles: "{{ db_user1 }}"
+        privs: 'INSERT,SELECT,UPDATE,DELETE,TRUNCATE,REFERENCES,TRIGGER'
+        type: table
+        objs: test_table1
+
+    - name: Grant privs on test_table2
+      become_user: "{{ pg_user }}"
+      become: true
+      postgresql_privs:
+        db: "{{ db_name }}"
+        login_user: "{{ pg_user }}"
+        roles: "{{ db_user1 }}"
+        privs: 'INSERT'
+        type: table
+        objs: test_table2
+
     - include_tasks: pg_authid_not_readable.yml
 
 - name: Check that the user has the requested permissions (table1)
@@ -68,18 +89,19 @@
       - result_table2.rowcount == 1
       - result_table2.query_result[0]['privilege_type'] == 'INSERT'
       - result_database.rowcount == 1
-      - "'{{ db_user1 }}=CTc/{{ pg_user }}' in result_database.query_result[0]['datacl']"
+      - result_database.query_result[0]['datacl'] == None
 
 - name: Add another permission for the user
   become_user: "{{ pg_user }}"
   become: true
-  postgresql_user:
-    name: "{{ db_user1 }}"
-    encrypted: 'true'
-    password: "md55c8ccfd9d6711fc69a7eae647fc54f51"
+  postgresql_privs:
+    roles: "{{ db_user1 }}"
     db: "{{ db_name }}"
-    priv: 'test_table2:select'
+    privs: 'SELECT'
+    type: table
+    objs: test_table2
     login_user: "{{ pg_user }}"
+
   register: result
 
 - name: Check that ansible reports it changed the user
@@ -199,7 +221,7 @@
 - assert:
     that:
       - result_database.rowcount == 1
-      - "'{{ db_user1 }}' not in result_database.query_result[0]['datacl']"
+      - result_database.query_result[0]['datacl'] is not search("{{ db_user1 }}")
 
 - name: Grant database privileges
   become_user: "{{ pg_user }}"