sap.sap_operations.hdbuserstore module – Manage the HANA user store (HANA command hdbuserstore)

Note

This module is part of the sap.sap_operations collection (version 1.0.2).

To install it, use: ansible-galaxy collection install sap.sap_operations. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: sap.sap_operations.hdbuserstore.

New in sap.sap_operations 1.0.0

Synopsis

  • Manage the HANA user store (HANA command hdbuserstore) Get and set HANA user store records.

Requirements

The below requirements are needed on the host that executes this module.

  • python >= 3.6

Parameters

Parameter

Comments

binary_path

string
Custom path of the hdbuserstore binary.

Variable binary_path is required if hdbuserstore command cannot be found in PATH environment variable (with user running the module). See examples section to find several ways not to provide value for this variable.

env

string
Database location (host:port).

Required only if state=present

force

boolean
If true the key will be updated even if already exists. Used to update password.

If set to false (default value) module will return OK, but will not update the key, key will be created only if it does not exists

Choices:

  • false ← (default)

  • true

key

string / required

Manage the key.

password

string
Password for the hdb store username.

Required only if you set new key, state=present

state

string

If present the key will be created, removed otherwise.

Choices:

  • "present" ← (default)

  • "absent"

username

string
Username for the hdb store

Required only if you set new key, state=present

Attributes

Attribute

Support

Description

check_mode

Support: full

Full support for check mode.

diff_mode

Support: none

Diff mode is not supported.

platform

Platform: posix

Only tested on RHEL

Examples

- name: Set the key mykey
  sap.sap_operations.hdbuserstore:
    key: mykey
    env: "localhost:30113"
    username: myuser
    password: mypassword

# NOTES:
# Variable binary_path is required if hdbuserstore command cannot be found in PATH environment variable.
# If running ansible module using become directive with <hanasid>adm user and flag '-i' (interactive - meaning load all environment for the user)
# ansible modules fail. This is due to the fact that <hanasid>adm user sets environment variables PYTHONHOME and PYTHONPATH (to use HANA python,
# not platform python) that confuse ansible.
#
# In that case hdbuserstore command will not be in PATH environment variable for <hanasid>adm user and I(binary_path) has to be provided.
#
# There are several workaround around this unplesant situation. One is recommended.
#
# Workaround 1 (recommended)
#
# Run hdbsuserstore module with <hanasid>adm user with '-i' (interactive) flag like so
- name: Set the key mykey
  sap.sap_operations.hdbuserstore:
    key: mykey
    env: "localhost:30113"
    username: myuser
    password: mypassword
  become: true
  become_user: <hanasid>adm
  become_flags: -i
  vars:
    ansible_python_interpreter: "/usr/libexec/platform-python -E"

# Option '-E' for python interpreter will ignore all PYTHON\* environment variables, so ansible will run platform python without any problems.
# Variable I(ansible_python_interpreter) have to be set to value "/usr/libexec/platform-python -E" on all RHEL versions for any ansible module
# execution when becoming <hanasid>adm user with flag '-i'.
#
# ansible_python_interpreter: "/usr/libexec/platform-python -E" can be set at task level (as above), at play level like so
# Or be set as host variable either in inventory file or as task in playbook:
- name: Converge
  hosts: all
  gather_facts: false
  become: true
  become_user: hanadm
  become_flags: -i
  vars:
    ansible_python_interpreter: python -E

  tasks:
    - name: Environment for SAP HANA
      set_fact:
        ansible_python_interpreter: "/usr/libexec/platform-python -E"

# Workaround 2
#
# Do not use interactive flag when becoming <hanasid>adm user.
- name: Set the key mykey
  sap.sap_operations.hdbuserstore:
    key: mykey
    env: "localhost:30113"
    username: myuser
    password: mypassword
    binary_path: "/usr/sap/HAN/SYS/exe/hdb"
  become: true
  become_user: <hanasid>adm

# In that case hdbuserstore command will not be in PATH environment variable for <hanasid>adm user and I(binary_path) has to be provided.
#
# Workaround 3
#
# Do not use interactive flag when becoming <hanasid>adm user. But do not want to provide value for variable I(binary_path).
#
# In that case value for I(binary_path) can be extracted from HANA parameter DIR_EXECUTABLE that one can get with I(parameter_info) module:
- name: Get DIR_EXECUTABLE
  sap.sap_operations.parameter_info:
    instance_number: "00"
    name: DIR_EXECUTABLE
  become: true
  become_user: <hanasid>adm
  register: __DIR_EXECUTABLE

- name: Set the key mykey
  sap.sap_operations.hdbuserstore:
    key: mykey
    env: "localhost:30113"
    username: myuser
    password: mypassword
    binary_path: "{{ __DIR_EXECUTABLE.parameter_value[0] }}"
  become: true
  become_user: <hanasid>adm

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

env

string

HDB env name

Returned: When state is present

Sample: "myenv"

key

string

HDB key name

Returned: always

Sample: "mykey"

username

string

HDB username for key

Returned: When state is present

Sample: "myusername"

Authors

  • Ondra Machacek (@machacekondra)