Added support for MySQL hashed user password. Also added some improved YAML quoting around passwords.

README.rst

@@ -28,11 +28,19 @@ Install the MySQL server package and start the service.
 Debian OS family supports setting MySQL root password during install via debconf.
 
 ``mysql.database``
-----------------
+------------------
 
 Create and manage MySQL databases.
 
 ``mysql.user``
 ----------------
 
-Create and manage MySQL database users with definable GRANT privileges.
+Create and manage MySQL database users with definable GRANT privileges.
+
+The state accepts MySQL hashed passwords or clear text. Hashed password have priority.
+
+.. note::
+    See the `salt.states.mysql_user <http://docs.saltstack.com/en/latest/ref/states/all/salt.states.mysql_user.html#module-salt.states.mysql_user>`_ docs for additional information on configuring hashed passwords.
+    
+    Make sure the **quote the passwords** in the pillar so YAML doesn't throw an exception.
+

mysql/database.sls

@@ -5,7 +5,7 @@
   mysql_database.present:
     - host: localhost
     - connection_user: root
-    - connection_pass: {{ salt['pillar.get']('mysql:server:root_password', 'somepass') }}
+    - connection_pass: '{{ salt['pillar.get']('mysql:server:root_password', 'somepass') }}'
     - connection_charset: utf8
 {% endfor %}
 

mysql/user.sls

@@ -4,10 +4,14 @@
 {{ user['name'] }}:
   mysql_user.present:
     - host: {{ user['host'] }}
-    - password: {{ user['password'] }}
+  {%- if user['password_hash'] is defined %}
+    - password_hash: '{{ user['password_hash'] }}'
+  {% else %}
+    - password: '{{ user['password'] }}'
+  {% endif %}
     - connection_host: localhost
     - connection_user: root
-    - connection_pass: {{ salt['pillar.get']('mysql:server:root_password', 'somepass') }}
+    - connection_pass: '{{ salt['pillar.get']('mysql:server:root_password', 'somepass') }}'
     - connection_charset: utf8
 
 {% for db in user['databases'] %}
@@ -19,7 +23,7 @@
     - host: {{ user['host'] }}
     - connection_host: localhost
     - connection_user: root
-    - connection_pass: {{ salt['pillar.get']('mysql:server:root_password', 'somepass') }}
+    - connection_pass: '{{ salt['pillar.get']('mysql:server:root_password', 'somepass') }}'
     - connection_charset: utf8
     - require:
       - mysql_user: {{ user['name'] }}

pillar.example

@@ -1,6 +1,6 @@
 mysql:
   server:
-    root_password: somepass
+    root_password: 'somepass'
     bind-address: 127.0.0.1
     port: 3306
     user: mysql
@@ -13,7 +13,7 @@ mysql:
   # Manage users
   user:
     - name: frank
-      password: somepass
+      password: 'somepass'
       host: localhost
       databases:
         - database: foo
@@ -21,7 +21,7 @@ mysql:
         - database: bar
           grants: ['all privileges']
     - name: bob
-      password: someotherpass
+      password_hash: '*6C8989366EAF75BB670AD8EA7A7FC1176A95CEF4'
       host: localhost
       databases:
         - database: foo