Setting up mysql root password on CentOS the right way?

[Martin Emrich]

Hi!

This question is surely a classic, but all threads I found make use of Debians debian-sys-maint user and a default file.

But I am on CentOS 7 with MariaDB. Our CentOS VM template is universal, so I can't/won't preseed it with mysql/mariadb-specific stuff. And then there's the case where the DB might be not on the host itself (e.g. AWS RDS)....

What's the best way in this case to set the MySQL root password?

My sls file would have to first set the root password (logging in as root with the empty default password), then "tell the minion the new password to use from now on", and then do potentially other mysql stuff (users, grants, etc.).

That second part is not clear to me. 

Setting connection_user and connection_password for every mysql_ state (from a pillar) also sounds cumbersome.

Can I store the new credentials right from the mysql_user.present to be used by subsequent states in the same highstate run?

Do I miss the obvious?

Thanks :)

Martin