From d254771350dcbc80a6c4cdf519c8e9cd91cf54c7 Mon Sep 17 00:00:00 2001
From: Kostiantyn Kalynovskyi <kkalynovskyi@mirantis.com>
Date: Mon, 2 Mar 2020 18:17:39 -0600
Subject: [PATCH] [#75] functionality to set libvirt sec driver

With this change libvirt securty driver will be set to none,
also small fix to ignore errors during connection reset, this will
allow to run roles with connection_local

Change-Id: I0cbe7a465ce2e21aa23bde2aa7c1adb9f5f09cda
---
 roles/airship-libvirt-gate/tasks/build-infra.yaml |  4 ++++
 roles/libvirt-install/defaults/main.yaml          |  1 +
 roles/libvirt-install/tasks/configure.yaml        | 13 +++++++++++++
 roles/libvirt-install/tasks/main.yaml             |  1 +
 zuul.d/jobs.yaml                                  |  2 +-
 5 files changed, 20 insertions(+), 1 deletion(-)
 create mode 100644 roles/libvirt-install/defaults/main.yaml
 create mode 100644 roles/libvirt-install/tasks/configure.yaml

diff --git a/roles/airship-libvirt-gate/tasks/build-infra.yaml b/roles/airship-libvirt-gate/tasks/build-infra.yaml
index f4a0faa51..1088ffa57 100644
--- a/roles/airship-libvirt-gate/tasks/build-infra.yaml
+++ b/roles/airship-libvirt-gate/tasks/build-infra.yaml
@@ -10,6 +10,10 @@
 - name: install libvirt
   include_role:
     name: libvirt-install
+    tasks_from: "{{ item }}"
+  with_items:
+    - main
+    - configure
 
 - name: create pool
   include_role:
diff --git a/roles/libvirt-install/defaults/main.yaml b/roles/libvirt-install/defaults/main.yaml
new file mode 100644
index 000000000..1a23a0699
--- /dev/null
+++ b/roles/libvirt-install/defaults/main.yaml
@@ -0,0 +1 @@
+libvirt_qemu_config_file: /etc/libvirt/qemu.conf
\ No newline at end of file
diff --git a/roles/libvirt-install/tasks/configure.yaml b/roles/libvirt-install/tasks/configure.yaml
new file mode 100644
index 000000000..da8caf717
--- /dev/null
+++ b/roles/libvirt-install/tasks/configure.yaml
@@ -0,0 +1,13 @@
+- name: configure libvirt
+  become: true
+  block:
+  - name: Set libvirt security driver
+    lineinfile:
+      path: "{{ libvirt_qemu_config_file }}"
+      state: present
+      regexp: '^\s*security_driver\s*=.*$'
+      line: "security_driver = \"{{ libvirt_security_driver | default('none') }}\""
+  - name: libvirtd restarted
+    service:
+      name: libvirtd
+      state: restarted
diff --git a/roles/libvirt-install/tasks/main.yaml b/roles/libvirt-install/tasks/main.yaml
index 683e1dc71..bc8aabffc 100644
--- a/roles/libvirt-install/tasks/main.yaml
+++ b/roles/libvirt-install/tasks/main.yaml
@@ -38,6 +38,7 @@
       append: yes
   - name: Reset ssh connection to allow user changes to affect "{{ ansible_user }}"
     meta: reset_connection
+    ignore_errors: true
   - name: Start libvirtd
     service:
       name: libvirtd
diff --git a/zuul.d/jobs.yaml b/zuul.d/jobs.yaml
index a0a5f2249..987be7379 100644
--- a/zuul.d/jobs.yaml
+++ b/zuul.d/jobs.yaml
@@ -61,7 +61,7 @@
       - playbooks/airship-airshipctl-build-gate.yaml
     post-run: playbooks/airship-collect-logs.yaml
     run: playbooks/airship-airshipctl-test-runner.yaml
-    nodeset: airship-airshipctl-single-16GB-bionic-node
+    nodeset: airship-airshipctl-single-32GB-bionic-node
     vars:
       site_name: test-bootstrap
 ## var files are the files that are located at playbooks/vars directory