From f529f0f6c75309f3fea2f390202fe4a939df1564 Mon Sep 17 00:00:00 2001
From: Jesse Pretorius <jesse.pretorius@rackspace.co.uk>
Date: Sun, 2 Sep 2018 18:13:36 +0100
Subject: [PATCH] Use a common python build/install role

In order to radically simplify how we prepare the service
venvs, we use a common role to do the wheel builds and the
venv preparation. This makes the process far simpler to
understand, because the role does its own building and
installing. It also reduces the code maintenance burden,
because instead of duplicating the build processes in the
repo_build role and the service role - we only have it all
done in a single place.

We also change the role venv tag var to use the integrated
build's common venv tag so that we can remove the role's
venv tag in group_vars in the integrated build. This reduces
memory consumption and also reduces the duplication.

This is by no means the final stop in the simplification
process, but it is a step forward. The will be work to follow
which:

1. Replaces 'developer mode' with an equivalent mechanism
   that uses the common role and is simpler to understand.
   We will also simplify the provisioning of pip install
   arguments when doing this.
2. Simplifies the installation of optional pip packages.
   Right now it's more complicated than it needs to be due
   to us needing to keep the py_pkgs plugin working in the
   integrated build.
3. Deduplicates the distro package installs. Right now the
   role installs the distro packages twice - just before
   building the venv, and during the python_venv_build role
   execution.

Depends-On: https://review.openstack.org/598957
Change-Id: I182bde29c049a97bc2b55193aee0b5b3d8532916
Implements: blueprint python-build-install-simplification
Signed-off-by: Jesse Pretorius <jesse.pretorius@rackspace.co.uk>
---
 defaults/main.yml             |  13 ++-
 handlers/main.yml             |  12 ++-
 tasks/nova_install.yml        |   5 +-
 tasks/nova_install_source.yml | 146 +++++++---------------------------
 4 files changed, 52 insertions(+), 124 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index d2b06c1b..f93623cb 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -50,8 +50,19 @@ nova_developer_constraints:
   - "git+{{ nova_git_repo }}@{{ nova_git_install_branch }}#egg=nova"
   - "git+{{ nova_lxd_git_repo }}@{{ nova_lxd_git_install_branch }}#egg=nova-lxd"
 
+# TODO(odyssey4me):
+# This can be simplified once all the roles are using
+# python_venv_build. We can then switch to using a
+# set of constraints in pip.conf inside the venv,
+# perhaps prepared by giving a giving a list of
+# constraints to the role.
+nova_pip_install_args: >-
+  {{ nova_developer_mode | ternary(pip_install_developer_constraints | default('--constraint /opt/developer-pip-constraints.txt'), '') }}
+  {{ (pip_install_upper_constraints is defined) | ternary('--constraint ' + pip_install_upper_constraints | default(''), '') }}
+  {{ pip_install_options | default('') }}
+
 # Name of the virtual env to deploy into
-nova_venv_tag: untagged
+nova_venv_tag: "{{ venv_tag | default('untagged') }}"
 nova_bin: "{{ _nova_bin }}"
 
 # venv_download, even when true, will use the fallback method of building the
diff --git a/handlers/main.yml b/handlers/main.yml
index 2e1342aa..0bd288f3 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -31,7 +31,9 @@
   until: _stop is success
   retries: 5
   delay: 2
-  listen: "Restart nova services"
+  listen:
+    - "Restart nova services"
+    - "venv changed"
 
 # Note (odyssey4me):
 # The policy.json file is currently read continually by the services
@@ -49,7 +51,9 @@
     group: "{{ nova_system_group_name }}"
     mode: "0640"
     remote_src: yes
-  listen: "Restart nova services"
+  listen:
+    - "Restart nova services"
+    - "venv changed"
 
 - name: Start services
   service:
@@ -62,7 +66,9 @@
   until: _start is success
   retries: 5
   delay: 2
-  listen: "Restart nova services"
+  listen:
+    - "Restart nova services"
+    - "venv changed"
 
 - meta: noop
   listen: Manage LB
diff --git a/tasks/nova_install.yml b/tasks/nova_install.yml
index 92b217ac..1d60b85b 100644
--- a/tasks/nova_install.yml
+++ b/tasks/nova_install.yml
@@ -72,10 +72,7 @@
     - name: "need_online_data_migrations"
       state: "True"
   when:
-    - (nova_install_method == 'source' and
-       ((nova_get_venv | changed) or
-        (nova_venv_dir | changed))) or
-      (install_packages | changed) or
+    - (install_packages | changed) or
       (ansible_local is not defined) or
       ('openstack_ansible' not in ansible_local) or
       ('nova' not in ansible_local['openstack_ansible']) or
diff --git a/tasks/nova_install_source.yml b/tasks/nova_install_source.yml
index ff79ad54..f8899c4e 100644
--- a/tasks/nova_install_source.yml
+++ b/tasks/nova_install_source.yml
@@ -13,6 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+# TODO(odyssey4me):
+# This can be simplified once all the roles are using
+# python_venv_build. We can then switch to using a
+# set of constraints in pip.conf inside the venv,
+# perhaps prepared by giving a giving a list of
+# constraints to the role.
 - name: Create developer mode constraint file
   copy:
     dest: "/opt/developer-pip-constraints.txt"
@@ -22,122 +28,30 @@
       {% endfor %}
   when:
     - nova_developer_mode | bool
-  tags:
-    - nova-pip-packages
 
-- name: Retrieve checksum for venv download
-  uri:
-    url: "{{ nova_venv_download_url | replace('tgz', 'checksum') }}"
-    return_content: yes
-  register: nova_venv_checksum
+- name: Ensure remote wheel building is disabled in developer mode
+  set_fact:
+    venv_build_host: "{{ ansible_hostname }}"
   when:
-    - nova_venv_download | bool
-  tags:
-    - nova-pip-packages
-    - always
+    - nova_developer_mode | bool
 
-- name: Attempt venv download
-  get_url:
-    url: "{{ nova_venv_download_url }}"
-    dest: "/var/cache/{{ nova_venv_download_url | basename }}"
-    checksum: "sha1:{{ nova_venv_checksum.content | trim }}"
-  register: nova_get_venv
-  when:
-    - nova_venv_download | bool
-  tags:
-    - nova-pip-packages
-    - always
-
-- name: Remove existing venv
-  file:
-    path: "{{ nova_bin | dirname }}"
-    state: absent
-  when:
-    - nova_get_venv  is changed
-  tags:
-    - nova-pip-packages
-
-- name: Create nova venv dir
-  file:
-    path: "{{ nova_bin | dirname }}"
-    state: directory
-  register: nova_venv_dir
-  when:
-    - nova_get_venv  is changed
-  tags:
-    - nova-pip-packages
-
-- name: Unarchive pre-built venv
-  unarchive:
-    src: "/var/cache/{{ nova_venv_download_url | basename }}"
-    dest: "{{ nova_bin | dirname }}"
-    copy: "no"
-  when:
-    - nova_get_venv  is changed
-  notify:
-    - Manage LB
-    - Restart nova services
-  tags:
-    - nova-pip-packages
-
-- name: Install pip packages
-  pip:
-    name: "{{ nova_pip_packages }}"
-    state: "{{ nova_pip_package_state }}"
-    virtualenv: "{{ nova_bin | dirname }}"
-    virtualenv_site_packages: "no"
-    extra_args: >-
-      {{ nova_developer_mode | ternary(pip_install_developer_constraints | default('--constraint /opt/developer-pip-constraints.txt'), '') }}
-      {{ (pip_install_upper_constraints is defined) | ternary('--constraint ' + pip_install_upper_constraints | default(''),'') }}
-      {{ pip_install_options | default('') }}
-  register: install_packages
-  until: install_packages is success
-  retries: 5
-  delay: 2
-  when:
-    - nova_get_venv | failed or nova_get_venv | skipped
-  notify:
-    - Manage LB
-    - Restart nova services
-  tags:
-    - nova-pip-packages
-
-- name: Remove python from path first (CentOS, openSUSE)
-  file:
-    path:  "{{ nova_bin | dirname }}/bin/python2.7"
-    state: "absent"
-  when:
-    - ansible_pkg_mgr in ['yum', 'dnf', 'zypper']
-    - nova_get_venv  is changed
-
-# NOTE(odyssey4me):
-# We reinitialize the venv to ensure that the right
-# version of python is in the venv, but we do not
-# want virtualenv to also replace pip, setuptools
-# and wheel so we tell it not to.
-# We do not use --always-copy for CentOS/SuSE due
-# to https://github.com/pypa/virtualenv/issues/565
-- name: Update virtualenv path
-  shell: |
-    set -o errexit
-    find {{ nova_bin }} -name \*.pyc -delete
-    if test -d {{ nova_bin }}/__pycache__; then rmdir {{ nova_bin }}/__pycache__; fi
-    sed -si '1s/^.*python.*$/#!{{ nova_bin | replace ('/','\/') }}\/python/' {{ nova_bin }}/*
-    virtualenv {{ nova_bin | dirname }} \
-        {{ (ansible_pkg_mgr == 'apt') | ternary('--always-copy', '') }} \
-        --no-pip \
-        --no-setuptools \
-        --no-wheel
-  when:
-    - nova_get_venv  is changed
-  tags:
-    - skip_ansible_lint
-    - nova-pip-packages
-    - Restart nova services
-
-- name: Record the venv tag deployed
-  ini_file:
-    dest: "/etc/ansible/facts.d/openstack_ansible.fact"
-    section: nova
-    option: venv_tag
-    value: "{{ nova_venv_tag }}"
+- name: Install the python venv
+  include_role:
+    name: "python_venv_build"
+    private: yes
+  vars:
+    venv_build_distro_package_list: "{{ nova_devel_distro_packages }}"
+    venv_install_destination_path: "{{ nova_bin | dirname }}"
+    venv_install_distro_package_list: "{{ nova_distro_packages }}"
+    venv_pip_install_args: "{{ nova_pip_install_args }}"
+    venv_pip_packages: "{{ nova_pip_packages }}"
+    venv_facts_when_changed:
+      - section: "nova"
+        option: "need_service_restart"
+        value: "True"
+      - section: "nova"
+        option: "need_online_data_migrations"
+        value: "True"
+      - section: "nova"
+        option: "venv_tag"
+        value: "{{ nova_venv_tag }}"