From 875954ef3cc800ece63fbbe41077fbe4ee271b2f Mon Sep 17 00:00:00 2001
From: Dmitriy Rabotyagov <dmitriy.rabotyagov@citynetwork.eu>
Date: Thu, 1 Apr 2021 14:21:24 +0300
Subject: [PATCH] Add image upload option

Allow deployers to manage trove guestimages with trove role. This will
allow us to correctly test role with tempest, since we were not able to
upload images with tags otherwise

Change-Id: If2f550ef09cd01ec5eab485f0d81ecfaf32f924f
---
 defaults/main.yml                             | 17 ++++
 .../trove_image_upload-c289c73cd2ddacfb.yaml  |  7 ++
 tasks/main.yml                                |  6 ++
 tasks/trove_guest_image.yml                   | 88 +++++++++++++++++++
 4 files changed, 118 insertions(+)
 create mode 100644 releasenotes/notes/trove_image_upload-c289c73cd2ddacfb.yaml
 create mode 100644 tasks/trove_guest_image.yml

diff --git a/defaults/main.yml b/defaults/main.yml
index 1fae178..33e3247 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -152,6 +152,23 @@ trove_guest_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl | default(False)
 trove_guest_auth_url: "{{ keystone_service_publicurl }}"
 trove_guest_swift_url: "{{ trove_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ swift_proxy_port }}/v1/AUTH_"
 
+# Trove image settings.
+# Set the directory where the downloaded images will be stored
+# on the trove_service_setup_host host. If the host is localhost,
+# then the user running the playbook must have access to it.
+trove_image_local_path: "{{ lookup('env', 'HOME') }}/openstack-ansible/trove"
+trove_image_path_owner: "{{ lookup('env', 'USER') }}"
+## Example Glance Image - Fedora Atomic
+#  - name: ubuntu-bionic                #Name of the image in Glance
+#    disk_format: qcow2                 #Disk format (e.g. qcow2)
+#    image_format: bare                 #Image format
+#    public: true                       #Boolean - is the image public
+#    file: https://tarballs.opendev.org/openstack/trove/images/trove-master-guest-ubuntu-bionic.qcow2
+#    tags:
+#      - trove
+#    checksum: "sha256:9a5252e24b82a5edb1ce75b05653f59895685b0f1028112462e908a12deae518"
+trove_guestagent_images: []
+
 # Trove service network settings.
 # These values are used when creating an OpenStack network to be used by Trove. By default the network will
 # not be created.
diff --git a/releasenotes/notes/trove_image_upload-c289c73cd2ddacfb.yaml b/releasenotes/notes/trove_image_upload-c289c73cd2ddacfb.yaml
new file mode 100644
index 0000000..fe626ac
--- /dev/null
+++ b/releasenotes/notes/trove_image_upload-c289c73cd2ddacfb.yaml
@@ -0,0 +1,7 @@
+---
+features:
+  - |
+    Added guest image upload functionality into Trove role. In order to use
+    this functionality, you need to define ``trove_guestagent_images`` variable
+    which may contain list of images that are required for upload and set
+    required tags for them.
diff --git a/tasks/main.yml b/tasks/main.yml
index 9dc4b61..1d33b6d 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -97,6 +97,12 @@
     - trove-install
     - trove-config
 
+- include_tasks: trove_guest_image.yml
+  when: trove_guestagent_images | length > 0
+  tags:
+    - trove-install
+    - trove-config
+
 - import_tasks: trove_post_install.yml
   tags:
     - trove-install
diff --git a/tasks/trove_guest_image.yml b/tasks/trove_guest_image.yml
new file mode 100644
index 0000000..850ebcc
--- /dev/null
+++ b/tasks/trove_guest_image.yml
@@ -0,0 +1,88 @@
+---
+# Copyright 2021 City Network International AB
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- name: Setup the guest image
+  delegate_to: "{{ trove_service_setup_host }}"
+  vars:
+    ansible_python_interpreter: "{{ trove_service_setup_host_python_interpreter }}"
+  block:
+    - name: Create image download directory
+      file:
+        path: "{{ trove_image_local_path }}"
+        state: directory
+        mode: "0750"
+        owner: "{{ trove_image_path_owner }}"
+      when:
+        - trove_guestagent_images | length > 0
+
+    - name: Download image from artefact server
+      get_url:
+        url: "{{ item.file }}"
+        dest: "{{ trove_image_local_path }}/{{ item.file | basename }}"
+        checksum: "{{ item.checksum | default(omit) }}"
+      retries: 5
+      delay: 10
+      register: trove_download_images
+      until: trove_download_images is success
+      when: item.file | regex_search('^(http|https|ftp)://') is truthy(convert_bool=True)
+      with_items: "{{ trove_guestagent_images }}"
+
+    - name: Replace existing image with new one
+      when:
+        - trove_download_images is changed
+      block:
+        - name: Get current image id
+          openstack.cloud.image_info:
+            cloud: "{{ item.cloud | default('default') }}"
+            region_name: "{{ trove_service_region }}"
+            image: "{{ item.name }}"
+            interface: "{{ item.interface | default('admin') }}"
+            verify: "{{ not keystone_service_adminuri_insecure }}"
+          register: get_image_info
+          until: get_image_info is success
+          retries: 5
+          delay: 10
+          with_items: "{{ trove_download_images['results'] | selectattr('changed') | map(attribute='item') }}"
+
+        # This uses command since os_image doesn't support tags.
+        # TODO(odyssey4me):
+        # Add tag capability to os_image module and replace this.
+        - name: Upload new image to glance
+          command: >-
+            openstack image create
+            --os-cloud {{ item.cloud | default('default') }}
+            --os-interface {{ item.interface | default('admin') }}
+            --file {{ trove_image_local_path }}/{{ item.file | basename }}
+            --disk-format {{ item.disk_format | default('qcow2') }}
+            --container-format {{ item.image_format | default('bare') }}
+            {% if item.tags | length > 0%}--tag {{ item.tags | join(' --tag ') }}{% endif %}
+            {{ (item.public | default(False)) | ternary('--public', '--private') }}
+            --project service
+            {{ item.name }}
+          with_items: "{{ trove_download_images['results'] | selectattr('changed') | map(attribute='item') }}"
+
+        - name: Delete old image from glance
+          openstack.cloud.image:
+            cloud: "{{ item.cloud | default('default') }}"
+            region_name: "{{ trove_service_region }}"
+            state: absent
+            name: "{{ item.id }}"
+            interface: admin
+            verify: "{{ not keystone_service_adminuri_insecure }}"
+          register: remove_old_image
+          until: remove_old_image is success
+          retries: 5
+          delay: 10
+          with_items: "{{ get_image_info['results'] | selectattr('openstack_image') | map(attribute='openstack_image') }}"