Move upgrade playbooks to collection

Given that all playbook content is placed in the collection, there
is very little reason to make upgrade scripts a special case
and treat differently.

Change-Id: I414e48f266e15f07221a17d1b5d13ad56f4a6c0f
Signed-off-by: Dmitriy Rabotyagov <dmitriy.rabotyagov@cleura.com>

playbooks/tools/galera_cluster_rolling_restart.yml

@@ -0,0 +1,69 @@
+---
+# Copyright 2016, Rackspace US, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- name: Gracefully restart mariadb/galera cluster
+  hosts: galera_all
+  serial: 1
+  max_fail_percentage: 0
+  gather_facts: false
+  user: root
+  tasks:
+    - name: Stop mariadb
+      ansible.builtin.service:
+        name: mariadb
+        state: stopped
+      retries: 5
+      delay: 10
+
+    - name: Stop container
+      community.general.lxc_container:
+        name: "{{ inventory_hostname }}"
+        state: "stopped"
+      delegate_to: "{{ physical_host }}"
+      when: not hostvars[inventory_hostname]['is_metal']
+
+    - name: Start container
+      community.general.lxc_container:
+        name: "{{ inventory_hostname }}"
+        state: "started"
+      delegate_to: "{{ physical_host }}"
+      when: not hostvars[inventory_hostname]['is_metal']
+
+    - name: Start mariadb
+      ansible.builtin.service:
+        name: mariadb
+        state: started
+      retries: 5
+      delay: 10
+      when: hostvars[inventory_hostname]['is_metal']
+
+  post_tasks:
+    - name: Wait for mariadb port 3306 to be available
+      ansible.builtin.wait_for:
+        port: "3306"
+        host: "{{ management_address | default(ansible_ssh_host | default(inventory_hostname)) }}"
+      retries: 10
+      delay: 10
+      delegate_to: "{{ groups['utility_all'][0] }}"
+
+    - name: Check that WSREP is ready and Synced # noqa: risky-shell-pipe
+      ansible.builtin.shell: "/usr/bin/mariadb-admin extended-status | grep -E '(wsrep_local_state_comment)'"
+      register: mariadb_ready
+      until:
+        - mariadb_ready.rc == 0
+        - (mariadb_ready.stdout).find("Synced") != -1
+      changed_when: false
+      retries: 60
+      delay: 1

playbooks/tools/nova_restore_compute_id.yml

@@ -0,0 +1,45 @@
+---
+- name: Ensuring that compute node has UUID state defined
+  hosts: nova_compute
+  vars:
+    nova_compute_id_file: /var/lib/nova/compute_id
+    nova_hypervisor_fact_name: "{{ ansible_facts['fqdn'] }}"
+  handlers:
+
+    - name: Restart nova
+      ansible.builtin.service:
+        name: nova-compute
+        state: restarted
+
+  tasks:
+
+    - name: Checking if compute file exist
+      ansible.builtin.stat:
+        path: "{{ nova_compute_id_file }}"
+      register: _compute_id_status
+
+    - name: Get list of existing hypervisors  # noqa: run-once[task]
+      ansible.builtin.command: openstack --os-cloud default hypervisor list -f json -c ID -c "Hypervisor Hostname"
+      run_once: true
+      delegate_to: "{{ groups['utility_all'][0] }}"
+      register: nova_hypervisors
+      changed_when: false
+
+    - name: Get node UUID if needed
+      when: not _compute_id_status.stat.exists
+      block:
+
+        - name: Register hypervisors fact
+          ansible.builtin.set_fact:
+            nova_hv: "{{ nova_hypervisors.stdout | from_json | selectattr('Hypervisor Hostname', 'eq', nova_hypervisor_fact_name) }}"
+
+        - name: Place node UUID to the expected location
+          ansible.builtin.copy:
+            dest: "{{ nova_compute_id_file }}"
+            content: >
+              {{ nova_hv[0]['ID'] }}
+            owner: nova
+            group: nova
+            mode: "0640"
+          when: nova_hv
+          notify: Restart nova

playbooks/upgrade/deploy_config_changes.yml

@@ -0,0 +1,100 @@
+---
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- name: Prepare environment and configuration for deploying the new release
+  hosts: localhost
+  connection: local
+  gather_facts: false
+  user: root
+  vars:
+    repo_root_dir: "{{ lookup('ansible.builtin.env', 'OSA_CLONE_ROOT') }}"
+  tasks:
+    - name: Remove unnecessary env.d override files # noqa: risky-shell-pipe
+      ansible.builtin.shell: |
+        set -e
+        exit_code=0
+        if [[ -e {{ openstack_config_dir }}/env.d ]]; then
+          for f in $(diff --brief --report-identical-files {{ openstack_config_dir }}/env.d {{ openstack_clone_root }}/inventory/env.d | awk '/identical/ {print $2}' 2>/dev/null); do
+            echo "Deleting ${f} because it is identical to the defaults."
+            rm -f ${f}
+            exit_code=2
+          done
+        fi
+        exit ${exit_code}
+      args:
+        executable: /bin/bash
+      register: _envd_dir_cleanup
+      changed_when: _envd_dir_cleanup.rc == 2
+      failed_when: _envd_dir_cleanup.rc not in [0, 2]
+      tags:
+        - identical-envd-file-cleanup
+
+    - name: Find any config files in the user-space env.d directory
+      ansible.builtin.find:
+        paths:
+          - "{{ openstack_config_dir }}/env.d"
+        patterns: '*.yml'
+      register: _envd_dir_contents
+      tags:
+        - custom-envd-file-check
+
+    - name: Halt the upgrade and warn the user to inspect the env.d files for changes
+      ansible.builtin.fail:
+        msg: |
+          There are files in /etc/openstack_deploy/env.d which override the default inventory
+          layout in {{ repo_root_dir }}/inventory/env.d. The difference between these files
+          should be carefully reviewed to understand whether the changes are still necessary
+          and applicable to the environment. If all the user-space env.d files are necessary,
+          then please export SKIP_CUSTOM_ENVD_CHECK=true and re-run the playbook or
+          run-upgrade.sh script.
+      when:
+        - _envd_dir_contents.matched > 0
+        - not(lookup('env', 'SKIP_CUSTOM_ENVD_CHECK') | bool)
+      tags:
+        - custom-envd-file-check
+
+    - name: Read example user secrets file
+      ansible.builtin.command: "grep '^[a-zA-Z]' {{ repo_root_dir }}/etc/openstack_deploy/user_secrets.yml"
+      changed_when: false
+      register: new_secrets
+      tags:
+        - update-secrets
+
+    - name: Read existing user secrets file
+      ansible.builtin.command: "grep '^[a-zA-Z]' {{ openstack_config_dir }}/user_secrets.yml"
+      changed_when: false
+      register: user_secrets
+      tags:
+        - update-secrets
+
+    - name: Add missing secrets
+      ansible.builtin.lineinfile:
+        dest: "{{ openstack_config_dir }}/user_secrets.yml"
+        line: "{{ item }}"
+      with_items: "{{ new_secrets.stdout_lines }}"
+      when:
+        - not (user_secrets.stdout | regex_search('((^|\n)' ~ item ~ ')'))
+      tags:
+        - update-secrets
+
+    - name: Generate new secrets # noqa: no-changed-when
+      ansible.builtin.command: "{{ repo_root_dir }}/scripts/pw-token-gen.py --file {{ openstack_config_dir }}/user_secrets.yml"
+      tags:
+        - update-secrets
+
+    - name: Remove fact cache to ensure a fresh one is built during the upgrade
+      ansible.builtin.file:
+        path: "{{ openstack_config_dir }}/ansible_facts"
+        state: absent
+      tags:
+        - remove-fact-cache