From 6743f7586343d826c068f82b13388ca170922810 Mon Sep 17 00:00:00 2001
From: Emilien Macchi <emilien@redhat.com>
Date: Fri, 15 Nov 2019 08:36:40 +0100
Subject: [PATCH] tripleo-container-manage: some improvements

- Improve logging in some tasks, to display what container is managed
- Use no_log for the tasks which leak all infos about containers
  (config_data). If debug is enabled, the logs will show all the
  config_data.
- Move the /etc/sysconfig/podman_drop_in tasks into shutdown.yaml so it
  runs once and it's staying close to the other tasks related to why we
  have this file (manage shutdown/start order when reboot).

Change-Id: I56896f92d58db900fd2ea06281d89f75e8d53a17
---
 .../tasks/container_running.yml                     |  2 +-
 .../tasks/podman/create.yml                         |  1 +
 .../tripleo-container-manage/tasks/podman/exec.yml  |  4 +++-
 .../tasks/podman/systemd.yml                        | 11 -----------
 .../tripleo-container-manage/tasks/shutdown.yml     | 13 ++++++++++++-
 5 files changed, 17 insertions(+), 14 deletions(-)

diff --git a/tripleo_ansible/roles/tripleo-container-manage/tasks/container_running.yml b/tripleo_ansible/roles/tripleo-container-manage/tasks/container_running.yml
index 2bfe11481..7d51b5056 100644
--- a/tripleo_ansible/roles/tripleo-container-manage/tasks/container_running.yml
+++ b/tripleo_ansible/roles/tripleo-container-manage/tasks/container_running.yml
@@ -20,7 +20,7 @@
       {{ podman_containers.containers | selectattr('Name', 'equalto', lookup('dict', container_exists_data).value.command.0) |
       map(attribute='State.Running') | first | default(false) }}
 
-- name: "Fail if {{ lookup('dict', container_exists_data).key }} is not running"
+- name: "Fail if {{ lookup('dict', container_exists_data).value.command.0 }} is not running"
   fail:
     msg: >-
       Can't run container exec for {{ lookup('dict', container_exists_data).key }},
diff --git a/tripleo_ansible/roles/tripleo-container-manage/tasks/podman/create.yml b/tripleo_ansible/roles/tripleo-container-manage/tasks/podman/create.yml
index 068aa0590..5f5a70675 100644
--- a/tripleo_ansible/roles/tripleo-container-manage/tasks/podman/create.yml
+++ b/tripleo_ansible/roles/tripleo-container-manage/tasks/podman/create.yml
@@ -66,6 +66,7 @@
 - name: "Check podman create status"
   async_status:
     jid: "{{ create_async_result_item.ansible_job_id }}"
+  no_log: "{{ not (tripleo_container_manage_debug | bool) }}"
   loop: "{{ create_async_results.results }}"
   loop_control:
     loop_var: "create_async_result_item"
diff --git a/tripleo_ansible/roles/tripleo-container-manage/tasks/podman/exec.yml b/tripleo_ansible/roles/tripleo-container-manage/tasks/podman/exec.yml
index 187537f70..e83a24a47 100644
--- a/tripleo_ansible/roles/tripleo-container-manage/tasks/podman/exec.yml
+++ b/tripleo_ansible/roles/tripleo-container-manage/tasks/podman/exec.yml
@@ -21,9 +21,10 @@
     loop_var: container_exists_data
   when: not ansible_check_mode|bool
 
-- name: "Run actions async"
+- name: "Async container exec"
   command:
     argv: "{{ cmd_template + lookup('dict', container_exec_data).value.command }}"
+  no_log: "{{ not (tripleo_container_manage_debug | bool) }}"
   vars:
     cmd_template:
       - "{{ tripleo_container_manage_cli }}"
@@ -41,6 +42,7 @@
 - name: "Check podman exec status"
   async_status:
     jid: "{{ exec_async_result_item.ansible_job_id }}"
+  no_log: "{{ not (tripleo_container_manage_debug | bool) }}"
   loop: "{{ exec_async_results.results }}"
   loop_control:
     loop_var: "exec_async_result_item"
diff --git a/tripleo_ansible/roles/tripleo-container-manage/tasks/podman/systemd.yml b/tripleo_ansible/roles/tripleo-container-manage/tasks/podman/systemd.yml
index b028e8aea..ce5645aa1 100644
--- a/tripleo_ansible/roles/tripleo-container-manage/tasks/podman/systemd.yml
+++ b/tripleo_ansible/roles/tripleo-container-manage/tasks/podman/systemd.yml
@@ -14,17 +14,6 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 
-- name: Check if /etc/sysconfig/podman_drop_in exists
-  stat:
-    path: /etc/sysconfig/podman_drop_in
-  register: podman_drop_in
-
-- name: Set podman_drop_in fact
-  set_fact:
-    podman_drop_in: true
-  when:
-    - podman_drop_in.stat.exists
-
 - name: Set container_name and container_sysd facts
   set_fact:
     container_sysd_name: "{{ lookup('dict', container_config).key }}"
diff --git a/tripleo_ansible/roles/tripleo-container-manage/tasks/shutdown.yml b/tripleo_ansible/roles/tripleo-container-manage/tasks/shutdown.yml
index ed3ebbc89..2ae1547af 100644
--- a/tripleo_ansible/roles/tripleo-container-manage/tasks/shutdown.yml
+++ b/tripleo_ansible/roles/tripleo-container-manage/tasks/shutdown.yml
@@ -14,6 +14,17 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 
+- name: Check if /etc/sysconfig/podman_drop_in exists
+  stat:
+    path: /etc/sysconfig/podman_drop_in
+  register: podman_drop_in
+
+- name: Set podman_drop_in fact
+  set_fact:
+    podman_drop_in: true
+  when:
+    - podman_drop_in.stat.exists
+
 - name: Cleanup Paunch services and files
   block:
     - name: Check if /usr/lib/systemd/system/paunch-container-shutdown.service exists
@@ -51,7 +62,7 @@
 
 - name: Create TripleO Container systemd service
   block:
-    - name: "Create /usr/libexec/{{ item }}"
+    - name: "Deploy tripleo-container-shutdown and tripleo-start-podman-container"
       copy:
         src: "{{ role_path }}/files/{{ item }}"
         dest: "/usr/libexec/{{ item }}"