From fad1ea42cea2087e85948ab666978a2c32d60a00 Mon Sep 17 00:00:00 2001
From: Juan Larriba <jlarriba@redhat.com>
Date: Thu, 27 May 2021 12:14:59 +0200
Subject: [PATCH] Remove become: true from the role

The role is always executed with --become, as it is specified in the
documentation. The CLI also invokes the role with --become parameter. In
this case, we were currently implementing a non consistent become
policy. As almost all the tasks in the role require root access, it is
more consistent to remove all the become: true entries and launch the
role with --become parameter.

Depends-on: Id2aff61f219b0c4992f6f0045f1aba2c7d129758
Change-Id: I263e05c905e3ea6f3f25f4e5a1b8dfb25f6a3f97
---
 .../roles/backup_and_restore/tasks/ceph_authentication.yml | 1 -
 .../roles/backup_and_restore/tasks/ceph_backup.yml         | 1 -
 .../roles/backup_and_restore/tasks/ceph_mgr_stop.yml       | 1 -
 .../roles/backup_and_restore/tasks/ceph_mon_stop.yml       | 1 -
 .../roles/backup_and_restore/tasks/ceph_rgw_stop.yml       | 1 -
 .../roles/backup_and_restore/tasks/db_backup.yml           | 3 ---
 .../roles/backup_and_restore/tasks/pacemaker_backup.yml    | 3 ---
 .../roles/backup_and_restore/tasks/run_backup.yml          | 1 -
 .../roles/backup_and_restore/tasks/setup_nfs.yml           | 7 -------
 .../roles/backup_and_restore/tasks/setup_rear.yml          | 7 -------
 10 files changed, 26 deletions(-)

diff --git a/tripleo_ansible/roles/backup_and_restore/tasks/ceph_authentication.yml b/tripleo_ansible/roles/backup_and_restore/tasks/ceph_authentication.yml
index 2fadd55cc..4567657b5 100644
--- a/tripleo_ansible/roles/backup_and_restore/tasks/ceph_authentication.yml
+++ b/tripleo_ansible/roles/backup_and_restore/tasks/ceph_authentication.yml
@@ -42,7 +42,6 @@
   shell: |
     set -o pipefail
     {{ tripleo_container_cli }} exec ceph-mon-{{ ansible_facts['hostname'] }} bash -c "ceph auth export"
-  become: true
   register: bar_ceph_authentication_content
   tags:
     - bar_create_recover_image
diff --git a/tripleo_ansible/roles/backup_and_restore/tasks/ceph_backup.yml b/tripleo_ansible/roles/backup_and_restore/tasks/ceph_backup.yml
index fd8ecc950..de0dd9157 100644
--- a/tripleo_ansible/roles/backup_and_restore/tasks/ceph_backup.yml
+++ b/tripleo_ansible/roles/backup_and_restore/tasks/ceph_backup.yml
@@ -43,7 +43,6 @@
       --acls \
       -f {{ tripleo_backup_and_restore_ceph_backup_file }} \
       {{ tripleo_backup_and_restore_ceph_path }}
-  become: true
   tags:
     - bar_create_recover_image
 
diff --git a/tripleo_ansible/roles/backup_and_restore/tasks/ceph_mgr_stop.yml b/tripleo_ansible/roles/backup_and_restore/tasks/ceph_mgr_stop.yml
index 77a03e0e7..31dab8da7 100644
--- a/tripleo_ansible/roles/backup_and_restore/tasks/ceph_mgr_stop.yml
+++ b/tripleo_ansible/roles/backup_and_restore/tasks/ceph_mgr_stop.yml
@@ -36,6 +36,5 @@
   systemd:
     state: stopped
     name: "ceph-mgr@{{ ansible_facts['hostname'] }}"
-  become: true
   tags:
     - bar_create_recover_image
diff --git a/tripleo_ansible/roles/backup_and_restore/tasks/ceph_mon_stop.yml b/tripleo_ansible/roles/backup_and_restore/tasks/ceph_mon_stop.yml
index f7e23b3a8..bb527df11 100644
--- a/tripleo_ansible/roles/backup_and_restore/tasks/ceph_mon_stop.yml
+++ b/tripleo_ansible/roles/backup_and_restore/tasks/ceph_mon_stop.yml
@@ -36,6 +36,5 @@
   systemd:
     state: stopped
     name: "ceph-mon@{{ ansible_facts['hostname'] }}"
-  become: true
   tags:
     - bar_create_recover_image
diff --git a/tripleo_ansible/roles/backup_and_restore/tasks/ceph_rgw_stop.yml b/tripleo_ansible/roles/backup_and_restore/tasks/ceph_rgw_stop.yml
index 19d1ed6bb..1887754aa 100644
--- a/tripleo_ansible/roles/backup_and_restore/tasks/ceph_rgw_stop.yml
+++ b/tripleo_ansible/roles/backup_and_restore/tasks/ceph_rgw_stop.yml
@@ -54,7 +54,6 @@
   systemd:
     state: stopped
     name: "ceph-radosgw@rgw.{{ ansible_facts['hostname'] }}.{{ bar_ceph_rgw_name.stdout }}"
-  become: true
   when:
     - bar_ceph_rgw_exits.stdout!="0"
     - bar_ceph_rgw_name.stdout!=""
diff --git a/tripleo_ansible/roles/backup_and_restore/tasks/db_backup.yml b/tripleo_ansible/roles/backup_and_restore/tasks/db_backup.yml
index 2963e780d..a693978f4 100644
--- a/tripleo_ansible/roles/backup_and_restore/tasks/db_backup.yml
+++ b/tripleo_ansible/roles/backup_and_restore/tasks/db_backup.yml
@@ -21,7 +21,6 @@
   when: mysql_password is undefined
   register: mysql_password
   no_log: "{{ tripleo_backup_and_restore_hide_sensitive_logs | bool }}"
-  become: true
   tags:
     - bar_create_recover_image
 
@@ -30,7 +29,6 @@
     hiera -c '{{ tripleo_backup_and_restore_hiera_config_file }}' 'tripleo::profile::pacemaker::database::mysql::bind_address'
   when: tripleo_backup_and_restore_pacemaker_galera_bind_address is undefined
   register: tripleo_backup_and_restore_pacemaker_galera_bind_address
-  become: true
   tags:
     - bar_create_recover_image
 
@@ -79,7 +77,6 @@
     {{ tripleo_container_cli }} ps -a | grep galera | awk '{print $1}'
   when: enabled_galera
   register: galera_container_id
-  become: true
   tags:
     - bar_create_recover_image
 
diff --git a/tripleo_ansible/roles/backup_and_restore/tasks/pacemaker_backup.yml b/tripleo_ansible/roles/backup_and_restore/tasks/pacemaker_backup.yml
index e9d3d967c..03966bbc6 100644
--- a/tripleo_ansible/roles/backup_and_restore/tasks/pacemaker_backup.yml
+++ b/tripleo_ansible/roles/backup_and_restore/tasks/pacemaker_backup.yml
@@ -19,7 +19,6 @@
   command: |
     hiera -c "{{ tripleo_backup_and_restore_hiera_config_file }}" 'enabled_services'
   register: tripleo_backup_and_restore_enabled_services
-  become: true
   tags:
     - bar_create_recover_image
 
@@ -37,7 +36,6 @@
     - pacemaker_backup.tar.bz2
     - cib.xml
   when: pacemaker_enabled
-  become: true
   tags:
     - bar_create_recover_image
 
@@ -47,6 +45,5 @@
     pcs cluster cib cib.xml
     pcs config backup pacemaker_backup
   when: pacemaker_enabled
-  become: true
   tags:
     - bar_create_recover_image
diff --git a/tripleo_ansible/roles/backup_and_restore/tasks/run_backup.yml b/tripleo_ansible/roles/backup_and_restore/tasks/run_backup.yml
index 2244b682a..b6ba23ce5 100644
--- a/tripleo_ansible/roles/backup_and_restore/tasks/run_backup.yml
+++ b/tripleo_ansible/roles/backup_and_restore/tasks/run_backup.yml
@@ -41,7 +41,6 @@
     - bar_create_recover_image
 
 - name: Create the node backup
-  become: true
   command: rear {{ '-s ' if tripleo_backup_and_restore_rear_simulate else '' }}-d -v mkbackup
   register: tripleo_backup_and_restore_rear_output
   when: tripleo_backup_and_restore_rear_output is undefined
diff --git a/tripleo_ansible/roles/backup_and_restore/tasks/setup_nfs.yml b/tripleo_ansible/roles/backup_and_restore/tasks/setup_nfs.yml
index 1e28a391f..d8da8a870 100644
--- a/tripleo_ansible/roles/backup_and_restore/tasks/setup_nfs.yml
+++ b/tripleo_ansible/roles/backup_and_restore/tasks/setup_nfs.yml
@@ -33,7 +33,6 @@
     - always
 
 - name: Install required packages for the NFS server
-  become: true
   package:
     name: "{{ tripleo_backup_and_restore_nfs_packages }}"
     state: present
@@ -41,7 +40,6 @@
     - bar_setup_nfs_server
 
 - name: Allow NFS connections port 111.
-  become: true
   iptables:
     action: insert
     rule_num: '1'
@@ -55,7 +53,6 @@
     - bar_setup_nfs_server
 
 - name: Allow NFS connections port 2049.
-  become: true
   iptables:
     action: insert
     rule_num: '1'
@@ -76,7 +73,6 @@
     - bar_setup_nfs_server
 
 - name: Open ports in firewalld
-  become: true
   block:
     - name: Allow NFS port 111 in the firewall
       firewalld:
@@ -101,7 +97,6 @@
     - bar_setup_nfs_server
 
 - name: Enable the NFS service in the NFS server
-  become: true
   systemd:
     name: nfs-server
     enabled: true
@@ -109,7 +104,6 @@
     - bar_setup_nfs_server
 
 - name: Create backup folder in the NFS server
-  become: true
   file:
     path: "{{ tripleo_backup_and_restore_nfs_storage_folder }}"
     state: directory
@@ -133,7 +127,6 @@
     - bar_setup_nfs_server
 
 - name: Reload the NFS service
-  become: true
   systemd:
     name: nfs-server
     state: reloaded
diff --git a/tripleo_ansible/roles/backup_and_restore/tasks/setup_rear.yml b/tripleo_ansible/roles/backup_and_restore/tasks/setup_rear.yml
index 49c5fe5e2..6c799a9d7 100644
--- a/tripleo_ansible/roles/backup_and_restore/tasks/setup_rear.yml
+++ b/tripleo_ansible/roles/backup_and_restore/tasks/setup_rear.yml
@@ -33,7 +33,6 @@
     - always
 
 - name: Install required packages for ReaR
-  become: true
   package:
     name: "{{ tripleo_backup_and_restore_rear_packages }}"
     state: present
@@ -41,7 +40,6 @@
     - bar_setup_rear
 
 - name: Remove ReaR rpm default cron programming
-  become: true
   file:
     path: /etc/cron.d/rear
     state: absent
@@ -57,7 +55,6 @@
     - bar_setup_rear
 
 - name: Set bootstrap nodeid
-  become: true
   register: tripleo_backup_and_restore_bootstrap_nodeid
   command: |
     hiera -c {{ tripleo_backup_and_restore_hiera_config_file }}  'mysql_short_bootstrap_node_name'
@@ -65,7 +62,6 @@
     - bar_setup_rear
 
 - name: List enabled services by node
-  become: true
   register: tripleo_backup_and_restore_enabled_services
   command: |
     hiera -c {{ tripleo_backup_and_restore_hiera_config_file }} 'service_names'
@@ -93,7 +89,6 @@
     - bar_setup_rear
 
 - name: Generate ReaR config file
-  become: true
   template:
     src: local.conf.j2
     dest: /etc/rear/local.conf
@@ -105,7 +100,6 @@
     - bar_setup_rear
 
 - name: Generate ReaR rescue file
-  become: true
   template:
     src: rescue.conf.j2
     dest: /etc/rear/rescue.conf
@@ -117,7 +111,6 @@
     - bar_setup_rear
 
 - name: Load rear config
-  become: true
   slurp:
     src: /etc/rear/local.conf
   register: rear_config