[goal] Deprecate the JSON formatted policy file

As per the community goal of migrating the policy file the format from JSON to YAML[1], we need to replace policy.json to policy.yaml and remove deprecated policy.json. config_template has been choosen instead of the copy, since it can properly handle content that has been lookuped. We make a separate task not to restart service when it's not needed. CephFS Native hook has been removed since [2] as manila leverages MGR now and doesn't require having directory in share. Additionally bionic test is removed as we don't have Octopus infra mirrors for it. [1] https://governance.openstack.org/tc/goals/selected/wallaby/migrate-policy-format-from-json-to-yaml.html [2] a830710939 Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/791202 Change-Id: I7a1807e4b984e31cb6250132f35d4c27f0b69b0c
2021-03-22 14:29:35 +02:00 · 2021-03-22 14:29:35 +02:00 · de29f07d77
commit de29f07d77
parent f404eb46c4
7 changed files with 30 additions and 74 deletions
--- a/handlers/main.yml
+++ b/handlers/main.yml
@ -28,22 +28,11 @@
    - "Restart manila services"
    - "venv changed"

-# Note (odyssey4me):
-# The policy.json file is currently read continually by the services
-# and is not only read on service start. We therefore cannot template
-# directly to the file read by the service because the new policies
-# may not be valid until the service restarts. This is particularly
-# important during a major upgrade. We therefore only put the policy
-# file in place after the service has been stopped.
-#
- name: Copy new policy file into place
-  copy:
-    src: "/etc/manila/policy.json-{{ manila_venv_tag }}"
-    dest: "/etc/manila/policy.json"
-    owner: "root"
-    group: "{{ manila_system_group_name }}"
-    mode: "0640"
-    remote_src: yes
+# NOTE (noonedeadpunk): Remove this task after Xena release
+- name: Remove obsoleted policy.json
+  file:
+    path: "/etc/manila/policy.json"
+    state: absent
  listen:
    - "Restart manila services"
    - "venv changed"
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -193,10 +193,3 @@
    - _manila_is_first_play_host
  tags:
    - manila-config
-
- import_tasks: manila_backend_cephfs.yml
-  when:
-    - manila_backend_rbd_inuse
-    - _manila_share_is_first_play_host
-  tags:
-    - manila-config
--- a/tasks/manila_backend_cephfs.yml
+++ b/tasks/manila_backend_cephfs.yml
@ -1,41 +0,0 @@
---
-# Copyright 2019, Rackspace US, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
- name: Create temporary mount dir
-  tempfile:
-    state: directory
-    suffix: manila_cephfs
-  register: _cephfs_mount_dir
-
- name: Mount CephFS
-  command: |
-    ceph-fuse --id "{{ item.value.cephfs_auth_id|default('manila') }}" "{{ _cephfs_mount_dir.path }}"
-  changed_when: false
-
- name: Ensure CephFS volumes dir permissions
-  file:
-    name: "{{ _cephfs_mount_dir.path }}/volumes"
-    state: directory
-    owner: "{{ manila_system_user_name }}"
-
- name: Unmount CephFS
-  mount:
-    path: "{{ _cephfs_mount_dir.path }}"
-    state: unmounted
-
- name: Remove temporary mount dir
-  file:
-    name: "{{ _cephfs_mount_dir.path }}"
-    state: absent
--- a/tasks/manila_post_install.yml
+++ b/tasks/manila_post_install.yml
@ -38,6 +38,28 @@
    - Restart manila services
    - Restart uwsgi services

+- name: Implement policy.yaml if there are overrides configured
+  config_template:
+    dest: "/etc/manila/policy.yaml"
+    config_overrides: "{{ manila_policy_overrides }}"
+    owner: "root"
+    group: "{{ manila_system_group_name }}"
+    mode: "0640"
+    config_type: "yaml"
+  when:
+    - manila_policy_overrides | length > 0
+  tags:
+    - manila-policy-override
+
+- name: Remove legacy policy.yaml file
+  file:
+    path: "/etc/manila/policy.yaml"
+    state: absent
+  when:
+    - manila_policy_overrides | length == 0
+  tags:
+    - manila-policy-override
+
 - name: Drop sudoers file
  template:
    src: "sudoers.j2"
--- a/templates/policy.json.j2
+++ b/templates/policy.json.j2
@ -1 +0,0 @@
-{}
--- a/vars/main.yml
+++ b/vars/main.yml
@ -63,10 +63,6 @@ manila_core_files:
    dest: "/etc/manila/manila.conf"
    config_overrides: "{{ manila_manila_conf_overrides }}"
    config_type: "ini"
-  - src: "policy.json.j2"
-    dest: "/etc/manila/policy.json-{{ manila_venv_tag }}"
-    config_overrides: "{{ manila_policy_overrides }}"
-    config_type: "json"

 manila_rootwrap_files:
  - condition: "{{ manila_install_method == 'source' }}"
--- a/zuul.d/project.yaml
+++ b/zuul.d/project.yaml
@ -21,13 +21,11 @@
      - release-notes-jobs-python3
    check:
      jobs:
-        - openstack-ansible-deploy-aio_metal-ubuntu-bionic
        - openstack-ansible-deploy-aio_metal-ubuntu-focal
-        - openstack-ansible-deploy-aio_metal-centos-8
-        - openstack-ansible-deploy-aio_lxc-ubuntu-bionic:
+        - openstack-ansible-deploy-aio_metal-centos-8-stream
+        - openstack-ansible-deploy-aio_lxc-ubuntu-focal:
            voting: false
    gate:
      jobs:
-        - openstack-ansible-deploy-aio_metal-ubuntu-bionic
        - openstack-ansible-deploy-aio_metal-ubuntu-focal
-        - openstack-ansible-deploy-aio_metal-centos-8
+        - openstack-ansible-deploy-aio_metal-centos-8-stream