From de29f07d7723cf9493a49f7663746379fd7b1e2f Mon Sep 17 00:00:00 2001
From: Dmitriy Rabotyagov <dmitriy.rabotyagov@citynetwork.eu>
Date: Mon, 22 Mar 2021 14:29:35 +0200
Subject: [PATCH] [goal] Deprecate the JSON formatted policy file

As per the community goal of migrating the policy file
the format from JSON to YAML[1], we need to replace policy.json to
policy.yaml and remove deprecated policy.json.

config_template has been choosen instead of the copy, since it can
properly handle content that has been lookuped.

We make a separate task not to restart service when it's not needed.

CephFS Native hook has been removed since [2] as manila leverages MGR
now and doesn't require having directory in share.

Additionally bionic test is removed as we don't have Octopus infra
mirrors for it.

[1] https://governance.openstack.org/tc/goals/selected/wallaby/migrate-policy-format-from-json-to-yaml.html
[2] https://opendev.org/openstack/manila/commit/a8307109395e3535085190c40325cd46dd355c78

Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/791202
Change-Id: I7a1807e4b984e31cb6250132f35d4c27f0b69b0c
---
 handlers/main.yml               | 21 ++++-------------
 tasks/main.yml                  |  7 ------
 tasks/manila_backend_cephfs.yml | 41 ---------------------------------
 tasks/manila_post_install.yml   | 22 ++++++++++++++++++
 templates/policy.json.j2        |  1 -
 vars/main.yml                   |  4 ----
 zuul.d/project.yaml             |  8 +++----
 7 files changed, 30 insertions(+), 74 deletions(-)
 delete mode 100644 tasks/manila_backend_cephfs.yml
 delete mode 100644 templates/policy.json.j2

diff --git a/handlers/main.yml b/handlers/main.yml
index ea27b91..b7226db 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -28,22 +28,11 @@
     - "Restart manila services"
     - "venv changed"
 
-# Note (odyssey4me):
-# The policy.json file is currently read continually by the services
-# and is not only read on service start. We therefore cannot template
-# directly to the file read by the service because the new policies
-# may not be valid until the service restarts. This is particularly
-# important during a major upgrade. We therefore only put the policy
-# file in place after the service has been stopped.
-#
-- name: Copy new policy file into place
-  copy:
-    src: "/etc/manila/policy.json-{{ manila_venv_tag }}"
-    dest: "/etc/manila/policy.json"
-    owner: "root"
-    group: "{{ manila_system_group_name }}"
-    mode: "0640"
-    remote_src: yes
+# NOTE (noonedeadpunk): Remove this task after Xena release
+- name: Remove obsoleted policy.json
+  file:
+    path: "/etc/manila/policy.json"
+    state: absent
   listen:
     - "Restart manila services"
     - "venv changed"
diff --git a/tasks/main.yml b/tasks/main.yml
index 95e058e..45535c7 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -193,10 +193,3 @@
     - _manila_is_first_play_host
   tags:
     - manila-config
-
-- import_tasks: manila_backend_cephfs.yml
-  when:
-    - manila_backend_rbd_inuse
-    - _manila_share_is_first_play_host
-  tags:
-    - manila-config
diff --git a/tasks/manila_backend_cephfs.yml b/tasks/manila_backend_cephfs.yml
deleted file mode 100644
index 8101824..0000000
--- a/tasks/manila_backend_cephfs.yml
+++ /dev/null
@@ -1,41 +0,0 @@
----
-# Copyright 2019, Rackspace US, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-- name: Create temporary mount dir
-  tempfile:
-    state: directory
-    suffix: manila_cephfs
-  register: _cephfs_mount_dir
-
-- name: Mount CephFS
-  command: |
-    ceph-fuse --id "{{ item.value.cephfs_auth_id|default('manila') }}" "{{ _cephfs_mount_dir.path }}"
-  changed_when: false
-
-- name: Ensure CephFS volumes dir permissions
-  file:
-    name: "{{ _cephfs_mount_dir.path }}/volumes"
-    state: directory
-    owner: "{{ manila_system_user_name }}"
-
-- name: Unmount CephFS
-  mount:
-    path: "{{ _cephfs_mount_dir.path }}"
-    state: unmounted
-
-- name: Remove temporary mount dir
-  file:
-    name: "{{ _cephfs_mount_dir.path }}"
-    state: absent
diff --git a/tasks/manila_post_install.yml b/tasks/manila_post_install.yml
index f404f2a..bea2beb 100644
--- a/tasks/manila_post_install.yml
+++ b/tasks/manila_post_install.yml
@@ -38,6 +38,28 @@
     - Restart manila services
     - Restart uwsgi services
 
+- name: Implement policy.yaml if there are overrides configured
+  config_template:
+    dest: "/etc/manila/policy.yaml"
+    config_overrides: "{{ manila_policy_overrides }}"
+    owner: "root"
+    group: "{{ manila_system_group_name }}"
+    mode: "0640"
+    config_type: "yaml"
+  when:
+    - manila_policy_overrides | length > 0
+  tags:
+    - manila-policy-override
+
+- name: Remove legacy policy.yaml file
+  file:
+    path: "/etc/manila/policy.yaml"
+    state: absent
+  when:
+    - manila_policy_overrides | length == 0
+  tags:
+    - manila-policy-override
+
 - name: Drop sudoers file
   template:
     src: "sudoers.j2"
diff --git a/templates/policy.json.j2 b/templates/policy.json.j2
deleted file mode 100644
index 0967ef4..0000000
--- a/templates/policy.json.j2
+++ /dev/null
@@ -1 +0,0 @@
-{}
diff --git a/vars/main.yml b/vars/main.yml
index e734136..3ab946e 100644
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -63,10 +63,6 @@ manila_core_files:
     dest: "/etc/manila/manila.conf"
     config_overrides: "{{ manila_manila_conf_overrides }}"
     config_type: "ini"
-  - src: "policy.json.j2"
-    dest: "/etc/manila/policy.json-{{ manila_venv_tag }}"
-    config_overrides: "{{ manila_policy_overrides }}"
-    config_type: "json"
 
 manila_rootwrap_files:
   - condition: "{{ manila_install_method == 'source' }}"
diff --git a/zuul.d/project.yaml b/zuul.d/project.yaml
index 053b688..604920b 100644
--- a/zuul.d/project.yaml
+++ b/zuul.d/project.yaml
@@ -21,13 +21,11 @@
       - release-notes-jobs-python3
     check:
       jobs:
-        - openstack-ansible-deploy-aio_metal-ubuntu-bionic
         - openstack-ansible-deploy-aio_metal-ubuntu-focal
-        - openstack-ansible-deploy-aio_metal-centos-8
-        - openstack-ansible-deploy-aio_lxc-ubuntu-bionic:
+        - openstack-ansible-deploy-aio_metal-centos-8-stream
+        - openstack-ansible-deploy-aio_lxc-ubuntu-focal:
             voting: false
     gate:
       jobs:
-        - openstack-ansible-deploy-aio_metal-ubuntu-bionic
         - openstack-ansible-deploy-aio_metal-ubuntu-focal
-        - openstack-ansible-deploy-aio_metal-centos-8
+        - openstack-ansible-deploy-aio_metal-centos-8-stream