tests/playbooks/pre.yml

---
- hosts: all
  vars_files:
    - ../vars/zuul.yml
  roles:
    - configure-ephemeral
  tasks:
    - name: Create dir for kolla logs
      file:
        path: "{{ kolla_logs_dir }}"
        state: directory

    - name: Dump host info to logs
      command: "{{ ansible_user_dir }}/{{ zuul.project.src_dir }}/tools/dump_info.sh"
      args:
        chdir: "{{ kolla_logs_dir }}"

    - name: Create dir for kolla build logs
      file:
        path: "{{ kolla_build_logs_dir }}"
        state: directory

    - name: Install Python3 pip and setuptools
      package:
        name:
          - python3-pip
          - python3-setuptools
      become: true

    # NOTE(hrw): On RedHat systems venv is part of python3-libs
    - name: Install Python3 venv on Debian systems
      package:
        name:
          - python3-venv
      become: true
      when:
        ansible_os_family == "Debian"

    - name: Create virtualenv
      command: python3 -m venv {{ virtualenv_path }}

    - name: Install kolla
      command: "{{ virtualenv_path }}/bin/python -m pip install {{ zuul.project.src_dir }}"

    - name: Install docker python library
      command: "{{ virtualenv_path }}/bin/python -m pip install 'docker<7'"
      when: container_engine == "docker"

    - name: Install podman python library
      command: "{{ virtualenv_path }}/bin/python -m pip install podman rich"
      when: container_engine == "podman"

    - name: Configure Docker repo for Debian/Ubuntu
      block:
        - name: Add key for Docker APT repository
          apt_key:
            url: "{{ nodepool_docker_proxy }}/{{ ansible_distribution | lower }}/gpg"
            state: present

        - name: Add Docker APT repository
          apt_repository:
            repo: "deb {{ nodepool_docker_proxy }}/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable"
            state: present

        - name: Ensure AppArmor is installed
          package:
            name: apparmor
            state: present

      when:
        - ansible_os_family == "Debian"
        - container_engine == "docker"
      become: true

    - name: Configure Docker repo for CentOS
      block:
        - name: Add Docker repository
          yum_repository:
            name: docker
            description: Docker
            baseurl: "{{ nodepool_docker_proxy }}/centos/9/$basearch/stable"
            enabled: yes
            gpgcheck: yes
            gpgkey: "{{ nodepool_docker_proxy }}/centos/gpg"
            # module_hotfixes: True  # enabled below (dnf, not yum, feature)

        - name: Enable module_hotfixes in Docker YUM repository
          lineinfile:
            path: /etc/yum.repos.d/docker.repo
            line: 'module_hotfixes=True'
      when:
        - ansible_os_family == "RedHat"
        - container_engine == "docker"
      become: true

    - name: Configure docker
      block:
        - name: Ensure /etc/docker exists
          become: true
          file:
            path: /etc/docker
            state: directory
            mode: 0755

        - name: Configure registry-mirror in daemon.json
          become: true
          copy:
            dest: /etc/docker/daemon.json
            content: |
              {
                "registry-mirrors": [
                  "http://{{ zuul_site_mirror_fqdn }}:8082/"
                ]
              }

        # NOTE(yoctozepto): We configure Docker before installing it because Debuntu starts services
        # during installation.
        - name: Install Docker
          package:
            name: docker-ce
          become: true

        - name: Ensure Docker service is started
          service:
            name: docker
            state: started
          become: true

        - name: Ensure Docker socket is world-writable
          file:
            path: /run/docker.sock
            mode: 0666
          become: true
      when:
        - container_engine == "docker"

    - name: Configure podman
      block:
        - name: Ensure /etc/containers exists
          become: true
          file:
            path: /etc/containers
            state: directory
            mode: 0755

        - name: Configure registries.conf
          become: true
          copy:
            dest: /etc/containers/registries.conf
            content: |
              unqualified-search-registries = ['docker.io']

              [[registry]]
              prefix = "docker.io"
              location = "docker.io"

              [[registry.mirror]]
              prefix = "docker.io"
              location = "{{ zuul_site_mirror_fqdn }}:8082"

        - name: Add libcontainers repo for newer buildah on Ubuntu 22.04
          ansible.builtin.apt_repository:
            repo: deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_22.04/ /
            filename: kubic-libcontainers
            state: present
          become: true
          when: ansible_distribution == "Ubuntu" and ansible_distribution_release == "jammy"

        - name: Install Podman
          package:
            name: podman
          become: true

        # NOTE(jangutter): It appears that the default mount option
        # in the shipped `/etc/containers/storage.conf` for EL9 based distros
        # (Rocky, CentOS Stream, ...) has severe performance implications for
        # Kolla builds. This is because enabling `metacopy=on` disables `Native
        # Overlay Diff` This can be removed if the config is dropped from those
        # distros, or the underlying incompatibility can somehow be addressed.
        # Debian based distros do not ship `storage.conf` and seem
        # to be unaffected.
        - name: Remove metacopy, enable native overlay diff
          ini_file:
            path: /etc/containers/storage.conf
            section: storage.options.overlay
            option: mountopt
            value: '"nodev"'
          become: true
          when: ansible_os_family == "RedHat"

        - name: Ensure Podman service is started
          service:
            name: podman
            state: started
          become: true

        - name: Ensure Podman socket is world-writable
          file:
            path: /run/podman/podman.sock
            mode: 0666
          become: true
      when:
        - container_engine == "podman"