Fix #81 disable Flatcar auto update

Signed-off-by: Qi Zhang <qiz@vmware.com>

linux/deploy_vm/flatcar/flatcar_post_config.yml

@@ -26,6 +26,15 @@
         - vm_guest_ip in groups.target_vm
   when: (vm_python != "/opt/bin/python") or (vm_python != "/opt/bin/python3")
 
+# Disable automatically update
+- include_tasks: "../../utils/service_operation.yml"
+  vars:
+    service_enabled: false
+    service_state: "stopped"
+  with_items: ["locksmithd.service", "update-engine.service"]
+  loop_control:
+    loop_var: service_name
+
 - name: "Check /etc/ssh/sshd_config status"
   stat:
     path: "/etc/ssh/sshd_config"

linux/utils/check_service_status.yml

@@ -14,19 +14,18 @@
 #     enabled: the service is enabled to start at boot
 #     disabled: the service is disabled to start at boot
 
-
-- name: "Ignore expected_service_status when service '{{ service_name }}' is expected to be '{{ expected_service_state }}'"
+- name: "Set fact of valid service status"
   set_fact:
-    expected_service_status: ""
-  when: expected_service_state == 'absent'
+    valid_service_status: "{{ [''] if expected_service_state is defined and expected_service_state == 'absent' else ['enabled', 'disabled'] }}"
 
-- name: "Validate the value of 'expected_service_state' and 'expected_service_status'"
-  assert:
-    that:
-      - expected_service_state is defined
-      - expected_service_state in ['active', 'inactive', 'running', 'stopped', 'absent']
-      - (expected_service_state == 'absent') or (expected_service_status is defined and expected_service_status in ['enabled', 'disabled'])
-    fail_msg: "Invalid parameters: expected_service_state={{ expected_service_state | default('undefined') }}, expected_service_status={{ expected_service_status | default('undefined') }}"
+- name: "Check the value of 'expected_service_state' and 'expected_service_status'"
+  fail:
+    msg: "Invalid parameters: expected_service_state={{ expected_service_state | default('undefined') }}, expected_service_status={{ expected_service_status | default('undefined') }}"
+  when: >
+    (expected_service_state is undefined) or
+    (expected_service_state not in ['active', 'inactive', 'running', 'stopped', 'absent']) or
+    (expected_service_status is undefined) or
+    (expected_service_status not in valid_service_status)
 
 - include_tasks: get_service_info.yml
 

linux/utils/enable_disable_cloudinit_cfg.yml

@@ -24,7 +24,8 @@
         # Enable cloud-init services
         - include_tasks: service_operation.yml
           vars:
-            enable_service: 'yes'
+            service_enabled: true
+            service_state: "started"
           loop:
             - cloud-init-local
             - cloud-init

linux/utils/service_operation.yml

@@ -1,35 +1,27 @@
 # Copyright 2021 VMware, Inc.
 # SPDX-License-Identifier: BSD-2-Clause
 # This task is used to enable/disable service
-- name: "Set variables for enable service"
-  set_fact:
-    enable: "Enable"
-    mask: "not masked"
-    enabled: "enabled"
-  when: enable_service == "yes"
-- name: "Set variables for disable service"
-  set_fact:
-    enable: "Disable"
-    mask: "masked"
-    enabled: "disabled"
-  when: enable_service == "no"
-- name: "{{ enable }} service: {{ service_name }} and ensure it is {{ mask }}"
-  systemd:
+# Parameters:
+#   service_name: The service name to be configured
+#   service_enabled: True of false to enable or disable service
+#   service_state: The service state: reloaded, restarted, started, or stopped
+#
+- name: "Validate service state"
+  fail:
+    msg: "Invalid parameter service_enabled or service_state. service_enabled: {{ service_enabled }}, service_state: {{ service_state }}"
+  when: >
+    (service_enabled is undefined and service_state is undefined) or
+    (service_enabled is defined and service_enabled | bool not in [true, false]) or
+    (service_state is defined and service_state not in ['reloaded', 'restarted', 'started', 'stopped'])
+
+- name: "Update service {{ service_name }}, enabled: {{ service_enabled }}, state: {{ service_state }}"
+  service:
     name: "{{ service_name }}"
-    enabled: "{{ enable_service }}"
-    daemon_reload: yes
+    enabled: "{{ service_enabled }}"
+    state: "{{ service_state }}"
   delegate_to: "{{ vm_guest_ip }}"
-- name: "Get {{ service_name }} is-enabled status"
-  command: "systemctl is-enabled {{ service_name }}"
-  register: service_status
-  delegate_to: "{{ vm_guest_ip }}"
-  changed_when: false
-  ignore_errors: true
-- name: "Print sevice is-enabled output"
-  debug: var=service_status
-  when: enable_debug is defined and enable_debug
-- name: "Assert {{ service_name }} is {{ enabled }}"
-  assert:
-    that:
-      - service_status.stdout.count(enabled) > 0
-    fail_msg: "Failed, {{ service_name }} is not expected {{ enabled }}"
+
+- include_tasks: check_service_status.yml
+  vars:
+    expected_service_state: "{{ 'active' if service_state in ['started', 'restarted'] else 'inactive' }}"
+    expected_service_status: "{{ 'enabled' if service_enabled else 'disabled' }}"