Merge "Cleanup opensuse mirroring configs entirely"

playbooks/roles/logrotate/tasks/cleanup.yaml

@@ -0,0 +1,9 @@
+# Hash the full path to avoid any conflicts but remain idempotent.
+- name: Create a unique config name
+  set_fact:
+    logrotate_generated_config_file_name:  "{{ (logrotate_file_name | hash('sha1'))[0:6] }}.conf"
+
+- name: Cleanup the indicated file
+  file:
+    state: absent
+    path: '/etc/logrotate.d/{{ logrotate_generated_config_file_name }}'

playbooks/roles/mirror-update/files/opensuse-mirror-update

@@ -1,66 +0,0 @@
-#!/bin/bash -xe
-# Copyright 2017 SUSE Linux GmbH
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-source /usr/share/mirror-update/functions.sh
-
-MIRROR_VOLUME=$1
-
-# Runs with timeout under cron
-if [[ ${UNDER_CRON:-0} -eq 0 ]]; then
-    echo_ts "Running interactively"
-    TIMEOUT=""
-    set -x
-else
-    TIMEOUT="timeout -k 2m 90m"
-fi
-
-BASE="/afs/.openstack.org/mirror/opensuse"
-MIRROR="rsync://mirror.clarkson.edu/opensuse/opensuse"
-OBS_MIRROR="rsync://provo-mirror.opensuse.org/opensuse/repositories"
-OBS_REPOS=()
-K5START="k5start -t -f /etc/opensuse.keytab service/opensuse-mirror -- $TIMEOUT"
-
-# NOTE(hwoarang): Ensure old distros are not mirrored aymore
-for REPO in distribution/leap update/leap \
-        repositories/Cloud: \
-        repositories/Virtualization: \
-        repositories/network: ; do
-    if [ -d $BASE/$REPO ]; then
-        $K5START rm -rf $BASE/$REPO
-    fi
-done
-
-date --iso-8601=ns
-for obs_repo in ${OBS_REPOS[@]}; do
-    REPO=repositories/${obs_repo}/
-    if ! [ -f $BASE/$REPO ]; then
-        $K5START mkdir -p $BASE/$REPO
-    fi
-    echo "Running rsync ${obs_repo} ..."
-    $K5START rsync -rltvz \
-        --delete --stats \
-        --delete-excluded \
-        --exclude="src/" \
-        --exclude="nosrc/" \
-        --exclude=".~tmp~" \
-        $OBS_MIRROR/$obs_repo/ $BASE/$REPO
-done
-
-date --iso-8601=ns | $K5START tee $BASE/timestamp.txt
-echo "rsync completed successfully, running vos release."
-vos_release $MIRROR_VOLUME
-
-date --iso-8601=ns
-echo "Done."

playbooks/roles/mirror-update/tasks/rsync.yaml

@@ -19,9 +19,15 @@
       - epel
       - fedora
       - openeuler
-      - opensuse
       - yum-puppetlabs
 
+- name: Cleanup old unused rsync mirroring scripts
+  set_fact:
+    cleanup_rsync_update_scripts:
+      - opensuse
+
+##### Script creation #####
+
 - name: Copy keytab files in place
   shell: 'echo "{{ lookup("vars", "mirror_update_keytab_" + item) }}" | base64 -d > /etc/{{ item }}.keytab'
   args:
@@ -60,3 +66,36 @@
     logrotate_file_name: '/var/log/rsync-mirrors/{{ item }}.log'
     logrotate_frequency: 'weekly'
   loop: '{{ rsync_update_scripts }}'
+
+##### Script deletion #####
+
+# Remove the cron first to avoid any races with cron execution.
+- name: Delete old mirroring cron jobs
+  cron:
+    name: '{{ item }} mirror sync'
+    state: absent
+    job: 'flock -n /var/run/{{ item }}-mirror.lock {{ item }}-mirror-update mirror.{{ item }} >> /var/log/rsync-mirrors/{{ item }}.log 2>&1'
+    hour: '*/6'
+    minute: '{{ 45 | random(seed=item) }}'
+  loop: '{{ cleanup_rsync_update_scripts }}'
+
+- name: Delete old keytab files
+  file:
+    path: '/etc/{{ item }}.keytab'
+    state: absent
+  loop: '{{ cleanup_rsync_update_scripts }}'
+  no_log: True
+
+- name: Delete old rsync mirror scripts
+  file:
+    path: '/usr/local/bin/{{ item }}-mirror-update'
+    state: absent
+  loop: '{{ cleanup_rsync_update_scripts }}'
+
+- name: Delete old logrotate rules
+  include_role:
+    name: logrotate
+    tasks_from: cleanup
+  vars:
+    logrotate_file_name: '/var/log/rsync-mirrors/{{ item }}.log'
+  loop: '{{ cleanup_rsync_update_scripts }}'

testinfra/test_mirror-update.py

@@ -32,11 +32,15 @@ def test_rsync_scripts(host):
                    'epel',
                    'fedora',
                    'openeuler',
-                   'opensuse',
                    'yum-puppetlabs']:
         f = host.file('/usr/local/bin/%s-mirror-update' % script)
         assert f.exists
 
+def test_rsync_scripts_removed(host):
+    for script in ['opensuse']:
+        f = host.file('/usr/local/bin/%s-mirror-update' % script)
+        assert not f.exists
+
 def test_publisher_script(host):
     f = host.file('/usr/local/bin/publish-mirror-logs')
     assert f.exists
@@ -49,7 +53,6 @@ def test_keytabs(host):
                    '/etc/epel.keytab',
                    '/etc/fedora.keytab',
                    '/etc/openeuler.keytab',
-                   '/etc/opensuse.keytab',
                    '/etc/yum-puppetlabs.keytab',
                    '/etc/reprepro.keytab']:
 
@@ -58,6 +61,11 @@ def test_keytabs(host):
         assert f.sha256sum == KEYTAB_SHA256
         assert f.mode == 0o400
 
+def test_keytabs_removed(host):
+    for keytab in ['/etc/opensuse.keytab']:
+        f = host.file(keytab)
+        assert not f.exists
+
 def test_afs_release_script(host):
     f = host.file('/opt/afs-release/release-volumes.py')
     assert f.exists