From 4340c8d473e5e317bc4a6b0da86eb58202a127d2 Mon Sep 17 00:00:00 2001
From: Ian Wienand <iwienand@redhat.com>
Date: Tue, 7 Feb 2023 16:45:14 +1100
Subject: [PATCH] promote-docker-image: improve failure debugability

Currently this no_logs the entire selection and delete loop, which is
probably maximal efficiency but makes it very hard to debug on failure
(which we are seeing).  This extracts the list creation and uri call
so we can see the tags it is trying to delete.

Change-Id: I93fd19aedaa9fc328a1a347986a5f0c20439d476
---
 .../tasks/delete-tag.yaml                     | 12 ++++++++++
 .../tasks/promote-cleanup.yaml                | 22 ++++++++++++-------
 2 files changed, 26 insertions(+), 8 deletions(-)
 create mode 100644 roles/promote-docker-image/tasks/delete-tag.yaml

diff --git a/roles/promote-docker-image/tasks/delete-tag.yaml b/roles/promote-docker-image/tasks/delete-tag.yaml
new file mode 100644
index 000000000..53a4710b2
--- /dev/null
+++ b/roles/promote-docker-image/tasks/delete-tag.yaml
@@ -0,0 +1,12 @@
+- name: Show the tag we are about to delete
+  debug:
+    var: zj_docker_tag
+
+- name: Make delete call
+  no_log: true
+  uri:
+    url: "https://hub.docker.com/v2/repositories/{{ zj_image.repository }}/tags/{{ zj_docker_tag.name }}/"
+    method: DELETE
+    status_code: [200, 204]
+    headers:
+      Authorization: "JWT {{ jwt_token.json.token }}"
diff --git a/roles/promote-docker-image/tasks/promote-cleanup.yaml b/roles/promote-docker-image/tasks/promote-cleanup.yaml
index f5c4a0274..435e1516b 100644
--- a/roles/promote-docker-image/tasks/promote-cleanup.yaml
+++ b/roles/promote-docker-image/tasks/promote-cleanup.yaml
@@ -3,18 +3,24 @@
     url: "https://hub.docker.com/v2/repositories/{{ zj_image.repository }}/tags?page_size=1000"
     status_code: 200
   register: tags
-- name: Delete all change tags older than the cutoff
-  no_log: true
+
+- name: Create old tags list
+  set_fact:
+    _old_tags: []
+
+- name: Build list of old tags
   loop: "{{ tags.json.results }}"
   loop_control:
     loop_var: zj_docker_tag
+  set_fact:
+    _old_tags: '{{ _old_tags.append(zj_docker_tag) }}'
   when:
     - zj_docker_tag.name.startswith('change_') or zj_docker_tag.name.startswith(zuul.pipeline)
     # Was updated > 24 hours ago:
     - "((ansible_date_time.iso8601 | regex_replace('^(....-..-..)T(..:..:..).*Z', '\\\\1 \\\\2') | to_datetime) - (zj_docker_tag.last_updated | regex_replace('^(....-..-..)T(..:..:..).*Z', '\\\\1 \\\\2') | to_datetime)).seconds > 86400"
-  uri:
-    url: "https://hub.docker.com/v2/repositories/{{ zj_image.repository }}/tags/{{ zj_docker_tag.name }}/"
-    method: DELETE
-    status_code: [200, 204]
-    headers:
-      Authorization: "JWT {{ jwt_token.json.token }}"
+
+- name: Delete all change tags older than the cutoff
+  loop: "{{ _old_tags }}"
+  loop_control:
+    loop_var: zj_docker_tag
+  include_tasks: delete-tag.yaml