- include_role:
    name: tripleo_podman
    tasks_from: tripleo_podman_rsyslog_cleanup
  name: remove rsyslog configuration for podman healthcheck log
- block:
  - file:
      path: /etc/tmpfiles.d/var-run-libvirt.conf
      state: absent
    name: Remove old tmpfiles.d config
  name: nova_libvirt_container_tmpfile_cleanup
  when: step|int == 1
- name: Get container virtlogd image
  set_fact:
    virtlogd_image: registry.redhat.io/rhosp-rhel9/openstack-nova-libvirt:17.1
  tags: always
  when: step|int == 1
- containers.podman.podman_image:
    force: true
    name: '{{ virtlogd_image }}'
  name: Force pull image novalibvirt
  when:
  - step|int == 1
- args:
    executable: /bin/bash
  failed_when: false
  name: Diff OS release in container image and baremetal
  register: libvirt_ubi_diff
  shell: 'diff /etc/redhat-release <(podman run {{ virtlogd_image }} cat /etc/redhat-release)

    '
  when: step|int == 1
- fail:
    msg: 'The host operating system versus container UBI does not match.

      {{ libvirt_ubi_diff.stdout }}

      Most likely container passed to NovaLibvirt was EL8 one.

      You have to pass the correct container for container-image-prepare.

      If you would continue all running workloads would get destroyed.

      '
  name: Fail if UBI of the container does not match RHEL of running host
  when:
  - '''system_upgrade'' not in ansible_run_tags'
  - step|int == 1
  - libvirt_ubi_diff.rc == 1
- block:
  - name: Get running image version
    register: old_virtlogd_image
    shell: 'podman ps --filter name=^nova_virtlogd$ --format "{% raw %}{{ .Image }}{%
      endraw %}"

      '
  - name: Switch running image to new image in wrapper script
    shell: 'set -o pipefail

      sed -i -e ''s|{{ old_virtlogd_image.stdout }}|{{ virtlogd_image }}|'' /var/lib/container-config-scripts/virtlogd_wrapper

      '
    when:
    - old_virtlogd_image.stdout != virtlogd_image
    - old_virtlogd_image.stdout != ''
  name: Switch virtlogd image before system upgrade
  tags:
  - never
  - system_upgrade
  when: step|int == 1
- block:
  - file:
      path: /etc/tmpfiles.d/var-run-libvirt.conf
      state: absent
    name: Remove old tmpfiles.d config
  name: nova_migration_target_tmpfile_cleanup
  when: step|int == 1
- file:
    path: /etc/cron.daily/containers-tmpwatch
    state: absent
  name: Ensure old cron.daily is absent
  when: step|int == 1
- block:
  - lineinfile:
      dest: /etc/hosts
      line: '{{ undercloud_hosts_entries | join('''') }}'
      state: present
    name: Make sure the Undercloud hostname is included in /etc/hosts
    when:
    - undercloud_hosts_entries is defined
  name: Configure Podman registry
  when:
  - step|int == 1
- block:
  - name: Set login facts
    no_log: true
    set_fact:
      container_default_pids_limit: 4096
      container_events_logger_mechanism: journald
      container_registry_insecure_registries: []
      container_registry_login: false
      container_registry_logins: {}
      container_registry_logins_json: {}
  - name: Convert logins json to dict
    no_log: true
    set_fact:
      container_registry_logins: '{{ container_registry_logins_json | from_json }}'
    when:
    - container_registry_logins_json is string
    - container_registry_login | bool
    - (container_registry_logins_json | length) > 0
  - name: Set registry logins
    no_log: true
    set_fact:
      container_registry_logins: '{{ container_registry_logins_json }}'
    when:
    - container_registry_logins_json is mapping
    - container_registry_login | bool
    - (container_registry_logins_json | length) > 0
  - include_role:
      name: tripleo_podman
      tasks_from: tripleo_podman_install.yml
    name: Run podman install
    vars:
      tripleo_container_default_pids_limit: '{{ container_default_pids_limit }}'
      tripleo_container_events_logger_mechanism: '{{ container_events_logger_mechanism
        }}'
      tripleo_container_registry_insecure_registries: '{{ container_registry_insecure_registries
        }}'
  - include_role:
      name: tripleo_podman
      tasks_from: tripleo_podman_login.yml
    name: Run podman login
    vars:
      tripleo_container_registry_login: '{{ container_registry_login | bool }}'
      tripleo_container_registry_logins: '{{ container_registry_logins }}'
  name: Run podman install
  tags:
  - system_upgrade
  - system_upgrade_run
  when:
  - step|int == 1
- name: Stop snmp service
  service: name=snmpd state=stopped
  when:
  - step|int == 1
  - snmpd_enabled|bool
- block:
  - failed_when: false
    name: Disable tripleo-iptables.service
    register: systemd_tripleo_iptables
    systemd:
      enabled: false
      name: tripleo-iptables.service
      state: stopped
  - file:
      path: /etc/systemd/system/tripleo-iptables.service
      state: absent
    name: Cleanup tripleo-iptables.services
  - failed_when: false
    name: Disable tripleo-ip6tables.service
    register: systemd_tripleo_ip6tables
    systemd:
      enabled: false
      name: tripleo-ip6tables.service
      state: stopped
  - file:
      path: /etc/systemd/system/tripleo-ip6tables.service
      state: absent
    name: Cleanup tripleo-ip6tables.services
  - name: Reload systemd
    systemd:
      daemon_reload: true
    when:
    - (systemd_tripleo_iptables is changed or systemd_tripleo_ip6tables is changed)
  name: Cleanup tripleo-iptables services
  when:
  - (step | int) == 1
- name: Gather missing facts
  setup:
    gather_subset:
    - '!all'
    - '!min'
    - distribution
  tags:
  - always
- name: Set leapp facts
  set_fact:
    upgrade_leapp_command_options: ''
    upgrade_leapp_debug: false
    upgrade_leapp_devel_skip: ''
    upgrade_leapp_enabled: "{{ _upgradeLeappEnabled | bool and\n   ansible_facts['distribution']\
      \ == 'RedHat' and\n   ansible_facts['distribution_major_version'] is version('8',\
      \ '==') }}"
    upgrade_leapp_post_reboot_delay: 120
    upgrade_leapp_reboot_timeout: 3600
  tags:
  - always
  vars:
    _upgradeLeappEnabled: false