From cd01fa8af1a64d6b2eae8de5effc6cde34f44550 Mon Sep 17 00:00:00 2001
From: Kevin Pouget <kpouget@redhat.com>
Date: Tue, 21 Jan 2025 11:08:06 +0100
Subject: [PATCH] [jump_ci] toolbox: move the cluster lock dir computation to
 'jump_ci_ensure_lock'

---
 .../toolbox/jump_ci_ensure_lock/tasks/main.yml       | 10 +++++++---
 .../toolbox/jump_ci_prepare_step/tasks/main.yml      | 12 ++++++------
 .../jump_ci_prepare_step/templates/entrypoint.sh.j2  |  4 ++--
 .../toolbox/jump_ci_prepare_topsail/tasks/main.yml   | 10 +++++-----
 .../toolbox/jump_ci_release_lock/tasks/main.yml      |  2 +-
 .../jump_ci_retrieve_artifacts/tasks/main.yml        |  2 +-
 .../jump_ci/toolbox/jump_ci_take_lock/tasks/main.yml | 10 +++++++---
 7 files changed, 29 insertions(+), 21 deletions(-)

diff --git a/projects/jump_ci/toolbox/jump_ci_ensure_lock/tasks/main.yml b/projects/jump_ci/toolbox/jump_ci_ensure_lock/tasks/main.yml
index 3183e730fc..b84f80919c 100644
--- a/projects/jump_ci/toolbox/jump_ci_ensure_lock/tasks/main.yml
+++ b/projects/jump_ci/toolbox/jump_ci_ensure_lock/tasks/main.yml
@@ -23,18 +23,22 @@
     fail: msg="The cluster KUBECONFIG ({{ cluster_kubeconfig }}) does not exists"
     when: not cluster_kubeconfig_stat.stat.exists
 
+- name: Save the name of the cluster lock directory
+  set_fact:
+    cluster_lock_dir: "/tmp/topsail_{{ jump_ci_ensure_lock_cluster }}"
+
 - name: "Get the stats of the lock directory: {{ jump_ci_ensure_lock_cluster }}"
   stat:
-    path: "/tmp/{{ jump_ci_ensure_lock_cluster }}"
+    path: "{{ cluster_lock_dir }}"
   register: lock_directory_stat
 
 - name: Fail if the lock directory doesn't exist
-  fail: msg="The lock directory '/tmp/{{ jump_ci_ensure_lock_cluster }}' does not exists"
+  fail: msg="The lock directory '{{ cluster_lock_dir }}' does not exists"
   when: not lock_directory_stat.stat.exists
 
 - name: Get the owner of the lock
   command:
-    cat "/tmp/{{ jump_ci_ensure_lock_cluster }}/lock_owner"
+    cat "{{ cluster_lock_dir }}/lock_owner"
   register: lock_owner_content_cmd
 
 - name: Fail if the owner is different
diff --git a/projects/jump_ci/toolbox/jump_ci_prepare_step/tasks/main.yml b/projects/jump_ci/toolbox/jump_ci_prepare_step/tasks/main.yml
index 3d455e1fa1..b02c2edbf4 100644
--- a/projects/jump_ci/toolbox/jump_ci_prepare_step/tasks/main.yml
+++ b/projects/jump_ci/toolbox/jump_ci_prepare_step/tasks/main.yml
@@ -9,7 +9,7 @@
 
 - name: Fetch the name of the image to use
   shell:
-    cat "/tmp/{{ jump_ci_prepare_step_cluster }}/pod.image"
+    cat "{{ cluster_lock_dir }}/pod.image"
   register: pod_image_cmd
   failed_when: false
 
@@ -19,7 +19,7 @@
 
 - name: Generate the step artifacts dirname
   set_fact:
-    step_artifact_dir: "/tmp/{{ jump_ci_prepare_step_cluster }}/test/{{ jump_ci_prepare_step_step }}"
+    step_artifact_dir: "{{ cluster_lock_dir }}/test/{{ jump_ci_prepare_step_step }}"
 
 - name: Ensure that the step artifacts dirname directory is empty
   ansible.builtin.file:
@@ -68,22 +68,22 @@
 - name: Ensure that the secrets directory exists
   ansible.builtin.file:
     state: directory
-    path: "/tmp/{{ jump_ci_prepare_step_cluster }}/secrets/{{ jump_ci_prepare_step_secrets_path_env_key }}"
+    path: "{{ cluster_lock_dir }}/secrets/{{ jump_ci_prepare_step_secrets_path_env_key }}"
     mode: '0755'
 
 - name: Copy the secrets to the jump host
   ansible.posix.synchronize:
     src: "{{ lookup('env', jump_ci_prepare_step_secrets_path_env_key) }}/"
-    dest: "/tmp/{{ jump_ci_prepare_step_cluster }}/secrets/{{ jump_ci_prepare_step_secrets_path_env_key }}/"
+    dest: "{{ cluster_lock_dir }}/secrets/{{ jump_ci_prepare_step_secrets_path_env_key }}/"
     mode: "push"
   no_log: true # not necessary, and leaks the hostnames and secret filenames (they aren't secret)
   when: jump_ci_prepare_step_secrets_path_env_key
 
 - name: Ensure that the secret dirs have the right permission
-  command: find "/tmp/{{ jump_ci_prepare_step_cluster }}/secrets" -type d -exec chmod 0755 {} \;
+  command: find "{{ cluster_lock_dir }}/secrets" -type d -exec chmod 0755 {} \;
 
 - name: Ensure that the secret files have the right permission
-  command: find "/tmp/{{ jump_ci_prepare_step_cluster }}/secrets/" -type f -exec chmod 0644 {} \;
+  command: find "{{ cluster_lock_dir }}/secrets/" -type f -exec chmod 0644 {} \;
 
 - name: Prepare the entrypoint script
   template:
diff --git a/projects/jump_ci/toolbox/jump_ci_prepare_step/templates/entrypoint.sh.j2 b/projects/jump_ci/toolbox/jump_ci_prepare_step/templates/entrypoint.sh.j2
index a3c3522035..b15936c982 100644
--- a/projects/jump_ci/toolbox/jump_ci_prepare_step/templates/entrypoint.sh.j2
+++ b/projects/jump_ci/toolbox/jump_ci_prepare_step/templates/entrypoint.sh.j2
@@ -16,7 +16,7 @@ cleanup() {
 
     # Not cleaning up the secrets for now. They are safe anyway
     # echo Cleaning up the secrets ..
-    # rm -rf /tmp/{{ jump_ci_prepare_step_cluster }}/secrets
+    # rm -rf {{ cluster_lock_dir }}/secrets
 }
 
 # ---
@@ -49,7 +49,7 @@ podman run \
   --volume "{{ step_artifact_dir }}/artifacts:/logs/artifacts" \
   --env ARTIFACT_DIR="/logs/artifacts" \
   \
-  --volume /tmp/{{ jump_ci_prepare_step_cluster }}/secrets/{{ jump_ci_prepare_step_secrets_path_env_key }}:/run/secrets/{{ jump_ci_prepare_step_secrets_path_env_key }}:ro \
+  --volume {{ cluster_lock_dir }}/secrets/{{ jump_ci_prepare_step_secrets_path_env_key }}:/run/secrets/{{ jump_ci_prepare_step_secrets_path_env_key }}:ro \
   --env {{ jump_ci_prepare_step_secrets_path_env_key }}="/run/secrets/{{ jump_ci_prepare_step_secrets_path_env_key }}" \
   \
   --volume {{ cluster_kubeconfig }}:/run/secrets/kubeconfig:ro \
diff --git a/projects/jump_ci/toolbox/jump_ci_prepare_topsail/tasks/main.yml b/projects/jump_ci/toolbox/jump_ci_prepare_topsail/tasks/main.yml
index cea95e9e9d..ea78a9768a 100644
--- a/projects/jump_ci/toolbox/jump_ci_prepare_topsail/tasks/main.yml
+++ b/projects/jump_ci/toolbox/jump_ci_prepare_topsail/tasks/main.yml
@@ -8,7 +8,7 @@
 
 - name: Generate the artifact dirname
   set_fact:
-    artifact_dir: "/tmp/{{ jump_ci_prepare_topsail_cluster }}/jump_ci_artifacts"
+    artifact_dir: "{{ cluster_lock_dir }}/jump_ci_artifacts"
 
 - name: Ensure that the logs directory exists
   ansible.builtin.file:
@@ -49,7 +49,7 @@
 
 - name: Set TOPSAIL's directory
   set_fact:
-    topsail_home: "/tmp/{{ jump_ci_prepare_topsail_cluster }}/topsail"
+    topsail_home: "{{ cluster_lock_dir }}/topsail"
 
 - name: Set git command
   set_fact:
@@ -154,7 +154,7 @@
 
 - name: "Build image as an update {{ image_full_name }}"
   shell: |
-    cat > /tmp/overlay.containerfile <<EOF
+    cat > {{ cluster_lock_dir }}/overlay.containerfile <<EOF
     FROM hell
     ENTRYPOINT []
     CMD []
@@ -167,7 +167,7 @@
 
     time podman build \
       --tag "{{ image_full_name }}" \
-      --file /tmp/overlay.containerfile \
+      --file {{ cluster_lock_dir }}/overlay.containerfile \
       --from "{{ jump_ci_prepare_topsail_image_name }}:{{ jump_ci_prepare_topsail_update_from_imagetag }}"
   when:
   - has_image.rc != 0
@@ -186,4 +186,4 @@
 
 - name: Save the name of the image to use
   shell:
-    echo "{{ image_full_name }}" > "/tmp/{{ jump_ci_prepare_topsail_cluster }}/pod.image"
+    echo "{{ image_full_name }}" > "{{ cluster_lock_dir }}/pod.image"
diff --git a/projects/jump_ci/toolbox/jump_ci_release_lock/tasks/main.yml b/projects/jump_ci/toolbox/jump_ci_release_lock/tasks/main.yml
index 89e2796397..0da2bb5230 100644
--- a/projects/jump_ci/toolbox/jump_ci_release_lock/tasks/main.yml
+++ b/projects/jump_ci/toolbox/jump_ci_release_lock/tasks/main.yml
@@ -9,4 +9,4 @@
 
 - name: Release the lock directory
   command:
-    rm -rf "/tmp/{{ jump_ci_release_lock_cluster }}"
+    rm -rf "{{ cluster_lock_dir }}"
diff --git a/projects/jump_ci/toolbox/jump_ci_retrieve_artifacts/tasks/main.yml b/projects/jump_ci/toolbox/jump_ci_retrieve_artifacts/tasks/main.yml
index c1d559dedd..b8ab381056 100644
--- a/projects/jump_ci/toolbox/jump_ci_retrieve_artifacts/tasks/main.yml
+++ b/projects/jump_ci/toolbox/jump_ci_retrieve_artifacts/tasks/main.yml
@@ -9,7 +9,7 @@
 
 - name: Compute the path of the directory to retrieve
   set_fact:
-    remote_dir_path: "/tmp/{{ jump_ci_retrieve_artifacts_cluster }}/{{ jump_ci_retrieve_artifacts_remote_dir }}"
+    remote_dir_path: "{% if cluster_lock_dir is defined %}{{ cluster_lock_dir }}{% else %}{{ '/tmp/topsail_'+jump_ci_retrieve_artifacts_cluster}}{% endif %}/{{ jump_ci_retrieve_artifacts_remote_dir }}"
 
 - name: Get the size of the directory to retrieve
   command:
diff --git a/projects/jump_ci/toolbox/jump_ci_take_lock/tasks/main.yml b/projects/jump_ci/toolbox/jump_ci_take_lock/tasks/main.yml
index c5d67996fd..158a71312b 100644
--- a/projects/jump_ci/toolbox/jump_ci_take_lock/tasks/main.yml
+++ b/projects/jump_ci/toolbox/jump_ci_take_lock/tasks/main.yml
@@ -3,11 +3,15 @@
   shell:
     whoami
 
+- name: Save the name of the cluster lock directory
+  set_fact:
+    cluster_lock_dir: "/tmp/topsail_{{ jump_ci_take_lock_cluster }}"
+
 - name: Create the lock directory
   shell: |
-    if ! mkdir "/tmp/{{ jump_ci_take_lock_cluster }}" 2>/dev/null; then
+    if ! mkdir "{{ cluster_lock_dir }}" 2>/dev/null; then
       echo "$(date) Lock '{{ jump_ci_take_lock_cluster }}' already taken ..."
-      cat "/tmp/{{ jump_ci_take_lock_cluster }}/lock_owner 2>/dev/null" || true
+      cat "{{ cluster_lock_dir }}/lock_owner 2>/dev/null" || true
       exit 1
     else
       echo "$(date) Lock '{{ jump_ci_take_lock_cluster }}' acquired.";
@@ -19,7 +23,7 @@
 
 - name: Log info about the lock owner
   shell:
-    echo "{{ jump_ci_take_lock_owner }}" > "/tmp/{{ jump_ci_take_lock_cluster }}/lock_owner"
+    echo "{{ jump_ci_take_lock_owner }}" > "{{ cluster_lock_dir }}/lock_owner"
 
 - name: Ensure that the lock is owned
   include_role: