From 72e673858db876a63fb64d45b623ac940d1a9bdf Mon Sep 17 00:00:00 2001
From: Don Sizemore <don.sizemore@github.com>
Date: Wed, 14 Feb 2024 11:12:27 -0500
Subject: [PATCH] #243 revert spurious changes to
 minio/localstack/docker/podman

---
 tasks/dataverse-build.yml          |  2 +-
 tasks/docker.yml                   | 49 ++++++++++++++++--------
 tasks/localstack.yml               | 35 +++--------------
 tasks/localstack_create_bucket.yml |  4 +-
 tasks/minio.yml                    | 60 ++++++------------------------
 tasks/podman.yml                   |  6 ---
 6 files changed, 54 insertions(+), 102 deletions(-)
 delete mode 100644 tasks/podman.yml

diff --git a/tasks/dataverse-build.yml b/tasks/dataverse-build.yml
index 0f754a1..4c332b4 100644
--- a/tasks/dataverse-build.yml
+++ b/tasks/dataverse-build.yml
@@ -27,7 +27,7 @@
     create: yes
 
 - name: build warfile without tests and default maven. tail /tmp/dataverse/mvn.out for gory details.
-  shell: "export JAVA_HOME={{ java.version }} && mvn -T 2C clean package -Dmaven.test.skip=true > mvn.out"
+  shell: "export JAVA_HOME={{ java.home }} && mvn -T 2C clean package -Dmaven.test.skip=true > mvn.out"
   args:
     chdir: "{{ dataverse.srcdir }}"
   when: dataverse.unittests.enabled == false and
diff --git a/tasks/docker.yml b/tasks/docker.yml
index 93d7d40..cbe4c79 100644
--- a/tasks/docker.yml
+++ b/tasks/docker.yml
@@ -11,21 +11,20 @@
     name: ['docker-ce', 'docker-compose-plugin']
     state: latest
 
-# this breaks on RHEL9. let's use 'docker compose' instead
-#- name: Ansible docker module requires python-docker
-#  ansible.builtin.package:
-#    name: 'python3-docker'
-#    state: latest
-#
-#- name: pip must update itself
-#  ansible.builtin.pip:
-#    name: pip
-#    executable: pip3
-#    state: latest
-#
-#- name: and docker-compose python package
-#  ansible.builtin.pip:
-#    name: docker-compose
+- name: Ansible docker module requires python-docker
+  ansible.builtin.package:
+    name: 'python3-docker'
+    state: latest
+
+- name: pip must update itself
+  ansible.builtin.pip:
+    name: pip
+    executable: pip3
+    state: latest
+
+- name: and docker-compose python package
+  ansible.builtin.pip:
+    name: docker-compose
 
 - name: ensure /etc/docker exists
   ansible.builtin.file:
@@ -44,6 +43,26 @@
     mode: 0644
   when: docker.cidr is undefined
 
+- name: infer become_user
+  ansible.builtin.command: whoami
+  register: whoami_output
+
+- name: register docker_user
+  ansible.builtin.set_fact:
+    docker_user: "{{ whoami_output.stdout }}"
+
+- name: add ansible_ssh_user to docker group
+  ansible.builtin.user:
+    name: '{{ docker_user }}'
+    groups: docker
+    append: yes
+
+- name: add dataverse user to docker group
+  ansible.builtin.user:
+    name: '{{ dataverse.payara.user }}'
+    groups: docker
+    append: yes
+
 - name: reload systemd, enable docker, start
   ansible.builtin.systemd:
     name: docker
diff --git a/tasks/localstack.yml b/tasks/localstack.yml
index 730b9c2..cdb69bf 100644
--- a/tasks/localstack.yml
+++ b/tasks/localstack.yml
@@ -4,31 +4,7 @@
 
 - ansible.builtin.import_tasks: aws_cli.yml
 
-- name: create localstack user
-  ansible.builtin.user:
-    name: '{{ localstack.user }}'
-    group: docker
-
-- name: ensure dot dir exists
-  file:
-    path: '~{{ localstack.user }}/.aws'
-    state: directory
-    owner: '{{ localstack.user }}'
-    mode: '0700'
-
-- name: place localstack aws credentials
-  template:
-    src: localstack_aws_credentials.j2
-    dest: '~{{ localstack.user }}/.aws/credentials'
-    owner: '{{ localstack.user }}'
-    mode: '0600'
-
-- name: place localstack aws config
-  template:
-    src: localstack_aws_config.j2
-    dest: '~{{ localstack.user }}/.aws/config'
-    owner: '{{ localstack.user }}'
-    mode: '0600'
+- ansible.builtin.import_tasks: aws_config.yml
 
 # so we can run localstack task stand-alone
 - ansible.builtin.import_tasks: dataverse-fqdn.yml
@@ -41,8 +17,7 @@
 - name: place docker-compose.yml template
   ansible.builtin.template:
     src: localstack-compose.yml.j2
-    dest: '~{{ localstack.user }}/localstack-compose.yml'
-    owner: '{{ localstack.user }}'
+    dest: '~{{ dataverse.payara.user }}/localstack-compose.yml'
 
 - name: ensure DATA_DIR exists
   ansible.builtin.file:
@@ -51,9 +26,9 @@
     owner: '{{ localstack.user }}'
     mode: 0755
 
-- name: start localstack s3 container
+- name: start s3-test container
   ansible.builtin.shell: 'docker compose -f localstack-compose.yml up -d'
   become: true
-  become_user: '{{ localstack.user }}'
+  become_user: '{{ dataverse.payara.user }}'
   args:
-    chdir: '~{{ localstack.user }}'
+    chdir: '~{{ dataverse.payara.user }}'
diff --git a/tasks/localstack_create_bucket.yml b/tasks/localstack_create_bucket.yml
index 7e98bcc..b2ed39e 100644
--- a/tasks/localstack_create_bucket.yml
+++ b/tasks/localstack_create_bucket.yml
@@ -7,7 +7,7 @@
 - name: create localstack bucket for testing
   ansible.builtin.shell: "aws --endpoint={{ custom_endpoint_escaped }} s3 mb s3://{{ bucket_options.bucket_name }}"
   become: yes
-  become_user: "{{ localstack.user }}"
+  become_user: "{{ dataverse.payara.user }}"
   when: bucket_options.custom_endpoint_url | length > 0
 
 - name: place CORS.json
@@ -21,7 +21,7 @@
 - name: set CORS on bucket when upload_redirect is true
   ansible.builtin.shell: 'aws --endpoint={{ custom_endpoint_escaped }} s3api put-bucket-cors --bucket {{ bucket_options.bucket_name }} --cors-configuration file:///tmp/cors.json'
   become: yes
-  become_user: "{{ localstack.user }}"
+  become_user: "{{ dataverse.payara.user }}"
   when: bucket_options.upload_redirect == true
 
 - name: debug
diff --git a/tasks/minio.yml b/tasks/minio.yml
index b0b578b..1c1b99a 100644
--- a/tasks/minio.yml
+++ b/tasks/minio.yml
@@ -2,43 +2,6 @@
 
 - ansible.builtin.import_tasks: docker.yml
 
-- name: ensure minio service account exists
-  ansible.builtin.user:
-    name: '{{ minio.user }}'
-
-- name: ensure minio service account exists
-  ansible.builtin.user:
-    name: '{{ minio.user }}'
-    group: docker
-
-# S3AccessIT tests will fail without hard-coded AWS credentials
-
-- name: ensure dot dir exists
-  file:
-    path: '~{{ dataverse.payara.user }}/.aws'
-    state: directory
-    owner: '{{ dataverse.payara.user }}'
-    group: '{{ dataverse.payara.group }}'
-    mode: '0700'
-
-- name: place aws credentials
-  template:
-    src: aws_credentials.j2
-    dest: '~{{ dataverse.payara.user }}/.aws/credentials'
-    owner: '{{ dataverse.payara.user }}'
-    group: '{{ dataverse.payara.group }}'
-    mode: '0600'
-
-- name: place aws config
-  template:
-    src: aws_config.j2
-    dest: '~{{ dataverse.payara.user }}/.aws/config'
-    owner: '{{ dataverse.payara.user }}'
-    group: '{{ dataverse.payara.group }}'
-    mode: '0600'
-
-# remove these once #### has been merged.
-
 - name: STORAGE | Import assert.yml
   ansible.builtin.import_tasks: minio_assert.yml
   run_once: true
@@ -70,7 +33,8 @@
       ansible.builtin.file:
         path: "{{ minio.docker.project_location }}/data"
         state: directory
-        owner: '{{ minio.user }}'
+        owner: '{{ dataverse.payara.user }}'
+        group: '{{ dataverse.payara.group }}'
         mode: "0755"
         recurse: true
       when:
@@ -81,7 +45,8 @@
       ansible.builtin.template:
         src: minio_compose.j2
         dest: "{{ minio.docker.project_location }}/minio_compose.yml"
-        owner: '{{ minio.user }}'
+        owner: '{{ dataverse.payara.user }}'
+        group: '{{ dataverse.payara.group }}'
         mode: "0644"
         lstrip_blocks: true
         force: true
@@ -101,22 +66,21 @@
       register: compose_file
 
     - name: STORAGE | Stop `docker-compose down` MinIO
-      ansible.builtin.shell: 'docker compose -f {{ minio.docker.project_location }}/minio_compose.yml down'
+      community.docker.docker_compose:
+        project_src: "{{ minio.docker.project_location }}"
+        state: absent
+        remove_orphans: true
       become: true
-      become_user: '{{ minio.user }}'
-      args:
-        chdir: '~{{ minio.user }}'
       register: continer_stop
       when:
         - minio_container.exists
         - copy_compose.changed
 
     - name: STORAGE | Run `docker-compose up` MinIO
-      ansible.builtin.shell: 'docker compose -f {{ minio.docker.project_location }}/minio_compose.yml up -d'
-      become: true
-      become_user: '{{ minio.user }}'
-      args:
-        chdir: '~{{ minio.user }}'
+      community.docker.docker_compose:
+        project_src: "{{ minio.docker.project_location }}"
+        build: true
+        files: minio_compose.yml
       when: (not minio_container.exists and minio_dir.stat.isdir and compose_file.stat.exists) or continer_stop.changed
 
 - ansible.builtin.import_tasks: minio_jvm_options.yml
diff --git a/tasks/podman.yml b/tasks/podman.yml
deleted file mode 100644
index 34d3a4b..0000000
--- a/tasks/podman.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-
-- name: install podman
-  ansible.builtin.package:
-    name: ['podman','podman-compose','podman-docker']
-    state: latest