feat(reproducer): Remove hardcoded zuul user and /home/zuul paths

It was already technically possible to create a controller-0 vm with a
non-zuul user. This commit enables configuring controller-0 with a
non-zuul user by using controller-0's `ansible_ssh_user` from
`hostvars` in place of hardcoded `'zuul'`.

It is worth noting that we can't simply use vars like ansible_user_id
or ansible_user_dir with tasks that are delgated to controller-0.
If the host we are running the reproducer from has a different user
from controller-0, these vars will try to use the user from
the machine that is running the reproducer rather than controller-0's
user.

For example, let's say we are running the reproducer from a machine with
the user 'exampleuser' and we have the user 'zuul' on controller-0.
If we have some task that is delegated to controller-0 and
tries to create some file in the controller-0 user's home directory, we
can't simply do:

```
- name: Create some file
  delegate_to: controller-0
  ansible.builtin.file:
    path: "{{ ansible_user_dir }}/some_file.txt"
    state: touch
```

`ansible_user_dir` resolves to `/home/exampleuser`. This path does not
exist on controller-0, so this task would fail.

Author: michburk

roles/reproducer/README.md

@@ -6,8 +6,10 @@ None
 
 ## Parameters
 
-* `cifmw_reproducer_user`: (String) User used for reproducer role. Defaults to `zuul`
 * `cifmw_reproducer_basedir`: (String) Base directory. Defaults to `cifmw_basedir`, which defaults to `~/ci-framework-data`.
+* `cifmw_reproducer_controller_user`: (String) User on controller-0. Defaults to `ansible_ssh_user` from controller-0's `hostvars` if available, otherwise defaults to `zuul`.
+* `cifmw_reproducer_controller_user_dir`: (String) Controller-0 user's home dir. Defaults to `/home/{{ cifmw_reproducer_controller_user }}`
+* `cifmw_reproducer_controller_basedir`: (String) Path to the `ci-framework-data` dir on controller-0. Defaults to `"{{ cifmw_reproducer_controller_user_dir }}/ci-framework-data"`
 * `cifmw_reproducer_compute_repos`: (List[mapping]) List of yum repository that must be deployed on the compute nodes during their creation. Defaults to `[]`.
 * `cifmw_reproducer_compute_set_repositories`: (Bool) Deploy repositories (rhos-release) on Compute nodes. Defaults to `true`.
 * `cifmw_reproducer_play_extravars`: (List[string]) List of extra-vars you want to pass down to the EDPM deployment playbooks. Defaults to `[]`.

roles/reproducer/defaults/main.yml

@@ -17,7 +17,9 @@
 
 # All variables intended for modification should be placed in this file.
 # All variables within this role should have a prefix of "cifmw_reproducer"
-cifmw_reproducer_user: "{{ ansible_user | default('zuul') }}"
+cifmw_reproducer_controller_user: "{{ hostvars['controller-0']['ansible_ssh_user'] | default('zuul') }}"
+cifmw_reproducer_controller_user_dir: "/home/{{ cifmw_reproducer_controller_user }}"
+cifmw_reproducer_controller_basedir: "{{ cifmw_reproducer_controller_user_dir }}/ci-framework-data"
 cifmw_reproducer_basedir: "{{ cifmw_basedir | default( ansible_user_dir ~ '/ci-framework-data') }}"
 cifmw_reproducer_src_dir: "{{ cifmw_ci_src_dir | default( ansible_user_dir ~ '/src') }}"
 cifmw_reproducer_kubecfg: "{{ cifmw_libvirt_manager_configuration.vms.crc.image_local_dir }}/kubeconfig"
@@ -40,13 +42,6 @@ cifmw_reproducer_supported_hypervisor_os:
     minimum_version: 9
   RedHat:
     minimum_version: 9.3
-cifmw_reproducer_controller_basedir: >-
-  {{
-    (
-      '/home/zuul',
-      'ci-framework-data',
-      ) | path_join
-  }}
 
 # Allow to disable validations - user toggle this at their
 # own risks!

roles/reproducer/tasks/ci_job.yml

@@ -23,26 +23,26 @@
       block:
         - name: Ensure directory exists
           ansible.builtin.file:
-            path: "/home/zuul/{{ job_id }}-params"
+            path: "{{ cifmw_reproducer_controller_user_dir }}/{{ job_id }}-params"
             mode: "0755"
             state: directory
-            owner: "{{ cifmw_reproducer_user }}"
-            group: "{{ cifmw_reproducer_user }}"
+            owner: "{{ cifmw_reproducer_controller_user }}"
+            group: "{{ cifmw_reproducer_controller_user }}"
 
         - name: Copy environment files to controller node
           tags:
             - bootstrap
           ansible.builtin.copy:
             src: "{{ _reproducer_basedir }}/parameters/"
-            dest: "/home/zuul/{{ job_id }}-params"
+            dest: "{{ cifmw_reproducer_controller_user_dir }}/{{ job_id }}-params"
             mode: "0644"
 
         - name: Inject reproducer dedicated parameter file
           tags:
             - bootstrap
           ansible.builtin.template:
             src: "reproducer_params.yml.j2"
-            dest: "/home/zuul/{{ job_id }}-params/reproducer_params.yml"
+            dest: "{{ cifmw_reproducer_controller_user_dir }}/{{ job_id }}-params/reproducer_params.yml"
             mode: "0644"
 
         - name: Generate CI job playbook
@@ -70,7 +70,7 @@
           tags:
             - bootstrap
           ansible.builtin.copy:
-            dest: /home/zuul/zuul-network-data.yml
+            dest: "{{ cifmw_reproducer_controller_user_dir }}/zuul-network-data.yml"
             content: "{{ {'job_network': ci_job_networking} | to_nice_yaml}}"
             mode: "0644"
 
@@ -96,7 +96,7 @@
                 items2dict
               }}
           ansible.builtin.copy:
-            dest: "/home/zuul/ci-framework-data/artifacts/parameters/zuul-params.yml"
+            dest: "{{ cifmw_reproducer_controller_basedir }}/artifacts/parameters/zuul-params.yml"
             content: "{{ {'zuul': zuul_params_filtered} | to_nice_yaml }}"
             mode: "0644"
 
@@ -105,14 +105,14 @@
         - always
       ansible.builtin.include_tasks: rotate_log.yml
       loop:
-        - "/home/zuul/ansible.log"
-        - "/home/zuul/ansible-pre-ci.log"
-        - "/home/zuul/ansible-{{ job_id }}.log"
-        - "/home/zuul/ansible-content-provider-bootstrap.log"
+        - "{{ cifmw_reproducer_controller_user_dir }}/ansible.log"
+        - "{{ cifmw_reproducer_controller_user_dir }}/ansible-pre-ci.log"
+        - "{{ cifmw_reproducer_controller_user_dir }}/ansible-{{ job_id }}.log"
+        - "{{ cifmw_reproducer_controller_user_dir }}/ansible-content-provider-bootstrap.log"
 
     - name: Generate and run scripts
       vars:
-        _home: "/home/zuul"
+        _home: "{{ cifmw_reproducer_controller_user_dir }}"
         run_directory: "{{ _cifmw_reproducer_framework_location }}"
       block:
         - name: Generate pre-ci-play script

roles/reproducer/tasks/configure_architecture.yml

@@ -6,18 +6,18 @@
       vars:
         run_directory: "{{ _cifmw_reproducer_framework_location }}"
         exports:
-          ANSIBLE_LOG_PATH: "{{ ansible_user_dir }}/ci-framework-data/logs/ansible-deploy-architecture.log"
+          ANSIBLE_LOG_PATH: "{{ cifmw_reproducer_controller_basedir }}/logs/ansible-deploy-architecture.log"
         default_extravars:
           - "@~/ci-framework-data/parameters/reproducer-variables.yml"
           - "@~/ci-framework-data/parameters/openshift-environment.yml"
         extravars: "{{ cifmw_reproducer_play_extravars }}"
         playbook: "deploy-edpm.yml"
       ansible.builtin.template:
-        dest: "/home/zuul/deploy-architecture.sh"
+        dest: "{{ cifmw_reproducer_controller_user_dir }}/deploy-architecture.sh"
         src: "script.sh.j2"
         mode: "0755"
-        owner: "zuul"
-        group: "zuul"
+        owner: "{{ cifmw_reproducer_controller_user }}"
+        group: "{{ cifmw_reproducer_controller_user }}"
 
     - name: Rotate some logs
       tags:

roles/reproducer/tasks/configure_cleanup.yaml

@@ -42,11 +42,11 @@
         extravars: "{{ cifmw_reproducer_play_extravars }}"
         playbook: "clean_openstack_deployment.yaml"
       ansible.builtin.template:
-        dest: "/home/zuul/cleanup-architecture.sh"
+        dest: "{{ cifmw_reproducer_controller_user_dir }}/cleanup-architecture.sh"
         src: "script.sh.j2"
         mode: "0755"
-        owner: "zuul"
-        group: "zuul"
+        owner: "{{ cifmw_reproducer_controller_user }}"
+        group: "{{ cifmw_reproducer_controller_user }}"
 
     - name: Rotate some logs
       tags:

roles/reproducer/tasks/configure_controller.yml

@@ -1,14 +1,4 @@
 ---
-- name: Set facts related to the reproducer
-  ansible.builtin.set_fact:
-    _ctl_reproducer_basedir: >-
-      {{
-        (
-         '/home/zuul',
-         'ci-framework-data',
-         ) | path_join
-      }}
-
 # The dynamic inventory sets the ansible_ssh_user to zuul once we get the proper
 # ssh configuration accesses set.
 - name: Configure controller-0
@@ -25,14 +15,10 @@
     cifmw_sushy_emulator_install_type: podman
     cifmw_sushy_emulator_hypervisor_address: >-
       {{ inventory_hostname }}.utility
-    cifmw_sushy_emulator_basedir: "{{ _ctl_reproducer_basedir }}"
+    cifmw_sushy_emulator_basedir: "{{ cifmw_reproducer_controller_basedir }}"
     cifmw_sushy_emulator_connection_name: "sushy.utility"
-    cifmw_sushy_emulator_sshkey_path: >-
-      {{
-        [_ctl_reproducer_basedir, '../.ssh/sushy_emulator-key'] |
-        path_join
-      }}
-    cifmw_podman_user_linger: "zuul"
+    cifmw_sushy_emulator_sshkey_path: "{{ cifmw_reproducer_controller_user_dir }}/.ssh/sushy_emulator-key"
+    cifmw_podman_user_linger: "{{ cifmw_reproducer_controller_user }}"
     cifmw_sushy_emulator_libvirt_user: >-
       {{
         hostvars[cifmw_sushy_emulator_hypervisor_target].ansible_user_id |
@@ -41,7 +27,7 @@
   block:
     - name: Ensure directories exist
       ansible.builtin.file:
-        path: "{{ _ctl_reproducer_basedir }}/{{ item }}"
+        path: "{{ cifmw_reproducer_controller_basedir }}/{{ item }}"
         state: directory
         mode: "0755"
       loop:
@@ -118,14 +104,14 @@
         - bootstrap
       ansible.builtin.shell:
         cmd: >-
-          cat /home/zuul/reproducer-inventory/* >
-          {{  _ctl_reproducer_basedir }}/artifacts/zuul_inventory.yml
+          cat {{ cifmw_reproducer_controller_user_dir }}/reproducer-inventory/* >
+          {{ cifmw_reproducer_controller_basedir }}/artifacts/zuul_inventory.yml
 
     # You want to use the "name" parameter of the ansible.builtin.include_vars
     # call, such as:
     # - name: Load mac mapping
     #   ansible.builtin.include_vars:
-    #     file: "{{ _ctl_reproducer_basedir }}/parameters/interfaces-info.yml"
+    #     file: "{{ cifmw_reproducer_controller_basedir }}/parameters/interfaces-info.yml"
     #     name: my_fancy_name
     # Then you'll be able to access the mapping content via `my_fancy_name`.
     - name: Push the MAC mapping data
@@ -135,7 +121,7 @@
         - cifmw_libvirt_manager_mac_map is defined
       ansible.builtin.copy:
         mode: "0644"
-        dest: "{{ _ctl_reproducer_basedir }}/parameters/interfaces-info.yml"
+        dest: "{{ cifmw_reproducer_controller_basedir }}/parameters/interfaces-info.yml"
         content: "{{ cifmw_libvirt_manager_mac_map | to_nice_yaml }}"
 
     - name: Inject other Hypervisor SSH keys
@@ -149,7 +135,7 @@
             default(hostvars[host]['inventory_hostname'])
           }}
       ansible.builtin.copy:
-        dest: "/home/zuul/.ssh/ssh_{{ _ssh_host }}"
+        dest: "{{ cifmw_reproducer_controller_user_dir }}/.ssh/ssh_{{ _ssh_host }}"
         content: "{{ _ssh_key }}"
         mode: "0600"
       loop: "{{ hostvars.keys() }}"
@@ -175,7 +161,7 @@
       ansible.builtin.blockinfile:
         create: true
         mode: "0600"
-        path: "/home/zuul/.ssh/config"
+        path: "{{ cifmw_reproducer_controller_user_dir }}/.ssh/config"
         marker: "## {mark} {{ _ssh_host }}"
         block: |-
           Host {{ _ssh_host }} {{ hostvars[host]['inventory_hostname'] }}
@@ -210,7 +196,7 @@
       ansible.builtin.blockinfile:
         create: true
         mode: "0600"
-        path: "/home/zuul/.ssh/config"
+        path: "{{ cifmw_reproducer_controller_user_dir }}/.ssh/config"
         marker: "## {mark} {{ host }}"
         block: |-
           Host {{ host }} {{ _hostname }} {{ _hostname }}.utility {{ hostvars[host].ansible_host }}
@@ -232,52 +218,52 @@
 
     - name: Create kube directory
       ansible.builtin.file:
-        path: "/home/zuul/.kube"
+        path: "{{ cifmw_reproducer_controller_user_dir }}/.kube"
         state: directory
-        owner: "{{ cifmw_reproducer_user }}"
-        group: "{{ cifmw_reproducer_user }}"
+        owner: "{{ cifmw_reproducer_controller_user }}"
+        group: "{{ cifmw_reproducer_controller_user }}"
         mode: "0750"
 
     - name: Inject kubeconfig content
       when:
         - _devscripts_kubeconfig.content is defined or
           _crc_kubeconfig.content is defined
       ansible.builtin.copy:
-        dest: "/home/zuul/.kube/config"
+        dest: "{{ cifmw_reproducer_controller_user_dir }}/.kube/config"
         content: >-
           {{
             (_use_ocp | bool) |
             ternary(_devscripts_kubeconfig.content, _crc_kubeconfig.content) |
             b64decode
           }}
-        owner: "{{ cifmw_reproducer_user }}"
-        group: "{{ cifmw_reproducer_user }}"
+        owner: "{{ cifmw_reproducer_controller_user }}"
+        group: "{{ cifmw_reproducer_controller_user }}"
         mode: "0640"
 
     - name: Inject kubeadmin-password if exists
       when:
         - _devscripts_kubeadm.content is defined or
           _crc_kubeadm.content is defined
       ansible.builtin.copy:
-        dest: "/home/zuul/.kube/kubeadmin-password"
+        dest: "{{ cifmw_reproducer_controller_user_dir }}/.kube/kubeadmin-password"
         content: >-
           {{
             (_devscripts_kubeadm.content is defined) |
             ternary(_devscripts_kubeadm.content, _crc_kubeadm.content) |
             b64decode
           }}
-        owner: "{{ cifmw_reproducer_user }}"
-        group: "{{ cifmw_reproducer_user }}"
+        owner: "{{ cifmw_reproducer_controller_user }}"
+        group: "{{ cifmw_reproducer_controller_user }}"
         mode: "0600"
 
     - name: Inject devscripts private key if set
       when:
         - _devscript_privkey.content is defined
       ansible.builtin.copy:
-        dest: "{{ ansible_user_dir }}/.ssh/devscripts_key"
+        dest: "{{ cifmw_reproducer_controller_user_dir }}/.ssh/devscripts_key"
         content: "{{ _devscript_privkey.content | b64decode }}"
-        owner: "{{ cifmw_reproducer_user }}"
-        group: "{{ cifmw_reproducer_user }}"
+        owner: "{{ cifmw_reproducer_controller_user }}"
+        group: "{{ cifmw_reproducer_controller_user }}"
         mode: "0400"
 
     - name: Ensure /etc/ci/env is created
@@ -289,8 +275,8 @@
 
     - name: Manage secrets on controller-0
       vars:
-        cifmw_manage_secrets_basedir: "/home/zuul/ci-framework-data"
-        cifmw_manage_secrets_owner: "{{ cifmw_reproducer_user }}"
+        cifmw_manage_secrets_basedir: "{{ cifmw_reproducer_controller_basedir }}"
+        cifmw_manage_secrets_owner: "{{ cifmw_reproducer_controller_user }}"
       block:
         - name: Initialize secret manager
           ansible.builtin.import_role:
@@ -362,7 +348,7 @@
       delegate_to: localhost
       ansible.posix.synchronize:
         src: "{{ cifmw_reproducer_src_dir }}/"
-        dest: "zuul@{{ item }}:{{ cifmw_reproducer_src_dir }}"
+        dest: "{{ cifmw_reproducer_controller_user }}@{{ item }}:{{ cifmw_reproducer_controller_user_dir }}/src"
         archive: true
         recursive: true
       loop: "{{ groups['controllers'] }}"
@@ -417,19 +403,19 @@
           }}
       ansible.builtin.copy:
         mode: "0644"
-        dest: "/home/zuul/ci-framework-data/parameters/reproducer-variables.yml"
+        dest: "{{ cifmw_reproducer_controller_basedir }}/parameters/reproducer-variables.yml"
         content: "{{ _filtered_vars | to_nice_yaml }}"
 
     - name: Create reproducer-variables.yml symlink to old location
       ansible.builtin.file:
-        dest: "/home/zuul/reproducer-variables.yml"
-        src: "/home/zuul/ci-framework-data/parameters/reproducer-variables.yml"
+        dest: "{{ cifmw_reproducer_controller_user_dir }}/reproducer-variables.yml"
+        src: "{{ cifmw_reproducer_controller_basedir }}/parameters/reproducer-variables.yml"
         state: link
 
     - name: Inject local environment parameters
       ansible.builtin.copy:
         mode: "0644"
-        dest: "/home/zuul/ci-framework-data/parameters/openshift-environment.yml"
+        dest: "{{ cifmw_reproducer_controller_basedir }}/parameters/openshift-environment.yml"
         content: |-
           {% raw %}
           ---
@@ -450,14 +436,14 @@
 
     - name: Create openshift-environment.yml symlink to old location
       ansible.builtin.file:
-        dest: "/home/zuul/openshift-environment.yml"
-        src: "/home/zuul/ci-framework-data/parameters/openshift-environment.yml"
+        dest: "{{ cifmw_reproducer_controller_user_dir }}/openshift-environment.yml"
+        src: "{{ cifmw_reproducer_controller_basedir }}/parameters/openshift-environment.yml"
         state: link
 
     - name: Get interfaces-info content
       register: _nic_info
       ansible.builtin.slurp:
-        src: "{{ _ctl_reproducer_basedir }}/parameters/interfaces-info.yml"
+        src: "{{ cifmw_reproducer_controller_basedir }}/parameters/interfaces-info.yml"
 
     # We detected OCP cluster may have some downtime even after it's supposed
     # to be started.
@@ -484,7 +470,7 @@
           {{ _nic_info.content | b64decode | from_yaml }}
         cifmw_networking_mapper_network_name: >-
           {{ _cifmw_libvirt_manager_layout.vms.controller.nets.1 }}
-        cifmw_networking_mapper_basedir: "/home/zuul/ci-framework-data"
+        cifmw_networking_mapper_basedir: "{{ cifmw_reproducer_controller_basedir }}"
       ansible.builtin.import_role:
         name: networking_mapper
 
@@ -494,11 +480,11 @@
       block:
         - name: Inject CRC ssh key
           ansible.builtin.copy:
-            dest: "/home/zuul/.ssh/crc_key"
+            dest: "{{ cifmw_reproducer_controller_user_dir }}/.ssh/crc_key"
             content: "{{ crc_priv_key['content'] | b64decode }}"
             mode: "0400"
-            owner: "{{ cifmw_reproducer_user }}"
-            group: "{{ cifmw_reproducer_user }}"
+            owner: "{{ cifmw_reproducer_controller_user }}"
+            group: "{{ cifmw_reproducer_controller_user }}"
 
     - name: Ensure we have all dependencies installed
       ansible.builtin.async_status: