etcd/backup: native ansible modules instead of shell (#10540)

This make native ansible features (dry-run, changed state) easier to have, and should have a minimal performance impact, since it only runs on the etcd members.
2023-10-30 20:05:28 +01:00 · 2023-10-30 20:05:28 +01:00 · 8f0e553e11
parent 5f9a7b9d49
commit 8f0e553e11
1 changed files with 15 additions and 5 deletions
--- a/roles/etcd/handlers/backup_cleanup.yml
+++ b/roles/etcd/handlers/backup_cleanup.yml
@ -2,11 +2,21 @@
 - name: Cleanup etcd backups
  command: /bin/true
  notify:
+    - Find old etcd backups
    - Remove old etcd backups

- name: Remove old etcd backups
-  shell:
-    chdir: "{{ etcd_backup_prefix }}"
-    cmd: "set -o pipefail && find . -name 'etcd-*' -type d | sort -n | head -n -{{ etcd_backup_retention_count }} | xargs rm -rf"
-    executable: /bin/bash
+- name: Find old etcd backups
+  ansible.builtin.find:
+    file_type: directory
+    recurse: false
+    paths: "{{ etcd_backup_prefix }}"
+    patterns: "etcd-*"
+  register: _etcd_backups
+  when: etcd_backup_retention_count >= 0
+
+- name: Remove old etcd backups
+  ansible.builtin.file:
+    state: absent
+    path: "{{ item }}"
+  loop: "{{ (_etcd_backups.files | sort(attribute='ctime', reverse=True))[etcd_backup_retention_count:] | map(attribute='path') }}"
  when: etcd_backup_retention_count >= 0