From 972ebbe5db3b5e340176640129b4dc7923ead8aa Mon Sep 17 00:00:00 2001
From: Logan V <logan2211@gmail.com>
Date: Mon, 17 Sep 2018 09:50:44 -0500
Subject: [PATCH] Add 'absent' service state

Allow deprecation of haproxy endpoints by setting the state of the
service to 'absent'. It will also now clean up any config files
when there are no backends, or the service is disabled.

Change-Id: I1db5932c559b5e04d330c114164869dd43c1cbb2
---
 defaults/main.yml                |  2 ++
 tasks/haproxy_service_config.yml | 23 ++++++++++++++--
 tests/test-vars.yml              |  8 ++++++
 tests/test.yml                   | 47 ++++++++++++++++++++++++++++++--
 4 files changed, 75 insertions(+), 5 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index ab8283a..d552304 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -38,6 +38,8 @@ haproxy_stats_refresh_interval: 60
 # defined for each service.
 haproxy_backup_nodes: []
 
+haproxy_service_configs: []
+# Example:
 # haproxy_service_configs:
 #   - service:
 #       haproxy_service_name: haproxy_all
diff --git a/tasks/haproxy_service_config.yml b/tasks/haproxy_service_config.yml
index 632a1a8..ae0f858 100644
--- a/tasks/haproxy_service_config.yml
+++ b/tasks/haproxy_service_config.yml
@@ -13,21 +13,38 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-- name: "Create haproxy service config files"
+- name: Create haproxy service config files
   template:
     src: service.j2
     dest: "/etc/haproxy/conf.d/{{ item.service.haproxy_service_name }}"
-  with_items: "{{ haproxy_service_configs | default([]) }}"
+  with_items: "{{ haproxy_service_configs }}"
   when:
     - (item.service.haproxy_backend_nodes is defined and
       item.service.haproxy_backend_nodes | length > 0) or
       (item.service.haproxy_backup_nodes is defined and
       item.service.haproxy_backup_nodes | length > 0)
-    - item.service.haproxy_service_enabled | default('True') | bool
+    - (item.service.haproxy_service_enabled | default('True')) | bool
+    - (item.service.state is not defined or item.service.state != 'absent')
   notify: Regenerate haproxy configuration
   tags:
     - haproxy-service-config
 
+- name: Remove haproxy service config files for absent services
+  file:
+    path: "/etc/haproxy/conf.d/{{ item.service.haproxy_service_name }}"
+    state: absent
+  notify: Regenerate haproxy configuration
+  with_items: "{{ haproxy_service_configs }}"
+  when:
+    - ((item.service.haproxy_backend_nodes is defined and
+      item.service.haproxy_backend_nodes | length == 0) and
+      (item.service.haproxy_backup_nodes is defined and
+      item.service.haproxy_backup_nodes | length == 0)) or
+      (not ((item.service.haproxy_service_enabled | default('True')) | bool)) or
+      (item.service.state is defined and item.service.state == 'absent')
+  tags:
+    - haproxy-service-config
+
 - name: Prevent SELinux from preventing haproxy from binding to arbitrary ports
   seboolean:
     name: haproxy_connect_any
diff --git a/tests/test-vars.yml b/tests/test-vars.yml
index bf929b0..9fd2ccc 100644
--- a/tests/test-vars.yml
+++ b/tests/test-vars.yml
@@ -31,3 +31,11 @@ haproxy_service_configs:
       haproxy_backend_ca: False
       haproxy_ssl: False
       haproxy_balance_type: http
+  - service:
+      haproxy_service_name: test_absent_service
+      haproxy_backend_nodes:
+        - name: "localhost"
+          ip_addr: "127.0.0.1"
+      haproxy_port: 65535
+      haproxy_balance_type: tcp
+      state: "{{ absent_service_state }}"
diff --git a/tests/test.yml b/tests/test.yml
index 3602302..49e1915 100644
--- a/tests/test.yml
+++ b/tests/test.yml
@@ -18,7 +18,50 @@
   connection: local
   user: root
   become: true
-  roles:
-    - role: "haproxy_server"
   vars_files:
     - test-vars.yml
+  tasks:
+    - name: Create marker file for idempotence
+      copy:
+        content: mark
+        dest: /tmp/haproxy_pass1
+      register: haproxy_pass1
+
+    - name: Set fact for idempotence test
+      set_fact:
+        idempotence_pass_1: "{{ haproxy_pass1 is changed }}"
+
+    - name: Set fact for absent service state
+      set_fact:
+        absent_service_state: "{{ (haproxy_pass1 is changed) | ternary('present', 'absent') }}"
+
+    - name: Run the haproxy_server role
+      include_role:
+        name: "haproxy_server"
+
+    - name: Run role again on first pass
+      when:
+        - "idempotence_pass_1 | bool"
+      block:
+        - name: Ensure the absent service is present
+          stat:
+            path: "/etc/haproxy/conf.d/test_absent_service"
+          register: absent_services
+          failed_when: not absent_services.stat.exists
+
+        - name: Set fact for absent service state
+          set_fact:
+            absent_service_state: "absent"
+
+        - name: Run the haproxy_server role (again)
+          include_role:
+            name: "haproxy_server"
+
+    - name: Ensure the absent service is missing
+      stat:
+        path: "/etc/haproxy/conf.d/test_absent_service"
+      register: absent_services
+      when:
+        - "not (idempotence_pass_1 | bool)"
+      failed_when: absent_services.stat.exists
+