From 57c3b9ab17e0353740e88f6c618f24292ffd8824 Mon Sep 17 00:00:00 2001
From: "Christian M. Adams" <rooftopcellist@gmail.com>
Date: Fri, 8 Jan 2021 16:36:47 -0500
Subject: [PATCH 1/2] Run PG upgrade tasks in container because of permissions 
  * update pg references

---
 .../roles/image_build/templates/Dockerfile.j2 |  1 +
 .../roles/local_docker/defaults/main.yml      |  1 +
 .../local_docker/tasks/upgrade_postgres.yml   | 41 ++++++++-----------
 .../templates/docker-compose.yml.j2           |  2 +-
 4 files changed, 20 insertions(+), 25 deletions(-)

diff --git a/installer/roles/image_build/templates/Dockerfile.j2 b/installer/roles/image_build/templates/Dockerfile.j2
index 7572c6219f..fa4f9e35e8 100644
--- a/installer/roles/image_build/templates/Dockerfile.j2
+++ b/installer/roles/image_build/templates/Dockerfile.j2
@@ -214,6 +214,7 @@ RUN for dir in \
       /var/run/awx-rsyslog \
       /var/log/tower \
       /var/log/nginx \
+      /var/lib/postgresql \
       /var/run/supervisor \
       /var/lib/nginx ; \
     do mkdir -m 0775 -p $dir ; chmod g+rw $dir ; chgrp root $dir ; done && \
diff --git a/installer/roles/local_docker/defaults/main.yml b/installer/roles/local_docker/defaults/main.yml
index 03742f5e14..4b97d47196 100644
--- a/installer/roles/local_docker/defaults/main.yml
+++ b/installer/roles/local_docker/defaults/main.yml
@@ -8,3 +8,4 @@ postgresql_version: "12"
 postgresql_image: "postgres:{{postgresql_version}}"
 
 compose_start_containers: true
+upgrade_postgres: false
diff --git a/installer/roles/local_docker/tasks/upgrade_postgres.yml b/installer/roles/local_docker/tasks/upgrade_postgres.yml
index 0a2b3afd33..ed163605ac 100644
--- a/installer/roles/local_docker/tasks/upgrade_postgres.yml
+++ b/installer/roles/local_docker/tasks/upgrade_postgres.yml
@@ -1,26 +1,24 @@
 ---
-- name: Check for existing Postgres data
-  stat:
-    path: "{{ postgres_data_dir }}/pgdata/PG_VERSION"
+
+- name: Register temporary docker container
+  set_fact:
+    container_command: "docker run -v '{{ postgres_data_dir | realpath }}:/var/lib/postgresql' centos:8 bash "
+
+- name: Check for existing Postgres data (run from inside the container for access to file)
+  shell:
+    cmd: "{{ container_command }} [[ -f /var/lib/postgresql/10/data/PG_VERSION ]] && echo 'exists'"
   register: pg_version_file
+  ignore_errors: true
 
 - name: Record Postgres version
-  set_fact:
-    old_pg_version: "{{ lookup('file', postgres_data_dir + '/pgdata/PG_VERSION') }}"
-  when: pg_version_file.stat.exists
+  shell: "{{ container_command }} cat var/lib/postgresql/10/data/PG_VERSION"
+  register: old_pg_version
+  when: pg_version_file.stdout == 'exists'
 
 - name: Determine whether to upgrade postgres
   set_fact:
-    upgrade_postgres: "{{ old_pg_version is defined and old_pg_version == '9.6' }}"
-
-- name: Set up new postgres paths pre-upgrade
-  file:
-    state: directory
-    path: "{{ item }}"
-    recurse: true
-  when: upgrade_postgres | bool
-  with_items:
-    - "{{ postgres_data_dir }}/10/data"
+    upgrade_postgres: "{{ old_pg_version is defined and old_pg_version.stdout == '10' | bool }}"
+  when: not old_pg_version.skipped | bool
 
 - name: Stop AWX before upgrading postgres
   docker_service:
@@ -31,20 +29,15 @@
 - name: Upgrade Postgres
   shell: |
     docker run --rm \
-      -v {{ postgres_data_dir }}/10/data:/var/lib/postgresql/10/data \
-      -v {{ postgres_data_dir }}/12/data:/var/lib/postgresql/12/data \
+      -v {{ postgres_data_dir | realpath }}:/var/lib/postgresql \
       -e PGUSER={{ pg_username }} -e POSTGRES_INITDB_ARGS="-U {{ pg_username }}" \
       tianon/postgres-upgrade:10-to-12 --username={{ pg_username }}
   when: upgrade_postgres | bool
 
 - name: Copy old pg_hba.conf
-  copy:
-    src: "{{ postgres_data_dir + '/pgdata/pg_hba.conf' }}"
-    dest: "{{ postgres_data_dir + '/12/data/' }}"
+  shell: "{{ container_command }} cp /var/lib/postgresql/10/data/pg_hba.conf /var/lib/postgresql/12/data/pg_hba.conf"
   when: upgrade_postgres | bool
 
 - name: Remove old data directory
-  file:
-    path: "{{ postgres_data_dir + '/10/data' }}"
-    state: absent
+  shell: "{{ container_command }} rm -rf /var/lib/postgresql/10/data"
   when: compose_start_containers|bool
diff --git a/installer/roles/local_docker/templates/docker-compose.yml.j2 b/installer/roles/local_docker/templates/docker-compose.yml.j2
index 03bb530485..f97e438984 100644
--- a/installer/roles/local_docker/templates/docker-compose.yml.j2
+++ b/installer/roles/local_docker/templates/docker-compose.yml.j2
@@ -177,7 +177,7 @@ services:
     container_name: awx_postgres
     restart: unless-stopped
     volumes:
-      - "{{ postgres_data_dir }}/10/data/:/var/lib/postgresql/data:Z"
+      - "{{ postgres_data_dir }}:/var/lib/postgresql:Z"
     environment:
       POSTGRES_USER: {{ pg_username }}
       POSTGRES_PASSWORD: {{ pg_password }}

From 88a0d984478f7cf19b790b1b524d1545dcebb4ff Mon Sep 17 00:00:00 2001
From: "Christian M. Adams" <rooftopcellist@gmail.com>
Date: Wed, 13 Jan 2021 15:44:05 -0500
Subject: [PATCH 2/2] Run migrations via a task, not in the container   *
 Issue: https://github.com/ansible/awx/issues/9077   * Fixes problem with
 migrations not completing

---
 installer/roles/local_docker/tasks/compose.yml         | 10 ++++++++++
 .../roles/local_docker/templates/docker-compose.yml.j2 |  1 +
 2 files changed, 11 insertions(+)

diff --git a/installer/roles/local_docker/tasks/compose.yml b/installer/roles/local_docker/tasks/compose.yml
index e2f0fc6663..0366a5c0b9 100644
--- a/installer/roles/local_docker/tasks/compose.yml
+++ b/installer/roles/local_docker/tasks/compose.yml
@@ -36,6 +36,11 @@
   register: awx_secret_key
 
 - block:
+    - name: Run migrations in task container
+      shell: docker-compose run --rm --service-ports task awx-manage migrate --no-input
+      args:
+        chdir: "{{ docker_compose_dir }}"
+
     - name: Start the containers
       docker_compose:
         project_src: "{{ docker_compose_dir }}"
@@ -50,6 +55,11 @@
       command: docker exec awx_task '/usr/bin/update-ca-trust'
       when: awx_compose_config.changed or awx_compose_start.changed
 
+    - name: Wait for launch script to create user
+      wait_for:
+        timeout: 10
+      delegate_to: localhost
+
     - name: Create Preload data
       command: docker exec awx_task bash -c "/usr/bin/awx-manage create_preload_data"
       when: create_preload_data|bool
diff --git a/installer/roles/local_docker/templates/docker-compose.yml.j2 b/installer/roles/local_docker/templates/docker-compose.yml.j2
index f97e438984..a0b4a59bf0 100644
--- a/installer/roles/local_docker/templates/docker-compose.yml.j2
+++ b/installer/roles/local_docker/templates/docker-compose.yml.j2
@@ -149,6 +149,7 @@ services:
     {% endfor %}
     {% endif %}
     environment:
+      AWX_SKIP_MIGRATIONS: "1"
       http_proxy: {{ http_proxy | default('') }}
       https_proxy: {{ https_proxy | default('') }}
       no_proxy: {{ no_proxy | default('') }}