From 235a4fe4c965b9a2d5c15577c55e9fdeb1c08866 Mon Sep 17 00:00:00 2001
From: Max Gautier <mg@max.gautier.name>
Date: Thu, 19 Oct 2023 10:12:31 +0200
Subject: [PATCH] etcd/backup: native ansible modules instead of shell

This make native ansible features (dry-run, changed state) easier to
have, and should have a minimal performance impact, since it only runs
on the etcd members.
---
 roles/etcd/handlers/backup_cleanup.yml | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/roles/etcd/handlers/backup_cleanup.yml b/roles/etcd/handlers/backup_cleanup.yml
index 3cebfd0469b..63dcf41918f 100644
--- a/roles/etcd/handlers/backup_cleanup.yml
+++ b/roles/etcd/handlers/backup_cleanup.yml
@@ -2,11 +2,21 @@
 - name: Cleanup etcd backups
   command: /bin/true
   notify:
+    - Find old etcd backups
     - Remove old etcd backups
 
+- name: Find old etcd backups
+  ansible.builtin.find:
+    file_type: directory
+    recurse: false
+    paths: "{{ etcd_backup_prefix }}"
+    patterns: "etcd-*"
+  register: _etcd_backups
+  when: etcd_backup_retention_count >= 0
+
 - name: Remove old etcd backups
-  shell:
-    chdir: "{{ etcd_backup_prefix }}"
-    cmd: "set -o pipefail && find . -name 'etcd-*' -type d | sort -n | head -n -{{ etcd_backup_retention_count }} | xargs rm -rf"
-    executable: /bin/bash
+  ansible.builtin.file:
+    state: absent
+    path: "{{ item }}"
+  loop: "{{ (_etcd_backups.files | sort(attribute='ctime', reverse=True))[etcd_backup_retention_count:] | map(attribute='path') }}"
   when: etcd_backup_retention_count >= 0