From 29109575f50d61a3ff2c569ff149f62ea209d562 Mon Sep 17 00:00:00 2001
From: cyril-corbon <corboncyril@gmail.com>
Date: Wed, 6 Apr 2022 06:36:55 +0200
Subject: [PATCH] fix: reset docker was not removing docker properly (#8680)

Signed-off-by: Cyril Corbon <corboncyril@gmail.com>
---
 roles/container-engine/docker/tasks/reset.yml | 101 +++++++++++++-----
 roles/reset/tasks/main.yml                    |  37 ++-----
 2 files changed, 78 insertions(+), 60 deletions(-)

diff --git a/roles/container-engine/docker/tasks/reset.yml b/roles/container-engine/docker/tasks/reset.yml
index 7feec312a..185fbad90 100644
--- a/roles/container-engine/docker/tasks/reset.yml
+++ b/roles/container-engine/docker/tasks/reset.yml
@@ -1,20 +1,81 @@
 ---
+
+- name: Docker | Get package facts
+  package_facts:
+    manager: auto
+
+- name: Docker | Find docker packages
+  set_fact:
+    docker_packages_list: "{{ ansible_facts.packages.keys() | select('search', '^docker*') }}"
+    containerd_package: "{{ ansible_facts.packages.keys() | select('search', '^containerd*') }}"
+
+- name: Docker | Stop all running container
+  shell: "set -o pipefail && {{ docker_bin_dir }}/docker ps -q | xargs -r {{ docker_bin_dir }}/docker kill"
+  args:
+    executable: /bin/bash
+  register: stop_all_containers
+  retries: 5
+  until: stop_all_containers.rc == 0
+  changed_when: true
+  delay: 5
+  ignore_errors: true  # noqa ignore-errors
+  when: docker_packages_list|length>0
+
+- name: reset | remove all containers
+  shell: "set -o pipefail && {{ docker_bin_dir }}/docker ps -aq | xargs -r docker rm -fv"
+  args:
+    executable: /bin/bash
+  register: remove_all_containers
+  retries: 4
+  until: remove_all_containers.rc == 0
+  delay: 5
+  when: docker_packages_list|length>0
+
+- name: Docker | Stop docker service
+  service:
+    name: "{{ item }}"
+    enabled: false
+    state: stopped
+  loop:
+    - docker
+    - docker.socket
+    - containerd
+
+- name: Docker | Remove dpkg hold
+  dpkg_selections:
+    name: "{{ item }}"
+    selection: install
+  when: ansible_pkg_mgr == 'apt'
+  changed_when: false
+  with_items:
+    - "{{ docker_packages_list }}"
+    - "{{ containerd_package }}"
+
+- name: Docker | Remove docker package
+  package:
+    name: "{{ item }}"
+    state: absent
+  changed_when: false
+  with_items:
+    - "{{ docker_packages_list }}"
+    - "{{ containerd_package }}"
+  when:
+    - not ansible_os_family in ["Flatcar", "Flatcar Container Linux by Kinvolk"]
+    - not is_ostree
+    - docker_packages_list|length > 0
+
 - name: Docker | ensure docker-ce repository is removed
   apt_repository:
     repo: "{{ item }}"
     state: absent
   with_items: "{{ docker_repo_info.repos }}"
   when: ansible_pkg_mgr == 'apt'
-  tags:
-    - reset_docker
 
 - name: Docker | Remove docker repository on Fedora
   file:
     name: "{{ yum_repo_dir }}/docker.repo"
     state: absent
   when: ansible_distribution == "Fedora" and not is_ostree
-  tags:
-    - reset_docker
 
 - name: Docker | Remove docker repository on RedHat/CentOS/Oracle/AlmaLinux Linux
   template:
@@ -24,18 +85,6 @@
     - ansible_os_family == "RedHat"
     - ansible_distribution != "Fedora"
     - not is_ostree
-  tags:
-    - reset_docker
-
-- name: Docker | Stop docker service
-  service:
-    name: docker
-    daemon_reload: true
-    enabled: false
-    masked: true
-    state: stopped
-  tags:
-    - reset_docker
 
 - name: Docker | Remove docker configuration files
   file:
@@ -43,19 +92,13 @@
     state: absent
   loop:
     - /etc/systemd/system/docker.service.d/
+    - /etc/systemd/system/docker.socket
+    - /etc/systemd/system/docker.service
+    - /etc/systemd/system/containerd.service
+    - /etc/systemd/system/containerd.service.d
     - /var/lib/docker
     - /etc/docker
-  tags:
-    - reset_docker
 
-- name: Docker | Remove docker package
-  package:
-    name: "{{ docker_package_info.pkgs }}"
-    state: absent
-  changed_when: false
-  when:
-    - not ansible_os_family in ["Flatcar", "Flatcar Container Linux by Kinvolk"]
-    - not is_ostree
-    - docker_package_info.pkgs|length > 0
-  tags:
-    - reset_docker
+- name: Docker | systemctl daemon-reload  # noqa 503
+  systemd:
+    daemon_reload: true
diff --git a/roles/reset/tasks/main.yml b/roles/reset/tasks/main.yml
index de7c9997a..fc452848b 100644
--- a/roles/reset/tasks/main.yml
+++ b/roles/reset/tasks/main.yml
@@ -30,43 +30,18 @@
     - containerd
     - crio
 
-- name: reset | remove docker dropins
-  file:
-    path: "/etc/systemd/system/docker.service.d/{{ item }}"
-    state: absent
-  with_items:
-    - docker-dns.conf
-    - docker-options.conf
-    - http-proxy.conf
-    - docker-orphan-cleanup.conf
-  register: docker_dropins_removed
+- name: reset | Remove Docker
+  include_role:
+    name: container-engine/docker
+    tasks_from: reset
+  when: container_manager == 'docker'
   tags:
     - docker
 
 - name: reset | systemctl daemon-reload  # noqa 503
   systemd:
     daemon_reload: true
-  when: services_removed.changed or docker_dropins_removed.changed
-
-- name: reset | remove all containers
-  shell: "set -o pipefail && {{ docker_bin_dir }}/docker ps -aq | xargs -r docker rm -fv"
-  args:
-    executable: /bin/bash
-  register: remove_all_containers
-  retries: 4
-  until: remove_all_containers.rc == 0
-  delay: 5
-  when: container_manager == "docker"
-  tags:
-    - docker
-
-- name: reset | restart docker if needed  # noqa 503
-  service:
-    name: docker
-    state: restarted
-  when: docker_dropins_removed.changed and container_manager == "docker"
-  tags:
-    - docker
+  when: services_removed.changed
 
 - name: reset | check if crictl is present
   stat: