Improve deploy-crc-cloud role

[danpawlik]

What changed:

• improve condition that is veryfing if cluster is healthy
• move htpasswd container image to be created task before to avoid multiple time rebuilding same image
• add "no_log" to avoid display users passwords

Summary by Sourcery

Optimize the deploy-crc-cloud role by centralizing htpasswd image creation, securing credential output, and refining the cluster health check

Bug Fixes:

• Adjust the failure condition in wait_cluster_become_healthy to only check for unhealthy components

Enhancements:

• Build the htpasswd container image once before generating credentials to avoid repeated rebuilds
• Move temporary directory setup and cleanup into the credential task to streamline htpasswd workflow

[sourcery-ai]

Reviewer's Guide

This PR refactors the htpasswd container image build into a dedicated preparatory step, secures user password handling by silencing logs, and tightens the cluster health check condition by removing the retry-based failure guard.

Sequence Diagram: Refactored htpasswd Generation

sequenceDiagram
    participant AnsibleController
    participant TargetHost
    participant Podman

    AnsibleController->>TargetHost: Execute task: Create temporary directory
    activate TargetHost
    TargetHost-->>AnsibleController: Confirm directory created
    deactivate TargetHost

    AnsibleController->>TargetHost: Execute task: Create Dockerfile for htpasswd
    activate TargetHost
    TargetHost-->>AnsibleController: Confirm Dockerfile created
    deactivate TargetHost

    AnsibleController->>TargetHost: Execute task: Build htpasswd image
    activate TargetHost
    TargetHost->>Podman: podman build -t localhost/htpasswd ...
    activate Podman
    Podman-->>TargetHost: Image built successfully
    deactivate Podman
    TargetHost-->>AnsibleController: Confirm image built
    deactivate TargetHost

    loop For each user
        AnsibleController->>TargetHost: Execute task: Get htpasswd for user (with no_log)
        activate TargetHost
        TargetHost->>Podman: podman run --rm localhost/htpasswd <user.name> <user.password>
        activate Podman
        Podman-->>TargetHost: Hashed password output
        deactivate Podman
        TargetHost-->>AnsibleController: (Appends output to htpasswd.txt)
        deactivate TargetHost
    end

    AnsibleController->>TargetHost: Execute task: Consolidate htpasswd.txt
    activate TargetHost
    TargetHost-->>AnsibleController: Confirm htpasswd.txt ready
    deactivate TargetHost

    AnsibleController->>TargetHost: Execute task: Create /tmp/htpass-secret.yaml
    activate TargetHost
    TargetHost-->>AnsibleController: Confirm secret file created
    deactivate TargetHost

    AnsibleController->>TargetHost: Execute task: oc replace -f /tmp/htpass-secret.yaml
    activate TargetHost
    TargetHost-->>AnsibleController: Confirm secret replaced in OpenShift
    deactivate TargetHost

    AnsibleController->>TargetHost: Execute task: Remove temporary directory
    activate TargetHost
    TargetHost-->>AnsibleController: Confirm directory removed
    deactivate TargetHost

Loading

File-Level Changes

Change	Details	Files
Centralize and optimize htpasswd container build and cleanup	Add tasks to create a temp directory and Dockerfile for the htpasswd image Build the htpasswd container image once before looping over users Remove redundant build and cleanup tasks from get_htpasswd.yaml Add final cleanup of the temporary directory	tasks/set_credentials.yaml tasks/get_htpasswd.yaml
Hide user passwords in logs during credential retrieval	Apply no_log: true to the htpasswd retrieval loop	tasks/set_credentials.yaml
Simplify cluster health check failure condition	Remove the retry_count>=max_retries clause from failed_when	tasks/wait_cluster_become_healthy.yaml

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[danpawlik]

What happened that the PR was closed xD

[danpawlik]

recheck

[praveenkumar]

linter failing due to timeout on mac, can you update the timeout https://github.com/crc-org/crc-cloud/blob/main/.golangci.yml#L2 from 10m to 20m?