From 932a6199811ee614b420c576bdc5d2c5633e326f Mon Sep 17 00:00:00 2001
From: Will Szumski <will@stackhpc.com>
Date: Tue, 27 Apr 2021 10:40:15 +0100
Subject: [PATCH] Switch to reboot module

The manual SSH command is buggy since it does not respect things
like ansible_ssh_extra_args.

TrivialFix

Change-Id: I30709df86b4cc334413b76507700dc03e7df2ea1
---
 ansible/roles/disable-selinux/tasks/main.yml  | 30 ++++---------------
 ...linux-disable-reboot-65c32f5dc895211c.yaml |  6 ++++
 2 files changed, 11 insertions(+), 25 deletions(-)
 create mode 100644 releasenotes/notes/fix-selinux-disable-reboot-65c32f5dc895211c.yaml

diff --git a/ansible/roles/disable-selinux/tasks/main.yml b/ansible/roles/disable-selinux/tasks/main.yml
index 68bedae52..588cbbd6f 100644
--- a/ansible/roles/disable-selinux/tasks/main.yml
+++ b/ansible/roles/disable-selinux/tasks/main.yml
@@ -24,36 +24,16 @@
       set_fact:
         is_local: "{{ lookup('pipe', 'hostname') in [ansible_hostname, ansible_nodename] }}"
 
-    # Any SSH connection errors cause ansible to fail the task. We therefore
-    # perform a manual SSH connection and allow the command to fail.
-    - name: Reboot the system to apply SELinux changes (remote)
-      local_action:
-        # Use -tt to force a pseudo tty.
-        module: >
-          command
-          ssh -tt {{ ansible_user }}@{{ ansible_host | default(inventory_hostname) }}
-          sudo shutdown -r now "Applying SELinux changes"
-      register: reboot_result
-      failed_when:
-        - reboot_result is failed
-        - "'closed by remote host' not in reboot_result.stderr"
-      when: not is_local | bool
-
     - name: Reboot the system to apply SELinux changes (local)
       command: shutdown -r now "Applying SELinux changes"
       become: True
       when: is_local | bool
 
-    # If we're running this locally we won't get here.
-    - name: Wait for the system to boot up (remote)
-      local_action:
-        module: wait_for
-        host: "{{ ansible_host | default(inventory_hostname) }}"
-        port: 22
-        state: started
-        # Wait for 10 seconds before polling to ensure the node has shutdown.
-        delay: 10
-        timeout: "{{ disable_selinux_reboot_timeout }}"
+    - name: Reboot the machine to apply SELinux
+      reboot:
+        reboot_timeout: "{{ disable_selinux_reboot_timeout }}"
+        msg: Applying SELinux changes
+      become: true
       when: not is_local | bool
   when:
     - disable_selinux_do_reboot | bool
diff --git a/releasenotes/notes/fix-selinux-disable-reboot-65c32f5dc895211c.yaml b/releasenotes/notes/fix-selinux-disable-reboot-65c32f5dc895211c.yaml
new file mode 100644
index 000000000..be50864c7
--- /dev/null
+++ b/releasenotes/notes/fix-selinux-disable-reboot-65c32f5dc895211c.yaml
@@ -0,0 +1,6 @@
+---
+fixes:
+  - |
+    Fixes an issue where custom SSH arguments, such as when setting
+    ``ansible_ssh_extra_args``, were not being respected when rebooting
+    a host to disable selinux.