From 6f9c151e7944aa649f030a405063e9cf63116472 Mon Sep 17 00:00:00 2001
From: Clark Boylan <clark.boylan@gmail.com>
Date: Mon, 2 Mar 2020 15:38:00 -0800
Subject: [PATCH] Collect docker logs as root

When testing our system-conf configuration we don't actually add zuul to
the docker group. This means the zuul user cannot access the docker
socket. This then breaks docker container log collection. Address this
by becoming root when collecting logs.

Change-Id: Ic0232f7ef458cdd07fb0853f97f2dc22ce137c71
---
 playbooks/zuul/run-base-post.yaml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/playbooks/zuul/run-base-post.yaml b/playbooks/zuul/run-base-post.yaml
index c0fac34324..17b5596006 100644
--- a/playbooks/zuul/run-base-post.yaml
+++ b/playbooks/zuul/run-base-post.yaml
@@ -18,6 +18,14 @@
   tasks:
     - include_role:
         name: collect-container-logs
+        # The zuul user isn't part of the docker group on our fake
+        # production systems. Work around this by operating as root
+        # when collecting logs.  This collects podman containers
+        # running as root; we may need to think about some flags for
+        # this role for collecting logs from containers under other
+        # users.
+        apply:
+          become: yes
       vars:
         container_command: "{{ item }}"
       loop: