[WIP] Use the Systemd [Container] directive

[agrare]

Podman has a systemd generator that takes .container files and auto generates a .service file from that

Ref: https://docs.podman.io/en/latest/markdown/podman-systemd.unit.5.html

NOTE this isn't currently working while running as the manageiq user/group because it generates --cidfile=%t/%N.cid which is /run/opentofu-runner.cid and /run is only writable by root.

Here is the service file that gets auto generated

# /usr/lib/systemd/system-generators/podman-system-generator -v -dryrun
---opentofu-runner.service---
[Unit]
Description=Opentofu Runner Container
After=local-fs.target
SourcePath=/usr/share/containers/systemd/opentofu-runner.container
RequiresMountsFor=%t/containers
RequiresMountsFor=/var/lib/manageiq/opentofu-runner/certs

[X-Container]
Image=${OPENTOFU_RUNNER_IMAGE}
PodmanArgs=--root /var/www/miq/vmdb/data/containers/storage
ContainerName=opentofu-runner
Secret=opentofu-runner-secret
Volume=/var/lib/manageiq/opentofu-runner/certs:/opt/app-root/src/config/cert:z
Environment=DATABASE_HOSTNAME=${DATABASE_HOSTNAME}
Environment=DATABASE_NAME=${DATABASE_NAME}
Environment=DATABASE_USERNAME=${DATABASE_USERNAME}
Environment=MEMCACHE_SERVERS=${MEMCACHE_SERVERS}
ExposeHostPort=6000
Network=host

[Service]
Restart=on-failure
User=manageiq
Group=manageiq
Slice=manageiq.slice
MemoryHigh=1073741824
TimeoutStartSec=600
TimeoutStopSec=600
Environment=DATABASE_HOSTNAME=host.containers.internal
Environment=DATABASE_NAME=vmdb_production
Environment=DATABASE_USERNAME=root
Environment=MEMCACHE_SERVERS=127.0.0.1:11211
Environment=OPENTOFU_RUNNER_IMAGE=docker-na-public.artifactory.swg-devops.com/hyc-cp4mcm-team-docker-local/infra-mgmt/infra-mgmt-opentofu-runner:PR-110-204033d-20240521-x86_64
Environment=PODMAN_SYSTEMD_UNIT=%n
KillMode=mixed
ExecStop=/usr/bin/podman rm -v -f -i --cidfile=%t/%N.cid
ExecStopPost=-/usr/bin/podman rm -v -f -i --cidfile=%t/%N.cid
Delegate=yes
Type=notify
NotifyAccess=all
SyslogIdentifier=%N
ExecStart=/usr/bin/podman run --name=opentofu-runner --cidfile=%t/%N.cid --replace --rm --cgroups=split --network=host --sdnotify=conmon -d -v /var/lib/manageiq/opentofu-runner/certs:/opt/app-root/src/config/cert:z --expose=6000 --env DATABASE_HOSTNAME=${DATABASE_HOSTNAME} --env DATABASE_NAME=${DATABASE_NAME} --env DATABASE_USERNAME=${DATABASE_USERNAME} --env MEMCACHE_SERVERS=${MEMCACHE_SERVERS} --secret opentofu-runner-secret --root /var/www/miq/vmdb/data/containers/storage ${OPENTOFU_RUNNER_IMAGE}

[miq-bot]

Checked commits agrare/manageiq-providers-embedded_terraform@3ebcba3~...ca6da61 with ruby 2.7.8, rubocop 1.56.3, haml-lint 0.51.0, and yamllint
1 file checked, 0 offenses detected
Everything looks fine. 👍

[miq-bot]

This pull request is not mergeable. Please rebase and repush.

[miq-bot]

This pull request has been automatically marked as stale because it has not been updated for at least 3 months.

If these changes are still valid, please remove the stale label, make any changes requested by reviewers (if any), and ensure that this issue is being looked at by the assigned/reviewer(s).