Perform haproxy HUP signals with kill

Podman on Ubuntu Noble has apparmor config that prevents SIGHUP from
being delivered via `podman kill -s HUP` or `docker compose kill -s
HUP`. Attempting to do so results in:

  kernel: audit: type=1400 audit(1739232042.996:129): apparmor="DENIED" operation="signal" class="signal" profile="containers-default-0.57.4-apparmor1" pid=17067 comm="runc" requested_mask="receive" denied_mask="receive" signal=hup peer="podman"

This appears to be due to issues with the apparmor configuration that
was edited to make other signals work:

  https://bugs.launchpad.net/ubuntu/+source/libpod/+bug/2040483

We work around that by using kill to issue the signal instead which
seems to work based on some manual testing.

Change-Id: I49435fdda662e25c7192faf24e0ae4b527e943b9

playbooks/roles/haproxy/handlers/hup_haproxy.yaml

@@ -0,0 +1,22 @@
+# This is necessary because podman kill -s HUP doesn't currently work on
+# Ubuntu Noble. They appear tohave fixed this for other common signals (see
+# https://bugs.launchpad.net/ubuntu/+source/libpod/+bug/2040483 ) but not
+# for HUP. To work around this we use kill directly against the container
+# process.
+#
+# Note that we need the first docker-compose ps here as the container name
+# is different between docker-compose and docker compose.
+- name: Get haproxy container ID
+  command: docker-compose ps -q haproxy
+  args:
+    chdir: /etc/haproxy-docker/
+  register: docker_ps
+
+- name: Get haproxy container pid
+  command: "{{ cmd_str }} {{ docker_ps.stdout }}"
+  vars:
+    cmd_str: !unsafe "docker inspect --format '{{ .State.Pid }}'"
+  register: docker_inspect
+
+- name: Send HUP to haproxy
+  command: kill -s HUP {{ docker_inspect.stdout }}

playbooks/roles/haproxy/handlers/main.yaml

@@ -1,4 +1,2 @@
 - name: Reload haproxy
-  shell:
-    cmd: docker-compose kill -s HUP haproxy
-    chdir: /etc/haproxy-docker/
+  include_tasks: roles/haproxy/handlers/hup_haproxy.yaml