Resolve ansible-lint failures for install/grafana.yml

Resolves linting issues: * [ANSIBLE0006] curl used in place of get_url or uri module * [ANSIBLE0013] Use shell only when shell functionality is required * [ANSIBLE0012] Commands should not change things if nothing needs doing Executed via: ansible-lint ansible/install/grafana.yml Change-Id: I47c8f7f95c425c87eb51d9a02c50e8d121991f42
2016-08-25 08:57:28 -04:00 · 2016-08-25 08:57:28 -04:00 · 8a052006f8
commit 8a052006f8
parent e8fb1fcfb4
2 changed files with 29 additions and 17 deletions
--- a/ansible/install/roles/epel/handlers/main.yml
+++ b/ansible/install/roles/epel/handlers/main.yml
@ -3,6 +3,8 @@
 # Handler to clean up EPEL whenever it is used
 #
 - name: remove_epel
-  shell: rpm -e epel-release
+  yum:
+    name: epel-release
+    absent: yes
  ignore_errors: true
  become: true
--- a/ansible/install/roles/grafana/tasks/main.yml
+++ b/ansible/install/roles/grafana/tasks/main.yml
@ -55,18 +55,30 @@
  ignore_errors: true
  register: firewalld_in_use
  no_log: true
+  tags:
+    # Skip ANSIBLE0012] Commands should not change things if nothing needs doing
+    # Need to know if firewalld is in use.
+    - skip_ansible_lint

 - name: (grafana) Determine if firewalld is active
  shell: systemctl is-active firewalld.service | grep -vq inactive
  ignore_errors: true
  register: firewalld_is_active
  no_log: true
+  tags:
+    # Skip ANSIBLE0012] Commands should not change things if nothing needs doing
+    # Need to know if firewalld is active.
+    - skip_ansible_lint

 - name: (grafana) Determine if TCP/{{grafana_port}} is already active
  shell: firewall-cmd --list-ports | egrep -q "^{{grafana_port}}/tcp"
  ignore_errors: true
  register: firewalld_tcp{{grafana_port}}_exists
  no_log: true
+  tags:
+    # Skip ANSIBLE0012] Commands should not change things if nothing needs doing
+    # Need to know if port is already active.
+    - skip_ansible_lint

 # add firewall rule via firewall-cmd
 - name: (grafana) Add firewall rule for TCP/{{grafana_port}} (firewalld)
@ -85,6 +97,10 @@
  register: iptables_tcp3000_exists
  failed_when: iptables_tcp{{grafana_port}}_exists == 127
  no_log: true
+  tags:
+    # Skip ANSIBLE0012] Commands should not change things if nothing needs doing
+    # Need to know if port exists.
+    - skip_ansible_lint

 - name: (grafana) Add firewall rule for TCP/{{grafana_port}} (iptables-services)
  lineinfile:
@ -97,7 +113,8 @@
  register: iptables_needs_restart

 - name: (grafana) Restart iptables-services for TCP/{{grafana_port}} (iptables-services)
-  shell: systemctl restart iptables.service
+  # TODO: replace with systemd module when Ansible 2.2 is the foundation
+  command: systemctl restart iptables.service
  ignore_errors: true
  when: iptables_needs_restart != 0 and firewalld_in_use.rc != 0 and firewalld_is_active.rc != 0

@ -115,20 +132,13 @@
 #
 # Add graphite server as a default datasource
 #
- name: Ensure {{role_path}}/files directory exists
-  file: path={{role_path}}/files state=directory
-  connection: local
-
- name: Create data_source.json
-  template:
-    src: data_source.json.j2
-    dest: "{{role_path}}/files/data_source.json"
-  connection: local
-
 - name: Create Data Source on grafana server
-  command: "curl -X POST -H 'Content-Type: application/json' -d @{{role_path}}/files/data_source.json http://{{grafana_username}}:{{grafana_password}}@{{grafana_host}}:{{grafana_port}}/api/datasources"
-  connection: local
-
- name: Remove leftover json file
-  file: path={{role_path}}/files/data_source.json state=absent
+  uri:
+    method: POST
+    header: 'Content-Type: application/json'
+    body: "{{ lookup('template', 'data_source.json.j2') |to_json }}"
+    body_format: json
+    url: http://{{grafana_host}}:{{grafana_port}}/api/datasources
+    username: "{{ grafana_username }}"
+    password: "{{ grafana_password }}"
  connection: local