Resolve ansible-lint failures for install/grafana.yml

Resolves linting issues:
* [ANSIBLE0006] curl used in place of get_url or uri module
* [ANSIBLE0013] Use shell only when shell functionality is required
* [ANSIBLE0012] Commands should not change things if nothing needs doing

Executed via: ansible-lint ansible/install/grafana.yml

Change-Id: I47c8f7f95c425c87eb51d9a02c50e8d121991f42

ansible/install/roles/epel/handlers/main.yml

@@ -3,6 +3,8 @@
 # Handler to clean up EPEL whenever it is used
 #
 - name: remove_epel
-  shell: rpm -e epel-release
+  yum:
+    name: epel-release
+    absent: yes
   ignore_errors: true
   become: true

ansible/install/roles/grafana/tasks/main.yml

@@ -55,18 +55,30 @@
   ignore_errors: true
   register: firewalld_in_use
   no_log: true
+  tags:
+    # Skip ANSIBLE0012] Commands should not change things if nothing needs doing
+    # Need to know if firewalld is in use.
+    - skip_ansible_lint
 
 - name: (grafana) Determine if firewalld is active
   shell: systemctl is-active firewalld.service | grep -vq inactive
   ignore_errors: true
   register: firewalld_is_active
   no_log: true
+  tags:
+    # Skip ANSIBLE0012] Commands should not change things if nothing needs doing
+    # Need to know if firewalld is active.
+    - skip_ansible_lint
 
 - name: (grafana) Determine if TCP/{{grafana_port}} is already active
   shell: firewall-cmd --list-ports | egrep -q "^{{grafana_port}}/tcp"
   ignore_errors: true
   register: firewalld_tcp{{grafana_port}}_exists
   no_log: true
+  tags:
+    # Skip ANSIBLE0012] Commands should not change things if nothing needs doing
+    # Need to know if port is already active.
+    - skip_ansible_lint
 
 # add firewall rule via firewall-cmd
 - name: (grafana) Add firewall rule for TCP/{{grafana_port}} (firewalld)
@@ -85,6 +97,10 @@
   register: iptables_tcp3000_exists
   failed_when: iptables_tcp{{grafana_port}}_exists == 127
   no_log: true
+  tags:
+    # Skip ANSIBLE0012] Commands should not change things if nothing needs doing
+    # Need to know if port exists.
+    - skip_ansible_lint
 
 - name: (grafana) Add firewall rule for TCP/{{grafana_port}} (iptables-services)
   lineinfile:
@@ -97,7 +113,8 @@
   register: iptables_needs_restart
 
 - name: (grafana) Restart iptables-services for TCP/{{grafana_port}} (iptables-services)
-  shell: systemctl restart iptables.service
+  # TODO: replace with systemd module when Ansible 2.2 is the foundation
+  command: systemctl restart iptables.service
   ignore_errors: true
   when: iptables_needs_restart != 0 and firewalld_in_use.rc != 0 and firewalld_is_active.rc != 0
 
@@ -115,20 +132,13 @@
 #
 # Add graphite server as a default datasource
 #
-- name: Ensure {{role_path}}/files directory exists
-  file: path={{role_path}}/files state=directory
-  connection: local
-
-- name: Create data_source.json
-  template:
-    src: data_source.json.j2
-    dest: "{{role_path}}/files/data_source.json"
-  connection: local
-
 - name: Create Data Source on grafana server
-  command: "curl -X POST -H 'Content-Type: application/json' -d @{{role_path}}/files/data_source.json http://{{grafana_username}}:{{grafana_password}}@{{grafana_host}}:{{grafana_port}}/api/datasources"
+  uri:
-  connection: local
+    method: POST
-
+    header: 'Content-Type: application/json'
-- name: Remove leftover json file
+    body: "{{ lookup('template', 'data_source.json.j2') |to_json }}"
-  file: path={{role_path}}/files/data_source.json state=absent
+    body_format: json
+    url: http://{{grafana_host}}:{{grafana_port}}/api/datasources
+    username: "{{ grafana_username }}"
+    password: "{{ grafana_password }}"
   connection: local