* Decouple from role christiangda.epel_repo

* No longer creates AWS CLI profiles
* No longer tested RedHat/Cento 6, Ubuntu 14.x, 16.x, Debian 7/8 Amazon Linux 1

.travis.yml

@@ -15,10 +15,11 @@ env:
     - GITHUB_ROLE_NAME="ansible-role-amazon-cloudwatch-agent"
     - GALAXY_ROLE_NAME="christiangda.amazon_cloudwatch_agent"
   matrix:
+    - ANSIBLE_VERSION=">=2.9,<2.10"
     - ANSIBLE_VERSION=">=2.8.1,<2.9"
-    - ANSIBLE_VERSION=">=2.7,<2.8"
-    - ANSIBLE_VERSION=">=2.6,<2.7"
-    - ANSIBLE_VERSION=">=2.5,<2.6"
+    #- ANSIBLE_VERSION=">=2.7,<2.8"
+    #- ANSIBLE_VERSION=">=2.6,<2.7"
+    #- ANSIBLE_VERSION=">=2.5,<2.6"
 
 install:
   - pip install ansible"${ANSIBLE_VERSION}"

VERSION

@@ -1 +1 @@
-1.0.0
+2.0.0

defaults/main.yml

@@ -1,4 +1,5 @@
 ---
+# description: Store the CloudWatch Agent configuration
 # possible values:
 # - "{{ lookup('file', 'files/your-cloudwatch-config.json') | from_json }}" where your-cloudwatch-config.json is your custom
 #   configuration file according to docs reference.
@@ -24,76 +25,85 @@
 # reference: https://docs.aws.amazon.com/es_es/AmazonCloudWatch/latest/monitoring/CloudWatch-Agent-Configuration-File-Details.html
 # default value: ""
 # notes:
-# * when is empty the role deploy a custom json configuration via template
+# * When is empty the role deploy a custom json configuration via template (see: templates/agent/amazon-cloudwatch-agent.json.j2)
 cwa_conf_json_file_content: ""
 
+# description: Define if the agent is running on AWS EC2 instance or outside AWS, in your On Premise infrastructure
 # possible values:
 # - "ec2"
 # - "onPremise"
 # default value: "ec2"
 # notes:
-# * not necessary when you deploy the agent into AWS, default value is fine.
-# * when you set the value 'onPremise' is because you installed the agent outside AWS, so is necessary to set the variables "cwa_aws_region", "cwa_access_key", "cwa_secret_key" also
+# * when you set the value 'onPremise' is because you installed the agent outside AWS, so is necessary to set the variables "cwa_aws_region" also
 cwa_agent_mode: "ec2"
 
+# description: AWS Region where you want the AWS CloudWatch Logs
 # possible values:
 # - https://docs.aws.amazon.com/general/latest/gr/rande.html
 # default value: "eu-west-1"
 # notes:
 # * This is the region where the agent have access to push logs/metrics, only necessary when use **cwa_agent_mode:** "onPremise"
 cwa_aws_region: "eu-west-1"
 
+# description: Define if you want to use AWS CLI Credentials or the AWS EC2 Instance Role
 # possible values:
-# - https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/install-CloudWatch-Agent-commandline-fleet.html
-# default value: "AmazonCloudWatchAgent"
+# - true
+# - false
+# default value: false
 # notes:
-# * Only necessary when use **cwa_agent_mode:** "onPremise", you could use other profile if it is configured properly
-cwa_profile: "AmazonCloudWatchAgent"
+# * Set this true when use **cwa_agent_mode:** "ec2" and you are not using the EC2 Instance Role to get access to the AWS CloudWatch Logs / AWS CloudWatch Service
+# * Automatically set to true when **cwa_agent_mode:** "onPremise"
+cwa_use_credentials: false
 
+# description: Define the name of the role configured at AWC CLI Profile to be used when send the logs/metrics to AWS CloudWatch
 # possible values:
-# - https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html
-# - https://docs.ansible.com/ansible/latest/user_guide/vault.html
-# default value: ""
+# - https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/install-CloudWatch-Agent-commandline-fleet.html
+# default value: "AmazonCloudWatchAgent"
 # notes:
-# * This is the region where the agent have access to push logs/metrics, only necessary when use **cwa_agent_mode:** "onPremise"
-cwa_access_key: ""
+# * This is necessary when use **cwa_agent_mode:** "ec2" and you are not using the EC2 Instance Role to get access to the AWS CloudWatch / AWS and CloudWatch Service
+# * Obligatory when you use **cwa_agent_mode:** "onPremise", this is the only way to get access to the AWS CloudWatch Logs / AWS CloudWatch Service
+# * Use the role "christiangda.awscli_configure" to create the profile "AmazonCloudWatchAgent"
+# * This variable depends of variable cwa_use_credentials
+cwa_profile: "AmazonCloudWatchAgent"
 
+# description: Path where is the AWS CLI Profile folder ( .aws/ with .aws/config and .aws/credentials files)
 # possible values:
-# - https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html
-# - https://docs.ansible.com/ansible/latest/user_guide/vault.html
-# default value: ""
+# - https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/install-CloudWatch-Agent-commandline-fleet.html
+# default value: "AmazonCloudWatchAgent"
 # notes:
-# * This is the region where the agent have access to push logs/metrics, only necessary when use **cwa_agent_mode:** "onPremise"
-cwa_secret_key: ""
+# * This is necessary when use **cwa_agent_mode:** "ec2" and you are not using the EC2 Instance Role to get access to the AWS CloudWatch Logs / AWS CloudWatch Service
+# * Obligatory when you use **cwa_agent_mode:** "onPremise", this is the only way to get access to the AWS CloudWatch Logs / AWS CloudWatch Service
+# * Use the role "christiangda.awscli_configure" to create the profile and credentials in this path
+# * This variable depends of variable cwa_use_credentials
+cwa_agent_profile_path: /root
 
+# description: The proxy configuration to be used by AWS CloudWatch Agent
 # possible values:
 # - https://docs.aws.amazon.com/es_es/AmazonCloudWatch/latest/monitoring/install-CloudWatch-Agent-commandline-fleet.html
 # default value: ""
 cwa_http_proxy: ""
 
+# description: The proxy configuration to be used by AWS CloudWatch Agent
 # possible values:
 # - https://docs.aws.amazon.com/es_es/AmazonCloudWatch/latest/monitoring/install-CloudWatch-Agent-commandline-fleet.html
 # default value: ""
 cwa_https_proxy: ""
 
+# description: The proxy configuration to be used by AWS CloudWatch Agent
 # possible values:
 # - https://docs.aws.amazon.com/es_es/AmazonCloudWatch/latest/monitoring/install-CloudWatch-Agent-commandline-fleet.html
 # default value: "169.254.169.254"
 # * Always disable proxy for aws metadata ip (169.254.169.254)
 cwa_no_proxy: "169.254.169.254"
 
+# description: The max size of the file for the log before be rotated
 # possible values:
 # - https://linux.die.net/man/8/logrotate
 # default value: "10M"
 cwa_logrotate_file_size: "10M"
 
+# description: The max number of file to keep after rotation
 # possible values:
 # - https://linux.die.net/man/8/logrotate
 # default value: 5
 cwa_logrotate_files: 5
-
-# Do we use the christiangda.epel_repo or manage it ourselves?
-# - https://galaxy.ansible.com/christiangda/epel_repo
-# possible values:
-# default value: true
-cwa_use_epel_role: true

handlers/main.yml

@@ -3,10 +3,14 @@
   command: "{{ cwa_agent_ctl }} -a fetch-config -m {{ cwa_agent_mode }} -c file:{{ cwa_agent_config_file }} -s"
   notify: Leave a copy of configuration
   when: ansible_virtualization_type != "docker"
+  tags:
+    - reload
 
 - name: Reload {{ cwa_logrotate_daemon }}
   command: "{{ cwa_logrotate_daemon }} -d {{ cwa_logrotate_config_file }}"
   when: ansible_virtualization_type != "docker"
+  tags:
+    - reload
 
 # This is necessary because after reloading the service the config file is
 # eliminated, so I leave a copy to improve the idempotent and doesn't deploy

meta/main.yml

@@ -5,29 +5,30 @@ galaxy_info:
   description: Ansible Role for AWS CloudWatch Agent
   license: license GPLv3
   company: No Company
-  min_ansible_version: 2.5
+  min_ansible_version: 2.7
 
   platforms:
     - name: EL
       versions:
-        - 6
+        # - 6
         - 7
         - 8
     - name: Amazon
       versions:
         - all
     - name: Debian
       versions:
-        - buster
-        - jessie
         - sid
+        - buster
         - stretch
+        # - jessie
     - name: Ubuntu
       version:
-        - trusty
-        - xenial
+        #- trusty
+        #- xenial
         - bionic
-        - cuttlefish
+        - disco
+        #- cuttlefish
 
   galaxy_tags:
     - aws
@@ -45,8 +46,4 @@ galaxy_info:
     - logs
     - metrics
 
-dependencies:
-  - {
-      role: christiangda.epel_repo,
-      when: ansible_os_family == 'RedHat' and cwa_use_epel_role,
-    }
+dependencies: []

molecule/default/molecule.yml

@@ -15,39 +15,43 @@ platforms:
   - name: redhat-8
     image: registry.access.redhat.com/ubi8/ubi
 
-  - name: centos-8
-    image: centos:8
-
   - name: redhat-7
     image: registry.access.redhat.com/ubi7/ubi
 
+  - name: centos-8
+    image: centos:8
+
   - name: centos-7
     image: centos:7
 
-  - name: centos-6
-    image: centos:6
+  # - name: centos-6
+  #   image: centos:6
 
   - name: amazonlinux-2
     image: amazonlinux:2
 
-  - name: amazonlinux-1
-    image: amazonlinux:1
+  # - name: amazonlinux-1
+  #   image: amazonlinux:1
+
+  - name: ubuntu-19.04
+    image: ubuntu:19.04
 
   - name: ubuntu-18.04
     image: ubuntu:18.04
 
-  - name: debian-buster
-    image: debian:buster
-
-  - name: debian-jessie
-    image: debian:jessie
-
   - name: debian-sid
     image: debian:sid
 
+  - name: debian-buster
+    image: debian:buster
+
   - name: debian-stretch
     image: debian:stretch
 
+  # - name: debian-jessie
+  #   image: debian:jessie
+
+
 provisioner:
   name: ansible
   lint:

molecule/default/playbook.yml

@@ -17,6 +17,18 @@
           ansible_distribution == 'RedHat' or
           ansible_distribution == 'Amazon'
         )
+    - role: christiangda.awscli_configure
+      vars:
+        awscliconf_path: '/root'
+        awscliconf_files:
+          credentials:
+            - AmazonCloudWatchAgent:
+                aws_access_key_id: 'AKIAIOSFODNN7EXAMPLE'
+                aws_secret_access_key: 'wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY'
+          config:
+            - profile AmazonCloudWatchAgent:
+                region: eu-west-1
     - role: christiangda.amazon_cloudwatch_agent
       vars:
         cwa_agent_mode: "onPremise"
+        cwa_profile: "AmazonCloudWatchAgent"

molecule/default/prepare.yml

@@ -16,3 +16,12 @@
         ansible_os_family == 'RedHat' and
         ansible_distribution == 'RedHat' and
         ansible_distribution_major_version == '7'
+
+    - name: Install RedHat 8 yajl package from mirror.centos.org to avoid Subscription Manager dependencies
+      dnf:
+        name: 'http://mirror.centos.org/centos/8/AppStream/x86_64/os/Packages/yajl-2.1.0-10.el8.x86_64.rpm'
+        state: present
+      when: >
+        ansible_os_family == 'RedHat' and
+        ansible_distribution == 'RedHat' and
+        ansible_distribution_major_version == '8'

molecule/default/requirements.yml

@@ -1,2 +1,3 @@
 ---
 - src: christiangda.epel_repo
+- src: christiangda.awscli_configure

molecule/vagrant/molecule.yml

@@ -14,8 +14,8 @@ lint:
       ignore: venv
 
 platforms:
-  - name: centos-6
-    box: centos/6
+  - name: centos-8
+    box: centos/8
     memory: 512
     cpus: 1
 
@@ -24,18 +24,33 @@ platforms:
     memory: 512
     cpus: 1
 
+  # - name: centos-6
+  #   box: centos/6
+  #   memory: 512
+  #   cpus: 1
+
   - name: amazonlinux-2
     box: gbailey/amzn2
     memory: 512
     cpus: 1
 
+  - name: ubuntu-19.04
+    box: ubuntu/disco64
+    memory: 512
+    cpus: 1
+
   - name: ubuntu-18.04
     box: ubuntu/bionic64
     memory: 512
     cpus: 1
 
-  - name: debian-8
-    box: debian/jessie64
+  - name: debian-sid
+    box: debian/testing64
+    memory: 512
+    cpus: 1
+
+  - name: debian-10
+    box: debian/buster64
     memory: 512
     cpus: 1
 
@@ -44,6 +59,11 @@ platforms:
     memory: 512
     cpus: 1
 
+  # - name: debian-8
+  #   box: debian/jessie64
+  #   memory: 512
+  #   cpus: 1
+
 provisioner:
   name: ansible
   lint:

molecule/vagrant/playbook.yml

@@ -12,19 +12,38 @@
       when: ansible_os_family == 'Debian'
       changed_when: false
 
-    - name: Install libselinux-python on redhat/centos 6
-      yum:
-        name: libselinux-python
-        state: present
+    # - name: Install libselinux-python on redhat/centos 6
+    #   yum:
+    #     name: libselinux-python
+    #     state: present
+    #   when: >
+    #     ansible_os_family == 'RedHat' and (
+    #       ansible_distribution == 'CentOS' or
+    #       ansible_distribution == 'RedHat'
+    #     )
+    #     and ansible_distribution_major_version == '6'
+    #   changed_when: false
+
+  roles:
+    - role: christiangda.epel_repo
       when: >
         ansible_os_family == 'RedHat' and (
           ansible_distribution == 'CentOS' or
-          ansible_distribution == 'RedHat'
+          ansible_distribution == 'RedHat' or
+          ansible_distribution == 'Amazon'
         )
-        and ansible_distribution_major_version == '6'
-      changed_when: false
-
-  roles:
+    - role: christiangda.awscli_configure
+      vars:
+        awscliconf_path: '/root'
+        awscliconf_files:
+          credentials:
+            - AmazonCloudWatchAgent:
+                aws_access_key_id: 'AKIAIOSFODNN7EXAMPLE'
+                aws_secret_access_key: 'wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY'
+          config:
+            - profile AmazonCloudWatchAgent:
+                region: eu-west-1
     - role: christiangda.amazon_cloudwatch_agent
       vars:
         cwa_agent_mode: "onPremise"
+        cwa_profile: "AmazonCloudWatchAgent"