From 4e1bdd24c5af38a3cd307decab076c11fffc0872 Mon Sep 17 00:00:00 2001
From: mhorak <mhorak@totalservice.cz>
Date: Wed, 6 Aug 2025 10:48:40 +0000
Subject: [PATCH] Add www-install-win-updates.yaml

---
 www-install-win-updates.yaml | 121 +++++++++++++++++++++++++++++++++++
 1 file changed, 121 insertions(+)
 create mode 100644 www-install-win-updates.yaml

diff --git a/www-install-win-updates.yaml b/www-install-win-updates.yaml
new file mode 100644
index 0000000..c187465
--- /dev/null
+++ b/www-install-win-updates.yaml
@@ -0,0 +1,121 @@
+---
+- name: Windows Update Installation from Assessment Report
+  hosts: windows
+  gather_facts: no
+  tasks:
+    - name: Get current timestamp
+      set_fact:
+        current_timestamp: "{{ lookup('pipe', 'date +%Y-%m-%dT%H:%M:%S') }}"
+    
+    - name: Check if KB updates report file exists
+      win_stat:
+        path: 'C:\Temp\windows_updates_with_kb.txt'
+      register: kb_updates_file
+
+    - name: Fail if updates report file is missing
+      fail:
+        msg: 'KB updates report file not found at C:\Temp\windows_updates_with_kb.txt. Please run the assessment playbook first.'
+      when: not kb_updates_file.stat.exists
+
+    - name: Read KB updates report content
+      win_shell: Get-Content -Path 'C:\Temp\windows_updates_with_kb.txt'
+      register: updates_content
+      when: kb_updates_file.stat.exists
+
+    - name: Extract KB numbers from report file
+      set_fact:
+        kb_numbers: "{{ updates_content.stdout_lines | select('match', '.*KB: .*') | map('regex_replace', '.*KB: ([0-9,\\s]+).*', '\\1') | map('split', ',') | flatten | map('trim') | select('match', '^[0-9]+$') | list | unique }}"
+      when: 
+        - kb_updates_file.stat.exists
+        - updates_content.stdout_lines is defined
+
+    - name: Display KB numbers to be installed
+      debug:
+        msg: 
+          - "Found {{ kb_numbers | length }} unique KB numbers to install:"
+          - "{{ kb_numbers | join(', ') }}"
+      when: 
+        - kb_updates_file.stat.exists
+        - kb_numbers is defined
+        - kb_numbers | length > 0
+
+    - name: Install Windows updates by KB numbers
+      win_updates:
+        category_names: '*'
+        state: installed
+        accept_list: "{{ kb_numbers }}"
+        log_path: 'C:\Temp\windows_update_installation.log'
+      register: installation_result
+      when:
+        - kb_updates_file.stat.exists
+        - kb_numbers is defined
+        - kb_numbers | length > 0
+
+    - name: Display installation summary
+      debug:
+        msg:
+          - "=== WINDOWS UPDATE INSTALLATION COMPLETE ==="
+          - "Host: {{ inventory_hostname }}"
+          - "Updates Found: {{ installation_result.found_update_count | default(0) }}"
+          - "Updates Installed: {{ installation_result.installed_update_count | default(0) }}"
+          - "Updates Failed: {{ installation_result.failed_update_count | default(0) }}"
+          - "Reboot Required: {{ 'Yes' if installation_result.reboot_required | default(false) else 'No' }}"
+      when:
+        - kb_updates_file.stat.exists
+        - kb_numbers is defined
+        - kb_numbers | length > 0
+        - installation_result is defined
+
+    - name: Reboot if required
+      win_reboot:
+        reboot_timeout: 1800
+      when: installation_result.reboot_required | default(false)        
+
+    - name: Create installation report
+      set_fact:
+        installation_summary: |
+          Windows Update Installation Report
+          =================================
+          Host: {{ inventory_hostname }}
+          Date: {{ current_timestamp }}
+          
+          Summary:
+          --------
+          Total Updates Found: {{ installation_result.found_update_count | default(0) }}
+          Successfully Installed: {{ installation_result.installed_update_count | default(0) }}
+          Failed Installations: {{ installation_result.failed_update_count | default(0) }}
+          Reboot Required: {{ installation_result.reboot_required | default('No') }}
+          
+          Requested KB Numbers: {{ kb_numbers | join(', ') }}
+          
+          {% if installation_result.updates is defined %}
+          Installed Updates:
+          -----------------
+          {% for update_id, update_info in installation_result.updates.items() %}
+          - {{ update_info.title }}
+            KB: {{ update_info.kb | join(', ') if update_info.kb else 'None' }}
+          {% endfor %}
+          {% endif %}
+      when:
+        - kb_updates_file.stat.exists
+        - kb_numbers is defined
+        - kb_numbers | length > 0
+        - installation_result is defined
+
+    - name: Save installation report to file
+      win_copy:
+        content: "{{ installation_summary }}"
+        dest: 'C:\Temp\windows_update_installation_report.txt'
+      when:
+        - kb_updates_file.stat.exists
+        - kb_numbers is defined
+        - kb_numbers | length > 0
+        - installation_result is defined
+        - installation_summary is defined
+
+    - name: Give a report when no KB numbers were found on updates
+      debug:
+        msg: "No valid KB numbers found in the updates report file. Please verify the assessment report."
+      when:
+        - kb_updates_file.stat.exists
+        - (kb_numbers is not defined or kb_numbers | length == 0)
\ No newline at end of file