--- - name: Windows Update Installation from Assessment Report hosts: windows gather_facts: no tasks: - name: Get current timestamp set_fact: current_timestamp: "{{ lookup('pipe', 'date +%Y-%m-%dT%H:%M:%S') }}" - name: Check if KB updates report file exists win_stat: path: 'C:\Temp\windows_updates_with_kb.txt' register: kb_updates_file - name: Fail if updates report file is missing fail: msg: 'KB updates report file not found at C:\Temp\windows_updates_with_kb.txt. Please run the assessment playbook first.' when: not kb_updates_file.stat.exists - name: Read KB updates report content win_shell: Get-Content -Path 'C:\Temp\windows_updates_with_kb.txt' register: updates_content when: kb_updates_file.stat.exists - name: Extract KB numbers from report file set_fact: kb_numbers: "{{ updates_content.stdout_lines | select('match', '.*KB: .*') | map('regex_replace', '.*KB: ([0-9,\\s]+).*', '\\1') | map('split', ',') | flatten | map('trim') | select('match', '^[0-9]+$') | list | unique }}" when: - kb_updates_file.stat.exists - updates_content.stdout_lines is defined - name: Display KB numbers to be installed debug: msg: - "Found {{ kb_numbers | length }} unique KB numbers to install:" - "{{ kb_numbers | join(', ') }}" when: - kb_updates_file.stat.exists - kb_numbers is defined - kb_numbers | length > 0 - name: Install Windows updates by KB numbers win_updates: category_names: '*' state: installed accept_list: "{{ kb_numbers }}" log_path: 'C:\Temp\windows_update_installation.log' register: installation_result when: - kb_updates_file.stat.exists - kb_numbers is defined - kb_numbers | length > 0 - name: Display installation summary debug: msg: - "=== WINDOWS UPDATE INSTALLATION COMPLETE ===" - "Host: {{ inventory_hostname }}" - "Updates Found: {{ installation_result.found_update_count | default(0) }}" - "Updates Installed: {{ installation_result.installed_update_count | default(0) }}" - "Updates Failed: {{ installation_result.failed_update_count | default(0) }}" - "Reboot Required: {{ 'Yes' if installation_result.reboot_required | default(false) else 'No' }}" when: - kb_updates_file.stat.exists - kb_numbers is defined - kb_numbers | length > 0 - installation_result is defined - name: Reboot if required win_reboot: reboot_timeout: 1800 when: installation_result.reboot_required | default(false) - name: Create installation report set_fact: installation_summary: | Windows Update Installation Report ================================= Host: {{ inventory_hostname }} Date: {{ current_timestamp }} Summary: -------- Total Updates Found: {{ installation_result.found_update_count | default(0) }} Successfully Installed: {{ installation_result.installed_update_count | default(0) }} Failed Installations: {{ installation_result.failed_update_count | default(0) }} Reboot Required: {{ installation_result.reboot_required | default('No') }} Requested KB Numbers: {{ kb_numbers | join(', ') }} {% if installation_result.updates is defined %} Installed Updates: ----------------- {% for update_id, update_info in installation_result.updates.items() %} - {{ update_info.title }} KB: {{ update_info.kb | join(', ') if update_info.kb else 'None' }} {% endfor %} {% endif %} when: - kb_updates_file.stat.exists - kb_numbers is defined - kb_numbers | length > 0 - installation_result is defined - name: Save installation report to file win_copy: content: "{{ installation_summary }}" dest: 'C:\Temp\windows_update_installation_report.txt' when: - kb_updates_file.stat.exists - kb_numbers is defined - kb_numbers | length > 0 - installation_result is defined - installation_summary is defined - name: Give a report when no KB numbers were found on updates debug: msg: "No valid KB numbers found in the updates report file. Please verify the assessment report." when: - kb_updates_file.stat.exists - (kb_numbers is not defined or kb_numbers | length == 0)