51 lines
1.8 KiB
YAML
51 lines
1.8 KiB
YAML
---
|
|
- name: Run DC patch task via JEA-PatchOps
|
|
hosts: domain_controllers
|
|
gather_facts: no
|
|
|
|
vars:
|
|
task_path: '\\' # root folder
|
|
task_name: 'Patching-windows-task'
|
|
poll_delay: 60
|
|
finish_retries: 3 # up to 6h
|
|
|
|
tasks:
|
|
- name: Ensure the task is enabled
|
|
ansible.windows.win_powershell:
|
|
script: |
|
|
Import-Module ScheduledTasks
|
|
$tp='{{ task_path }}'; $tn='{{ task_name }}'
|
|
$t = Get-ScheduledTask -TaskPath $tp -TaskName $tn
|
|
if (-not $t.Settings.Enabled) { Enable-ScheduledTask -TaskPath $tp -TaskName $tn | Out-Null }
|
|
|
|
- name: Start the SYSTEM patch task
|
|
ansible.windows.win_command: >
|
|
schtasks /Run /TN "{{ task_path }}{{ task_name }}"
|
|
register: start_task
|
|
failed_when: false
|
|
changed_when: >
|
|
(start_task.rc | default(1)) == 0
|
|
or ('SUCCESS' in (start_task.stdout | default('')))
|
|
|
|
- name: Poll until Ready/Disabled with success
|
|
ansible.windows.win_powershell:
|
|
script: |
|
|
$ErrorActionPreference = 'Stop'
|
|
Import-Module ScheduledTasks
|
|
$tp='{{ task_path }}'; $tn='{{ task_name }}'
|
|
$i = Get-ScheduledTaskInfo -TaskPath $tp -TaskName $tn
|
|
[PSCustomObject]@{ State=$i.State; LastTaskResult=$i.LastTaskResult } | ConvertTo-Json -Compress
|
|
register: task_info
|
|
failed_when: false
|
|
retries: "{{ finish_retries }}"
|
|
delay: "{{ poll_delay }}"
|
|
until: >
|
|
(task_info.stdout | default('') | length > 0)
|
|
and ((task_info.stdout | from_json).State in ['Ready','Disabled'])
|
|
and (((task_info.stdout | from_json).LastTaskResult | int) == 0)
|
|
|
|
- name: Reboot if needed
|
|
ansible.windows.win_reboot:
|
|
reboot_timeout: 5400
|
|
when: (task_info.stdout | from_json).State == 'Ready'
|