41 lines
1.3 KiB
YAML
41 lines
1.3 KiB
YAML
---
|
|
- name: Run DC patch task via SYSTEM scheduled task
|
|
hosts: domain_controllers
|
|
gather_facts: no
|
|
|
|
vars:
|
|
task_path: '\\' # or '\\Microsoft\\Windows\\WindowsUpdate\\'
|
|
task_name: 'Patching-windows-task'
|
|
|
|
tasks:
|
|
- name: Start the SYSTEM patch task (schtasks)
|
|
ansible.windows.win_command: >
|
|
schtasks /Run /TN "{{ task_path }}{{ task_name }}"
|
|
register: start_task
|
|
failed_when: false
|
|
changed_when: >
|
|
(start_task is defined) and
|
|
(
|
|
(start_task.rc | default(999)) == 0
|
|
or ('SUCCESS' in (start_task.stdout | default('')))
|
|
)
|
|
|
|
- name: Poll task until Ready/Disabled (PowerShell)
|
|
ansible.windows.win_powershell:
|
|
script: |
|
|
$ErrorActionPreference = 'Stop'
|
|
Import-Module ScheduledTasks
|
|
$tp = '{{ task_path }}'
|
|
$tn = '{{ task_name }}'
|
|
$null = Get-ScheduledTask -TaskPath $tp -TaskName $tn
|
|
(Get-ScheduledTaskInfo -TaskPath $tp -TaskName $tn).State
|
|
register: task_state
|
|
failed_when: false
|
|
retries: 180
|
|
delay: 60
|
|
until: (task_state.stdout | default('') | trim) in ['Ready','Disabled']
|
|
|
|
- name: Reboot if needed
|
|
ansible.windows.win_reboot:
|
|
reboot_timeout: 3600
|
|
when: (task_state.stdout | default('') | trim) == 'Ready' |