Show updated packages with Ansible package management

package-management ansible

Solution 1:

Starting with the comment by HBruijn I extended my playbook to show the result of the package management logs afterwards:

---

- hosts: ubuntu
  tasks:
  - name: install all updates
    apt:
      upgrade: dist
      update_cache: yes
      autoremove: yes
      autoclean: yes
    register: result
  - name: List installed and updated packages
    shell: grep -E "^$(date +%Y-%m-%d).+ (install|upgrade) " /var/log/dpkg.log |cut -d " " -f 3-5
    register: result
  - name: Show Output
    debug: msg="{{ result.stdout_lines }}"
- hosts: centos
  tasks:
  - name: install all updates
    yum:
      name: '*'
      update_cache: yes
      state: latest
  - name: List updated packages
    shell: rpm -qa --last | grep "$(date +%a\ %d\ %b\ %Y)" |cut -f 1 -d " "
    register: result
    args:
      warn: no
  - name: Updates packages
    debug: msg="{{ result.stdout_lines }}"

The resulting output:

ok: [ubuntu-host] => {
    "msg": [
        "upgrade python3-problem-report:all 2.14.1-0ubuntu3.25",
        "upgrade python3-apport:all 2.14.1-0ubuntu3.25",
        "upgrade apport:all 2.14.1-0ubuntu3.25",
        "upgrade firefox:i386 56.0+build6-0ubuntu0.14.04.2",
        "upgrade python-problem-report:all 2.14.1-0ubuntu3.25",
        "upgrade python-apport:all 2.14.1-0ubuntu3.25",
        "upgrade xul-ext-ubufox:all 3.4-0ubuntu0.14.04.1"
    ]
}

ok: [centos-host] => {
    "msg": [
        "kernel-headers-2.6.32-696.16.1.el6.x86_64",
        "lvm2-2.02.143-12.el6_9.1.x86_64",
        "device-mapper-multipath-0.4.9-100.el6_9.1.x86_64",
        "kernel-2.6.32-696.16.1.el6.x86_64",
        "kernel-firmware-2.6.32-696.16.1.el6.noarch",
        "lvm2-libs-2.02.143-12.el6_9.1.x86_64",
        "kpartx-0.4.9-100.el6_9.1.x86_64",
        "device-mapper-multipath-libs-0.4.9-100.el6_9.1.x86_64",
        "device-mapper-event-libs-1.02.117-12.el6_9.1.x86_64",
        "device-mapper-event-1.02.117-12.el6_9.1.x86_64",
        "device-mapper-1.02.117-12.el6_9.1.x86_64",
        "util-linux-ng-2.17.2-12.28.el6_9.1.x86_64",
        "device-mapper-libs-1.02.117-12.el6_9.1.x86_64",
        "libblkid-2.17.2-12.28.el6_9.1.x86_64",
        "libuuid-2.17.2-12.28.el6_9.1.x86_64"
    ]
}

This is a vast improvement, but I'm still hoping someone has a better solution.

Solution 2:

I took the basic approach of Gerald Schneider, and added some conditionals to only check for updates if something has changed. This fixes things in the common case, although it can still generate a bit of extraneous output if more than one update happens per day.

- hosts: debian
  become: yes
  tasks:
    - name: Debian/Raspbian Update
      apt:
        update_cache: true
        upgrade: yes
      register: debian
    #- debug:
    #    msg: " {{ debian.stdout_lines }} "
    - name: List installed and updated packages
      shell: grep -E "^$(date +%Y-%m-%d).+ (install|upgrade) " /var/log/dpkg.log |cut -d " " -f 3-5
      register: result
      when: debian.changed
    - name: Show Output
      debug: msg="{{ result.stdout_lines }}"
      when: debian.changed

Generates output much like:

TASK [Debian/Raspbian Update] ***************************************************************************************************************************************************************************************************************************************
ok: [clusterpi-01.local]
ok: [clusterpi-00.local]
ok: [clusterpi-03.local]
ok: [clusterpi-02.local]
ok: [radpi.local]
ok: [firefly]
ok: [blueberrypi.local]
changed: [blackberrypi.local]
changed: [snozzberrypi.local]
ok: [pizero]

TASK [List installed and updated packages] **************************************************************************************************************************************************************************************************************************
skipping: [radpi.local]
skipping: [pizero]
skipping: [blueberrypi.local]
skipping: [clusterpi-00.local]
skipping: [clusterpi-01.local]
skipping: [clusterpi-02.local]
skipping: [clusterpi-03.local]
skipping: [firefly]
changed: [blackberrypi.local]
changed: [snozzberrypi.local]

TASK [Show Output] **************************************************************************************************************************************************************************************************************************************************
skipping: [radpi.local]
ok: [snozzberrypi.local] => {
    "msg": [
        "upgrade rpi-chromium-mods:armhf 20190218",
        "upgrade wiringpi:armhf 2.46"
    ]
}
skipping: [pizero]
ok: [blackberrypi.local] => {
    "msg": [
        "upgrade rpi-chromium-mods:armhf 20190218",
        "upgrade wiringpi:armhf 2.46"
    ]
}
skipping: [blueberrypi.local]
skipping: [clusterpi-00.local]
skipping: [clusterpi-01.local]
skipping: [clusterpi-02.local]
skipping: [clusterpi-03.local]
skipping: [firefly]

Similar tests can easily be added for dnf/yum based distros as well.

Related

Robocopy - Overwrite all files unless file in destination is newer
Enable both brotli and gzip on NGINX?
High load average but low CPU usage and disk I/O [duplicate]
Ubuntu Err :18 http://dl.google.com/linux/chrome/deb stable Release.gpg KEYEXPIRED 1555048520
Ansible prompt a variable in a task
Ubuntu 20.04 ssh-keygen unknown option -G unable to generate Diffie-Hellman parameters
Is rpcbind needed for an NFS client?
wget to an IPv4 server from IPv6-only VPS
What is DHCP Rebinding?
Bash script parameters
Recursive cp copies folder contents instead of folder on OS X
What configuration items do you track for proper configuration management? [closed]