--- # Copyright (c) Ansible Project # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) # SPDX-License-Identifier: GPL-3.0-or-later - name: Check packages with updates dnf: list: updates register: updates - name: Set local facts set_fact: _packages: "{{ (updates.results | map(attribute='name') | list)[:5] }}" - debug: msg: - "The packages to be locked and unlocked are: {{ _packages}}" - block: - name: Clear locklist community.general.dnf_versionlock: state: clean register: clear_locklist - assert: that: - clear_locklist.locklist_post | length == 0 - name: Lock packages with updates dnf_versionlock: name: "{{ _packages }}" state: present register: lock_packages - assert: that: - lock_packages is changed - (lock_packages.locklist_post | length) <= (_packages | length) - name: Update packages with updates while locked command: >- dnf update -y --setopt=obsoletes=0 {{ _packages | join(' ') }} register: update_locked_packages changed_when: '"Nothing to do" not in update_locked_packages.stdout' - assert: that: - update_locked_packages is not changed - name: Unlock packages with updates dnf_versionlock: name: "{{ _packages }}" state: absent register: unlock_packages - assert: that: - unlock_packages is changed - unlock_packages.locklist_post | length == 0 - name: Update packages dnf: name: "{{ _packages }}" state: latest check_mode: true register: update_packages - assert: that: - update_packages is changed when: updates.results | length > 0 ...