from the command line in ubuntu i can run:
apt list --upgradable | grep security | cut -d/ -f1 | xargs sudo apt-get install -y
but the ansible I have is :
- hosts: all
become: true
become_user: root
tasks:-
name: Update apt repo and cache on all Debian/Ubuntu boxes
apt: update_cache=yes force_apt_get=yes cache_valid_time=3600 -
name: Upgrade all packages on servers
apt: upgrade=dist force_apt_get=yes -
name: Check if a reboot is needed on all servers
register: reboot_required_file
stat: path=/var/run/reboot-required get_checksum=no -
name: Reboot the box if kernel updated
reboot:
msg: “Reboot initiated by Ansible for kernel updates”
connect_timeout: 5
reboot_timeout: 300
pre_reboot_delay: 0
post_reboot_delay: 30
test_command: uptime
when: reboot_required_file.stat.exists
-
how should I modify :
apt: update_cache=yes force_apt_get=yes cache_valid_time=3600