Getting complete package update information

[Dimitri Yioulos]

The following playbook gets packages available for update, returning package name and version:

---

- hosts: all
  gather_facts: false

  vars:
    my_packages: "{{ dict(packages.results|groupby('name')) }}"

  tasks:

    - name: Check packages to upgrade
      dnf:
        list: updates
      register: packages

    - name: Show packages to upgrade
      debug:
        msg: |
          {% for name,versions in my_packages.items() %}
          {% set max_ver=versions|map(attribute='version')|max %}
          {% set p=versions|selectattr('version', '==', max_ver)|list %}
          {{ name }}-{{ p.0.version }}-{{ p.0.release }}
          {% endfor %}

However, I note that it doesn't pickup up dependencies like these:

Installing dependencies:
 grub2-tools-efi               x86_64 1:2.06-70.el9_3.2      rhel-9-for-x86_64-baseos-rpms    543k

~

Installing weak dependencies:
 kernel-devel                  x86_64 5.14.0-362.18.1.el9_3  rhel-9-for-x86_64-appstream-rpms  24 M

~

What do i need to add to the playbook so that all packages available for update are captured?

[Stephen Maher]

Hi,

A quick look at the packages shows they are security fixes, if you add `security: yes` does that solve your issue ?

Steve.

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/80e55f09-42f0-460a-982b-59fb4b36ae59n%40googlegroups.com.

[Dimitri Yioulos]

Stephen, if you mean add that parameter to the dnf module, like this:

      dnf:
        list: updates

        security: yes

it didn't work.

[Nico Kadel-Garcia]

On Wed, Feb 28, 2024 at 3:42 PM Dimitri Yioulos <dyio...@gmail.com> wrote:
>
> Stephen, if you mean add that parameter to the dnf module, like this:
>
> dnf:
> list: updates
> security: yes

I would expect that to report *only* security updates, not to report
those *as well*. Security updates would be among the normal update
list.

I suspect you're running into the "dnf update" command applying not
merely required, but recommended updates.

This.... is not going to work, it won't pick up the dependencies of
your package dependencies, as you've discovered. Updates to one
package can even conflict with and force a rollback of another
package. Frankly, why not just use a "dnf check-update" command?

>> However, I note that it doesn't pickup up dependencies like these:
>>
>> Installing dependencies:
>> grub2-tools-efi x86_64 1:2.06-70.el9_3.2 rhel-9-for-x86_64-baseos-rpms 543k
>> ~
>>
>> Installing weak dependencies:
>> kernel-devel x86_64 5.14.0-362.18.1.el9_3 rhel-9-for-x86_64-appstream-rpms 24 M
>> ~
>>
>> What do i need to add to the playbook so that all packages available for update are captured?
>>
>>
>> --
>> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
>> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/80e55f09-42f0-460a-982b-59fb4b36ae59n%40googlegroups.com.
>>
>>
> --
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.

> To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/2c383669-6c3b-47da-9a18-67ccb5419cb5n%40googlegroups.com.

[Dimitri Yioulos]

Thanks, Nico.  dnf check-update doesn't quite return the values that I'm looking for.