[Windows] Add a new tasks file for Windows Updates installation (vmwa…

…re#523)

Signed-off-by: Diane Wang <dianew@vmware.com>

windows/utils/win_get_os_version.yml

@@ -0,0 +1,70 @@
+# Copyright 2023 VMware, Inc.
+# SPDX-License-Identifier: BSD-2-Clause
+---
+# Get guest OS version with major and minor build number.
+# Return:
+#   win_os_version_build: Windows OS version.
+#
+- name: "Initialize the Windows OS version and registry path"
+  ansible.builtin.set_fact:
+    win_os_version_build: ""
+    win_os_version_reg_path: ""
+
+- name: "Get the registry key path for getting OS version"
+  include_tasks: win_execute_cmd.yml
+  vars:
+    win_powershell_cmd: >-
+      (Get-ChildItem -Path
+      "HKLM:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Update\\TargetingInfo\\Installed\\*.OS.*").Name
+    win_execute_cmd_ignore_error: true
+
+- name: "Set fact of registry key path for getting OS version"
+  ansible.builtin.set_fact:
+    win_os_version_reg_path: "{{ win_powershell_cmd_output.stdout_lines[0] | replace('HKEY_LOCAL_MACHINE', 'HKLM:') }}"
+  when:
+    - win_powershell_cmd_output.failed is defined
+    - not win_powershell_cmd_output.failed
+    - win_powershell_cmd_output.stdout_lines is defined
+    - win_powershell_cmd_output.stdout_lines | length == 1
+
+- name: "Get Windows OS version"
+  when: win_os_version_reg_path
+  block:
+    - name: "Get registry key value for getting OS version"
+      include_tasks: win_execute_cmd.yml
+      vars:
+        win_powershell_cmd: >-
+          Get-ItemPropertyValue -Path "{{ win_os_version_reg_path }}" -Name Version
+        win_execute_cmd_ignore_error: true
+    - name: "Set fact of Windows OS version"
+      ansible.builtin.set_fact:
+        win_os_version_build: "{{ win_powershell_cmd_output.stdout_lines[0] }}"
+      when:
+        - win_powershell_cmd_output.failed is defined
+        - not win_powershell_cmd_output.failed
+        - win_powershell_cmd_output.stdout_lines is defined
+        - win_powershell_cmd_output.stdout_lines | length == 1
+
+- name: "Get Windows OS version"
+  when: not win_os_version_reg_path
+  block:
+    - name: "Get registry key value for getting OS version"
+      include_tasks: win_execute_cmd.yml
+      vars:
+        win_powershell_cmd: >-
+          $majorver = Get-ItemPropertyValue -Path "HKLM:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion" -Name CurrentMajorVersionNumber;
+          $minorver = Get-ItemPropertyValue -Path "HKLM:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion" -Name CurrentMinorVersionNumber;
+          $buildnum = (Get-ItemPropertyValue -Path "HKLM:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion" -Name BuildLabEx) -match "\d{5}\.\d{4}";
+          Write-Host($majorver, $minorver, $matches[0] -join '.')
+        win_execute_cmd_ignore_error: true
+    - name: "Set fact of Windows OS version"
+      ansible.builtin.set_fact:
+        win_os_version_build: "{{ win_powershell_cmd_output.stdout_lines[0] }}"
+      when:
+        - win_powershell_cmd_output.failed is defined
+        - not win_powershell_cmd_output.failed
+        - win_powershell_cmd_output.stdout_lines is defined
+        - win_powershell_cmd_output.stdout_lines | length == 1
+
+- name: "Print Windows OS version"
+  ansible.builtin.debug: var=win_os_version_build

windows/utils/win_install_updates.yml

@@ -0,0 +1,60 @@
+# Copyright 2023 VMware, Inc.
+# SPDX-License-Identifier: BSD-2-Clause
+---
+# Search and install Windows Updates in all categories,
+# and skip optional ones in Windows guest OS.
+# Return:
+#   win_udpates_log_file: Windows Updates install log file path.
+#
+- name: "Set fact of Windows Updates install log path"
+  ansible.builtin.set_fact:
+    win_udpates_log_file: "C:\\win_updates_log.txt"
+
+- name: "Get the list of available Windows Updates"
+  ansible.windows.win_updates:
+    server_selection: "windows_update"
+    category_names: '*'
+    log_path: "{{ win_udpates_log_file }}"
+    skip_optional: true
+    state: "searched"
+  delegate_to: "{{ vm_guest_ip }}"
+  register: win_updates_list
+- name: "Print the list of Windows Updates"
+  ansible.builtin.debug: var=win_updates_list
+
+- name: "Install Windows Updates when updates found"
+  when:
+    - win_updates_list.found_update_count is defined
+    - win_updates_list.found_update_count | int != 0
+    - win_updates_list.updates is defined
+    - win_updates_list.updates | length != 0
+  block:
+    - name: "Install Windows Updates"
+      ansible.windows.win_updates:
+        server_selection: "windows_update"
+        category_names: '*'
+        log_path: "{{ win_udpates_log_file }}"
+        skip_optional: true
+        state: "installed"
+        reboot: true
+        reboot_timeout: 1800
+      delegate_to: "{{ vm_guest_ip }}"
+      register: win_updates_install_result
+    - name: "Print Windows Updates install result"
+      debug: var=win_updates_install_result
+    - name: "Check updates found are installed"
+      ansible.builtin.assert:
+        that:
+          - win_updates_install_result.found_update_count is defined
+          - win_updates_install_result.installed_update_count is defined
+          - win_updates_install_result.found_update_count | int == win_updates_install_result.installed_update_count | int
+        fail_msg: >-
+          Installed update count '{{ win_updates_install_result.installed_update_count | default(0) }}',
+          is not match found update count '{{ win_updates_install_result.found_update_count | default(0) }}'.
+
+- name: "No need to install Windows Updates"
+  ansible.builtin.debug:
+    msg: "Will not execute Windows Updates installation task due to no update found."
+  when: >
+    (win_updates_list.found_update_count is undefined) or
+    (win_updates_list.found_update_count | int == 0)