murrahjm/tower_patching.yml

## tower_patching.yml
---
- name: pause nodes and install patches
  hosts: all
  any_errors_fatal: true
  strategy: linear
  serial: 1
  tasks:
  - name: get {{inventory_hostname }} instance id
    uri:
      url: "https://{{tower_alias}}/api/v2/instances?hostname={{inventory_hostname}}"
      url_username: "{{ tower_username }}"
      url_password: "{{ tower_password }}"
      force_basic_auth: true
    register: instance_url

  - name: disable {{ inventory_hostname }} in tower instance group
    uri:
      url: "https://{{ tower_alias }}{{ instance_url.json.results[0].url }}"
      url_username: "{{ tower_username }}"
      url_password: "{{ tower_password }}"
      force_basic_auth: true
      method: PUT
      body_format: json
      body:
        enabled: false

  - name: wait for running jobs to finish
    uri:
      url: "https://{{ tower_alias }}{{ instance_url.json.results[0].url }}"
      url_username: "{{ tower_username }}"
      url_password: "{{ tower_password }}"
      force_basic_auth: true
    register: instance_info
    retries: 100
    delay: 10
    until: instance_info.json.jobs_running == 0

  - name: exclude ansible packages from default yum config
    lineinfile:
      path: /etc/yum.conf
      regexp: '^exclude='
      line: exclude=ansible* redis* packages-microsoft-com-prod
    become: yes

  - name: update all packages
    yum:
      name: "*"
      state: latest
      exclude:
      - ansible*
      - redis*
      disablerepo:
      - automation-hub-4.2-for-rhel-8-x86_64-rpms
    become: yes

  - name: reboot after patching
    reboot:
    become: yes

  - name: enable {{ inventory_hostname }} in tower instance group
    uri:
      url: "https://{{ tower_alias }}{{ instance_url.json.results[0].url }}"
      url_username: "{{ tower_username }}"
      url_password: "{{ tower_password }}"
      force_basic_auth: true
      method: PUT
      body_format: json
      body:
        enabled: true
	---
	- name: pause nodes and install patches
	hosts: all
	any_errors_fatal: true
	strategy: linear
	serial: 1
	tasks:
	- name: get {{inventory_hostname }} instance id
	uri:
	url: "https://{{tower_alias}}/api/v2/instances?hostname={{inventory_hostname}}"
	url_username: "{{ tower_username }}"
	url_password: "{{ tower_password }}"
	force_basic_auth: true
	register: instance_url

	- name: disable {{ inventory_hostname }} in tower instance group
	uri:
	url: "https://{{ tower_alias }}{{ instance_url.json.results[0].url }}"
	url_username: "{{ tower_username }}"
	url_password: "{{ tower_password }}"
	force_basic_auth: true
	method: PUT
	body_format: json
	body:
	enabled: false

	- name: wait for running jobs to finish
	uri:
	url: "https://{{ tower_alias }}{{ instance_url.json.results[0].url }}"
	url_username: "{{ tower_username }}"
	url_password: "{{ tower_password }}"
	force_basic_auth: true
	register: instance_info
	retries: 100
	delay: 10
	until: instance_info.json.jobs_running == 0

	- name: exclude ansible packages from default yum config
	lineinfile:
	path: /etc/yum.conf
	regexp: '^exclude='
	line: exclude=ansible* redis* packages-microsoft-com-prod
	become: yes

	- name: update all packages
	yum:
	name: "*"
	state: latest
	exclude:
	- ansible*
	- redis*
	disablerepo:
	- automation-hub-4.2-for-rhel-8-x86_64-rpms
	become: yes

	- name: reboot after patching
	reboot:
	become: yes

	- name: enable {{ inventory_hostname }} in tower instance group
	uri:
	url: "https://{{ tower_alias }}{{ instance_url.json.results[0].url }}"
	url_username: "{{ tower_username }}"
	url_password: "{{ tower_password }}"
	force_basic_auth: true
	method: PUT
	body_format: json
	body:
	enabled: true