DA / Wordpress - force updates (core/plugins/theme) via Ansible

[ShadowM]

As all know when customers deploy Wordpress sites the one thing they forget is to keep their site/plugins/themes up to date.
In this i therefore started researching a way to force updates via Ansible.

To share what i have its posted below.

Dependancies :
- have wp-cli installed as command-tool

if it is not present then create tasks in a/your Ansible playbook :

- name: Check if wp-cli management tool exists.
  ansible.builtin.stat:
    path: /usr/local/bin/wp
  register: wp_cli_result
 
  - name: Update wp-cli management tool if it was present
  ansible.builtin.shell: "/usr/local/bin/wp cli update --yes"
  when : wp_cli_result.stat.exists
 
- name: Download and install wp-cli management tool if it does not exist
  ansible.builtin.get_url:
    url: https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
    dest: /usr/local/bin/wp
    mode: '0755'
  when: not wp_cli_result.stat.exists

The playbook itself as to executing an unconditional upgrade of WP-core, plugins and themes is below:
-> remember, some items are additional for future purposes.

---
# tasks file for directadmin

- name: make sure wp-cli is latest
  ansible.builtin.command: wp cli update

- name: Set facts
  ansible.builtin.set_fact:
    user_dirs: []
    wordpress_sites: []
    wordpress_paths: []
    wordpress_unwanted_files: []

- name: Find homedirectories of users
  ansible.builtin.find:
    file_type: directory
    paths:
      - "/home"
    recurse: no
    excludes:
      - "backup"
      - "tmp"
  register: home_dirs

- name: Show found homedirectories
  ansible.builtin.debug:
    var: home_dirs

- name: Add directory list
  ansible.builtin.set_fact:
    user_dirs: "{{ user_dirs + [item.path] }}"
  with_items: "{{ home_dirs.files }}"

- name: Show found homedirectories
  ansible.builtin.debug:
    var: user_dirs

- name: Find homedirs with wpconfig.ini
  ansible.builtin.find:
    file_type: file
    paths: "{{ user_dirs }}"
    recurse: yes
    patterns:
      - wp-config.php
  register: wordpress_users

- name: Show found wordpress users
  ansible.builtin.debug:
    msg: "{{ item.path }}"
  with_items: "{{ wordpress_users.files }}"

- name: Set paths for wordpress sites to perform actions on
  ansible.builtin.set_fact:
    wordpress_paths: "{{ wordpress_paths + [item.path | dirname] }}"
  with_items: "{{ wordpress_users.files }}"

- name: Show content of wordpress paths
  ansible.builtin.debug:
    var: wordpress_paths

- name: Get Siteversion of wordpress site
  ansible.builtin.command: wp core version --allow-root
  args:
    chdir: "{{ item }}"
  with_items: "{{ wordpress_paths }}"
  register: version_result

- name: Show version_result
  ansible.builtin.debug:
    var: version_result.results
  with_items: "{{ version_result.results }}"

- name: Update Siteversion of wordpress site
  ansible.builtin.command: wp core update --allow-root
  args:
    chdir: "{{ item }}"
  with_items: "{{ wordpress_paths }}"
  register: core_update_result

- name: Show update_result
  ansible.builtin.debug:
    var: core_update_result

- name: Update Plugin version of wordpress site
  ansible.builtin.command: wp plugin update --all --allow-root
  ignore_errors: yes
  args:
    chdir: "{{ item }}"
  with_items: "{{ wordpress_paths }}"
  register: plugin_update_result

- name: Show plugin_update_result
  ansible.builtin.debug:
    var: plugin_update_result

- name: Update Themes version of wordpress site
  ansible.builtin.command: wp theme update --all --allow-root
  args:
    chdir: "{{ item }}"
  with_items: "{{ wordpress_paths }}"
  register: theme_update_result

- name: Show theme_update_result
  ansible.builtin.debug:
    var: theme_update_result

- name: Reset rights on worpress installations to correct user and group
  ansible.builtin.command: chown -R {{ item.1.pw_name }}.{{ item.1.pw_name }} {{ item.0 }}
  with_together:
    - "{{ wordpress_paths }}"
    - "{{ wordpress_users.files }}"

- Glowsome