Add conditional checking on ubuntu kernel unattended_upgrades disabli…

…ng (kubernetes-sigs#11479) Signed-off-by: tu1h <lihai.tu@daocloud.io>
kpoxo6op · Dec 27, 2024 · ad2035c · ad2035c
1 parent 6ea595f
commit ad2035c
Showing 1 changed file with 10 additions and 1 deletion.
diff --git a/roles/bootstrap-os/tasks/debian.yml b/roles/bootstrap-os/tasks/debian.yml
@@ -63,13 +63,22 @@
     - '"value from" in bootstrap_update_apt_result.stdout'
   ignore_errors: true
 
+- name: Check unattended-upgrades file exist
+  stat:
+    path: /etc/apt/apt.conf.d/50unattended-upgrades
+  register: unattended_upgrades_file_stat
+  when:
+    - os_release_dict['ID'] == 'ubuntu'
+    - ubuntu_kernel_unattended_upgrades_disabled
+
 - name: Disable kernel unattended-upgrades
   lineinfile:
-    path: /etc/apt/apt.conf.d/50unattended-upgrades
+    path: "{{ unattended_upgrades_file_stat.stat.path }}"
     insertafter: "Unattended-Upgrade::Package-Blacklist"
     line: '"linux-";'
     state: present
   become: true
   when:
     - os_release_dict['ID'] == 'ubuntu'
     - ubuntu_kernel_unattended_upgrades_disabled
+    - unattended_upgrades_file_stat.stat.exists