When installing security/kernel packages the system must be rebooted.
It would be a bit silly to reboot always.
So..without further ado…you can solve this for example with the following playbook:
[martijn@fedora basis]$ cat update_all.yaml
---
- name: Update alle hosts
hosts: all
become: true
tasks:
- name: install dnf tools
dnf:
state: present
name: dnf-utils
- name: update alle hosts
dnf:
state: latest
name: "*"
- name: restart...?
command: needs-restarting -r
register: result
ignore_errors: yes
- name: reboot
reboot:
when: result.rc == 1
[martijn@fedora basis]$
After updating all packages the playbook installs the packages dnf-utils. This package contains the handy command “needs-restarting”. If this commands return a 1 then the machine needs a restart. The result of needs-restarting is stored in the result variable. Later on you can restart if result.rc equals 1.
Have fun.