Ansible windows install software

arguments

any

Any arguments the installer needs to either install or uninstall the package.

If the package is an MSI do not supply the /qn, /log or /norestart arguments.

This is only used for the msi, msp, and registry providers.

Can be a list of arguments and the module will escape the arguments as necessary, it is recommended to use a string when dealing with MSI packages due to the unique escaping issues with msiexec.

When using a list of arguments each item in the list is considered to be a single argument. As such, if an argument in the list contains a space then Ansible will quote this to ensure that this is seen by Windows as a single argument. Should this behaviour not be what is required, the argument should be split into two separate list items. See the examples section for more detail.

chdir

path

Set the specified path as the current working directory before installing or uninstalling a package.

This is only used for the msi, msp, and registry providers.

checksum

string

added in ansible.windows 2.8.0

checksum_algorithm

string

added in ansible.windows 2.8.0

Specifies the hashing algorithm used when calculating the checksum of the path provided.

Choices:

• "md5"

• "sha1" ← (default)

• "sha256"

• "sha384"

• "sha512"

client_cert

string

The path to the client certificate (.pfx) that is used for X509 authentication. This path can either be the path to the pfx on the filesystem or the PowerShell certificate path Cert:\CurrentUser\My\<thumbprint>.

The WinRM connection must be authenticated with CredSSP or become is used on the task if the certificate file is not password protected.

Other authentication types can set client_cert_password when the cert is password protected.

client_cert_password

string

creates_path

path

Will check the existence of the path specified and use the result to determine whether the package is already installed.

You can use this in conjunction with product_id and other creates_*.

creates_service

string

Will check the existing of the service specified and use the result to determine whether the package is already installed.

You can use this in conjunction with product_id and other creates_*.

creates_version

string

Will check the file version property of the file at creates_path and use the result to determine whether the package is already installed.

creates_path MUST be set and is a file.

You can use this in conjunction with product_id and other creates_*.

expected_return_code

list / elements=integer

One or more return codes from the package installation that indicates success.

The return codes are read as a signed integer, any values greater than 2147483647 need to be represented as the signed equivalent, i.e. 4294967295 is -1.

To convert a unsigned number to the signed equivalent you can run “[Int32](“0x{0:X}” -f ([UInt32]3221225477))”.

A return code of 3010 usually means that a reboot is required, the reboot_required return value is set if the return code is 3010.

This is only used for the msi, msp, and registry providers.

Default: [0, 3010]

follow_redirects

string

Whether or the module should follow redirects.

all will follow all redirect.

none will not follow any redirect.

safe will follow only “safe” redirects, where “safe” means that the client is only doing a GET or HEAD on the URI to which it is being redirected.

When following a redirected URL, the Authorization header and any credentials set will be dropped and not redirected.

Choices:

• "all"

• "none"

• "safe" ← (default)

force_basic_auth

boolean

By default the authentication header is only sent when a webservice responses to an initial request with a 401 status. Since some basic auth services do not properly send a 401, logins will fail.

This option forces the sending of the Basic authentication header upon the original request.

Choices:

• false ← (default)

• true

dictionary

Extra headers to set on the request.

This should be a dictionary where the key is the header name and the value is the value for that header.

http_agent

string

Header to identify as, generally appears in web server logs.

This is set to the User-Agent header on a HTTP request.

Default: "ansible-httpget"

log_path

path

Specifies the path to a log file that is persisted after a package is installed or uninstalled.

This is only used for the msi or msp provider.

When omitted, a temporary log file is used instead for those providers.

This is only valid for MSI files, use arguments for the registry provider.

maximum_redirection

integer

Specify how many times the module will redirect a connection to an alternative URI before the connection fails.

If set to 0 or follow_redirects is set to none, or safe when not doing a GET or HEAD it prevents all redirection.

Default: 50

path

string

Location of the package to be installed or uninstalled.

This package can either be on the local file system, network share or a url.

When state=present, product_id is not set and the path is a URL, this file will always be downloaded to a temporary directory for idempotency checks, otherwise the file will only be downloaded if the package has not been installed based on the product_id checks.

If state=present then this value MUST be set.

If state=absent then this value does not need to be set if product_id is.

product_id

string

The product id of the installed packaged.

This is used for checking whether the product is already installed and getting the uninstall information if state=absent.

For msi packages, this is the ProductCode (GUID) of the package. This can be found under the same registry paths as the registry provider.

For msp packages, this is the PatchCode (GUID) of the package which can found under the Details -> Revision number of the file’s properties.

For msix packages, this is the Name or PackageFullName of the package found under the Get-AppxPackage cmdlet.

For registry (exe) packages, this is the registry key name under the registry paths specified in provider.

This value is ignored if path is set to a local accesible file path and the package is not an exe.

This SHOULD be set when the package is an exe, or the path is a url or a network share and credential delegation is not being used. The creates_* options can be used instead but is not recommended.

provider

string

Set the package provider to use when searching for a package.

The auto provider will select the proper provider if path otherwise it scans all the other providers based on the product_id.

The msi provider scans for MSI packages installed on a machine wide and current user context based on the ProductCode of the MSI.

The msix provider is used to install .appx, .msix, .appxbundle, or .msixbundle packages. These packages are only installed or removed on the current use. The host must be set to allow sideloaded apps or in developer mode. See the examples for how to enable this. If a package is already installed but path points to an updated package, this will be installed over the top of the existing one.

The msp provider scans for all MSP patches installed on a machine wide and current user context based on the PatchCode of the MSP. A msp will be applied or removed on all msi products that it applies to and is installed. If the patch is obsoleted or superseded then no action will be taken.

The registry provider is used for traditional exe installers and uses the following registry path to determine if a product was installed; HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall, HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall, HKCU:\Software\Microsoft\Windows\CurrentVersion\Uninstall, and HKCU:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall.

Choices:

• "auto" ← (default)

• "msi"

• "msix"

• "msp"

• "registry"

proxy_password

string

proxy_url

string

An explicit proxy to use for the request.

By default, the request will use the IE defined proxy unless use_proxy is set to no.

proxy_use_default_credential

boolean

Uses the current user’s credentials when authenticating with a proxy host protected with NTLM, Kerberos, or Negotiate authentication.

Proxies that use Basic auth will still require explicit credentials through the proxy_username and proxy_password options.

The module will only have access to the user’s credentials if using become with a password, you are connecting with SSH using a password, or connecting with WinRM using CredSSP or Kerberos with delegation.

If not using become or a different auth method to the ones stated above, there will be no default credentials available and no proxy authentication will occur.

Choices:

• false ← (default)

• true

proxy_username

string

state

string

Whether to install or uninstall the package.

The module uses product_id to determine whether the package is installed or not.

For all providers but auto, the path can be used for idempotency checks if it is locally accesible filesystem path.

Choices:

• "absent"

• "present" ← (default)

url_method

string

url_password

string

url_timeout

integer

Specifies how long the request can be pending before it times out (in seconds).

Set to 0 to specify an infinite timeout.

Default: 30

url_username

string

use_default_credential

boolean

Uses the current user’s credentials when authenticating with a server protected with NTLM, Kerberos, or Negotiate authentication.

Sites that use Basic auth will still require explicit credentials through the url_username and url_password options.

The module will only have access to the user’s credentials if using become with a password, you are connecting with SSH using a password, or connecting with WinRM using CredSSP or Kerberos with delegation.

If not using become or a different auth method to the ones stated above, there will be no default credentials available and no authentication will occur.

Choices:

• false ← (default)

• true

use_proxy

boolean

If no, it will not use the proxy defined in IE for the current user.

Choices:

• false

• true ← (default)

validate_certs

boolean

If no, SSL certificates will not be validated.

This should only be used on personally controlled sites using self-signed certificates.

Choices:

• false

• true ← (default)

wait_for_children

boolean

added in ansible.windows 1.3.0

The module will wait for the process it spawns to finish but any processes spawned in that child process as ignored.

Set to true to wait for all descendent processes to finish before the module returns.

This is useful if the install/uninstaller is just a wrapper which then calls the actual installer as its own child process. When this option is true then the module will wait for both processes to finish before returning.

This should not be required for most installers and setting to true could result in the module not returning until the process it is waiting for has been stopped manually.

Requires Windows Server 2012 or Windows 8 or newer to use.

Choices:

• false ← (default)

• true

checksum

string

added in ansible.windows 2.8.0

<algorithm> checksum of the package

Returned: checksum_algorithm is set, package exists, and not check mode

Sample: "6E642BB8DD5C2E027BF21DD923337CBB4214F827"

log

string

The contents of the MSI or MSP log.

Returned: installation/uninstallation failure for MSI or MSP packages

Sample: "Installation completed successfully"

rc

integer

The return code of the package process.

Returned: change occurred

Sample: 0

reboot_required

boolean

Whether a reboot is required to finalise package. This is set to true if the executable return code is 3010.

Returned: always

Sample: true

stderr

string

The stderr stream of the package process.

Returned: failure during install or uninstall

Sample: "Failed to install program"

stdout

string

The stdout stream of the package process.

Returned: failure during install or uninstall

Sample: "Installing program"