Apply package updates before we reboot in launch-node

When launching a new server we should make sure that all available
package updates are installed before we reboot the server. This way we
get available security updates applied to things like our kernel.

This change adds a new playbook that runs the unattended-upgrade command
on debuntu servers. Will need to add support for other platforms in a
followup change.

Change-Id: Idc88dc33afdd209c388452493e6a7f5731fa0974

launch/launch-node.py

@@ -182,6 +182,7 @@ def bootstrap_server(server, key, name, volume_device, keep,
         for playbook in [
                 'set-hostnames.yaml',
                 'base.yaml',
+                'apply-package-updates.yaml',
         ]:
             run(ansible_cmd + [
                 os.path.join(SCRIPT_DIR, '..', 'playbooks', playbook)],

playbooks/apply-package-updates.yaml

@@ -0,0 +1,8 @@
+- hosts: "{{ target }}"
+  user: root
+  tasks:
+    - name: Run unattended-upgrade on debuntu
+      shell: |
+        unattended-upgrade -d
+      when: ansible_facts['os_family'] == "Debian"
+  # TODO add equivalent for other platforms