Fix linux_patch role — remove dead os_family tasks, use ansible_os_family throughout

roles/linux_patch/tasks/main.yml

@@ -2,7 +2,6 @@
 - name: Gather package facts before patching
   ansible.builtin.package_facts:
     manager: auto
-  register: packages_before
 
 - name: Store pre-patch package versions
   ansible.builtin.set_fact:
@@ -30,11 +29,6 @@
   failed_when: upgradable_packages.rc not in [0, 100]
   when: ansible_os_family == "RedHat"
 
-- name: Normalize upgradable count (RHEL)
-  ansible.builtin.set_fact:
-    upgradable_count: "{{ dnf_upgradable.stdout_lines | default([]) | length }}"
-  when: os_family in ['rhel', 'centos', 'rocky']
-
 - name: Get list of upgradable packages (Alpine)
   ansible.builtin.shell: |
     apk list --upgradable 2>/dev/null | awk -F'-[0-9]' '{print $1}'
@@ -66,11 +60,6 @@
     - ansible_os_family == "Debian"
     - patch_mode == "full" or patch_mode == "security"
 
-- name: Normalize upgradable count (Debian)
-  ansible.builtin.set_fact:
-    upgradable_count: "{{ apt_upgradable.stdout_lines | default([]) | length }}"
-  when: os_family in ['debian', 'ubuntu']
-
 - name: Perform security-only upgrade (RHEL/CentOS)
   ansible.builtin.dnf:
     name: "*"
@@ -95,20 +84,6 @@
   ansible.builtin.set_fact:
     packages_post_patch: "{{ ansible_facts.packages }}"
 
-- name: Calculate changed packages
-  ansible.builtin.set_fact:
-    packages_updated: >-
-      {{
-        packages_post_patch | dict2items
-        | selectattr('key', 'in', packages_pre_patch)
-        | selectattr('value', '!=', packages_pre_patch[item.key] | default([]))
-        | list
-        | map(attribute='key')
-        | list
-      }}
-  loop: "{{ packages_post_patch | dict2items }}"
-  when: false
-
 - name: Build packages updated list
   ansible.builtin.set_fact:
     packages_updated: >-
@@ -175,3 +150,4 @@
 - name: Patching complete
   ansible.builtin.debug:
     msg: "Patching complete on {{ inventory_hostname }} — {{ packages_updated | length }} packages updated"
+