Hello,
There are several factors to consider before planning your upgrade. Are your firewalls clustered? What version are you starting from? Do you plan to perform a fresh install, or an in-place upgrade?
For in-place upgrades of clustered firewalls, I currently recommend using the automated CDT tool (sk111158). This tools runs from the management server or MDS and will upgrade the firewalls in sequence starting with the standby member with a stateful failover in between.
For upgrades using Ansible, we do not have Gaia modules that perform package installations yet which means you would need to create a playbook using the default Ansible shell/command modules to perform the upgrade flow. Ansible is intended to automate configuration not necessarily upgrade devices, but it can be done.
Here's a simple example of a blink shell task that performs a clean install of a desired FW blink package but also completes the first time wizard based on the answers.xml file, and additional clish configuration based on the blink_custom_content.tgz. I recommend getting familiar with blink to understand all the options if you plan to use a method like this (sk120193).
- name: "Execute the blink"
shell: blink -i "{{ fw_build_image }}" -u "{{ blink_dir }}user_updates/blink_custom_content.tgz" -a "{{ blink_dir }}installation_logic/answers.xml" --reimage --delete-old-partition && reboot