I never broke anything upgrading packages from an LTS (I work as sys admin)…even when it’s the kernel, because with those commands you cannot perform a release upgrade, you can go and update as much often you want to.
The release upgrade is a different story I would go carefully with that because usually there are potentially breaking changes.
During the install process Ubuntu server aks if you want to install security updates automatically, that’s the only automation “out of the box” I’m aware of.