From a752a8e728c8f686b109c2a52adbbbb7edee67d5 Mon Sep 17 00:00:00 2001
From: Peter Havekes <peter@havekes.eu>
Date: Thu, 19 Sep 2024 11:59:07 +0200
Subject: [PATCH] Only restart the container if not new

---
 roles/attribute-aggregation/handlers/main.yml | 1 +
 roles/attribute-aggregation/tasks/main.yml    | 2 +-
 roles/dashboard/handlers/main.yml             | 1 +
 roles/dashboard/tasks/main.yml                | 2 +-
 roles/invite/handlers/main.yml                | 1 +
 roles/invite/tasks/main.yml                   | 2 ++
 roles/lifecycle/handlers/main.yml             | 1 +
 roles/lifecycle/tasks/main.yml                | 2 ++
 roles/manage/handlers/main.yml                | 1 +
 roles/manage/tasks/main.yml                   | 2 ++
 roles/myconext/handlers/main.yml              | 1 +
 roles/myconext/tasks/main.yml                 | 5 +++--
 roles/oidc-playground/handlers/main.yml       | 1 +
 roles/oidc-playground/tasks/main.yml          | 6 +++---
 roles/oidcng/handlers/main.yml                | 3 ++-
 roles/oidcng/tasks/main.yml                   | 3 ++-
 roles/pdp/handlers/main.yml                   | 1 +
 roles/pdp/tasks/main.yml                      | 4 ++--
 roles/profile/handlers/main.yml               | 1 +
 roles/profile/tasks/main.yml                  | 3 ++-
 roles/stats/handlers/main.yml                 | 3 ++-
 roles/stats/tasks/main.yml                    | 1 +
 roles/stepupazuremfa/handlers/main.yml        | 1 +
 roles/stepupazuremfa/tasks/main.yml           | 1 +
 roles/stepupgateway/handlers/main.yml         | 6 +++++-
 roles/stepupgateway/tasks/main.yml            | 1 +
 roles/stepupmiddleware/handlers/main.yml      | 1 +
 roles/stepupmiddleware/tasks/docker.yml       | 9 +++++----
 roles/stepupra/handlers/main.yml              | 1 +
 roles/stepupra/tasks/main.yml                 | 1 +
 roles/stepupselfservice/handlers/main.yml     | 1 +
 roles/stepupselfservice/tasks/main.yml        | 1 +
 roles/stepuptiqr/handlers/main.yml            | 2 +-
 roles/stepuptiqr/tasks/main.yml               | 3 ++-
 roles/stepupwebauthn/handlers/main.yml        | 1 +
 roles/stepupwebauthn/tasks/main.yml           | 1 +
 roles/teams/handlers/main.yml                 | 2 +-
 roles/teams/tasks/main.yml                    | 2 +-
 38 files changed, 59 insertions(+), 22 deletions(-)

diff --git a/roles/attribute-aggregation/handlers/main.yml b/roles/attribute-aggregation/handlers/main.yml
index 3cd82abb9..95e0a5e2a 100644
--- a/roles/attribute-aggregation/handlers/main.yml
+++ b/roles/attribute-aggregation/handlers/main.yml
@@ -3,3 +3,4 @@
     name: aaserver
     state: started
     restart: true
+  when: attribute-aggregationservercontainer is success and attribute-aggregationservercontainer is not change
diff --git a/roles/attribute-aggregation/tasks/main.yml b/roles/attribute-aggregation/tasks/main.yml
index c1f52d97d..640cbe6f8 100644
--- a/roles/attribute-aggregation/tasks/main.yml
+++ b/roles/attribute-aggregation/tasks/main.yml
@@ -57,7 +57,7 @@
       timeout: 10s
       retries: 3
       start_period: 10s
-  notify: restart attribute-aggregationserver
+    register: attribute-aggregationservercontainer
 
 - name: Create the gui container
   community.docker.docker_container:
diff --git a/roles/dashboard/handlers/main.yml b/roles/dashboard/handlers/main.yml
index acc431504..a0060becb 100644
--- a/roles/dashboard/handlers/main.yml
+++ b/roles/dashboard/handlers/main.yml
@@ -3,3 +3,4 @@
     name: dashboardserver
     state: started
     restart: true
+  when: dashboardservercontainer is success and dashboardservercontainer is not change
diff --git a/roles/dashboard/tasks/main.yml b/roles/dashboard/tasks/main.yml
index c9f2def95..1a904966f 100644
--- a/roles/dashboard/tasks/main.yml
+++ b/roles/dashboard/tasks/main.yml
@@ -55,7 +55,7 @@
       timeout: 10s
       retries: 3
       start_period: 10s
-  notify: restart dashboardserver
+  register: dashboardservercontainer
 
 - name: Create the gui container
   community.docker.docker_container:
diff --git a/roles/invite/handlers/main.yml b/roles/invite/handlers/main.yml
index 82cb26046..57066eba6 100644
--- a/roles/invite/handlers/main.yml
+++ b/roles/invite/handlers/main.yml
@@ -3,6 +3,7 @@
     name: inviteserver
     state: started
     restart: true
+  when: inviteservercontainer is success and inviteservercontainer is not change
 
 - name: restart inviteprovisioningmock
   community.docker.docker_container:
diff --git a/roles/invite/tasks/main.yml b/roles/invite/tasks/main.yml
index de22eca9c..a0b4b7232 100644
--- a/roles/invite/tasks/main.yml
+++ b/roles/invite/tasks/main.yml
@@ -78,6 +78,8 @@
       timeout: 10s
       retries: 3
       start_period: 10s
+  register: inviteservercontainer
+
 
 - name: Create the client container
   community.docker.docker_container:
diff --git a/roles/lifecycle/handlers/main.yml b/roles/lifecycle/handlers/main.yml
index 8c65fdb80..644d6f5fe 100644
--- a/roles/lifecycle/handlers/main.yml
+++ b/roles/lifecycle/handlers/main.yml
@@ -4,3 +4,4 @@
     name: lifecycle
     state: started
     restart: true
+  when: lifecycleservercontainer is success and lifecycleservercontainer is not change
diff --git a/roles/lifecycle/tasks/main.yml b/roles/lifecycle/tasks/main.yml
index 2c5c99e3b..011a3f3aa 100644
--- a/roles/lifecycle/tasks/main.yml
+++ b/roles/lifecycle/tasks/main.yml
@@ -56,6 +56,8 @@
       - source: /opt/openconext/lifecycle
         target: /var/www/html/config/openconext
         type: bind
+  register: lifecyclecontainer
+
 
 #- name: Create daily cronjob
   #  cron:
diff --git a/roles/manage/handlers/main.yml b/roles/manage/handlers/main.yml
index 5ec9e9c09..461daed52 100644
--- a/roles/manage/handlers/main.yml
+++ b/roles/manage/handlers/main.yml
@@ -3,3 +3,4 @@
     name: manageserver
     state: started
     restart: true
+  when: manageserverervercontainer is success and manageserverervercontainer is not change
diff --git a/roles/manage/tasks/main.yml b/roles/manage/tasks/main.yml
index 5eeeb2e1c..55a4e9d65 100644
--- a/roles/manage/tasks/main.yml
+++ b/roles/manage/tasks/main.yml
@@ -93,6 +93,7 @@
         target: /__cacert_entrypoint.sh
         type: bind
 
+
     command: "java -jar /app.jar -Xmx512m --spring.config.location=./config/"
     etc_hosts:
       host.docker.internal: host-gateway
@@ -114,6 +115,7 @@
       timeout: 10s
       retries: 3
       start_period: 10s
+  register: manageserverervercontainer
 
 - name: Create the gui container
   community.docker.docker_container:
diff --git a/roles/myconext/handlers/main.yml b/roles/myconext/handlers/main.yml
index f0285c7e7..b0361a551 100644
--- a/roles/myconext/handlers/main.yml
+++ b/roles/myconext/handlers/main.yml
@@ -3,3 +3,4 @@
     name: myconextserver
     state: started
     restart: true
+  when: myconextservercontainer is success and myconextservercontainer is not change
diff --git a/roles/myconext/tasks/main.yml b/roles/myconext/tasks/main.yml
index afb09dd8a..c5d424713 100644
--- a/roles/myconext/tasks/main.yml
+++ b/roles/myconext/tasks/main.yml
@@ -14,7 +14,7 @@
     owner: root
     group: root
     mode: "0644"
-    
+
 - name: Create directory to keep configfiles
   ansible.builtin.file:
     dest: "/opt/openconext/myconext"
@@ -124,6 +124,8 @@
       timeout: 10s
       retries: 3
       start_period: 10s
+  register: myconextservercontainer
+
 
 - name: Create the client container
   community.docker.docker_container:
@@ -191,4 +193,3 @@
     env:
       HTTPD_CSP: "{{ httpd_csp.lenient_with_static_img_for_idp }}"
       HTTPD_SERVERNAME: "login.{{ myconext_base_domain }}"
-
diff --git a/roles/oidc-playground/handlers/main.yml b/roles/oidc-playground/handlers/main.yml
index e7e45495f..96b33213c 100644
--- a/roles/oidc-playground/handlers/main.yml
+++ b/roles/oidc-playground/handlers/main.yml
@@ -3,3 +3,4 @@
     name: oidcplaygroundserver
     state: started
     restart: true
+  when: oidcplaygroundservercontainer is success and oidcplaygroundservercontainer is not change
diff --git a/roles/oidc-playground/tasks/main.yml b/roles/oidc-playground/tasks/main.yml
index fd4b0d0f7..48afef265 100644
--- a/roles/oidc-playground/tasks/main.yml
+++ b/roles/oidc-playground/tasks/main.yml
@@ -53,7 +53,7 @@
       timeout: 10s
       retries: 3
       start_period: 10s
-  notify: restart oidc-playground-docker
+  register: oidcplaygroundservercontainer
 
 - name: Create the gui container
   community.docker.docker_container:
@@ -92,7 +92,7 @@
 #     entity_type: oauth20_rs
 #
 # - name: Include the role manage_provision_entities to provision oidc-playground client to Manage
-#   include_role: 
+#   include_role:
 #     name: manage_provision_entities
-#   vars: 
+#   vars:
 #     entity_type: oidc10_rp
diff --git a/roles/oidcng/handlers/main.yml b/roles/oidcng/handlers/main.yml
index c180bf02b..ce81d3cdb 100644
--- a/roles/oidcng/handlers/main.yml
+++ b/roles/oidcng/handlers/main.yml
@@ -1,6 +1,7 @@
 ---
 - name: "restart oidcng"
   community.docker.docker_container:
-    name: dashboardserver
+    name: oidcngserver
     state: started
     restart: true
+  when: oidcngservercontainer is success and oidcngservercontainer is not change
diff --git a/roles/oidcng/tasks/main.yml b/roles/oidcng/tasks/main.yml
index d0ebee277..e45be0e38 100644
--- a/roles/oidcng/tasks/main.yml
+++ b/roles/oidcng/tasks/main.yml
@@ -45,7 +45,7 @@
     src: oidc_saml_mapping.json
     dest: "{{ oidcng_dir }}"
     owner: "root"
-    group: "root"  
+    group: "root"
     mode: "0640"
   notify:
     - "restart oidcng"
@@ -136,6 +136,7 @@
       traefik.http.routers.oidcng.middlewares: oidcngmw@docker
       traefik.http.middlewares.oidcngmw.replacepathregex.regex: "^/.well-known/openid-configuration"
       traefik.http.middlewares.oidcngmw.replacepathregex.replacement: "/oidc/.well-known/openid-configuration"
+  register: oidcngservercontainer
 
 
 
diff --git a/roles/pdp/handlers/main.yml b/roles/pdp/handlers/main.yml
index aa671d48f..43c193a60 100644
--- a/roles/pdp/handlers/main.yml
+++ b/roles/pdp/handlers/main.yml
@@ -3,3 +3,4 @@
     name: pdpserver
     state: started
     restart: true
+  when: pdpservercontainer is success and pdpservercontainer is not change
diff --git a/roles/pdp/tasks/main.yml b/roles/pdp/tasks/main.yml
index ee4661c43..b1e81edaf 100644
--- a/roles/pdp/tasks/main.yml
+++ b/roles/pdp/tasks/main.yml
@@ -58,8 +58,8 @@
       timeout: 10s
       retries: 3
       start_period: 10s
-  notify: restart pdpserver
-
+  register: pdpservercontainer
+    
 - name: Create the gui container
   community.docker.docker_container:
     name: pdpgui
diff --git a/roles/profile/handlers/main.yml b/roles/profile/handlers/main.yml
index 0e6bf345f..42dae960a 100644
--- a/roles/profile/handlers/main.yml
+++ b/roles/profile/handlers/main.yml
@@ -4,3 +4,4 @@
     name: profile
     state: started
     restart: true
+  when: profileservercontainer is success and profileservercontainer is not change
diff --git a/roles/profile/tasks/main.yml b/roles/profile/tasks/main.yml
index 872d653fa..84cd6a7e0 100644
--- a/roles/profile/tasks/main.yml
+++ b/roles/profile/tasks/main.yml
@@ -108,7 +108,8 @@
       - source: /etc/localtime
         target: /etc/localtime
         type: bind
-    
+  register: profilecontainer
+
 
 - name: Include the role manage_provision_entities to provision profile to Manage
   ansible.builtin.include_role:
diff --git a/roles/stats/handlers/main.yml b/roles/stats/handlers/main.yml
index be9369324..4e23b746f 100644
--- a/roles/stats/handlers/main.yml
+++ b/roles/stats/handlers/main.yml
@@ -3,10 +3,11 @@
     name: statsserver
     state: started
     restart: true
+  when: statsservercontainer is success and statsservercontainer is not change
+
 
 - name: restart statsgui
   community.docker.docker_container:
     name: statsgui
     state: started
     restart: true
-
diff --git a/roles/stats/tasks/main.yml b/roles/stats/tasks/main.yml
index 9a5d5d965..bd4dc6a4e 100644
--- a/roles/stats/tasks/main.yml
+++ b/roles/stats/tasks/main.yml
@@ -45,6 +45,7 @@
       - source: /dev/log
         target: /dev/log
         type: bind
+  register: statsservercontainer
 
 - name: Create and start the guicontainer
   community.docker.docker_container:
diff --git a/roles/stepupazuremfa/handlers/main.yml b/roles/stepupazuremfa/handlers/main.yml
index 6e76d3748..939f8671c 100644
--- a/roles/stepupazuremfa/handlers/main.yml
+++ b/roles/stepupazuremfa/handlers/main.yml
@@ -12,3 +12,4 @@
     name: azuremfa
     state: started
     restart: true
+  when: azuremfacontainer is success and azuremfacontainer is not change
diff --git a/roles/stepupazuremfa/tasks/main.yml b/roles/stepupazuremfa/tasks/main.yml
index a7935e775..eb127ccb9 100644
--- a/roles/stepupazuremfa/tasks/main.yml
+++ b/roles/stepupazuremfa/tasks/main.yml
@@ -76,3 +76,4 @@
       - source: /opt/openconext/azuremfa
         target: /var/www/html/config/openconext
         type: bind
+  regiter: azuremfacontainer
diff --git a/roles/stepupgateway/handlers/main.yml b/roles/stepupgateway/handlers/main.yml
index b0afaa370..45701725d 100644
--- a/roles/stepupgateway/handlers/main.yml
+++ b/roles/stepupgateway/handlers/main.yml
@@ -8,4 +8,8 @@
     state: reloaded
 
 - name: restart gateway
-  command: docker restart gateway
+  community.docker.docker_container:
+    name: gateway
+    state: started
+    restart: true
+  when: gatewaycontainer is success and gatewaycontainer is not change
diff --git a/roles/stepupgateway/tasks/main.yml b/roles/stepupgateway/tasks/main.yml
index c4d604fec..fe01380d9 100644
--- a/roles/stepupgateway/tasks/main.yml
+++ b/roles/stepupgateway/tasks/main.yml
@@ -133,3 +133,4 @@
       - source: /opt/openconext/gateway/
         target: /var/www/html/config/openconext
         type: bind
+  register: gatewaycontainer
diff --git a/roles/stepupmiddleware/handlers/main.yml b/roles/stepupmiddleware/handlers/main.yml
index 892c7849c..e7b1a55a7 100644
--- a/roles/stepupmiddleware/handlers/main.yml
+++ b/roles/stepupmiddleware/handlers/main.yml
@@ -12,3 +12,4 @@
     name: middleware
     state: started
     restart: true
+  when: middlewarecontainer is success and middlewarecontainer is not change
diff --git a/roles/stepupmiddleware/tasks/docker.yml b/roles/stepupmiddleware/tasks/docker.yml
index 4c8154540..443ecd4b7 100644
--- a/roles/stepupmiddleware/tasks/docker.yml
+++ b/roles/stepupmiddleware/tasks/docker.yml
@@ -65,6 +65,7 @@
       start_period: 10s
     etc_hosts:
       host.docker.internal: host-gateway
+  register: middlewarecontainer
 
 - name: Put middleware configuration scripts in /root/
   ansible.builtin.template:
@@ -96,7 +97,7 @@
   - "middleware-config.json"
   - "middleware-whitelist.json"
   - "middleware-institution.json"
-  tags: 
+  tags:
     - push_mw_config
     - push_mw_institution
     - push_mw_whitelist
@@ -127,20 +128,20 @@
     "middleware-push-institution.sh": "05-middleware-institution.sh"
 
 # The following push scripts have an additional conditional check on the presence of
-# a tag, so these are only ran when explicitly called. 
+# a tag, so these are only ran when explicitly called.
 
 - name: Push middleware configuration
   ansible.builtin.command: /opt/scripts/middleware-push-config.sh
   run_once: true
   when:
     - "'push_mw_config' in ansible_run_tags"
-  tags: 
+  tags:
     - push_mw_config
 
 - name: Push middleware whitelist
   ansible.builtin.command: /opt/scripts/middleware-push-whitelist.sh
   run_once: True
-  when: 
+  when:
     - "'push_mw_whitelist' in ansible_run_tags"
   tags:
     - push_mw_whitelist
diff --git a/roles/stepupra/handlers/main.yml b/roles/stepupra/handlers/main.yml
index 1139c576b..cea4ee884 100644
--- a/roles/stepupra/handlers/main.yml
+++ b/roles/stepupra/handlers/main.yml
@@ -12,3 +12,4 @@
     name: ra
     state: started
     restart: true
+  when: racontainer is success and racontainer is not change
diff --git a/roles/stepupra/tasks/main.yml b/roles/stepupra/tasks/main.yml
index db580ef93..11d0226ab 100644
--- a/roles/stepupra/tasks/main.yml
+++ b/roles/stepupra/tasks/main.yml
@@ -79,3 +79,4 @@
       - source: /opt/openconext/ra
         target: /var/www/html/config/openconext
         type: bind
+  register: racontainer
diff --git a/roles/stepupselfservice/handlers/main.yml b/roles/stepupselfservice/handlers/main.yml
index 007b0fc07..912908d5b 100644
--- a/roles/stepupselfservice/handlers/main.yml
+++ b/roles/stepupselfservice/handlers/main.yml
@@ -12,3 +12,4 @@
     name: selfservice
     state: started
     restart: true
+  when: selfservicecontainer is success and selfservicecontainer is not change
diff --git a/roles/stepupselfservice/tasks/main.yml b/roles/stepupselfservice/tasks/main.yml
index 77855882c..447d405c4 100644
--- a/roles/stepupselfservice/tasks/main.yml
+++ b/roles/stepupselfservice/tasks/main.yml
@@ -81,3 +81,4 @@
       - source: /opt/openconext/selfservice
         target: /var/www/html/config/openconext
         type: bind
+    register: selfservicecontainer
diff --git a/roles/stepuptiqr/handlers/main.yml b/roles/stepuptiqr/handlers/main.yml
index ab79436f4..515712d46 100644
--- a/roles/stepuptiqr/handlers/main.yml
+++ b/roles/stepuptiqr/handlers/main.yml
@@ -12,4 +12,4 @@
     name: tiqr
     state: started
     restart: true
-
+  when: tiqrcontainer is success and tiqrcontainer is not change
diff --git a/roles/stepuptiqr/tasks/main.yml b/roles/stepuptiqr/tasks/main.yml
index 867585085..dfed7faf2 100644
--- a/roles/stepuptiqr/tasks/main.yml
+++ b/roles/stepuptiqr/tasks/main.yml
@@ -84,4 +84,5 @@
         type: bind
       - source: /opt/openconext/tiqr
         target: /var/www/html/config/openconext
-        type: bind
\ No newline at end of file
+        type: bind
+  register: tiqrcontainer
diff --git a/roles/stepupwebauthn/handlers/main.yml b/roles/stepupwebauthn/handlers/main.yml
index e118b593e..b1d9242eb 100644
--- a/roles/stepupwebauthn/handlers/main.yml
+++ b/roles/stepupwebauthn/handlers/main.yml
@@ -12,3 +12,4 @@
     name: webauthn
     state: started
     restart: true
+  when: webauthncontainer is success and webauthncontainer is not change
diff --git a/roles/stepupwebauthn/tasks/main.yml b/roles/stepupwebauthn/tasks/main.yml
index ec04bc7d6..0e63f21e6 100644
--- a/roles/stepupwebauthn/tasks/main.yml
+++ b/roles/stepupwebauthn/tasks/main.yml
@@ -119,3 +119,4 @@
       - source: /opt/openconext/webauthn
         target: /var/www/html/config/openconext
         type: bind
+  register: webauthncontainer
diff --git a/roles/teams/handlers/main.yml b/roles/teams/handlers/main.yml
index df802c095..9a236ef29 100644
--- a/roles/teams/handlers/main.yml
+++ b/roles/teams/handlers/main.yml
@@ -3,4 +3,4 @@
     name: teamsserver
     state: started
     restart: true
-
+  when: teamsserverontainer is success and teamsserverontainer is not change
diff --git a/roles/teams/tasks/main.yml b/roles/teams/tasks/main.yml
index 8326a466a..7561fe6bb 100644
--- a/roles/teams/tasks/main.yml
+++ b/roles/teams/tasks/main.yml
@@ -54,7 +54,7 @@
       timeout: 10s
       retries: 3
       start_period: 10s
-  notify: restart teamsserver
+  register: teamsserverontainer
 
 - name: Create the gui container
   community.docker.docker_container: