# update_portainer_agent_vm.yml

- name: Update Portainer Agent (VM, no compose)
  hosts: pve2_vm
  gather_facts: false

  vars:
    agent_container_name: portainer_agent
    agent_port: 9001

  tasks:
    - name: Check if agent container exists
      ansible.builtin.command:
        argv: ["bash", "-lc", "docker ps -a --format '{{.Names}}' | grep -x '{{ agent_container_name }}'"]
      register: agent_exists
      changed_when: false
      failed_when: false

    - name: Abort if agent container is missing
      ansible.builtin.fail:
        msg: "Container '{{ agent_container_name }}' not found."
      when: agent_exists.rc != 0

    - name: Read current agent image
      ansible.builtin.command:
        argv: ["bash", "-lc", "docker inspect -f '{{.Config.Image}}' {{ agent_container_name }}"]
      register: agent_image
      changed_when: false

    - name: Pull latest image tag for current agent image
      ansible.builtin.command:
        argv: ["bash", "-lc", "docker pull {{ agent_image.stdout | trim }}"]
      changed_when: true

    - name: Recreate agent container with standard Portainer Agent args
      ansible.builtin.command:
        argv:
          - bash
          - -lc
          - |
            set -euo pipefail

            # Stop/remove old container
            docker rm -f "{{ agent_container_name }}" >/dev/null 2>&1 || true

            # Run Portainer Agent with common, safe defaults
            docker run -d \
              --name "{{ agent_container_name }}" \
              --restart=always \
              -p {{ agent_port }}:9001 \
              -v /var/run/docker.sock:/var/run/docker.sock \
              -v /var/lib/docker/volumes:/var/lib/docker/volumes \
              "{{ agent_image.stdout | trim }}"
      changed_when: true

    - name: Wait for agent port
      ansible.builtin.wait_for:
        host: 127.0.0.1
        port: "{{ agent_port }}"
        timeout: 60