---
- block:
    - name: check for available updates
      win_updates:
        category_names: "{{ win_update_category_names }}"
        reject_list: "{{ win_update_reject_list | default(omit) }}"
        server_selection: "{{ win_update_server_selection }}"
        state: searched
      register: available_updates
  rescue:
    - name: ensure we have connection
      wait_for_connection:

    - name: check for available updates (retry)
      win_updates:
        category_names: "{{ win_update_category_names }}"
        reject_list: "{{ win_update_reject_list | default(omit) }}"
        server_selection: "{{ win_update_server_selection }}"
        state: searched
      register: available_updates

- debug:
    msg: "{{ _msg.split('\n')[:-1] }}"
  vars:
    _msg: |
      {{ inventory_hostname }} has {{ available_updates.found_update_count }} updates available.
      {% for update in updates %}
        - {{ update.title }}
      {% endfor %}
    updates: "{{ (available_updates.updates.values() | list) if (available_updates.updates is mapping) else (available_updates.updates) }}"
  when: available_updates.updates is defined

- include_tasks: updates-with-retry.yml
  when:
    - available_updates.updates is defined
    - available_updates.found_update_count > 0

# see https://learn.microsoft.com/en-us/sharepoint/troubleshoot/administration/800703fa-illegal-operation-error
# error code 0x800703FA happens with some updates when user is not logged in
# remove the registry key if added during the update
- include_tasks: force_user_registry.yml
  vars:
    task_state: absent
  when:
    - disable_force_unload_registry is defined
    - disable_force_unload_registry is not skipped
    - disable_force_unload_registry is changed

- name: check for missing updates
  win_updates:
    server_selection: "{{ win_update_server_selection }}"
    state: searched
  register: available_updates

- name: list missing updates
  debug:
    var: available_updates

- name: check to see if update is finished
  win_shell: gwmi -Class win32_computersystem -ComputerName 127.0.0.1 | select -ExpandProperty username -ErrorAction Stop
  register: logon_status
  until: logon_status is success
  delay: 10
  retries: 100
  ignore_errors: yes
  when: "'Server' not in ansible_distribution"

- name: reboot windows
  win_reboot:
  when: "'Server' not in ansible_distribution"