From c29275315e6189e94b7a74cd337405a6db861933 Mon Sep 17 00:00:00 2001
From: impca <impca@users.noreply.github.com>
Date: Wed, 13 Feb 2019 15:39:52 +0100
Subject: [PATCH 1/2] Update compose configuration

When running awx via docker-compose and using custom certificates (for LDAP auth or whatever else...), update-ca-trust has to be called afer starting the container to actually use new certificates (just as it is called when using docker to run - https://github.com/ansible/awx/blob/devel/installer/roles/local_docker/tasks/standalone.yml#L119-L120 ).
---
 installer/roles/local_docker/tasks/compose.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/installer/roles/local_docker/tasks/compose.yml b/installer/roles/local_docker/tasks/compose.yml
index 3c581c7b69..5620a98c6a 100644
--- a/installer/roles/local_docker/tasks/compose.yml
+++ b/installer/roles/local_docker/tasks/compose.yml
@@ -12,3 +12,6 @@
 - name: Start the containers
   docker_service:
     project_src: "{{ docker_compose_dir }}"
+    
+- name: Update CA trust in awx_web container
+  command: docker exec awx_web_1 '/usr/bin/update-ca-trust'

From 9add96a0d338f805f1e501083aa079cc8eea2e5e Mon Sep 17 00:00:00 2001
From: impca <impca@users.noreply.github.com>
Date: Thu, 14 Feb 2019 08:29:47 +0100
Subject: [PATCH 2/2] update docker compose installer

Only run commands to update certs when config changes.
---
 installer/roles/local_docker/tasks/compose.yml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/installer/roles/local_docker/tasks/compose.yml b/installer/roles/local_docker/tasks/compose.yml
index 5620a98c6a..5cfd210ee9 100644
--- a/installer/roles/local_docker/tasks/compose.yml
+++ b/installer/roles/local_docker/tasks/compose.yml
@@ -8,10 +8,17 @@
   template:
     src: docker-compose.yml.j2
     dest: "{{ docker_compose_dir }}/docker-compose.yml"
+  register: awx_compose_config
 
 - name: Start the containers
   docker_service:
     project_src: "{{ docker_compose_dir }}"
+  register: awx_compose_start
     
 - name: Update CA trust in awx_web container
   command: docker exec awx_web_1 '/usr/bin/update-ca-trust'
+  when: awx_compose_config.changed or awx_compose_start.changed
+
+- name: Update CA trust in awx_task container
+  command: docker exec awx_task_1 '/usr/bin/update-ca-trust'
+  when: awx_compose_config.changed or awx_compose_start.changed