From c59e68a986e5a34d038b0a002158b616d895fe21 Mon Sep 17 00:00:00 2001
From: Pavel Raiskup <praiskup@redhat.com>
Date: Wed, 23 Nov 2022 15:00:45 +0100
Subject: [PATCH] ipa/service: don't fail if service already exists

Relates: https://pagure.io/fedora-infra/ansible/pull-request/1259
---
 roles/ipa/service/tasks/main.yml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/roles/ipa/service/tasks/main.yml b/roles/ipa/service/tasks/main.yml
index 921586b6f6..846ee5869c 100644
--- a/roles/ipa/service/tasks/main.yml
+++ b/roles/ipa/service/tasks/main.yml
@@ -16,6 +16,15 @@
     name: "{{ service }}/{{ host }}"
     principal: "{{ principal_alias | default(omit) }}"
     force: yes
+  register: ipa_service_defined
+  ignore_errors: true
   tags:
   - config
   - krb5
+
+- name: fail only when krbprincipalname isn't already defined
+  fail:
+    msg: "Failed to define ipa/service {{ service }}/{{ host }}"
+  when:
+    - ipa_service_defined is failed
+    - "\"'krbprincipalname' already contains one or more values\" not in ipa_service_defined.msg"