From 22214dafffb20b308ba62b1b1a7c3bdd1d7533df Mon Sep 17 00:00:00 2001
From: Rafael Guterres Jeffman <rjeffman@redhat.com>
Date: Wed, 6 Dec 2023 14:26:00 -0300
Subject: [PATCH] ipaclient: Fix OTP error reporting

When deploying an IPA client with ipaclient, if an error occured while
getting an OTP, no error message is logged, as the task that logs the
error is not excuted due to the previous taks failure.

By adding a 'rescue' section to the code block and moving the error
reporting to this new section, we ensure that the proper error messages
will be reported.
---
 roles/ipaclient/tasks/install.yml | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/roles/ipaclient/tasks/install.yml b/roles/ipaclient/tasks/install.yml
index 7ff2c39a..4ce3a596 100644
--- a/roles/ipaclient/tasks/install.yml
+++ b/roles/ipaclient/tasks/install.yml
@@ -166,18 +166,19 @@
       register: result_ipaclient_get_otp
       delegate_to: "{{ result_ipaclient_test.servers[0] }}"
 
-    - name: Install - Report error for OTP generation
-      ansible.builtin.debug:
-        msg: "{{ result_ipaclient_get_otp.msg }}"
-      when: result_ipaclient_get_otp is failed
-      failed_when: yes
-
     - name: Install - Store the previously obtained OTP
       no_log: yes
       ansible.builtin.set_fact:
         ipaadmin_orig_password: "{{ ipaadmin_password | default(omit) }}"
         ipaadmin_password: "{{ result_ipaclient_get_otp.host.randompassword
                                if result_ipaclient_get_otp.host is defined }}"
+    rescue:
+    - name: Install - Report error for OTP generation
+      ansible.builtin.debug:
+        msg: "{{ result_ipaclient_get_otp.msg }}"
+      when: result_ipaclient_get_otp is failed
+      failed_when: yes
+
     always:
     - name: Install - Remove keytab temporary file
       ansible.builtin.file:
-- 
GitLab