From 30c4748fe2b09d7d5e53aadc22f1340498672f07 Mon Sep 17 00:00:00 2001
From: Rafael Guterres Jeffman <rjeffman@redhat.com>
Date: Wed, 29 Dec 2021 15:01:20 -0300
Subject: [PATCH] upstream CI: Wait for KDC to be available.

Sometimes the first test of a batch fails because it fails to grant a
TGT from Kerberos KDC as it is not yet fully working. By waiting until
a TGT can be acquired, these failures will not happen anymore.
---
 molecule/resources/playbooks/prepare.yml | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/molecule/resources/playbooks/prepare.yml b/molecule/resources/playbooks/prepare.yml
index 87c34860..deaa092b 100644
--- a/molecule/resources/playbooks/prepare.yml
+++ b/molecule/resources/playbooks/prepare.yml
@@ -25,3 +25,24 @@
     ansible.builtin.service:
       name: ipa
       state: started
+
+  - name: Wait for krb5dkc to be running
+    ansible.builtin.service_facts:
+    no_log: True
+    register: result
+    until: "'krb5kdc.service' in result.ansible_facts.services and \
+            result.ansible_facts.services['krb5kdc.service'].state == 'running'"
+    retries: 30
+    delay: 5
+
+  - name: Check if TGT is available for admin.
+    ansible.builtin.shell:
+      cmd: echo SomeADMINpassword | kinit -c ansible_freeipa_cache admin
+    register: result
+    until: not result.failed
+    retries: 30
+    delay: 5
+
+  - name: Cleanup TGT.
+    ansible.builtin.shell:
+      cmd: kdestroy -c ansible_freeipa_cache -A
-- 
GitLab