From ec03ad2bf9da9535ab44d0f01ac0c13400f3dad8 Mon Sep 17 00:00:00 2001
From: Thomas Woerner <twoerner@redhat.com>
Date: Mon, 27 Mar 2023 12:24:02 +0200
Subject: [PATCH] ipareplica/server: Always cleanup root IPA cache

The cleanup of the root IPA cache was depending on the result of the
ipaserver_enable_ipa and ipareplica_enable_ipa tasks. Instead of
"when: something.changed" a handler should be used instead. As
"/root/.ipa_cache" should be removed always (same in command line) the
removal of the file has been moded into the always section and does not
need a when anymore.
---
 roles/ipareplica/tasks/install.yml |  3 +--
 roles/ipaserver/tasks/install.yml  | 11 +++++------
 2 files changed, 6 insertions(+), 8 deletions(-)

diff --git a/roles/ipareplica/tasks/install.yml b/roles/ipareplica/tasks/install.yml
index 2b3fca31..b718ed0c 100644
--- a/roles/ipareplica/tasks/install.yml
+++ b/roles/ipareplica/tasks/install.yml
@@ -759,13 +759,12 @@
         "{{ result_ipareplica_prepare.config_master_host_name }}"
     register: result_ipareplica_enable_ipa
 
+  always:
   - name: Install - Cleanup root IPA cache
     ansible.builtin.file:
       path: "/root/.ipa_cache"
       state: absent
-    when: result_ipareplica_enable_ipa.changed
 
-  always:
   - name: Cleanup temporary files
     ansible.builtin.file:
       path: "{{ item }}"
diff --git a/roles/ipaserver/tasks/install.yml b/roles/ipaserver/tasks/install.yml
index f4906dc9..50b4876f 100644
--- a/roles/ipaserver/tasks/install.yml
+++ b/roles/ipaserver/tasks/install.yml
@@ -446,12 +446,6 @@
         setup_ca: "{{ result_ipaserver_test.setup_ca }}"
       register: result_ipaserver_enable_ipa
 
-    - name: Install - Cleanup root IPA cache
-      ansible.builtin.file:
-        path: "/root/.ipa_cache"
-        state: absent
-      when: result_ipaserver_enable_ipa.changed
-
     - name: Install - Configure firewalld
       ansible.builtin.command: >
         firewall-cmd
@@ -480,6 +474,11 @@
       when: ipaserver_setup_firewalld | bool
 
   always:
+  - name: Install - Cleanup root IPA cache
+    ansible.builtin.file:
+      path: "/root/.ipa_cache"
+      state: absent
+
   - name: Cleanup temporary files
     ansible.builtin.file:
       path: "{{ item }}"
-- 
GitLab