python:gp: Do not print an error if template already exists

We will get an exit status for duplicate in future:
https://www.pagure.io/certmonger/issue/269
We can't really fix that right now, as older version of certmonger
don't support the `-v` option.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15559

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: David Mulder <dmulder@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>

diff --git a/python/samba/gp/gp_cert_auto_enroll_ext.py b/python/samba/gp/gp_cert_auto_enroll_ext.py
index 1547e9db98336e04590e6ee933cb231ae38d89ea..b55a0ce3bd0283e9a06ffb504fc6fb2af5162367 100644 (file)
--- a/python/samba/gp/gp_cert_auto_enroll_ext.py
+++ b/python/samba/gp/gp_cert_auto_enroll_ext.py
@@ -338,8 +338,12 @@ def cert_enroll(ca, ldb, trust_dir, private_dir, auth='Kerberos'):
             out, err = p.communicate()
             log.debug(out.decode())
             if p.returncode != 0:
-                data = { 'Error': err.decode(), 'Certificate': nickname }
-                log.error('Failed to request certificate', data)
+                if p.returncode == 2:
+                    log.info('The template [%s] already exists' % (nickname))
+                else:
+                    data = {'Error': err.decode(), 'Certificate': nickname}
+                    log.error('Failed to request certificate', data)
+
             data['files'].extend([keyfile, certfile])
             data['templates'].append(nickname)
         if update is not None: