From 16f914565360028b06734a326d3c41a43cee8198 Mon Sep 17 00:00:00 2001
From: Felix Fontein <felix@fontein.de>
Date: Sun, 30 Jan 2022 14:19:12 +0100
Subject: [PATCH] Do not install PyOpenSSL from PyPi if cryptography cannot be
 updated - at least on FreeBSD 13.0, latest PyOpenSSL requires a cryptography
 upgrade, which breaks CI.

---
 tests/integration/targets/setup_pyopenssl/tasks/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/integration/targets/setup_pyopenssl/tasks/main.yml b/tests/integration/targets/setup_pyopenssl/tasks/main.yml
index ec9c3961..e9c95893 100644
--- a/tests/integration/targets/setup_pyopenssl/tasks/main.yml
+++ b/tests/integration/targets/setup_pyopenssl/tasks/main.yml
@@ -5,7 +5,7 @@
 ####################################################################
 
 - name: Install from system packages
-  when: ansible_os_family != "Darwin" and target_system_python
+  when: ansible_os_family != "Darwin" and (target_system_python or target_system_python_cannot_upgrade_cryptography)
   block:
 
   - name: Include OS-specific variables
@@ -24,7 +24,7 @@
     when: ansible_python_version is version('3.0', '<')
 
 - name: Install from PyPi
-  when: ansible_os_family == "Darwin" or not target_system_python
+  when: ansible_os_family == "Darwin" or not (target_system_python or target_system_python_cannot_upgrade_cryptography)
   block:
 
   - name: Install pyOpenSSL (PyPi)