From 714d3fed70339b2d1668a70a57c2ecafd4bd87f3 Mon Sep 17 00:00:00 2001
From: "Ben D." <ben@noreply.localhost>
Date: Tue, 28 Apr 2026 10:20:02 -0700
Subject: [PATCH] Updated play for error message to warning when backup on same
 version

---
 roles/pfsense_upgrade/tasks/carp.yml | 23 ++++++++++++++++-------
 1 file changed, 16 insertions(+), 7 deletions(-)

diff --git a/roles/pfsense_upgrade/tasks/carp.yml b/roles/pfsense_upgrade/tasks/carp.yml
index e9ad591..15cfccc 100644
--- a/roles/pfsense_upgrade/tasks/carp.yml
+++ b/roles/pfsense_upgrade/tasks/carp.yml
@@ -70,17 +70,26 @@
     - ha_peer is defined
   ### Not altered ###
 
-- name: "[CARP/primary] Fail if backup peer is not on a newer version than primary"
-  ansible.builtin.fail:
-    msg: >
-      Backup peer {{ ha_peer }} is running {{ ha_peer_version }}, which is the same
-      as or older than this primary ({{ pfsense_current_version }}).
-      Upgrade the backup node first before proceeding with the primary.
+- name: "[CARP/primary] Warn if backup peer is not on newer version"
+  ansible.builtin.debug:
+    msg: |
+      ⚠ WARNING: Backup peer {{ ha_peer }} is running {{ ha_peer_version }}, 
+      which is the SAME as primary ({{ pfsense_current_version }}).
+      
+      Primary upgrade requires backup to be on a newer version first.
+      Upgrade the backup node before upgrading primary.
   when:
     - ha_role == 'primary'
     - ha_peer is defined
     - ha_peer_version == pfsense_current_version
-  ### Not altered ###
+
+- name: "[CARP/primary] Skip primary upgrade when backup not newer"
+  ansible.builtin.meta: end_play
+  when:
+    - ha_role == 'primary'
+    - ha_peer is defined
+    - ha_peer_version == pfsense_current_version
+    - perform_upgrade | bool
 
 # --- Step 3: Verify backup peer is in MASTER CARP state (rewritten) ---
 - name: "[CARP/primary] Verify backup peer is MASTER for all CARP VIPs"