From ecafeb62d59c0ee3a927f773f972f1afb8ccd72d Mon Sep 17 00:00:00 2001
From: Vladislav Belogrudov <vladislav.belogrudov@oracle.com>
Date: Fri, 20 Apr 2018 14:21:21 +0300
Subject: [PATCH] Add precheck for haproxy certificate file

If user enables TLS it also is necessary to create
a certificate. This precheck ensures the certificate
file exists before starting deployment.

Change-Id: I772d52e228ed012b9f8ccb5b616f9b188d3d340c
Closes-Bug: #1765677
---
 ansible/roles/haproxy/tasks/precheck.yml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/ansible/roles/haproxy/tasks/precheck.yml b/ansible/roles/haproxy/tasks/precheck.yml
index d5a085c978..717267f94c 100644
--- a/ansible/roles/haproxy/tasks/precheck.yml
+++ b/ansible/roles/haproxy/tasks/precheck.yml
@@ -37,6 +37,20 @@
   check_mode: no
   run_once: true
 
+- name: Checking if haproxy certificate exists
+  run_once: true
+  local_action: stat path={{ kolla_external_fqdn_cert }}
+  register: haproxy_cert_file
+  changed_when: false
+  when: kolla_enable_tls_external | bool
+
+- name: Fail if haproxy certificate is absent
+  run_once: true
+  local_action: fail msg="haproxy certificate file is not found. Ensure it exists as {{ kolla_external_fqdn_cert }}"
+  when:
+    - kolla_enable_tls_external | bool
+    - haproxy_cert_file.stat.exists == false
+
 - name: Checking the kolla_external_vip_interface is present
   fail: "msg='Please check the kolla_external_vip_interface property - interface {{ kolla_external_vip_interface }} not found'"
   when: