Fix TLS-HELLO healthmonitors in the amphora-driver

TLS-HELLO HMs were based on the ssl-hello-chk option of haproxy, which
uses SSLv3 messages. SSLv3 is deprecated and most distributions have
disabled it, remove this option and rely only on the default checker
when ssl is enabled [0]

[0] https://docs.haproxy.org/2.8/configuration.html#5.2-check

Related-Bug: #2043812

Change-Id: Ia681679e24437832e1e23e7399e1a34da8ab54c5

octavia/common/jinja/haproxy/combined_listeners/templates/macros.j2

@@ -375,9 +375,6 @@ backend {{ pool.id }}:{{ listener.id }}
     option httpchk {{ pool.health_monitor.http_method }} {{ pool.health_monitor.url_path }}
             {% endif %}
     http-check expect rstatus {{ pool.health_monitor.expected_codes }}
-        {% endif %}
-        {% if pool.health_monitor.type == constants.HEALTH_MONITOR_TLS_HELLO %}
-    option ssl-hello-chk
         {% endif %}
         {% if pool.health_monitor.type == constants.HEALTH_MONITOR_PING %}
     option external-check

octavia/tests/unit/common/jinja/haproxy/combined_listeners/test_jinja_cfg.py

@@ -813,7 +813,6 @@ class TestHaproxyCfg(base.TestCase):
               "    balance roundrobin\n"
               "    cookie SRV insert indirect nocache\n"
               "    timeout check 31s\n"
-              "    option ssl-hello-chk\n"
               "    fullconn {maxconn}\n"
               "    option allbackups\n"
               "    timeout connect 5000\n"

releasenotes/notes/fix-tls-hello-healthmonitors-a4b98a80f6de8394.yaml

@@ -0,0 +1,4 @@
+---
+fixes:
+  - |
+    Fixed TLS-HELLO health-monitors in the amphora-driver.