From 4e9dd2ab5ab866a301c74efe71be2361d112a6ab Mon Sep 17 00:00:00 2001
From: Jesse Pretorius <jesse.pretorius@rackspace.co.uk>
Date: Wed, 29 Mar 2017 10:30:29 +0100
Subject: [PATCH] Allow cert validation for hatop download to be disabled

When using a TLS proxy, the certificate validation may fail.
This patch allows the validation to be optionally disabled.

Change-Id: I4bc854486a5ef694c4bc8a29546586a068f55af7
---
 defaults/main.yml               | 4 ++++
 tasks/haproxy_install_hatop.yml | 1 +
 2 files changed, 5 insertions(+)

diff --git a/defaults/main.yml b/defaults/main.yml
index 97023df..d7c90e0 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -13,6 +13,10 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+# Validate Certificates when downloading hatop. May be set to "no" when proxy server
+# is intercepting the certificates.
+haproxy_hatop_download_validate_certs: yes
+
 # Set the package install state for distribution packages
 # Options are 'present' and 'latest'
 haproxy_package_state: "latest"
diff --git a/tasks/haproxy_install_hatop.yml b/tasks/haproxy_install_hatop.yml
index 737b2bc..1e22768 100644
--- a/tasks/haproxy_install_hatop.yml
+++ b/tasks/haproxy_install_hatop.yml
@@ -19,6 +19,7 @@
     url: "{{ haproxy_hatop_download_url }}"
     dest: "/var/cache/{{ haproxy_hatop_download_url | basename }}"
     force: yes
+    validate_certs: "{{ haproxy_hatop_download_validate_certs }}"
   run_once: True
 
 - name: Create HATop directory