Merge "Tell HAProxy container template that the public cert was autogenerated"

docker/services/haproxy.yaml

@@ -45,6 +45,11 @@ parameters:
     description: >
       The content of the SSL certificate (without Key) in PEM format.
     type: string
+  PublicSSLCertificateAutogenerated:
+    default: false
+    description: >
+      Whether the public SSL certificate was autogenerated or not.
+    type: boolean
   DeployedSSLCertificatePath:
     default: '/etc/pki/tls/private/overcloud_endpoint.pem'
     description: >
@@ -78,10 +83,14 @@ conditions:
 
   internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
   public_tls_enabled:
-    not:
-      equals:
-      - {get_param: SSLCertificate}
-      - ""
+    or:
+    - not:
+        equals:
+        - {get_param: SSLCertificate}
+        - ""
+    - equals:
+        - {get_param: PublicSSLCertificateAutogenerated}
+        - true
 
 resources:
 

environments/services/haproxy-public-tls-certmonger.yaml

@@ -1,4 +1,5 @@
 # A Heat environment file which can be used to enable a
 # a TLS for HAProxy via certmonger
 resource_registry:
+  PublicSSLCertificateAutogenerated: true
   OS::TripleO::Services::HAProxyPublicTLS: ../../puppet/services/haproxy-public-tls-certmonger.yaml