Merge "Tell HAProxy container template that the public cert was autogenerated"

This commit is contained in:
Zuul 2017-11-08 10:52:25 +00:00 committed by Gerrit Code Review
commit 86a8ad9d89
2 changed files with 14 additions and 4 deletions
docker/services
environments/services

@ -45,6 +45,11 @@ parameters:
description: >
The content of the SSL certificate (without Key) in PEM format.
type: string
PublicSSLCertificateAutogenerated:
default: false
description: >
Whether the public SSL certificate was autogenerated or not.
type: boolean
DeployedSSLCertificatePath:
default: '/etc/pki/tls/private/overcloud_endpoint.pem'
description: >
@ -78,10 +83,14 @@ conditions:
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
public_tls_enabled:
not:
equals:
- {get_param: SSLCertificate}
- ""
or:
- not:
equals:
- {get_param: SSLCertificate}
- ""
- equals:
- {get_param: PublicSSLCertificateAutogenerated}
- true
resources:

@ -1,4 +1,5 @@
# A Heat environment file which can be used to enable a
# a TLS for HAProxy via certmonger
resource_registry:
PublicSSLCertificateAutogenerated: true
OS::TripleO::Services::HAProxyPublicTLS: ../../puppet/services/haproxy-public-tls-certmonger.yaml