Use hiera hash for TLS options

Change-Id: I0a4bdd57e4176452c111f2e5e3c2cdbd6b852a1e

deployment_scripts/puppet/manifests/check_environment_configuration.pp

@@ -21,9 +21,10 @@ if $jvmsize_mb >= $::memorysize_mb {
   fail("The configured JVM size (${jvm_heap_size} GB) is greater than the system RAM (${::memorysize}).")
 }
 
-if hiera('lma::kibana::tls::enabled') {
-  $certificate = hiera('lma::kibana::tls::cert_file_path')
-  $common_name = hiera('lma::kibana::tls::hostname')
+$kibana_tls = hiera_hash('lma::kibana::tls')
+if $kibana_tls['enabled'] {
+  $certificate = $kibana_tls['cert_file_path']
+  $common_name = $kibana_tls['hostname']
 
   # function validate_ssl_certificate() must be the value of a statement, so
   # we must use it in a statement.

deployment_scripts/puppet/manifests/haproxy.pp

@@ -44,11 +44,12 @@ openstack::ha::haproxy_service { $es_haproxy_service:
   }
 }
 
-if hiera('lma::kibana::tls::enabled') {
+$kibana_tls = hiera_hash('lma::kibana::tls')
+if $kibana_tls['enabled'] {
   openstack::ha::haproxy_service { 'kibana':
     order                  => '921',
     internal_ssl           => true,
-    internal_ssl_path      => hiera('lma::kibana::tls::cert_file_path'),
+    internal_ssl_path      => $kibana_tls['cert_file_path'],
     listen_port            => $kibana_frontend_port,
     balancermember_port    => $kibana_backend_port,
     balancermember_options => 'check inter 10s fastinter 2s downinter 3s rise 3 fall 3',

deployment_scripts/puppet/manifests/hiera_override.pp

@@ -122,10 +122,11 @@ lma::elasticsearch::jvm_size: <%= @elasticsearch_kibana["jvm_heap_size"] %>
 lma::elasticsearch::instance_name: <%= @instance_name %>
 lma::elasticsearch::node_name: "<%= @fqdn %>_es-01"
 lma::elasticsearch::cluster_name: lma
-lma::kibana::tls::enabled: <%= @tls_enabled %>
+lma::kibana::tls:
+    enabled: <%= @tls_enabled %>
 <% if @tls_enabled -%>
-lma::kibana::tls::hostname: <%= @kibana_hostname %>
-lma::kibana::tls::cert_file_path: <%= @cert_file_path %>
+    hostname: <%= @kibana_hostname %>
+    cert_file_path: <%= @cert_file_path %>
 <% end -%>
 lma::kibana::username: <%= @elasticsearch_kibana["kibana_username"] %>
 lma::kibana::password: <%= @elasticsearch_kibana["kibana_password"] %>

deployment_scripts/puppet/manifests/provision_services.pp

@@ -20,9 +20,10 @@ $vip = hiera('lma::elasticsearch::vip')
 $kibana_port = hiera('lma::elasticsearch::kibana_frontend_port')
 $es_port = hiera('lma::elasticsearch::rest_port')
 $number_of_replicas = hiera('lma::elasticsearch::number_of_replicas')
-if hiera('lma::kibana::tls::enabled') {
+$kibana_tls = hiera_hash('lma::kibana::tls')
+if $kibana_tls['enabled'] {
   $protocol = 'https'
-  $kibana_hostname = hiera('lma::kibana::tls::hostname')
+  $kibana_hostname = $kibana_tls['hostname']
   $kibana_link_data = "{\"title\":\"Kibana\",\
   \"description\":\"Dashboard for visualizing logs and notifications (${kibana_hostname}: ${vip})\",\
   \"url\":\"${protocol}://${kibana_hostname}:${kibana_port}/\"}"