From 5c55583b047bf6873108ccb821dd33efacbff408 Mon Sep 17 00:00:00 2001
From: Pierre Riteau <pierre@stackhpc.com>
Date: Mon, 26 Sep 2022 10:51:50 +0200
Subject: [PATCH] Fix Ironic API healthcheck with backend TLS

Closes-Bug: #1990819
Change-Id: I12c451077114b77b11810f25eb5b6187cdf08ad9
---
 ansible/roles/ironic/defaults/main.yml                       | 2 +-
 .../ironic-api-backend-tls-healthcheck-481b69116b072913.yaml | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)
 create mode 100644 releasenotes/notes/ironic-api-backend-tls-healthcheck-481b69116b072913.yaml

diff --git a/ansible/roles/ironic/defaults/main.yml b/ansible/roles/ironic/defaults/main.yml
index 66ad6b164a..ab6c751ad1 100644
--- a/ansible/roles/ironic/defaults/main.yml
+++ b/ansible/roles/ironic/defaults/main.yml
@@ -149,7 +149,7 @@ ironic_api_enable_healthchecks: "{{ enable_container_healthchecks }}"
 ironic_api_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
 ironic_api_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
 ironic_api_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
-ironic_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl http://{{ api_interface_address | put_address_in_context('url') }}:{{ ironic_api_listen_port }}"]
+ironic_api_healthcheck_test: ["CMD-SHELL", "healthcheck_curl {{ 'https' if ironic_enable_tls_backend | bool else 'http' }}://{{ api_interface_address | put_address_in_context('url') }}:{{ ironic_api_listen_port }}"]
 ironic_api_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
 ironic_api_healthcheck:
   interval: "{{ ironic_api_healthcheck_interval }}"
diff --git a/releasenotes/notes/ironic-api-backend-tls-healthcheck-481b69116b072913.yaml b/releasenotes/notes/ironic-api-backend-tls-healthcheck-481b69116b072913.yaml
new file mode 100644
index 0000000000..0bba6b9db1
--- /dev/null
+++ b/releasenotes/notes/ironic-api-backend-tls-healthcheck-481b69116b072913.yaml
@@ -0,0 +1,5 @@
+---
+fixes:
+  - |
+    Fixes Ironic API healthchecks when backend TLS encryption is enabled.
+    `LP#1990819 <https://launchpad.net/bugs/1990819>`__