From 37ff9ed9c091920e8746c5d584c36ddff019b20d Mon Sep 17 00:00:00 2001
From: Chris Sibbitt <csibbitt@redhat.com>
Date: Tue, 4 Jul 2023 13:37:39 -0400
Subject: [PATCH] Move tls_server_name logic into a task for clarity

---
 roles/servicetelemetry/tasks/component_clouds.yml     | 11 +++++++++++
 .../templates/manifest_smartgateway_events.j2         |  2 +-
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/roles/servicetelemetry/tasks/component_clouds.yml b/roles/servicetelemetry/tasks/component_clouds.yml
index 38537937a..9db8615ab 100644
--- a/roles/servicetelemetry/tasks/component_clouds.yml
+++ b/roles/servicetelemetry/tasks/component_clouds.yml
@@ -38,6 +38,17 @@
         elastic_pass: "{{ elasticsearch_es_elastic_user.resources[0].data[elastic_user] | b64decode }}"
       no_log: true
 
+    - name: Set elastic_tls_server_name from forwarding config if set
+      set_fact:
+        elastic_tls_server_name: "{{ servicetelemetry_vars.backends.events.elasticsearch.forwarding.tls_server_name }}"
+      when: servicetelemetry_vars.backends.events.elasticsearch.forwarding.tls_server_name != ""
+
+    # This sets the server name based on the host part of the URL between // and : (https://elasticsearch-host:9200)
+    - name: Set elastic_tls_server_name by parsing the host_url if it's not set in the config
+      set_fact:
+        elastic_tls_server_name: "{{ servicetelemetry_vars.backends.events.elasticsearch.forwarding.host_url.rpartition('//')[-1].partition(':')[0] }}"
+      when: servicetelemetry_vars.backends.events.elasticsearch.forwarding.tls_server_name == ""
+
     - name: Get the Elasticsearch TLS materials secret
       k8s_info:
         api_version: v1
diff --git a/roles/servicetelemetry/templates/manifest_smartgateway_events.j2 b/roles/servicetelemetry/templates/manifest_smartgateway_events.j2
index 83c6a3b76..3a80ad92d 100644
--- a/roles/servicetelemetry/templates/manifest_smartgateway_events.j2
+++ b/roles/servicetelemetry/templates/manifest_smartgateway_events.j2
@@ -18,7 +18,7 @@ spec:
       tlsClientCert: /config/certs/user.crt
       tlsClientKey: /config/certs/user.key
       tlsCaCert: /config/certs/ca.crt
-      tlsServerName: {{ (elasticsearch.forwarding.tls_server_name != "") | ternary(elasticsearch.forwarding.tls_server_name, elasticsearch.forwarding.host_url.rpartition("//")[-1].partition(":")[0]) }}
+      tlsServerName: {{ elastic_tls_server_name }}
       tlsSecretName: {{ elasticsearch.forwarding.tls_secret_name }}
       user: {{ elastic_user | default('elastic') }}
       password: {{ elastic_pass | default('') }}