From 0a06a71c07f6b24780fcfeab581f77146285cedf Mon Sep 17 00:00:00 2001
From: Igor Ribeiro Barbosa Duarte <igor.duarte@scylladb.com>
Date: Thu, 5 Dec 2024 15:01:19 -0300
Subject: [PATCH] ansible-scylla-node: Move the ssl crts generation to before
 scylla.yaml

This is necessary since the scylla.yaml.j2 file uses variables  '_localhost_cert_path',
'_localhost_cert_key_path' and '_truststore_exists', which are defined only
in the ssl task.
---
 ansible-scylla-node/tasks/common.yml | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/ansible-scylla-node/tasks/common.yml b/ansible-scylla-node/tasks/common.yml
index 1048f831..e1b84244 100644
--- a/ansible-scylla-node/tasks/common.yml
+++ b/ansible-scylla-node/tasks/common.yml
@@ -224,6 +224,13 @@
   when: (scylla_package_prefix + '-node-exporter') in ansible_facts.packages
   become: true
 
+- name: enable ssl options
+  include_tasks: ssl.yml
+  when:
+    - scylla_ssl is defined
+    - (scylla_ssl.internode.enabled|bool) or
+      (scylla_ssl.client.enabled|bool)
+
 - name: configure scylla.yaml
   template:
     src: templates/scylla.yaml.j2
@@ -300,13 +307,6 @@
   become: true
   loop: "{{ lookup('dict', scylla_yaml_params) }}"
 
-- name: enable ssl options
-  include_tasks: ssl.yml
-  when:
-    - scylla_ssl is defined
-    - (scylla_ssl.internode.enabled|bool) or
-      (scylla_ssl.client.enabled|bool)
-
 - name: Copy system keys
   include_tasks: handle_encryption_at_rest_keys.yml
   vars: