S-105728 xl-cli SSL setup improvements (#327)

* S-105728 xl-cli SSL setup improvements

* S-105728 fix keystore type selection

---------

Co-authored-by: Vedran Pugar <vedran.pugar@digital.ai>

templates/_helpers.tpl

@@ -542,7 +542,7 @@ deploy: license or licenseAcceptEula
 {{- define "render.secret-name" -}}
   {{- if .value -}}
     {{- if kindIs "map" .value -}}
-{{- tpl (.value.valueFrom.secretKeyRef.name | toYaml) .context }}
+{{- tpl .value.valueFrom.secretKeyRef.name .context }}
     {{- else if kindIs "string" .value -}}
 {{ .defaultName }}
     {{- else -}}

templates/deploy-master-statefulset.yaml

@@ -260,7 +260,7 @@ spec:
             {{- end }}
             {{- if .Values.truststore.truststore }}
             - name: TRUSTSTORE
-              value: "/opt/xebialabs/xl-deploy-server/truststore/{{ include "secrets.key" (dict "secretRef" .Values.truststore.truststore "default" "truststore" "context" $) }}"
+              value: "/opt/xebialabs/xl-deploy-server/certs/{{ include "secrets.key" (dict "secretRef" .Values.truststore.truststore "default" "truststore" "context" $) }}"
             - name: TRUSTSTORE_TYPE
               value: {{ .Values.truststore.type | quote }}
             {{- if .Values.truststore.password }}
@@ -305,7 +305,7 @@ spec:
             - name: SSL
               value: {{ .Values.ssl.enabled | quote }}
             - name: HTTP_SSL_KEYSTORE_PATH
-              value: /opt/xebialabs/xl-deploy-server/http-ssl-keystore/{{ include "secrets.key" (dict "secretRef" .Values.ssl.keystore "default" (printf "ssl_keystore.%s" .Values.ssl.keystoreType) "context" $) }}
+              value: /opt/xebialabs/xl-deploy-server/certs/{{ include "secrets.key" (dict "secretRef" .Values.ssl.keystore "default" (printf "ssl_keystore.%s" .Values.ssl.keystoreType) "context" $) }}
             - name: HTTP_SSL_KEYSTORE_PASSWORD
               {{- include "render.value-secret" (dict  "value" .Values.ssl.keystorePassword "defaultName" (include "common.names.fullname" .) "defaultKey" "sslKeystorePassword" "context" $ ) | nindent 14 }}
             - name: HTTP_SSL_KEYSTORE_KEYPASSWORD
@@ -389,7 +389,7 @@ spec:
               subPath: {{ $v.path }}
             {{- end }}
             {{- if .Values.truststore.truststore }}
-            - mountPath: /opt/xebialabs/xl-deploy-server/truststore/{{ include "secrets.key" (dict "secretRef" .Values.truststore.truststore "default" "truststore" "context" $) }}
+            - mountPath: /opt/xebialabs/xl-deploy-server/certs/{{ include "secrets.key" (dict "secretRef" .Values.truststore.truststore "default" "truststore" "context" $) }}
               name: deploy-truststore
               subPath: {{ include "secrets.key" (dict "secretRef" .Values.truststore.truststore "default" "truststore" "context" $) }}
               readOnly: true
@@ -401,7 +401,7 @@ spec:
             {{- end }}
             {{- if .Values.ssl.enabled }}
             - name: http-ssl-keystore
-              mountPath: /opt/xebialabs/xl-deploy-server/http-ssl-keystore/{{ include "secrets.key" (dict "secretRef" .Values.ssl.keystore "default" (printf "ssl_keystore.%s" .Values.ssl.keystoreType) "context" $) }}
+              mountPath: /opt/xebialabs/xl-deploy-server/certs/{{ include "secrets.key" (dict "secretRef" .Values.ssl.keystore "default" (printf "ssl_keystore.%s" .Values.ssl.keystoreType) "context" $) }}
               subPath: {{ include "secrets.key" (dict "secretRef" .Values.ssl.keystore "default" (printf "ssl_keystore.%s" .Values.ssl.keystoreType) "context" $) }}
               readOnly: true
             {{- end }}

templates/deploy-worker-statefulset.yaml

@@ -278,7 +278,7 @@ spec:
             {{- end }}
             {{- if .Values.truststore.truststore }}
             - name: TRUSTSTORE
-              value: "/opt/xebialabs/deploy-task-engine/truststore/{{ include "secrets.key" (dict "secretRef" .Values.truststore.truststore "default" "truststore" "context" $) }}"
+              value: "/opt/xebialabs/deploy-task-engine/certs/{{ include "secrets.key" (dict "secretRef" .Values.truststore.truststore "default" "truststore" "context" $) }}"
             - name: TRUSTSTORE_TYPE
               value: {{ .Values.truststore.type | quote }}
             {{- if .Values.truststore.password }}
@@ -362,7 +362,7 @@ spec:
               subPath: {{ $v.path }}
             {{- end }}
             {{- if .Values.truststore.truststore }}
-            - mountPath: /opt/xebialabs/deploy-task-engine/truststore/{{ include "secrets.key" (dict "secretRef" .Values.truststore.truststore "default" "truststore" "context" $) }}
+            - mountPath: /opt/xebialabs/deploy-task-engine/certs/{{ include "secrets.key" (dict "secretRef" .Values.truststore.truststore "default" "truststore" "context" $) }}
               name: deploy-truststore
               subPath: {{ include "secrets.key" (dict "secretRef" .Values.truststore.truststore "default" "truststore" "context" $) }}
               readOnly: true
@@ -382,7 +382,7 @@ spec:
         {{- if .Values.truststore.truststore }}
         - name: deploy-truststore
           secret:
-            secretName: {{- include "render.secret-name" (dict "value" .Values.truststore.truststore "defaultName" (include "common.names.fullname" .) "context" $ ) }}
+            secretName: {{ include "render.secret-name" (dict "value" .Values.truststore.truststore "defaultName" (include "common.names.fullname" .) "context" $ ) }}
         {{- end }}
         {{- if .Values.worker.configuration }}
         - name: configuration

tests/values/xldevdocker.yaml

@@ -1,15 +1,15 @@
 centralConfiguration:
   image:
     repository: xebialabsunsupported/central-configuration
-    tag: 24.1.0-1207.113-centos
+    tag: 24.1.0-beta.3
     pullPolicy: Always
 master:
   image:
     repository: xebialabsunsupported/xl-deploy
-    tag: 24.1.0-1207.113-centos
+    tag: 24.1.0-beta.3
     pullPolicy: Always
 worker:
   image:
     repository: xebialabsunsupported/deploy-task-engine
-    tag: 24.1.0-1207.113-centos
+    tag: 24.1.0-beta.3
     pullPolicy: Always