feat: Add support for custom root certificates in Java keystore

[patsevanton]

Feature: Custom Root Certificates in Java Keystore

Description

This pull request introduces support for importing custom root certificates into the Java keystore during the Docker image build process. This enhancement allows the application to trust additional certificates, which is particularly useful for environments where custom certificates are required.

Changes

• Dockerfile:
  • Added a step to create a directory for certificates (/etc/kafkaui/certs).
  • Added a loop to import any .crt files found in the /etc/kafkaui/certs directory into the Java keystore using keytool.

Please review and provide feedback.

How Has This Been Tested? (put an "x" (case-sensitive!) next to an item)

• No need to
• Manually (please, describe, if necessary)
• Unit checks
• Integration checks
• Covered by existing automation

Checklist (put an "x" (case-sensitive!) next to all the items, otherwise the build will fail)

• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation (e.g. ENVIRONMENT VARIABLES)
• My changes generate no new warnings (e.g. Sonar is happy)
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• Any dependent changes have been merged

Check out Contributing and Code of Conduct

A picture of a cute animal (not mandatory but encouraged)

[patsevanton]

I run ./mvnw clean install -Dmaven.test.skip=true -Pprod

What commands do I need to run before launching docker build?
What commands should I use to build a custom docker image?
Maybe there is a docker-compose in which the docker image is assembled?

[Haarolean]

I'd rather see a custom truststore created and passed via these spring properties

server:
  ssl:
    trust-store: classpath:keycloak-truststore.jks
    trust-store-password: changeit

rather than messing with jre's truststore, what do you think?

[patsevanton]

where configure spring properties?
do I need to add a certificate to keycloak-truststore.jks ?

[Haarolean]

do I need to add a certificate to keycloak-truststore.jks ?
we can build a new truststore from scratch within the same script and put it somewhere

where configure spring properties?
I believe we can try setting env vars like SERVER_SSL_TRUST-STORE: xxx, or leave this to the user (given this will be well documented, adding a few config properties is way easier than building a truststore from scratch)

[patsevanton]

I am not Java developer. I don`t know spring. Could you share simple example without kubernetes?

[Haarolean]

I run ./mvnw clean install -Dmaven.test.skip=true -Pprod

What commands do I need to run before launching docker build? What commands should I use to build a custom docker image? Maybe there is a docker-compose in which the docker image is assembled?

clean install with prod profile enabled will build the image, you don't have to do this manually.