feat: Add support for custom root certificates in Java keystore

Author: patsevanton

api/Dockerfile

@@ -11,15 +11,7 @@ RUN apk add --no-cache \
 RUN addgroup -S kafkaui && adduser -S kafkaui -G kafkaui
 
 # creating folder for dynamic config usage (certificates uploads, etc)
-RUN mkdir -p /etc/kafkaui/certs
-RUN if ls /etc/kafkaui/certs/*.crt 1> /dev/null 2>&1; then \
-        for cert in /etc/kafkaui/certs/*.crt; do \
-            keytool -import -noprompt -trustcacerts -alias $(basename $cert .crt) -file $cert -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit; \
-        done \
-    else \
-        echo "No certificates found in /etc/kafkaui/certs/"; \
-    fi
-
+RUN mkdir /etc/kafkaui/
 RUN chown kafkaui /etc/kafkaui
 
 USER kafkaui

api/import-certs.sh

@@ -0,0 +1,18 @@
+#!/bin/sh
+
+CERT_DIR="/etc/kafkaui/certs"
+KEYSTORE="$JAVA_HOME/lib/security/cacerts"
+STOREPASS="changeit"
+
+if [ -d "$CERT_DIR" ]; then
+    for cert in $CERT_DIR/*.crt; do
+        if [ -f "$cert" ]; then
+            alias=$(basename "$cert" .crt)
+            echo "Importing $cert with alias $alias"
+            keytool -import -noprompt -trustcacerts -alias "$alias" -file "$cert" -keystore "$KEYSTORE" -storepass "$STOREPASS"
+        fi
+    done
+else
+    echo "No certificates directory found at $CERT_DIR"
+fi
+