Add https support to readinessProbe

[jordansissel]

If server.ssl.enabled is set in Kibana (vi SERVER_SSL_ENABLED env var),
then the readinessProbe will use https to test for readiness.

Fixes #16

[jordansissel]

Caveat: This is my first effort to do anything of substance with Helm.

Open questions:

• Is kibanaSSLHostname the best value name?
• Does the shell script need more comments?

[jordansissel]

Test results:

% kubectl get pods -l app=kibana
NAME                            READY   STATUS    RESTARTS   AGE
xyz-kibana-5dfb9fcdb8-pfv6l   1/1     Running   0          15m
xyz-kibana-5dfb9fcdb8-s6zsq   1/1     Running   0          15m

(Without this patch, the READY state would forever be 0/1 as the check over http would always fail)

[Crazybus]

LGTM apart from updating the readme! Thanks so much for picking this up.

Can you share the configuration you are using to test this? I will then be able to update the security example to make sure this configuration is part of the automated testing for this chart.

[Crazybus]

Is kibanaSSLHostname the best value name?

Sounds right to me and it is following the helm variable naming conventions.

Does the shell script need more comments?

The code is clear and logical to me, I didn't have any trouble understanding it without comments 👍

[jordansissel]

Added an entry to the readme. I'll see about attaching the values.yaml I'm using.

[jordansissel]

values.yaml for kibana:

elasticsearchURL: "https://redacted-data:9200"
replicas: 2 
kibanaSSLHostname: "redacted-kibana"

extraEnvs:
  - name: 'xpack.security.encryptionKey'
    valueFrom: { secretKeyRef: { name: kibana-encryption-key, key: key } } 
  - name: 'ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES'
    value: '/usr/share/kibana/config/certs/elastic-certificate.pem'
  - name: 'ELASTICSEARCH_SSL_VERIFICATIONMODE'
    value: 'certificate'

  - name: 'ELASTICSEARCH_USERNAME'
    valueFrom: { secretKeyRef: { name: elastic-credentials, key: username } } 
  - name: 'ELASTICSEARCH_PASSWORD'
    valueFrom: { secretKeyRef: { name: elastic-credentials, key: password } } 

  # Set these when Kibana needs to serve HTTPS to browsers.
  - name: 'SERVER_SSL_KEY'
    value: /usr/share/kibana/config/certs/kibana/kibana.key
  - name: 'SERVER_SSL_CERTIFICATE'
    value: /usr/share/kibana/config/certs/kibana/kibana.crt
  - name: 'SERVER_SSL_ENABLED'
    value: "true"

secretMounts:
  # Certificate for trusting Elasticsearch when Kibana talks to it over HTTPS.
  - name: elastic-certificate-pem
    secretName: elastic-certificate-pem
    path: /usr/share/kibana/config/certs
  # Kibana's SSL certificate and key live here.
  - name: kibana-certificate
    secretName: kibana-certificate
    path: /usr/share/kibana/config/certs/kibana

[Crazybus]

jenkins test this please

[Crazybus]

Thanks for adding your config! I'll update the integration test/example to use it.