mount /etc/ssl to enable pickup of infra CA certs

eidas-proxy/overlay/etc/eidas-proxy/xy/cfg/application.properties

@@ -6,9 +6,10 @@ server.context-path=/eidas-ps
 
 # Service port connector settings
 server.port=8443
-server.ssl.key-store=classpath:server-tls.jks
+#server.ssl.key-store=${proxy-service.path.prefix}/keystore/sslSnakeOil.p12
-server.ssl.key-store-password=secret
+#server.ssl.key-store-type=PKCS12
-server.ssl.key-password=secret
+#server.ssl.key-store-password=secret
+#server.ssl.key-password=secret
 
 tomcat.ajp.port=8009
 tomcat.ajp.remoteauthentication=false

global/overlay/etc/puppet/cosmos-rules.yaml

@@ -46,7 +46,7 @@ r1.komreg.net:
    sunet_iaas_cloud:
    autoupdate:
    eidas_proxy:
-      version: 1.0.3
+      version: 1.0.4
    sunet::frontend::register_sites:
      sites:
        'xy.proxy.qa.sveidas.se':

global/overlay/etc/puppet/manifests/cosmos-site.pp

@@ -238,7 +238,8 @@ class eidas_proxy($version='1.0.0') {
       imagetag => $_version,
       ports    => ['443:8443'],
       volumes  => ['/var/log/eidas-proxy:/var/log/eidas-proxy',
-                   '/etc/eidas-proxy:/etc/eidas-proxy'],
+                   '/etc/eidas-proxy:/etc/eidas-proxy',
+                   '/etc/ssl:/etc/ssl'],
       env      => ["PROXY_SERVICE_PATH_PREFIX=/etc/eidas-proxy/$country",
                    "PROXY_SERVICE_DOMAIN_PREFIX=https://$hostname/eidas-ps",
                    "SPRING_PROFILES_ACTIVE=se",