Turn of Keycloak HTTP and make the Keycloak HTTPS only

This is the default for Keycloak.
HTTP is insecure.

class/defaults.yml

@@ -172,7 +172,6 @@ parameters:
       args:
         - start
         - --auto-build
-        - --http-enabled=true # Helm chart requires it currently
 
       # extraEnv *MUST* be a string, as it's fed through a templating
       # function.
@@ -253,6 +252,29 @@ parameters:
         # Workaround until https://github.com/codecentric/helm-charts/pull/432 is solved
         httpPort: 8080
         labels: ${keycloak:labels}
+      livenessProbe: |
+        httpGet:
+          path: '{{ tpl .Values.http.relativePath $ | trimSuffix "/" }}/health/live'
+          port: https
+          scheme: HTTPS
+        initialDelaySeconds: 0
+        timeoutSeconds: 5
+      readinessProbe: |
+        httpGet:
+          path: '{{ tpl .Values.http.relativePath $ | trimSuffix "/" }}/health/ready'
+          port: https
+          scheme: HTTPS
+        initialDelaySeconds: 10
+        timeoutSeconds: 1
+      startupProbe: |
+        httpGet:
+          path: '{{ tpl .Values.http.relativePath $ | trimSuffix "/" }}/health'
+          port: https
+          scheme: HTTPS
+        initialDelaySeconds: 15
+        timeoutSeconds: 1
+        failureThreshold: 60
+        periodSeconds: 5
       serviceMonitor:
         enabled: ${keycloak:monitoring:enabled}
         labels: ${keycloak:labels}

tests/golden/builtin/builtin/builtin/01_keycloak_helmchart/keycloakx/templates/statefulset.yaml

@@ -57,7 +57,6 @@ spec:
       - args:
         - start
         - --auto-build
-        - --http-enabled=true
         env:
         - name: FOO
           value: bar
@@ -104,7 +103,8 @@ spec:
         livenessProbe:
           httpGet:
             path: /auth/health/live
-            port: http
+            port: https
+            scheme: HTTPS
           initialDelaySeconds: 0
           timeoutSeconds: 5
         name: keycloak
@@ -118,7 +118,8 @@ spec:
         readinessProbe:
           httpGet:
             path: /auth/health/ready
-            port: http
+            port: https
+            scheme: HTTPS
           initialDelaySeconds: 10
           timeoutSeconds: 1
         resources:
@@ -135,7 +136,8 @@ spec:
           failureThreshold: 60
           httpGet:
             path: /auth/health
-            port: http
+            port: https
+            scheme: HTTPS
           initialDelaySeconds: 15
           periodSeconds: 5
           timeoutSeconds: 1

tests/golden/external/external/external/01_keycloak_helmchart/keycloakx/templates/statefulset.yaml

@@ -57,7 +57,6 @@ spec:
       - args:
         - start
         - --auto-build
-        - --http-enabled=true
         env:
         - name: JAVA_OPTS
           value: -XX:+UseContainerSupport -XX:MaxRAMPercentage=50.0 -Djava.net.preferIPv4Stack=true
@@ -102,7 +101,8 @@ spec:
         livenessProbe:
           httpGet:
             path: /auth/health/live
-            port: http
+            port: https
+            scheme: HTTPS
           initialDelaySeconds: 0
           timeoutSeconds: 5
         name: keycloak
@@ -116,7 +116,8 @@ spec:
         readinessProbe:
           httpGet:
             path: /auth/health/ready
-            port: http
+            port: https
+            scheme: HTTPS
           initialDelaySeconds: 10
           timeoutSeconds: 1
         resources:
@@ -133,7 +134,8 @@ spec:
           failureThreshold: 60
           httpGet:
             path: /auth/health
-            port: http
+            port: https
+            scheme: HTTPS
           initialDelaySeconds: 15
           periodSeconds: 5
           timeoutSeconds: 1

tests/golden/openshift-postgres/openshift-postgres/openshift-postgres/01_keycloak_helmchart/keycloakx/templates/statefulset.yaml

@@ -57,7 +57,6 @@ spec:
       - args:
         - start
         - --auto-build
-        - --http-enabled=true
         env:
         - name: JAVA_OPTS
           value: -XX:+UseContainerSupport -XX:MaxRAMPercentage=50.0 -Djava.net.preferIPv4Stack=true
@@ -102,7 +101,8 @@ spec:
         livenessProbe:
           httpGet:
             path: /auth/health/live
-            port: http
+            port: https
+            scheme: HTTPS
           initialDelaySeconds: 0
           timeoutSeconds: 5
         name: keycloak
@@ -116,7 +116,8 @@ spec:
         readinessProbe:
           httpGet:
             path: /auth/health/ready
-            port: http
+            port: https
+            scheme: HTTPS
           initialDelaySeconds: 10
           timeoutSeconds: 1
         resources:
@@ -133,7 +134,8 @@ spec:
           failureThreshold: 60
           httpGet:
             path: /auth/health
-            port: http
+            port: https
+            scheme: HTTPS
           initialDelaySeconds: 15
           periodSeconds: 5
           timeoutSeconds: 1

tests/golden/openshift/openshift/openshift/01_keycloak_helmchart/keycloakx/templates/statefulset.yaml

@@ -57,7 +57,6 @@ spec:
       - args:
         - start
         - --auto-build
-        - --http-enabled=true
         env:
         - name: JAVA_OPTS
           value: -XX:+UseContainerSupport -XX:MaxRAMPercentage=50.0 -Djava.net.preferIPv4Stack=true
@@ -102,7 +101,8 @@ spec:
         livenessProbe:
           httpGet:
             path: /auth/health/live
-            port: http
+            port: https
+            scheme: HTTPS
           initialDelaySeconds: 0
           timeoutSeconds: 5
         name: keycloak
@@ -116,7 +116,8 @@ spec:
         readinessProbe:
           httpGet:
             path: /auth/health/ready
-            port: http
+            port: https
+            scheme: HTTPS
           initialDelaySeconds: 10
           timeoutSeconds: 1
         resources:
@@ -131,7 +132,8 @@ spec:
           failureThreshold: 60
           httpGet:
             path: /auth/health
-            port: http
+            port: https
+            scheme: HTTPS
           initialDelaySeconds: 15
           periodSeconds: 5
           timeoutSeconds: 1