[🚀 Feature]: Manage TLS Certificate Externally

[declan-fitzpatrick]

Feature and motivation

The tls-cert-secret.yaml has limited functionality.

It only allows self signed cert generation if ingress is enabled, and tls is disabled. Alternatively, you have to pass the values of the certificate in as non-base64 literals, which causes an issue with the selenium.jks binary.

Ideally, the helm chart would allow you to manage the secret yourself, and pass the name into a value like .Values.tls.existingSecretName. Functionally, only seleniumGrid.tls.fullname needs an update, and then tls-cert-secret.yaml would need an overall toggle

Usage example

To use the feature, you would manage your secret yourself, provisioning however you deem fit, for example:

./cert.sh
kubectl -n selenium-grid create secret generic ca-selenium --from-file=selenium.pem --from-file=selenium.jks --from-file=selenium.pkcs8

And use the TLS secret in Selenium Grid.

...
tls: 
  enabled: true
  existingSecretName: "ca-selenium"
...

[github-actions[bot]]

@declan-fitzpatrick, thank you for creating this issue. We will troubleshoot it as soon as we can.

---

Info for maintainers

Triage this issue by using labels.

If information is missing, add a helpful comment and then I-issue-template label.

If the issue is a question, add the I-question label.

If the issue is valid but there is no time to troubleshoot it, consider adding the help wanted label.

If the issue requires changes or fixes from an external project (e.g., ChromeDriver, GeckoDriver, MSEdgeDriver, W3C), add the applicable G-* label, and it will provide the correct link and auto-close the issue.

After troubleshooting the issue, please add the R-awaiting answer label.

Thank you!

[VietND96]

In part of this, I am doing the refactoring on helm chart config keys to enable TLS ingress only or the secure connection in both server and ingress in front