(maint) Update preload certs for puppetserver

[Iristyle]

• With the change to the PE puppetserver container to relocate the ca directory outside of the certs directory to a sibling, that has changed how preloaded certs must be copied into the updated pe-puppesterver container.

  Now instead of being able to drop all files inside the 'certs' directory, files must be copied into the root directory of the volume which has a ca and certs sibling.

  Since this breaks convention, a new optional environment variable CERT_DESTDIR can be set on a container to establish the target directory within the volume. Most containers will not need to set this as it will default to 'certs'. Puppetserver on the other hand will need to set it to properly load the ca.

  See also:

  https://github.com/puppetlabs/pe-puppet-server-extensions/pull/1282 https://github.com/puppetlabs/puppetserver/pull/2445

• This also means the files on disk have been shuffled around to adhere to the new structure. For backwards compat, the certs directory keeps a symlink 'ca' that points to the sibling 'ca' directory

• Fixes a minor bug in how files are copied by specifying /tmp/src/. to properly copy a directory that only has sub-directories

• Raise an exception if docker_volume_cp fails

[Iristyle]

Currently vetting this against https://github.com/puppetlabs/pe-client-tools-vanagon/pull/312 ... holding off on the merge until I've got that working

[Iristyle]

This is breaking for a couple reasons:

• Requires new docker-compose version - will break any repos not on at least 1.28.0
• Requires puppetserver to preload certs different - inconsequential really, as it's only currently used in pupperware-commercial repo and is currently broken b/c of the puppetserver container change (but it will be rolled out to all repos shortly)

I'll make a sweep to update compose everywhere, then merge this ASAP. Then https://github.com/puppetlabs/pe-client-tools-vanagon/pull/312 can be merged and work can continue

UPDATE: pulled out the compose cli change to a PR #239 so I can merge the important stuff here now... and I'll bump compose versions across all the other repos as I go, then come back to merging the compose change. That will minimize churn.