Use Cases for Updating Keystore File as Part of Incremental Changes

Update keystore/truststore files in Git:

Using browser UI:

Access your Git instance from browser and go to the Helm charts repository.
Navigate to the siebel-config/keystore folder.
Upload and commit new custom keystore/truststore files having .jks extension.
Edit siebel-config/Chart.yaml and increment chart version and commit the same.

Using terminal:

SSH to SCM instance.
sudo podman exec -it cloudmanager -bash
cd <env_dir>/<Helm charts repository name>/siebel-config/keystore
Copy custom keystore/truststore files having extension .jks to above path.
vi <env_dir>/<Helm charts repository name>/siebel-config/Chart.yaml
Increment chart version.

Commit the changes and push to remote repository:

git pull
git add <file1> <file2>
git commit -m <message>
git push

Wait for 10 minutes so that flux will automatically reconcile and uptake above changes. Or you can manually reconcile using below commands:

flux reconcile source git siebel-repo
flux reconcile kustomization apps

The reconcile process might take upto 10 minutes. The new custom keystore/truststore files will be pulled and Kubernetes Secret - "keystore" will be updated with new cert values.

Note: While the flux reconciliation is in progress, if you are monitoring your cluster by querying the status of the pod and helm release:

The kubectl -n <namespace> get pods command will return the status of the pod (configure-xxxxx) as init:3/4.
The helm -n <namespace> ls -a command will return the status of the Helm release (siebel-config) as pending-upgrade.

The status of the pod init:3/4 and Helm release pending-upgrade is as expected, you must proceed to step 3.

Execute the following commands to upgrade Siebel Server/SAI/CGW containers with new certificates.

Edit <Helm charts repository name>/siebel/Chart.yaml, increment chart version, and commit the same.
Edit <Helm charts repository name>/siebel-gateway/Chart.yaml, increment chart version, and commit the same.