Merge pull request elastic/elasticsearch#1701 from s1monw/fix_trust_store_loading

Watcher should try to load trust/keystore from `config` directory

Today Watcher tries to load stuff from the bin's parent directory which
is not readable since the shared data directory has been moved out of
the nodes parent in elasticsearchelastic/elasticsearch#17072 which causes security exception
now. The test copies trust stores into the config dir and that's where
we should read it from by default or even better explicitly configure the path?!

Original commit: elastic/x-pack-elasticsearch@6ad580d1ea

elasticsearch/x-pack/marvel/src/main/java/org/elasticsearch/marvel/cleaner/CleanerService.java

@@ -67,7 +67,9 @@ public class CleanerService extends AbstractLifecycleComponent<CleanerService> {
     @Override
     protected void doClose() {
         logger.debug("closing cleaning service");
+        if (runnable != null) {
             runnable.cancel();
+        }
         logger.debug("cleaning service closed");
     }
 

elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/watcher/support/http/HttpClient.java

@@ -281,7 +281,7 @@ public class HttpClient extends AbstractLifecycleComponent<HttpClient> {
         if (keyStore == null) {
             return null;
         }
-        Path path = env.binFile().getParent().resolve(keyStore);
+        Path path = env.configFile().resolve(keyStore);
         if (Files.notExists(path)) {
             return null;
         }
@@ -304,7 +304,7 @@ public class HttpClient extends AbstractLifecycleComponent<HttpClient> {
             // Load TrustStore
             KeyStore ks = null;
             if (trustStore != null) {
-                Path trustStorePath = env.binFile().getParent().resolve(trustStore);
+                Path trustStorePath = env.configFile().resolve(trustStore);
                 if (Files.exists(trustStorePath)) {
                     ks = readKeystore(trustStorePath, trustStorePassword);
                 }