Add TLS Support for PostgreSQL

[samuel-lindgren]

There's currently no support for configuring TLS for secure communication with the databases.

Inspiration
Below is a code excerpt from our fork that could be used as inspiration.

{{- range $service := (list "frontend" "history" "matching" "worker") }}
{{- $serviceValues := index $.Values.server $service -}}
apiVersion: apps/v1
kind: Deployment
metadata:
  name: {{ include "cadence.componentname" (list $ $service) }}
  labels:
    app.kubernetes.io/name: {{ include "cadence.name" $ }}
    ...
spec:
  template:
    metadata:
      labels:
        ....
      annotations:
        ....
    spec:
      initContainers:
        {{- if ne $.Values.server.config.persistence.sql.sslMode "disable" }}
        - name: copy-ssl
          image: "{{ $.Values.server.image.repository }}:{{ $.Values.server.image.tag }}"
          command: [
            'sh', '-c',
            "cp /pg-secret/* /pg-ssl/; chown 1001:0 /pg-ssl/*; chmod 600 /pg-ssl/*"
          ]
          securityContext:
            {{- toYaml (default $.Values.server.securityContext $serviceValues.securityContext) | nindent 12 }}
          volumeMounts:
            - name: pg-secret
              mountPath: "/pg-secret"
              readOnly: true
            - name: pg-ssl
              mountPath: "/pg-ssl"
              readOnly: false
        {{- end }}
 
   $.Values.server.config.persistence.sql.port }}; do echo waiting for db to start; sleep 1; done;']
      containers:
        - name: {{ $.Chart.Name }}-{{ $service }}
          securityContext:
            {{- toYaml (default $.Values.server.securityContext $serviceValues.securityContext) | nindent 12 }}
          image: "{{ $.Values.server.image.repository }}:{{ $.Values.server.image.tag }}"
          imagePullPolicy: {{ $.Values.server.image.pullPolicy }}
          env:
            {{- if ne $.Values.server.config.persistence.sql.sslMode "disable" }}
            - name: SQL_TLS_CERT_FILE
              value: "/pg-ssl/client-cert.pem"
            - name: SQL_TLS_KEY_FILE
              value: "/pg-ssl/client-key.pem"
            - name: SQL_TLS_CA_FILE
              value: "/pg-ssl/server-ca.pem"
            {{- end }}