Configure SQL TLS environment variables in server-job

[grzegorz8]

What was changed

Added support for SQL_TLS* properties in schema jobs (server-job.yaml).

Why?

Currently, when PostgreSQL database is secured with TLS, schema jobs are not properly configured.

In the Pull Request we reuse server.config.persistence.*.sql.tls, server.config.additionalVolumes and server.config.additionalVolumeMounts properties..

Checklist

1. Closes No related issues.

2. How was this tested:

3. Any docs updates needed?

No updates needed.

[CLAassistant]

All committers have signed the CLA.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[LukaGiorgadze]

@grzegorz8 May I ask you - what does it mean "schema jobs are not properly configured"?

[grzegorz8]

@grzegorz8 May I ask you - what does it mean "schema jobs are not properly configured"?

I meant that TLS related env variables are not set (SQL_TLS_KEY_FILE, SQL_TLS_CERT_FILE, etc).

[arkoc]

SQL_TLS=true is required option for connecting to Azure Postgres Flexible Servers. Probably it is required for other 'serverless' managed databases, but we only tested on Azure.

This is the error we recieved (without SQL_TLS)

2023-10-03T12:34:11.898Z	ERROR	Unable to create SQL database.	{"error": "unable to connect to DB, tried default DB names: postgres,defaultdb, errors: [pq: no pg_hba.conf entry for host \"XX.XX.XX.XX\", user \"admin\", database \"postgres\", no encryption pq: no pg_hba.conf entry for host \"XX.XX.XX.XX\", user \"admin\", database \"defaultdb\", no encryption]", "logging-call-at": "handler.go:94"}

[debugger24]

Hi @grzegorz8 any update on this PR ?

[syugoman-armenotech]

Hi everyone! Any updates for this PR?

[syugoman-armenotech]

@grzegorz8 Hi! Can you please update an example? It will be helpful https://github.com/temporalio/helm-charts/blob/master/charts/temporal/values/values.postgresql.yaml

[grzegorz8]

@grzegorz8 Hi! Can you please update an example? It will be helpful https://github.com/temporalio/helm-charts/blob/master/charts/temporal/values/values.postgresql.yaml

Example updated. Please check if it looks fine.

[ChristianGottinger]

Tested the Branch with Azure MySql with TLS enabled. Works.

[devinargenta]

Hello! Wanted to bump this as it would be useful for us. Thank you!

[moss2k13]

can someone clarify the status of this PR?

we are using these changes without issues with postgresql versions 15.x

[robholland]

Looks good, one tiny tweak.

[robholland]

Thanks for your contribution :) For future reference, when you've attended to feedback in PR, if you can re-request review from the reviewer, it helps us spot when something is ready for us to look at again.

[esn89]

Does this additionalVolumeMount nest in: server.config.additionalVolumes

Like what the original post says?

Or nested under server.additionalVolumes as per: https://github.com/temporalio/helm-charts/pull/411/files#diff-5f8eb04d49dd7caffd33da659dd7bae84435c114a6255319b2965dcf6a2536abR254

[grzegorz8]

Does this additionalVolumeMount nest in: server.config.additionalVolumes

Like what the original post says?

Or nested under server.additionalVolumes as per: https://github.com/temporalio/helm-charts/pull/411/files#diff-5f8eb04d49dd7caffd33da659dd7bae84435c114a6255319b2965dcf6a2536abR254

The description is wrong, the code is right. Sorry for confusion.