Fixes #10234 - Postgres SSL Certificate fix

[reddymh]

Signed-off-by: Rajshekar Reddy reddymh@gmail.com

Fixes #10234

Please do not open a pull request until you have checked ALL of these:

• Create the PR as draft .
• Run make pre-commit -B to fix codegen and lint problems.
• Sign-off your commits (otherwise the DCO check will fail).
• Use a conventional commit message (otherwise the commit message check will fail).
• "Fixes #" is in both the PR title (for release notes) and this description (to automatically link and close the issue).
• Add unit or e2e tests. Say how you tested your changes. If you changed the UI, attach screenshots.
• Github checks are green.
• [] Once required tests have passed, mark your PR "Ready for review".

If changes were requested, and you've made them, dismiss the review to get it reviewed again.

[rohankmr414]

@reddymh have you tested this on your end?

[rohankmr414]

do we really need this? can't we use absolute paths for files in persist/sqldb/sqldb.go

[sarabala1979]

WorkDir is needed to refer to where all the binary and files need to be copied. Can we config the path?

[rohankmr414]

can you fix the lint here please https://github.com/argoproj/argo-workflows/actions/runs/3832454101/jobs/6522907398

[reddymh]

@rohankmr414 tried in visual studio and not getting any lint error but again I will cross check on lint errors.

[rohankmr414]

Can you run make lint in the repo directory? That'll fix it

[rohankmr414]

can we use the absolute path here and get rid of WORKDIR /home/argo from Dockerfile?

[reddymh]

@rohankmr414 we ca use absolute path. I thought argo server already using workdir in Dockerfile so I thought same thing we can use for argo controller.

[rohankmr414]

I don't see any issues with it as well, it's just an extra change that can be avoided.

cc: @sarabala1979

[sarabala1979]

Can we add another element in structs to configure the path and have a default value too?

[reddymh]

@sarabala1979 @rohankmr414 then we need to use constructor for this field in the struct.
Do you need this change?

[rohankmr414]

@reddymh yes you can add a field to the spec

[reddymh]

@rohankmr414 / @sarabala1979 added field to the spec and default vault if the variable is not configured in configmap or not defined.
Please review and approve the same

[rohankmr414]

can you also sign off your commits for DCO https://github.com/argoproj/argoproj/blob/master/community/CONTRIBUTING.md#legal

[reddymh]

yes . we have tested and running in prod as well

[reddymh]

can you also sign off your commits for DCO https://github.com/argoproj/argoproj/blob/master/community/CONTRIBUTING.md#legal

I have added signoff but still showing DCO - action required

[vladlosev]

This field and the next are mapped to the sslcert and sslkey options in the PostgreSQL connection options. The PostgreSQL documentation defines them as client certificate and key filename, so naming them server cert and server key is incorrect.

[reddymh]

@vladlosev changed the ServerCertSecret and ServerKeySecret as ClientCertSecret and ClientCertSecret and will change respective helm chart as well.

[reddymh]

cc: @sarabala1979 @rohankmr414

[vladlosev]

FWIW

[rohankmr414]

I have added signoff but still showing DCO - action required
@reddymh you'll have to sign off all your commits, you can also squash all your commits into one and then sign off the commit, you can also go to the details of the failing check and click the button to accept the DCO

[reddymh]

I have added signoff but still showing DCO - action required
@reddymh you'll have to sign off all your commits, you can also squash all your commits into one and then sign off the commit, you can also go to the details of the failing check and click the button to accept the DCO

@rohankmr414 @sarabala1979 @vladlosev Can we merge the PR?

[tooptoop4]

@reddymh do u think this caused #10498?