Postgres TLS config is documented in downstream documentation, doc. draft.

Script for manual testing: https://github.com/janus-idp/backstage-showcase/tree/main/.ibm/manual-tests/postgres 

Test coverage is required in CloudSQL for PostgreSQL with versions as defined in the Test plan

Verify with CloudSQL for PostgreSQL versions:

• 14.x
• 15.x
• 16.x

Cluster - GCP OCP 4.17

RHDH version: 1.7.0 RC
Images:

Note: The following describes deployment using a sidecar. Backstage supports Cloud SQL directly from 1.34.0: https://backstage.io/docs/next/releases/v1.34.0/#direct-google-cloudsql-postgres-support We might want to look into if it is supported by RHDH.

Approach:

• Request GCP OCP cluster from Cluster Bot:
  ```
  launch 4.17 gcp
  ```
• Install the operator:
     ```
     ./install-rhdh-catalog-source.sh -v 1.7 --install-operator rhdh
       ```
• Create Cloud SQL instance
  • to accept connections from the cluster (Connections > Networking > Add a network > 0.0.0.0/0 or the cluster IP CIDR)
  • with public IP (default)
  • configure here: https://console.cloud.google.com/sql/instances?inv=1&invt=AbsQ7Q&project=rhdh-qe 
• Create a service account: https://cloud.google.com/sql/docs/mysql/connect-auth-proxy#create-service-account
• Download the service account key
• Create a project for RHDH deployment
• Create a secret with the service account key: https://cloud.google.com/sql/docs/mysql/connect-kubernetes-engine#service-account-key-file
  ```
  kubectl create secret generic cloud-sql-service-account --from-file=service_account.json=~/Downloads/rhdh-qe-7d8ba3b8c07a.json
  ```
• Apply the attached config files
  ```
  oc apply -f app-config-rhdh.yaml -f postgres-cred-secret.yaml -f operator-cr.yaml
  ```