Enable option to add Volume, VolumeMount to devlake Deployment - critical for SSL certificate

[GuillermoGarciaF]

The devlake Deployment does not expose Volumes, VolumeMounts.

These are required e.g. to mount a CA Certificate to establish a secure SSL connection.
Our policies only allow SSL connections to Azure MySQL Server. I would love to contribute to Apache DevLAke and add the PR myself.

There are several GH issues related to SSL and the current limitations

• [Question][DevOps] Deploy devlake with managed GCP Cloud database service (with SSL enabled) incubator-devlake#7928
• Azure MySQL flexible server integration with ApacheDevlake helm chart incubator-devlake#8121

See #310

[GuillermoGarciaF]

CC: @abeizn @ZhangNing10 please review

[klesh]

Nice work, have you tested it on your local env?

[GuillermoGarciaF]

Yes, I successfully tested the following helm-values:

lake:
  volumeMounts:
    - name: azure-mysql-ca
      mountPath: /opt/argus/DigiCertGlobalRootCA.crt.pem
      subPath: DigiCertGlobalRootCA.crt.pem
      readOnly: true
  volumes:
    - name: azure-mysql-ca
      configMap:
        name: azure-mysql-ca
        items:
        - key: DigiCertGlobalRootCA.crt.pem
          path: DigiCertGlobalRootCA.crt.pem

which result in the following pod manifest:

-volumes: section:

-volumeMounts: section:

I also checked the certificate is correctly mounted in the container file system:

[GuillermoGarciaF]

Finally, I confirmed the devlake container stablishes SSL connection when concatenating &tls=custom&ca-cert=/opt/argus/DigiCertGlobalRootCA.crt.pem in the DB_URL environment variable.