feat: support extra init container and volume mounts

[bzp2010]

Add new configuration items to allow injecting custom initContainers and volumes into pgdog pods.

A key scenario is: this enables us to establish more secure TLS connections to upstream servers through verify-full.

For example, configure the public root certificate for AWS RDS to validate server certificates.

extraInitContainers:
  - name: init-ca
    image: busybox
    command: ['sh', '-c', 'wget -O /pki/ca-bundle.pem https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem']
    volumeMounts:
      - name: pki
        mountPath: /pki

extraVolumes:
  - name: pki
    emptyDir: {}

extraVolumeMounts:
  - name: pki
    mountPath: /pki
    readOnly: true

Result:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: test-pgdog
  labels:
    app.kubernetes.io/name: pgdog
    app.kubernetes.io/instance: test
    app.kubernetes.io/component: pgdog
spec:
  replicas: 2
  selector:
    matchLabels:
      app.kubernetes.io/name: pgdog
      app.kubernetes.io/instance: test
      app.kubernetes.io/component: pgdog
  template:
    metadata:
      labels:
        app.kubernetes.io/name: pgdog
        app.kubernetes.io/instance: test
        app.kubernetes.io/component: pgdog
    spec:
      serviceAccountName: test-pgdog
      initContainers:
        - command:
          - sh
          - -c
          - wget -O /pki/ca-bundle.pem https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem
          image: busybox
          name: init-ca
          volumeMounts:
          - mountPath: /pki
            name: pki
      containers:
        - name: pgdog
          ...
          volumeMounts:
            ...
            - mountPath: /pki
              name: pki
              readOnly: true
      volumes:
        ...
        - emptyDir: {}
          name: pki
      ...

[levkk]

Awesome, thanks!