Revert "Fixes argoproj#10234 - Postgres SSL Certificate fix (argoproj#10300)" (#16)

This PR:
- reverts the broken postgres connection PR

Author: JPZ13

Dockerfile

@@ -91,8 +91,6 @@ FROM gcr.io/distroless/static as workflow-controller
 
 USER 8737
 
-WORKDIR /home/argo
-
 COPY hack/ssh_known_hosts /etc/ssh/
 COPY hack/nsswitch.conf /etc/
 COPY --chown=8737 --from=workflow-controller-build /go/src/github.com/argoproj/argo-workflows/dist/workflow-controller /bin/

config/config.go

@@ -232,19 +232,8 @@ func (c DatabaseConfig) GetHostname() string {
 
 type PostgreSQLConfig struct {
 	DatabaseConfig
-	SSL              bool                    `json:"ssl,omitempty"`
-	SSLMode          string                  `json:"sslMode,omitempty"`
-	CaCertSecret     apiv1.SecretKeySelector `json:"caCertSecret,omitempty"`
-	ClientCertSecret apiv1.SecretKeySelector `json:"clientCertSecret,omitempty"`
-	ClientKeySecret  apiv1.SecretKeySelector `json:"clientKeySecret,omitempty"`
-	CertPath         string                  `json:"certPath"`
-}
-
-func (c PostgreSQLConfig) GetPGCertPath() string {
-	if c.CertPath != "" {
-		return c.CertPath
-	}
-	return "/home/argo/pgcerts"
+	SSL     bool   `json:"ssl,omitempty"`
+	SSLMode string `json:"sslMode,omitempty"`
 }
 
 type MySQLConfig struct {

persist/sqldb/sqldb.go

@@ -3,7 +3,6 @@ package sqldb
 import (
 	"context"
 	"fmt"
-	"os"
 	"time"
 
 	"k8s.io/client-go/kubernetes"
@@ -54,43 +53,9 @@ func CreatePostGresDBSession(kubectlConfig kubernetes.Interface, namespace strin
 	}
 
 	if cfg.SSL {
-		if cfg.SSLMode != "" && cfg.SSLMode != "disable" {
-			err := os.MkdirAll(cfg.GetPGCertPath(), 0700)
-			if err != nil {
-				return nil, "", err
-			}
-			rootCertByte, err := util.GetSecrets(ctx, kubectlConfig, namespace, cfg.CaCertSecret.Name, cfg.CaCertSecret.Key)
-			if err != nil {
-				return nil, "", err
-			}
-			err = os.WriteFile(cfg.GetPGCertPath()+"/ca.crt", rootCertByte, 0600)
-			if err != nil {
-				return nil, "", err
-			}
-
-			serverCertByte, err := util.GetSecrets(ctx, kubectlConfig, namespace, cfg.ClientCertSecret.Name, cfg.ClientCertSecret.Key)
-			if err != nil {
-				return nil, "", err
-			}
-			err = os.WriteFile(cfg.GetPGCertPath()+"/tls.crt", serverCertByte, 0600)
-			if err != nil {
-				return nil, "", err
-			}
-
-			serverKeyByte, err := util.GetSecrets(ctx, kubectlConfig, namespace, cfg.ClientKeySecret.Name, cfg.ClientKeySecret.Key)
-			if err != nil {
-				return nil, "", err
-			}
-			err = os.WriteFile(cfg.GetPGCertPath()+"/tls.key", serverKeyByte, 0400)
-			if err != nil {
-				return nil, "", err
-			}
-
+		if cfg.SSLMode != "" {
 			options := map[string]string{
-				"sslmode":     cfg.SSLMode,
-				"sslrootcert": cfg.GetPGCertPath() + "/ca.crt",
-				"sslkey":      cfg.GetPGCertPath() + "/tls.key",
-				"sslcert":     cfg.GetPGCertPath() + "/tls.crt",
+				"sslmode": cfg.SSLMode,
 			}
 			settings.Options = options
 		}