Provide a method for adding custom LDAP CA cert

This update allows a custom CA cert to be mounted for Postgres
LDAP authentication. This uses the existing spec.config.files
method to mount a Secret containing the ca.crt file. The required
path and file name is 'ldap/ca.crt'.

Issue: PGO-1000

Author: tjmoore4

internal/patroni/config.go

@@ -450,6 +450,19 @@ func instanceEnvironment(
 			Name:  "PATRONICTL_CONFIG_FILE",
 			Value: configDirectory,
 		},
+		// This allows a custom CA certificate to be mounted for Postgres LDAP
+		// authentication via spec.config.files.
+		// - https://wiki.postgresql.org/wiki/LDAP_Authentication_against_AD
+		//
+		// When setting the TLS_CACERT for LDAP as an environment variable, 'LDAP'
+		// must be appended as a prefix.
+		// - https://www.openldap.org/software/man.cgi?query=ldap.conf
+		//
+		// Testing with LDAPTLS_CACERTDIR did not work as expected during testing.
+		{
+			Name:  "LDAPTLS_CACERT",
+			Value: "/etc/postgres/ldap/ca.crt",
+		},
 	}
 
 	return variables

internal/patroni/config_test.go

@@ -838,6 +838,8 @@ func TestInstanceEnvironment(t *testing.T) {
   value: '*:8008'
 - name: PATRONICTL_CONFIG_FILE
   value: /etc/patroni
+- name: LDAPTLS_CACERT
+  value: /etc/postgres/ldap/ca.crt
 	`))
 
 	t.Run("MatchingPorts", func(t *testing.T) {
@@ -880,6 +882,8 @@ func TestInstanceEnvironment(t *testing.T) {
   value: '*:8008'
 - name: PATRONICTL_CONFIG_FILE
   value: /etc/patroni
+- name: LDAPTLS_CACERT
+  value: /etc/postgres/ldap/ca.crt
 		`))
 	})
 }

internal/patroni/reconcile_test.go

@@ -184,6 +184,8 @@ containers:
     value: '*:8008'
   - name: PATRONICTL_CONFIG_FILE
     value: /etc/patroni
+  - name: LDAPTLS_CACERT
+    value: /etc/postgres/ldap/ca.crt
   livenessProbe:
     failureThreshold: 3
     httpGet: