:thumbsup:

I understand this is a small patch, but it feels like we're taking on more tech debt into Koji. This is another option that's going to be expensive to test and keep operational.

I think we should introduce a new option, DBConnectionString, and if the administrator sets that, then we pass that directly to libpq.

https://www.psycopg.org/docs/module.html

This would allow us to support any option that libpq supports, eg sslmode, sslrootcert, sslcrl, plus the kerberos options, etc.

(It would also make it easier to transition to sqlalchemy in the future. I understand that's a very long ways off, and sqlalchemy might be difficult with Koji's current data models, and there are other issues. Nevertheless I think having a generic connection string support would get us a tiny bit closer to modernization.)

I was thinking about adding this simple one and create something like DBConnectionString in separate issue?

Once we add it here, we have to support it for a very long time, and there's no integration test that currently exercises this at all.

ack, makes sense

how about sectionalizing the DB configs? That will make the hub.conf better organized

I've tested #2958 and I think we should go with that instead.