Gitaly: Support per-instance TLS enabled flag for external instances

Summary

Add support for per-instance tls.enabled flags for configuring Gitaly external endpoints. There are some cases where we mixed environment exist (say, scheduled rollout of TLS), and we should ensure the capability exists to configure some Gitaly instance with TLS, and others without. Currently, all tcp:// vs tls:// is controlled only by global.gitaly.tls.enabled

Current behavior

All Gitaly instances are TLS, or not.

Expected behavior

When using external Gitaly, TLS can be controlled on a per-instance basis.

Versions

• Chart: e66a11e0

Relevant logs

(Please provide any relevate log snippets you have collected, using code blocks (```) to format)

cc @skarbek