Fix and improve Gitaly TLS documentation
What does this MR do?
This fixes a false statement in the Gitaly TLS documentation: there was a claim we support TLS with both client and server side certificates, which is not true. Client side certificates are not supported.
While we're here I'm also adding some remarks about rolling out TLS gradually, and using Prometheus to observe whether the actual traffic is encrypted.
What are the relevant issue numbers?
Does this MR meet the acceptance criteria?
-
Changelog entry added, if necessary -
Documentation created/updated via this MR -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Tested in all supported browsers -
Conforms to the code review guidelines -
Conforms to the merge request performance guidelines -
Conforms to the style guides -
Conforms to the database guides -
Link to e2e tests MR added if this MR has Requires e2e tests label. See the Test Planning Process. -
Security reports checked/validated by reviewer