ROX-18694: Add tls to backend cluster (#1581)

Add tls to backend cluster

templates/service-template.yml

@@ -783,6 +783,14 @@ objects:
                       socket_address:
                         address: 127.0.0.1
                         port_value: 8000 # Fleet Manager port
+            transport_socket:
+              name: envoy.transport_sockets.tls
+              typed_config:
+                "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext
+                common_tls_context:
+                  validation_context:
+                    trusted_ca:
+                      filename: /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
 
           # TODO(ROX-11395): enable rate limiting post-MVP
           # # This cluster is used to send request to the rate limiting service.