Support sslnegotiation=direct for Postgres 17 users

[globalchubby]

Postgres 17 supports direct SSL negotiation with sslnegotiation=direct. pgx supports this, for example via PGSSLNEGOTIATION=direct or by sslnegotiation=direct in the DB connection URL, but it's not supported here.

Currently I'm running a Kubernetes Job that uses golang-migrate to run migrations. This Job talks to an RDS instance where traffic goes through an egress gateway, who's service entry requires TLS on port 5432. Without direct SSL negotiation, the initial SSL negotiation packets are sent over plaintext, causing the gateway to reject traffic from the Job's pod.

A solution is to create the connection manually and pass the connection to the golang-migrate binaries, but this requires maintaining my own wrapper binary, workflows to build and push it, etc. I'd rather just have golang-migrate support direct SSL and use this binary in my Job directly without maintaining a wrapper.

[globalchubby]

It looks like fed8fe9 is the commit that added support for sslnegotiation=direct on the pgx side (pgx 5.7.5 adds support for that option).

It looks like the latest Docker image version v4.19.1 doesn't have fed8fe9; it's about two weeks too old.

Once we release the newest version that contains fed8fe9, this can be closed. I've tested it by manually building a Docker image from source, using this repository pinned at that commit.