certificate/rotation: correctly rotate certs

[shashankram]

Description:
Certificates are not being rotated as expected
because the channel on which they are making
announcements is no longer used and had been
dropped in favor of the pub-sub messaging infra.

This change fixes cert rotation as follows:

1. Uses the pub-sub model to publish cert rotation
   events when a cert corresponding to a given CN
   is rotated.
2. Updates the certificates stored in Envoy for those
   proxies whose identity matches the CN being rotated.

Verified that updated certs are correctly pushed to
proxies with this change.

Resolves #2786

Signed-off-by: Shashank Ram shashr2204@gmail.com

Affected area:

• New Functionality [ ]
• Documentation [ ]
• Install [ ]
• Control Plane [ ]
• CLI Tool [ ]
• Certificate Management [X]
• Networking [ ]
• Metrics [ ]
• SMI Policy [ ]
• Security [ ]
• Tests [ ]
• CI System [ ]
• Performance [ ]
• Other [ ]

Please answer the following questions with yes/no.

• Does this change contain code from or inspired by another project? If so, did you notify the maintainers and provide attribution?
  No

[codecov-io]

Codecov Report

Merging #2789 (1961695) into main (b223521) will decrease coverage by 0.25%.
The diff coverage is 17.74%.

@@            Coverage Diff             @@
##             main    #2789      +/-   ##
==========================================
- Coverage   64.97%   64.72%   -0.26%     
==========================================
  Files         151      151              
  Lines        6773     6798      +25     
==========================================
- Hits         4401     4400       -1     
- Misses       2354     2380      +26     
  Partials       18       18              

Flag	Coverage Δ
unittests	64.72% <17.74%> (-0.26%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
pkg/certificate/mock_certificate_generated.go	0.00% <ø> (ø)
pkg/certificate/providers/tresor/certificate.go	92.30% <ø> (-0.55%)	⬇️
...ertificate/providers/tresor/certificate_manager.go	56.98% <0.00%> (-3.94%)	⬇️
pkg/certificate/providers/tresor/fake.go	46.66% <0.00%> (+2.91%)	⬆️
pkg/certificate/providers/vault/types.go	100.00% <ø> (ø)
pkg/certificate/types.go	0.00% <ø> (ø)
pkg/envoy/ads/stream.go	0.00% <0.00%> (ø)
...certificate/providers/vault/certificate_manager.go	53.48% <13.33%> (-4.54%)	⬇️
pkg/envoy/ads/response.go	72.15% <50.00%> (-1.19%)	⬇️
...icate/providers/certmanager/certificate_manager.go	69.35% <58.33%> (-1.96%)	⬇️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update b223521...1961695. Read the comment docs.