feat: add tls certificates per app support to tls certificates interface

[gruyaume]

Description

Currently, the tls-certificates integration only allows for certificates to be requested by charm units. In this change, we add support for certificates to be requested and owned by applications. TLS requirers can now insert the same content in the unit databag and in the application databag. The selection of the correct databag will be done by the TLS Library V4 trough the use of a Mode parameter with the potential values being Mode.UNIT, and Mode.APP.

This PR replaces #161 which I can't update anymore (likely because of changes in repository settings).

Rationale

Certain applications like ingresses (ex. Traefik) require TLS Certificates to be owned at the application level.

Reference

• TLS Certificates Interface library that includes this change:
  • https://github.com/canonical/tls-certificates-interface
• TLS Library V4 specification:
  • https://docs.google.com/document/d/1zf_xS4O8AqbCDMu0xZGH76tJKcpK2h8026u3hILzXGI/edit

[gruyaume]

@tonyandrewmeyer can we merge this PR?