feat(certs): MeshRootCertificate validation

[jsturtevant]

Description: This builds on #5201 and validates creation of the MeshRootCertificates as well as updates to the MeshRootCertificates. It only allows the valid combinations of Active and Passive certificates.

Fixes #5205

Testing done: unit/e2e/manual

Affected area:	Functional Area
New Functionality	[x]
Certificate Management	[x]
Tests	[x]

Please answer the following questions with yes/no.

1. Does this change contain code from or inspired by another project?
   • Did you notify the maintainers and provide attribution? no
2. Is this a breaking change? no
3. Has documentation corresponding to this change been updated in the osm-docs repo (if applicable)?

[codecov-commenter]

Codecov Report

Merging #5220 (cecf53d) into main (376a826) will increase coverage by 0.10%. The diff coverage is 93.15%.

@@            Coverage Diff             @@
##             main    #5220      +/-   ##
==========================================
+ Coverage   70.30%   70.40%   +0.10%     
==========================================
  Files         195      195              
  Lines       15657    15713      +56     
==========================================
+ Hits        11007    11063      +56     
  Misses       4595     4595              
  Partials       55       55              

Flag	Coverage Δ
unittests	70.40% <93.15%> (+0.10%)	:arrow_up:

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
pkg/validator/validators.go	82.88% <91.07%> (+5.72%)	:arrow_up:
pkg/certificate/mrc_reconciler.go	88.88% <100.00%> (+0.17%)	:arrow_up:
pkg/certificate/manager.go	87.13% <0.00%> (-0.42%)	:arrow_down:
pkg/cli/verifier/envoy_config.go	65.12% <0.00%> (-0.42%)	:arrow_down:
pkg/compute/kube/client.go	85.88% <0.00%> (+0.14%)	:arrow_up:
pkg/compute/kube/util.go	100.00% <0.00%> (+3.57%)	:arrow_up:

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.