[TLS] Improve cert defaulting and envtest coverage

[stuggi]

Improves defaulting for tls global config to be able to customize only specific parameters and still have the others defaulted.

Also adds annotations for duration and renewBefore to issuers to help what should be the duration and/or enewBefore for a cert being issued, we add annotations to the issuer.

• if no duration annotation is set, use the default from certmanager lib-common module,
• if no renewBefore annotation is set, the cert-manager default is used

Depends-On: https://github.com/openstack-k8s-operators/lib-common/pull/506

Also adds labels to cert secrets which allows to easy select service cert or cacert secrets

$ oc get secret -l service-cert -n $NAMESPACE
$ oc get secret -l ca-cert -n $NAMESPACE

Jira: OSPRH-6749

[softwarefactory-project-zuul[bot]]

Build failed (check pipeline). Post recheck (without leading slash) to rerun all jobs. Make sure the failure cause has been resolved before you rerun jobs.

https://review.rdoproject.org/zuul/buildset/8e362681a6894a24b1a4ff01ffd8368c

:heavy_check_mark: openstack-k8s-operators-content-provider SUCCESS in 1h 59m 53s :heavy_check_mark: podified-multinode-edpm-deployment-crc SUCCESS in 1h 19m 30s :x: cifmw-crc-podified-edpm-baremetal RETRY_LIMIT in 11m 19s :heavy_check_mark: openstack-operator-tempest-multinode SUCCESS in 1h 42m 30s

[stuggi]

/hold

[openshift-ci[bot]]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: stuggi, vakwetu

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/openstack-k8s-operators/openstack-operator/blob/main/OWNERS)~~ [stuggi] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment