Can't import certs if archive greater than approx 1MiB

[anthonysomerset]

Describe the Bug

If you are importing a larger longer running CA setup (in my case approx 750 agent certs) then the tar archive could become too large to import with a kubernetes error about entity too large - and this is well documented here: https://kubernetes.io/docs/concepts/configuration/configmap/#:~:text=Note%3A%20A%20ConfigMap%20is%20not,separate%20database%20or%20file%20service.

It is likely that a better solution is needed such as providing a URL to download into the containers during preinstall or some other guidance similar to #225

Expected Behavior

CA/Certs import should not fail for larger imports

Steps to Reproduce

Steps to reproduce the behavior:

1. Have a puppetserver-certs.gz file that is larger than 1mb
2. install from helm chart with at least the following values set:

   puppetserver:
   preGeneratedCertsJob:
   enabled: true

   Helm install will fail with an entity too large error

Additional Context

For me because this is basically a onetime error and because of similar issues to #225 i have worked around this manually by

1. Reducing the size of the tar archive by excluding the contents of /etc/puppetlabs/puppetserver/ca/signed/ folder and deploying the chart with that archive
2. Spinning up an SSH pod with access to the ca and certs PVC's and then rsyncing the signed files into that folder or download/extract manually from a HTTPS

I think personally that changing the chart to provide a URL for the certs for each of puppetserver (and puppetdb) and the script updating to download that archive and extracts is the simplest solution.

Obviously securing that URL remains outside the scope of this chart and I would always recommend that either there be some form of authentication which could be supplied by secret values or the https endpoint only be accessible to trusted IP's such as your Kubernetes cluster.

[Xtigyro]

@anthonysomerset Feel free to send our way a PR.