Allow configuring default cert RSA key size

[tnozicka]

What type of PR is this? /kind feature

What this PR does / why we need it: Some users want to use 2048 keys for performance or compatibility reasons. This allows having a choice.

Which issue(s) this PR fixes: Fixes https://github.com/tnozicka/openshift-acme/issues/120

Does this PR introduce a user-facing change?:

--cert-default-rsa-key-bit-size flag allows choosing the default RSA key bit size

[openshift-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: tnozicka

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/tnozicka/openshift-acme/blob/master/OWNERS)~~ [tnozicka] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment

[tnozicka]

/retest

[vincenzodnp]

Does it use an k8s annotation? what is the name of the annotation? Thanks!

[tnozicka]

no, this is adding cluster-wide flag instead https://github.com/tnozicka/openshift-acme/pull/124/files#diff-7de04b860f288545dc225de20a47af16R137

[vincenzodnp]

Hello @tnozicka Thanks for the PR. One question. Once --cert-default-rsa-key-bit-size is set at the cluster level (acme-controller), is it possible to override per single route? I mean if it possible, with an annotation or something, to ask acme-controller to issue certs with a key size different than the default one. Thanks VIncenzo

[tnozicka]

It is not possible to override it currently. (Wasn't possible before either.)