cert-manager support

[katheris]

Type of change

Select the type of your PR

• Enhancement / new feature

Description

Add support for cert-manager issued certificates

Checklist

Please go through this checklist and make sure all applicable tasks have been done

• Write tests
• Make sure all tests pass
• Update documentation
• Check RBAC rights for Kubernetes / OpenShift roles
• Try your changes from Pod inside your Kubernetes and OpenShift cluster, not just locally
• Reference relevant issue(s) and close them after merging
• Update CHANGELOG.md
• Supply screenshots for visual changes, such as Grafana dashboards

[katheris]

@ppatierno @scholzj I'm not ready to open a final PR yet, but would be interested in some initial feedback on how I'm integrating cert-manager. At the moment we have a lot of if/else checks for Strimzi managed vs cert-manager managed. I could put in further abstractions but wanted to see if 1 you thought that was needed or could be done later, and 2 if you are happy with roughly how I've laid things out before adding the abstraction code.

The things I'm still working on:

• tests for the KafkaReconciler
• Entity operator and CC use of cert-manager
• tests for Clients CA (I haven't manually tested this part yet either)
• Some kind of system tests

[codecov]

Codecov Report

❌ Patch coverage is 50.76531% with 193 lines in your changes missing coverage. Please review.
✅ Project coverage is 74.48%. Comparing base (062e41f) to head (6f41bdb).
⚠️ Report is 52 commits behind head on main.

Files with missing lines	Patch %	Lines
...main/java/io/strimzi/operator/common/model/Ca.java	18.34%	80 Missing and 9 partials ⚠️
...o/strimzi/operator/cluster/model/KafkaCluster.java	2.85%	33 Missing and 1 partial ⚠️
...rimzi/operator/cluster/model/CertManagerUtils.java	55.76%	20 Missing and 3 partials ⚠️
...rce/kubernetes/CertManagerCertificateOperator.java	14.28%	12 Missing ⚠️
...tor/cluster/operator/assembly/KafkaReconciler.java	47.61%	9 Missing and 2 partials ⚠️
...a/io/strimzi/operator/cluster/model/CertUtils.java	70.83%	7 Missing ⚠️
...a/io/strimzi/operator/cluster/model/ClusterCa.java	80.00%	7 Missing ⚠️
...va/io/strimzi/operator/common/model/ClientsCa.java	0.00%	7 Missing ⚠️
...erator/cluster/operator/assembly/CaReconciler.java	96.77%	2 Missing and 1 partial ⚠️

Additional details and impacted files

@@             Coverage Diff              @@
##               main   #12188      +/-   ##
============================================
- Coverage     74.77%   74.48%   -0.29%     
- Complexity     6618     6678      +60     
============================================
  Files           377      379       +2     
  Lines         25329    25657     +328     
  Branches       3394     3441      +47     
============================================
+ Hits          18940    19111     +171     
- Misses         5003     5152     +149     
- Partials       1386     1394       +8     

Files with missing lines	Coverage Δ
...er/operator/resource/ResourceOperatorSupplier.java	92.30% <100.00%> (+0.15%)	⬆️
...io/strimzi/operator/user/model/KafkaUserModel.java	84.13% <ø> (ø)
...erator/cluster/operator/assembly/CaReconciler.java	90.81% <96.77%> (+1.32%)	⬆️
...a/io/strimzi/operator/cluster/model/CertUtils.java	77.41% <70.83%> (-0.68%)	⬇️
...a/io/strimzi/operator/cluster/model/ClusterCa.java	87.76% <80.00%> (-3.06%)	⬇️
...va/io/strimzi/operator/common/model/ClientsCa.java	0.00% <0.00%> (ø)
...tor/cluster/operator/assembly/KafkaReconciler.java	92.45% <47.61%> (-2.15%)	⬇️
...rce/kubernetes/CertManagerCertificateOperator.java	14.28% <14.28%> (ø)
...rimzi/operator/cluster/model/CertManagerUtils.java	55.76% <55.76%> (ø)
...o/strimzi/operator/cluster/model/KafkaCluster.java	88.27% <2.85%> (-4.14%)	⬇️
... and 1 more

... and 10 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.