Make CA lifetimes configurable

[nightkr]

Description

Fixes #354

Definition of Done Checklist

• Not all of these items are applicable to all PRs, the author should update this template to only leave the boxes in that are relevant
• Please make sure all these things are done and tick the boxes

# Author
- [ ] Changes are OpenShift compatible
- [ ] CRD changes approved
- [ ] CRD documentation for all fields, following the [style guide](https://docs.stackable.tech/home/nightly/contributor/style-guide).
- [ ] Helm chart can be installed and deployed operator works
- [ ] Integration tests passed (for non trivial changes)
- [ ] Changes need to be "offline" compatible

# Reviewer
- [x] Code contains useful comments
- [ ] (Integration-)Test cases added
- [x] Documentation added or updated. Follows the [style guide](https://docs.stackable.tech/home/nightly/contributor/style-guide).
- [ ] Changelog updated
- [ ] Cargo.toml only contains references to git tags (not specific commits or branches)

# Acceptance
- [ ] Feature Tracker has been updated
- [ ] Proper release label has been added

[fhennig]

Can you add some docs to this page? https://docs.stackable.tech/home/nightly/secret-operator/secretclass#backend-autotls

maybe the property could be lifetime instead of caLifetime since it's under the ca key already (sorry for the bikeshedding 😬 )

other than that, looks good to me 👍

[nightkr]

Added docs, updated to align with the CRD review.

[soenkeliebau]

This doesn't yet reflect the updated default CA duration of one year, right?
Should we make that change in here, or later on in a subsequent PR?

[fhennig]

Looks good to me.

regarding the 2y default in default_ca_certificate_lifetime I think it might be easiest to update it in here still. I can re-approve if you sitll want to change this @nightkr

If this change is not made here we need to make a ticket for it so we do not forget about it later

[sbernauer]

The ticket we discussed in Arch meeting is #358 ;)

[fhennig]

Alright so yeah fine either way, do it here and close #358 too or not 🆗

[nightkr]

I think either is fine, I'd personally do it in a separate PR and changelog entry.

[fhennig]

error: unresolved link to `Self::ca_lifetime`
   --> rust/operator-binary/src/backend/tls/ca.rs:154:28
    |
154 |     /// and smaller than [`Self::ca_lifetime`].
    |                            ^^^^^^^^^^^^^^^^^ the struct `Config` has no field or associated item named `ca_lifetime`
    |
    = note: `-D rustdoc::broken-intra-doc-links` implied by `-D warnings`
    = help: to override `-D warnings` add `#[allow(rustdoc::broken_intra_doc_links)]`

error: could not document `stackable-secret-operator`

[nightkr]

Argh, you're right. Should be fixed now..

[fhennig]

LGTM!