Add cert Watcher to be able to use new certificates without a restart

[Rakshith-R]

Is your feature request related to a problem?/Why is this needed

Currently, if certificates are rotated, the sidecar needs to be restarted to pick up new certificates.

Describe the solution you'd like in detail

Implement certWatcher to automatically pick up new certificates when available:
https://github.com/kubernetes-sigs/controller-runtime/tree/main/pkg/certwatcher

example pr: kubernetes-csi/external-snapshotter#429

Describe alternatives you've considered

Restarting the entire provisioner pod.

Additional context

[parth-gr]

/assign

[k8s-triage-robot]

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Mark this issue as fresh with /remove-lifecycle stale
• Close this issue with /close
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

[parth-gr]

/remove-lifecycle stale