Implement integration certificate_transfer with self-signed-certificates-operator

[bencekov]

Enhancement Proposal

We need this enhancement for Grafana to be able to integrate with the Identity Platform.

Grafana needs to trust the tls certificate of the proxy service (traefik) we use to complete an Oauth 2.0 login flow with the Identity Platform. Our proxy gets it's certificate from the self-signed-certificates-operator. For authentication to work, the grafana charm needs to implement receiving the trusted cert from the self-signed-certificates-operator charm's certificate_transfer integration.

[sed-i]

Reference impl for adding cert transfer:

• cert-transfer integration (mutual_tls misnomer) traefik-k8s-operator#204
• Replace mutual_tls with certificate_transfer traefik-k8s-operator#224

Could be a good opportunity to introduce the "tls truststore".

[lucabello]

We're planning the work for this feature; in the meantime, one possible workaround could be relating Grafana to the same self-signed-certificates-operator as Traefik; this will make Grafana trust the same CA and things should work.

[sed-i]

Impl'd in #279. Closing.