[WIP] Support variable number of fernet keys

[afaranha]

jira: OSPRH-10024

[openshift-ci]

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: afaranha
Once this PR has been reviewed and has the lgtm label, please assign frenzyfriday for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[xek]

We need to check not only if the secret exists, but also generate extra keys if they are missing or delete extra keys.

This operation shouldn't rotate the keys, so the staged key (number 0) should stay as is, but the primary (the last key on the list) and secondary keys should be moved to the tail of the list of keys.

If the list in the secret exceeds the set number of keys, the keys in the middle should be deleted, compacting it, with the first key and the tail of the list having the same keys in the same order.

[xek]

/test all

[openshift-ci]

@afaranha: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/functional	884b49e	link	true	/test functional
ci/prow/precommit-check	884b49e	link	true	/test precommit-check
ci/prow/keystone-operator-build-deploy-kuttl	884b49e	link	true	/test keystone-operator-build-deploy-kuttl

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[xek]

These changes were merged in #478

[openshift-merge-robot]

PR needs rebase.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.