cluster: copy session certs when scale-out TiDB

[djshow832]

What problem does this PR solve?

When TiProxy is deployed and then scale out TiDB, the session certs are not copied to the new TiDB instances. Because when judging whether the cluster has TiProxy, the topology is the scale-out spec, not the merged spec.

What is changed and how it works?

• Split buildSessionCertTasks from buildCertificateTasks. buildCertificateTasks is reverted to that before cluster: auto session certs #2374
• Pass both the mergedTopo and newPart to buildSessionCertTasks. Generate session certs when TiProxy is newly enabled. Copy session certs to both original and new TiDB instances when scale-out TiDB if TiProxy is deployed.

Check List

Tests

• Unit test
• Integration test
• Manual test (add detailed scripts or steps below)
• No code

Case 1:

1. Deploy a cluster without TiProxy
2. Scale out TiProxy and check the certs and configs of TiDB
3. Scale out TiDB and check the certs and configs of TiDB

Case 2:

1. Deploy a cluster with TiProxy
2. Scale out TiDB and check the certs and configs of TiDB

Code changes

• Has exported function/method change
• Has exported variable/fields change
• Has interface methods change
• Has persistent data change

Side effects

• Possible performance regression
• Increased code complexity
• Breaking backward compatibility

Related changes

• Need to cherry-pick to the release branch
• Need to update the documentation

Release notes:

- Fix the bug that after scaling out TiDB, the new TiDB loses signing certs when TiProxy is deployed.

[codecov-commenter]

Codecov Report

Attention: Patch coverage is 86.04651% with 12 lines in your changes missing coverage. Please review.

Project coverage is 50.20%. Comparing base (901a375) to head (8f67aeb).
Report is 3 commits behind head on master.

❗ Current head 8f67aeb differs from pull request most recent head 02fcc84

Please upload reports for the commit 02fcc84 to get more accurate results.

Files	Patch %	Lines
pkg/cluster/manager/builder.go	87.14%	6 Missing and 3 partials ⚠️
pkg/cluster/manager/deploy.go	40.00%	2 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #2432      +/-   ##
==========================================
- Coverage   55.03%   50.20%   -4.84%     
==========================================
  Files         334      333       -1     
  Lines       35925    35952      +27     
==========================================
- Hits        19771    18047    -1724     
- Misses      13773    15538    +1765     
+ Partials     2381     2367      -14     

Flag	Coverage Δ
cluster	44.56% <86.05%> (+0.30%)	⬆️
dm	25.00% <17.44%> (-<0.01%)	⬇️
playground	16.11% <0.00%> (+<0.01%)	⬆️
unittest	?

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[kaaaaaaang]

/lgtm

[kaaaaaaang]

/approve

[ti-chi-bot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: kaaaaaaang

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [kaaaaaaang]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[ti-chi-bot]

[LGTM Timeline notifier]

Timeline:

• 2024-07-01 02:49:05.163123418 +0000 UTC m=+1206271.648612252: ☑️ agreed by kaaaaaaang.
• 2024-07-01 07:36:36.157099541 +0000 UTC m=+1223522.642588372: ✖️🔁 reset by ti-chi-bot[bot].

[ti-chi-bot]

New changes are detected. LGTM label has been removed.