Update certificate support

[tmshort]

Remove rootCAs from the NewDefaultUnpacker API, the argument is no longer used for HTTP transport.

Add CertificateData to the ImageSource struct. This is PEM-encoded data (straight from a Secret[tls.crt]) to be used to validate the certificate used to access an image regidstry (works along side the InsecureSkipTLSVerify option).

[tmshort]

This is necessary to get certs work on a per-ClusterExtension basis for an image registry. The CertifcateData is PEM to avoid rukpak having to look up secrets, etc. The creator of the BundleDeployment needs to do the lookup, etc. The default is to use system provided CAs, and those are included even if CertificateData is specified.

[codecov]

Codecov Report

Attention: Patch coverage is 0% with 17 lines in your changes missing coverage. Please review.

Project coverage is 14.42%. Comparing base (352d42f) to head (c8117d8).
Report is 4 commits behind head on main.

Files	Patch %	Lines
pkg/source/image_registry.go	0.00%	14 Missing ⚠️
cmd/core/main.go	0.00%	1 Missing ⚠️
cmd/helm/main.go	0.00%	1 Missing ⚠️
pkg/source/unpacker.go	0.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #920      +/-   ##
==========================================
- Coverage   14.44%   14.42%   -0.03%     
==========================================
  Files          41       41              
  Lines        2554     2558       +4     
==========================================
  Hits          369      369              
- Misses       2128     2132       +4     
  Partials       57       57              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[tmshort]

The code is tested in the e2e, but that doesn't count toward code coverage.

[varshaprasad96]

/lgtm
/approve