Expose validating webhook for shoots in the garden cluster

[rfranzke]

What would you like to be added:
The shoot-cert-service extension should ship a validating webhook binary that can be deployed to the garden cluster and that checks whether the provided CertConfig in the .spec.extensions[].providerConfig is valid.

Why is this needed:
https://gardener.cloud/050-tutorials/content/howto/x509_certificates/#issuer states that the issuer name in the CertConfig may not be garden. This should be properly validated to prevent misconfiguration.

[gardener-ci-robot]

The Gardener project currently lacks enough active contributors to adequately respond to all issues.
This bot triages issues according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Reopen this issue with /reopen
• Mark this issue as fresh with /remove-lifecycle rotten

/close

[gardener-prow]

@gardener-ci-robot: Closing this issue.

Details

In response to this:

The Gardener project currently lacks enough active contributors to adequately respond to all issues.
This bot triages issues according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Reopen this issue with /reopen
• Mark this issue as fresh with /remove-lifecycle rotten

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[gardener-robot]

@gardener-ci-robot Command /close is not available to you but only to a Maintainer, Member, Author, Owner.

[marc1404]

/reopen
/remove-lifecycle rotten

[gardener-prow]

@marc1404: Reopened this issue.

Details

In response to this:

/reopen
/remove-lifecycle rotten

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[gardener-robot]

@marc1404 Command /remove-lifecycle is not known.