feat: enables CRL configuration

[junczhu]

Description

This PR enables CRL configuration which configs the behavior of CRL and CRL fetcher.
Read input from config.json and parse into configuration defined in crl_config.go
To not change any existing interface, the implementation used a global variable to make the configuration accessible for both KMP and Notation Verifier.

What this PR does / why we need it:

• Enable CRL config input in config.json
• Update CRL config from CacheEnabled to CacheDisabled to make sure the default value as false
• Update the Cache config setting in CRL Fetcher creatation

Which issue(s) this PR fixes (optional, using fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when the PR gets merged):

Fixes # 1888

Type of change

Please delete options that are not relevant.

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Helm Chart Change (any edit/addition/update that is necessary for changes merged to the main branch)
• This change requires a documentation update

How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Please also list any relevant details for your test configuration

• Test A
• Test B

Checklist:

• Does the affected code have corresponding tests?
• Are the changes documented, not just with inline documentation, but also with conceptual documentation such as an overview of a new feature, or task-based documentation like a tutorial? Consider if this change should be announced on your project blog.
• Does this introduce breaking changes that would require an announcement or bumping the major version?
• Do all new files have appropriate license header?

Post Merge Requirements

• MAINTAINERS: manually trigger the "Publish Package" workflow after merging any PR that indicates Helm Chart Change

[junczhu]

cc\ @yizha1 @FeynmanZhou for a heads-up

[junczhu]

May consider adding the config to the executor as a global variable.
Shall we have cx update the CRL related configuration in CR dynamically? @yizha1

[junczhu]

As discussed, the configuration would be coming with the ratify config

[junczhu]

Looking into DCO check

[susanshi]

this PR is still targeting v1.4 , please tag maintainers for review once this is ready. thanks !

[junczhu]

DCO check resolved, Adding tests.

[codecov]

Codecov Report

Attention: Patch coverage is 84.61538% with 2 lines in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
config/configManager.go	0.00%	1 Missing ⚠️
pkg/manager/manager.go	0.00%	1 Missing ⚠️

Files with missing lines	Coverage Δ
cmd/ratify/cmd/verify.go	74.32% <100.00%> (+0.71%)	⬆️
config/config.go	50.00% <ø> (ø)
pkg/keymanagementprovider/refresh/kubeRefresh.go	100.00% <100.00%> (ø)
pkg/verifier/notation/notation.go	98.06% <100.00%> (+0.01%)	⬆️
pkg/verifier/notation/notationrevocationfactory.go	81.25% <100.00%> (+7.33%)	⬆️
pkg/verifier/notation/revocationfactory.go	86.36% <100.00%> (ø)
config/configManager.go	0.00% <0.00%> (ø)
pkg/manager/manager.go	3.06% <0.00%> (-0.04%)	⬇️

... and 3 files with indirect coverage changes

[binbin-li]

lgtm overall, some minor comments