Support CA rotation -> auto-reload CA.crt #801
Description
Currently, when the CA rotates, the konnectivity agent just keeps running but throws errors;
E1119 10:55:45.066219 1 clientset.go:234] "cannot connect once" err="rpc error: code = Unavailable desc = connection error: desc = \"transport: authentication handshake failed: tls: failed to verify certificate: x509: certificate has expired or is not yet valid: current time 2025-11-19T10:55:45Z is after 2025-11-18T14:45:53Z\""
just restarting the container itself, not killing the pod, resolves this issue.
We're switching to hashing the CA and adding an annotation to auto-restart the pods when the CA rotates, but it would be nice if the CA crt would be auto-reloaded.