Adding TLS configuration for fn-runner image registries

[Catalin-Stratulat-Ericsson]

Tackles issue #819.

Adds the ability to utilize a user's TLS certificates in the function runner for interacting with private TLS registries.

Documentation for how to configure the function runner in this way can be found PR#183.

[nephio-prow]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: Catalin-Stratulat-Ericsson
Once this PR has been reviewed and has the lgtm label, please assign liamfallon for approval by writing /assign @liamfallon in a comment. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[Catalin-Stratulat-Ericsson]

/test presubmit-nephio-go-test

[JamesMcDermott]

Could this have a more distinctive alias? Something like

Suggested change

	v1 "github.com/google/go-containerregistry/pkg/v1"
	containerregistry "github.com/google/go-containerregistry/pkg/v1"

[JamesMcDermott]

Consider moving these new methods to be more in the order they're used in - so:

• getImageMetadata
• getImage
• loadTLSConfig
• createTransport

[JamesMcDermott]

Won't err still be nil in this case? Should we create a new error to return instead?

[JamesMcDermott]

Should this log be inside the check-for-ca.pem if block, to indicate that we couldn't find a ca file with either extension?
(or perhaps make this one a Warn and add an Error in the .pem check?)

[JamesMcDermott]

Combined check syntax?

Suggested change

	_, err := os.Stat(tlsSecretPath)
	if os.IsNotExist(err) {
	return nil, err
	}
	if _, err := os.Stat(tlsSecretPath); os.IsNotExist(err) {
	return nil, err
	}