feat(tls): inject centrally managed TLS config into pruner webhook

[infernus01]

Changes

Wire the OpenShift APIServer TLS profile into the tekton-pruner-webhook deployment so that the pruner webhook applies the cluster-wide TLS version and cipher suite policy (PQC readiness).

The pruner webhook uses the Knative webhook framework, which WEBHOOK_TLS_MIN_VERSION, WEBHOOK_TLS_CIPHER_SUITES, and WEBHOOK_TLS_CURVE_PREFERENCES environment variables at startup via
knative.dev/pkg/network/tls.DefaultConfigFromEnv("WEBHOOK_").

Submitter Checklist

These are the criteria that every PR should meet, please check them off as you
review them:

• Run make test lint before submitting a PR
• Includes tests (if functionality changed/added)
• Includes docs (if user facing)
• Commit messages follow commit message best practices

See the contribution guide for more details.

Release Notes

Central TLS configuration is now injected into the tekton-pruner-webhook on OpenShift, aligning it with the cluster-wide TLS security profile for PQC readiness

[tekton-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
To complete the pull request process, please assign vdemeester after the PR has been reviewed.
You can assign the PR to them by writing /assign @vdemeester in a comment when ready.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[infernus01]

/hold