Add mtls workloadCertTTL and mtls allowedClockSkew CLI commands

[msfussell]

Describe the proposal

Currently there are several mTLS commands including enabling mtls and seeing the expiry dates of the root certs. However the mtls CLI does not enable you to view or update the workloadCertTTL and the allowedClockSkew values for the certs issued to the application. Currently the only way to see and set these value on K8s, is to do this view kubectl command like this

kubectl get configurations/daprsystem --namespace dapr-system -o yaml

This is what you then get:

apiVersion: dapr.io/v1alpha1 kind: Configuration metadata: annotations: meta.helm.sh/release-name: dapr meta.helm.sh/release-namespace: dapr-system creationTimestamp: "2022-02-03T23:27:45Z" generation: 1 labels: app.kubernetes.io/managed-by: Helm name: daprsystem namespace: dapr-system resourceVersion: "78149" uid: 5aa76e72-5b40-47f8-93b0-fd559f279c5c spec: metric: enabled: true mtls: allowedClockSkew: 15m enabled: true workloadCertTTL: 24h

---

This proposal is to add two new commands to the CLI to view and set these values.

mtls allowedClockSkew (views the current value) mtls allowedClockSkew --timespan 0h10m. (or the best way to set a time range. sets a new value)

mtls workloadcertificateTTL (views the current value) mtls workloadcertificateTTL --timespan 1h (or the best way to set a time range.)

Release Note

RELEASE NOTE:

[mukundansundar]

@msfussell Do we need a CLI command for this? Each configuration file applied to an application is different and it is a simple YAML file. So It can be edited manually. I do not think we need a command for this.