Recreate firewall on unhealthy condition

[Honigeintopf]

Description

Closes #62.

This pr introduces the functionality for deleting firewalls if they exceed the firewallHealthTimeout which for now is set to 20 minutes.
Integration tests where added to make sure everything works as intended.

CA were updated, otherwise it is not possible to deploy to mini-lab.

• Allow configuration of firewall create and health timeout gardener-extension-provider-metal#487

[Gerrit91]

Thanks for coming up with a PR for this.

[Gerrit91]

Test needs adaption (fake one of the unhealthy conditions).

[Honigeintopf]

I changed a line in the code to only apply health timeout once we have a non-zero seed reconcile timestamp and made possible to specify 0s as timeout which translates to disabling the deletion.

[Honigeintopf]

Okay the issue with using FirewallPhaseRunning:

1. Phase = Running (machine phoned home)
2. But Connected, SeedConnected, DistanceConfigured haven't been set to True yet (monitor not updated)
3. !allConditionsMet is true even though conditions never degraded - they were never fully met in the first place

So either we go ahead and fix when a fw is running( I wouldn't do that) or we say hey there is a new fw condition when the fw was ready once i.e. it finished progressing

[Gerrit91]

Is it an issue if the firewall is phoned home and entered the running phase and the firewall is unhealthy until the firewall controller connects? It should not take longer than a minute anyway?

[Honigeintopf]

No, it's not an issue. During the window between phoned-home and firewall-controller-connecting, the FirewallHealthy condition(It's a new one) hasn't been set yet (it's only set once ALL conditions are met for the first time)

[Gerrit91]

Okay, I see now where you want to go, I will comment in the code.