Make it easier to handle TLS trust in service account based authentication

[scholzj]

In #10317 we add support for service account based authentication. But the way to configure TLS trust seems very hacky and strange. We should figure out how to improve this:

• Either by support for loading certs from ConfigMaps (see [Enhancement]: Allow to mount trustedCertificates as configmap in KafkaConnect #10308)
• Or by allowing to use the certificate mounted in the pod itself

[scholzj]

Triaged on the Community call on 8.8.2024: Should be postponed for the next call with more maintainers.

[scholzj]

Discussed on a community call on 22.8.2024: This makes sense and should be kept. But it should have a proposal since there are at least two ways how to handle this:

• Use the certificate from the path already mounted int he Kafka pods
• Use the Kube Config Map directly

The proposal should clarify the exact approach.

[scholzj]

Sorry, but what does it have to do with this issue?

[L040639]

.