Add Kubernetes Secret-backed certificate store support for OPC PLC

[cristipogacean]

Purpose

This change adds a new KubernetesSecret certificate store implementation to OPC PLC so OPC UA PKI material can be stored directly in Kubernetes Secrets instead of relying on flat-directory storage.

The OPC UA security configuration path was generalized so custom certificate store types can be registered and configured consistently. This keeps existing FlatDirectory support intact while adding support for KubernetesSecret for the application certificate, trusted peer certificates, trusted issuer certificates, trusted user certificates, user issuer certificates, and rejected certificates.

The new Secret-backed store supports certificate entries in .der and .crt formats, private keys in .pfx, .pem, and .key, and CRLs in .crl. It also handles reading and writing certificate material from a flat Secret key set, which aligns with how Kubernetes Secrets are structured.

This PR also adds the Kubernetes Secret client abstraction and store type registration needed to instantiate the new store, updates CLI and application configuration handling for the new backend, and documents the new option in the README.

Does this introduce a breaking change?

[ ] Yes
[x] No

Pull Request Type

What kind of change does this Pull Request introduce?

[ ] Bugfix
[x] Feature
[ ] Code style update (formatting, local variables)
[ ] Refactoring (no functional changes, no api changes)
[ ] Documentation content changes
[ ] Other... Please describe:

How to Test

Added KubernetesSecretCertificateStore tests covering Secret-backed certificate persistence
Added format coverage for .der, .crt, .pfx, .pem, .key, and .crl handling
Verified the new custom store type integrates with OPC UA application security configuration without regressing existing flat-directory support

git clone [repo-address]
cd [repo-name]
git checkout [branch-name]
npm install

• Test the code

What to Check

Verify that the following are valid

• ...

Other Information