Create a new flag to block use of HTTP endpoints for sources

[pjbgf]

A new flag could be created to block the use of HTTP endpoints for acquiring sources.
When enabled, the flag would not allow the use of the http scheme across all controller-level objects.

📝 To do:

• Disable HTTP scheme for GitRepository.
  • Disable managed transport redirect from HTTP to HTTPS.
• Disable HTTP scheme for HelmRepository.
  • Default type.
  • OCI type.
• Disable HTTP scheme for Bucket.

[souleb]

note that, for helm sources at least, we can set the insecure flag. This, would prevent users from doing so.

[pjbgf]

@souleb good point, that's like Bucket objects.

When the flag (mentioned here) is set, that would block at controller level any HTTP/insecure transport. Meaning that if a specific object (Helm/Bucket) tries to use spec.Insecure=true, or use an http:// endpoint, both would result in an error.