Add workflow to validate UBI images pass RedHat Certification

[shaun-nx]

Proposed changes

This change adds a new workflow file, openshift-certification.yml which is responsible for validating that our UBI based images of NGF, NGINX OSS, and NGF Operator will pass the RedHad certification process.

This workflow uses RedHat Openshift Preflight tool to pre-certify images before they are published:
https://github.com/redhat-openshift-ecosystem/openshift-preflight

Closes #3909

Checklist

Before creating a PR, run through this checklist and mark each as complete.

• I have read the CONTRIBUTING doc
• I have added tests that prove my fix is effective or that my feature works
• I have checked that all unit tests pass after adding my changes
• I have updated necessary documentation
• I have rebased my branch onto main
• I will ensure my PR is targeting the main branch and pulling from my branch from my own fork

Release notes

If this PR introduces a change that affects users and needs to be mentioned in the release notes,
please add a brief note that summarizes the change.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 86.72%. Comparing base (4b85007) to head (022c27a).

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #4035      +/-   ##
==========================================
+ Coverage   86.69%   86.72%   +0.02%     
==========================================
  Files         128      128              
  Lines       16758    16758              
  Branches       62       62              
==========================================
+ Hits        14528    14533       +5     
+ Misses       2045     2041       -4     
+ Partials      185      184       -1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[shaun-nx]

@ciarams87 I noticed that the preflight binary has a `--certification-component-id`` flag which uses something called the component PID.

I looks like NIC has this too in their workflow. I'm not sure if this is something we should add now or it should be appended later when we want to do the "full" certification workflow

 --certification-component-id string
Certification component ID from connect.redhat.com/component/view/{certification-component-id}/images
URL paramater. This value may differ from the component PID on the overview page (env: PFLT_CERTIFICATION_COMPONENT_ID)