Instead of a patch for cluster-kube-apiserver-operator custom rotation setting for dev branches it should be product-wide and enabled by a separate FeatureGate. This will ensure that:

• certificates and CAs are short lived on initial install, not just on rotation
• rotation is tested in techpreview jobs
• no longer required to be reverted after branching

Thinks to cover:

• standard IPI install (AWS/GCP)
• hypershift
• SNO with assisted installer
• signer/CA/leaf cert regeneration
• client side cert reloading
• disruption
• correct logging/reporting