Implement Zero Downtime Password Rotation (ZDPR) orchestration support in the Ironic parent controller

Description:

Implement orchestration logic in the parent Ironic controller to coordinate Application Credential authentication across all Ironic sub-services (API, Conductor, Inspector, NeutronAgent) for Zero Downtime Password Rotation (ZDPR).

Acceptance Criteria:

• Ironic controller watches the AppCred Secret (ac-irnic-secret)
• Ensures AppCred Secret is properly propagated to all child controllers (IronicAPI, IronicConductor, IronicInspector, IronicNeutronAgent)
• Coordinates credential rotation across all Ironic services during the grace period
• Monitors readiness of all child services during credential rotation
• Falls back gracefully to password-based auth when AppCred is not available
• Optional:
  • Updates Ironic CR status to reflect AppCred authentication state across all components
  • Validate that all child services successfully adopt new AppCreds before old ones expire

NOTE: The Optional, according to ZDPR keystone-operator should be responsible for rotating the AppCreds, CR status and monitoring in Ironic may make sense - but not a must.

Technical Context:

Controller: controllers/ironic_controller.go
Owns child CRs: IronicAPI, IronicConductor, IronicInspector, IronicNeutronAgent
Current behavior: manages password-based secrets for all child services