Background
Hibernation is a feature in hive which powers off VMs within clusters to allow the customer to have cost savings. It is currently supported in OSD and ROSA behind a feature flag / feature gate in OCM. There are risks associated with hibernation in regards to CSR approvals and the cluster not coming back in a clean state, hence there is an inherent risk for customers to enable this.

Breadcrumbs

1. Hive documentation on hibernation
2. Hive source code for Azure hibernation

Acceptance Criteria
Allow customers to hibernate clusters on ARO.

Considerations

1. Cluster service principal usage
   1. The service principal used for hibernation comes from the cluster deployment secret ref. It pulls it out of `spec.platform.azure.credentialsSecretRef.name`. In ARO, this is always the cluster service principal.
   2. The cluster service principal is only rotated in the cluster and the database. We are currently not rotating the cluster service principal in the corresponding hive namespace
   3. With workload identity, we will have to have hive use the first party service principal, or this will not work as they won't be able to impersonate the cluster service principal since the hive AKS cluster runs in our AME tenant.
2. Log / failure propagation
   1. If the cluster service principal expires or is invalid, the controller will not work. We will have to figure out how to report this error up to the customer instead of `Internal Server Error` if it fails
3. API changes
   1. This will probably need an API change. We can first implement it as an AFEC feature flag, but if we want to GA it in any manner (after a PRD / ADR discussion) we may need to pin this to an API release.

Additional Stuff
The Hive azure_actuator uses client secret credentials. We need it to leverage the first party service principal credentials which are in form of client certificate credentials. Also, in order to pull them, they would need the ability to run as an identity which can fetch the keyvault secret.