Add kubernetes config and scripts for syncing CRLs.

This adds a previous version of the CRL sync functionality back to the
repo, with some small adjustments. We now grab the CRLs directly from
their DISA URLs.

The CRL sync is handled by a kubernetes cronjob that sync the files to a
persistent volume that is mounted into each Flask app container.

script/sync-crls

@@ -1,14 +1,10 @@
-#! .venv/bin/python
-# Add root application dir to the python path
-import os
-import sys
+#!/bin/bash
 
-parent_dir = os.path.abspath(os.path.join(os.path.dirname(__file__), ".."))
-sys.path.append(parent_dir)
+# script/sync-crls: update the DOD CRLs and place them where authnid expects them
+set -e
+cd "$(dirname "$0")/.."
 
-from atst.app import make_config, make_app
-
-if __name__ == "__main__":
-    config = make_config({"DISABLE_CRL_CHECK": True})
-    app = make_app(config)
-    app.csp.crls.sync_crls()
+mkdir -p crl-tmp crls
+pipenv run python ./atst/domain/authnid/crl/util.py crl-tmp crls
+cp -r crl-tmp/* crls/
+rm -rf crl-tmp