[release-1.21] Backport centralized TLS configuration

[Fedosin]

Proposed Changes

Backport of #8901 and #8912 to release-1.21.

Cherry-picked commits

1. feat: use centralized TLS configuration from knative/pkg/tls (feat: use centralized TLS configuration from knative/pkg/tls #8901)
   Bump knative.dev/pkg to pick up the new knative.dev/pkg/tls package and replace the hardcoded TLS server config in eventingtls with the shared DefaultConfigFromEnv utility. This enables environment-based control of MinVersion, MaxVersion, CipherSuites, and CurvePreferences for all eventing TLS servers (broker filter/ingress, IMC dispatcher, job sink, auth proxy, request-reply).
   Since DefaultConfigFromEnv defaults to TLS 1.3 but eventing historically defaults to TLS 1.2, GetTLSServerConfig falls back to 1.2 unless TLS_MIN_VERSION is explicitly set.
   Also wires up TLS for the RequestReply data plane, which previously had a TODO placeholder.

2. Update TLS import path to knative.dev/pkg/network/tls (Update TLS import path to knative.dev/pkg/network/tls #8912)
   The knative.dev/pkg/tls package has been relocated to knative.dev/pkg/network/tls. Update all import references accordingly.

Release Note

All eventing TLS servers now support configurable TLS settings (min/max version, cipher suites, curve preferences) via environment variables TLS_MIN_VERSION, TLS_MAX_VERSION, TLS_CIPHER_SUITES, and TLS_CURVE_PREFERENCES. The default minimum TLS version remains 1.2.

[knative-prow]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: Fedosin
Once this PR has been reviewed and has the lgtm label, please assign dsimansk for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[Fedosin]

/retest

[knative-prow]

There are empty aliases in OWNER_ALIASES, cleanup is advised.

[codecov]

Codecov Report

❌ Patch coverage is 31.16883% with 53 lines in your changes missing coverage. Please review.
✅ Project coverage is 51.28%. Comparing base (86fa237) to head (41c19cd).
⚠️ Report is 1 commits behind head on release-1.21.

Files with missing lines	Patch %	Lines
...entingtls/eventingtlstesting/eventingtlstesting.go	0.00%	48 Missing ⚠️
cmd/requestreply/main.go	58.33%	5 Missing ⚠️

Additional details and impacted files

@@               Coverage Diff                @@
##           release-1.21    #8966      +/-   ##
================================================
+ Coverage         51.11%   51.28%   +0.16%     
================================================
  Files               409      409              
  Lines             21373    21353      -20     
================================================
+ Hits              10925    10950      +25     
+ Misses             9597     9552      -45     
  Partials            851      851              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[knative-prow-robot]

PR needs rebase.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.