fix: Add periodic reconciliation to config-controller

[ajheflin]

Description

The SecurityPolicy reconciler previously only ran on spec changes (generation-based event filter) with no periodic re-check. If the policy state in Central drifted (e.g., external deletion), the controller would not notice until the next pod restart or spec change.

Returns RequeueAfter: 5m on successful reconciliation so the controller periodically verifies that the desired state in Central matches the SecurityPolicy CRs.

User-facing documentation

• CHANGELOG.md is updated OR update is not needed
• documentation PR is created and is linked above OR is not needed

Testing and quality

• the change is production ready: the change is GA, or otherwise the functionality is gated by a feature flag
• CI results are inspected

Automated testing

• added unit tests
• added e2e tests
• added regression tests
• added compatibility tests
• modified existing tests

How I validated my change

• go build ./config-controller/... compiles successfully
• Manual verification pending on a running cluster

[ajheflin]

This change is part of the following stack:

• fix: Add periodic reconciliation to config-controller #20388 ◀

_{Change managed by git-spice.}

[openshift-ci]

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

[github-actions]

🚀 Build Images Ready

Images are ready for commit 995d8c9. To use with deploy scripts:

export MAIN_IMAGE_TAG=4.11.x-864-g995d8c9b25

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 49.61%. Comparing base (1272e99) to head (995d8c9).
⚠️ Report is 18 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #20388      +/-   ##
==========================================
+ Coverage   49.56%   49.61%   +0.04%     
==========================================
  Files        2794     2798       +4     
  Lines      212542   212878     +336     
==========================================
+ Hits       105357   105615     +258     
- Misses      99452    99525      +73     
- Partials     7733     7738       +5     

Flag	Coverage Δ
go-unit-tests	49.61% <ø> (+0.04%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.