[skip changelog] Add workflow to check for problems with certificates

[per1234]

If the certificates fail verification, a notification will be posted on the #team_tooling Slack channel.

If the certificates expire in less than 30 days, a notification will be posted on the #team_tooling Slack channel.

Please check if the PR fulfills these requirements

• The PR has no duplicates (please search among the Pull Requests
  before creating one)
• The PR follows
  our contributing guidelines
• Tests for the changes have been added (for bug fixes / features)
• Docs have been added / updated (for bug fixes / features)

• What kind of change does this PR introduce?

Feature

• What is the current behavior?

It's possible that the macOS code signing certificate could expire before the maintainers notice that it needs to be renewed.

• What is the new behavior?

A scheduled CI workflow checks the CI certificate for validity and pending expiration. If the certificate is found to be invalid or will expire in less than 30 days, a notification is posted to a Slack channel.


(above notification is from a simulated pending certificate expiration, it would normally only occur if there was <30 days)

The workflow is configured in a way that allows it to support checking additional certificates.

• Does this PR introduce a breaking change?

No.

• Other information:

Demonstration workflow runs:

• Pass: https://github.com/arduino/arduino-cli/actions/runs/361259563
• Simulation of certificate expiration pending: https://github.com/arduino/arduino-cli/actions/runs/361262467
• Simulated certificate verification failure: https://github.com/arduino/arduino-cli/actions/runs/361265533

[rsora]

Yes!