fix(certificatee): fallback when dataplane detail is missing

[ananthb]

Summary

• avoid failing an entire HAProxy endpoint when per-certificate DPAPI v3 detail lookups return 404
• fall back to vault-expiry-only decisions when certificate detail metadata is unavailable
• publish a counter for per-certificate metadata lookup failures

Context

The v3 list endpoint successfully enumerates certificates, including wildcard-style names like , but some follow-up detail lookups return 404 from the live Data Plane API. This caused certificatee to treat the whole endpoint as failed even though enumeration succeeded.

Behavior

• increment on per-certificate detail lookup failures
• treat 404 detail misses as non-fatal and continue processing the rest of the endpoint
• if metadata is unavailable for a cert, fall back to Vault expiry only instead of forcing an update or failing the endpoint

Verification

[github-actions]

Code Coverage Report

Total Coverage: total: (statements) 27.3%

Coverage by function

github.com/vinted/certificator/cmd/certificatee/helpers.go:9:		createHAProxyClients	0.0%
github.com/vinted/certificator/cmd/certificatee/main.go:22:		main			0.0%
github.com/vinted/certificator/cmd/certificatee/main.go:73:		maybeUpdateCertificates	0.0%
github.com/vinted/certificator/cmd/certificatee/main.go:89:		processHAProxyEndpoint	0.0%
github.com/vinted/certificator/cmd/certificatee/main.go:180:		shouldUpdateCertificate	0.0%
github.com/vinted/certificator/cmd/certificatee/main.go:223:		updateCertificate	0.0%
github.com/vinted/certificator/cmd/certificatee/main.go:245:		buildPEMBundle		0.0%
github.com/vinted/certificator/cmd/certificatee/main.go:271:		endsWith		0.0%
github.com/vinted/certificator/cmd/certificator/main.go:20:		main			0.0%
github.com/vinted/certificator/pkg/acme/acme.go:27:			GetEmail		0.0%
github.com/vinted/certificator/pkg/acme/acme.go:32:			GetRegistration		0.0%
github.com/vinted/certificator/pkg/acme/acme.go:37:			GetPrivateKey		0.0%
github.com/vinted/certificator/pkg/acme/acme.go:42:			NewClient		0.0%
github.com/vinted/certificator/pkg/acme/acme.go:61:			setupClient		0.0%
github.com/vinted/certificator/pkg/acme/acme.go:80:			setupAccount		0.0%
github.com/vinted/certificator/pkg/acme/acme.go:118:			newAccount		0.0%
github.com/vinted/certificator/pkg/acme/acme.go:130:			getAccountKey		0.0%
github.com/vinted/certificator/pkg/acme/acme.go:159:			registerAccount		0.0%
github.com/vinted/certificator/pkg/acme/acme.go:177:			recoverAccount		0.0%
github.com/vinted/certificator/pkg/acme/acme.go:211:			saveAccount		0.0%
github.com/vinted/certificator/pkg/acme/acme.go:221:			saveKey			0.0%
github.com/vinted/certificator/pkg/certificate/certificate.go:18:	ObtainCertificate	0.0%
github.com/vinted/certificator/pkg/certificate/certificate.go:50:	GetCertificate		0.0%
github.com/vinted/certificator/pkg/certificate/certificate.go:68:	NeedsReissuing		0.0%
github.com/vinted/certificator/pkg/certificate/certificate.go:96:	arraysEqual		0.0%
github.com/vinted/certificator/pkg/certificate/certificate.go:110:	arrayContains		0.0%
github.com/vinted/certificator/pkg/certificate/certificate.go:119:	VaultCertLocation	0.0%
github.com/vinted/certificator/pkg/certificate/certificate.go:123:	storeCertificateInVault	0.0%
github.com/vinted/certificator/pkg/certmetrics/metrics.go:77:		StartMetricsServer	0.0%
github.com/vinted/certificator/pkg/certmetrics/metrics.go:97:		PushMetrics		0.0%
github.com/vinted/certificator/pkg/config/config.go:73:			LoadConfig		0.0%
github.com/vinted/certificator/pkg/haproxy/client.go:50:		NewClient		100.0%
github.com/vinted/certificator/pkg/haproxy/client.go:85:		NewClients		92.3%
github.com/vinted/certificator/pkg/haproxy/client.go:110:		Endpoint		100.0%
github.com/vinted/certificator/pkg/haproxy/client.go:115:		doRequest		88.9%
github.com/vinted/certificator/pkg/haproxy/client.go:133:		parseAPITime		66.7%
github.com/vinted/certificator/pkg/haproxy/client.go:146:		getConfigVersion	66.7%
github.com/vinted/certificator/pkg/haproxy/client.go:211:		ListCertificates	100.0%
github.com/vinted/certificator/pkg/haproxy/client.go:225:		ListCertificateRefs	85.7%
github.com/vinted/certificator/pkg/haproxy/client.go:264:		GetCertificateDetail	68.4%
github.com/vinted/certificator/pkg/haproxy/client.go:305:		UpdateCertificate	85.7%
github.com/vinted/certificator/pkg/haproxy/client.go:329:		CreateCertificate	78.3%
github.com/vinted/certificator/pkg/haproxy/client.go:370:		DeleteCertificate	92.9%
github.com/vinted/certificator/pkg/haproxy/client.go:394:		ExtractDomainFromPath	100.0%
github.com/vinted/certificator/pkg/haproxy/client.go:414:		NormalizeDomainForVault	0.0%
github.com/vinted/certificator/pkg/haproxy/client.go:422:		IsExpiring		100.0%
github.com/vinted/certificator/pkg/haproxy/client.go:433:		NormalizeSerial		100.0%
github.com/vinted/certificator/pkg/haproxy/client.go:456:		Error			100.0%
github.com/vinted/certificator/pkg/haproxy/client.go:460:		Info			0.0%
github.com/vinted/certificator/pkg/haproxy/client.go:464:		Debug			100.0%
github.com/vinted/certificator/pkg/haproxy/client.go:468:		Warn			0.0%
github.com/vinted/certificator/pkg/haproxy/client.go:473:		toLogrusFields		85.7%
github.com/vinted/certificator/pkg/vault/vault.go:18:			NewVaultClient		0.0%
github.com/vinted/certificator/pkg/vault/vault.go:27:			KVWrite			0.0%
github.com/vinted/certificator/pkg/vault/vault.go:41:			KVRead			0.0%
github.com/vinted/certificator/pkg/vault/vault.go:62:			vaultFullPath		0.0%
total:									(statements)		27.3%