Do not inject public certificates in pacemaker bundles by means
of "podman cp", as this pauses the container for a short amount
of time and can make pacemaker operation fail during that time
window and impact cluster for no reason.
Keep "podman cp" for non-HA containers, as the freeze is short
and doesn't seem to impact podman monitoring anyway.
The new certificate injection only works for podman 1.9+, lower
version won't overwrite the existing certificate.
Adapted from Id7308f028f33716be5e3df6699c3f2c12e33e344, as the
same behaviour is implemented in puppet-tripleo before wallaby.
Change-Id: I14be16052677bf3426a88ec4b5299f9502007472
Related-Bug: #1917868
f6c88d0146