Refactor cert-manager and ExternalDNS configurations

- Updated the namespace for the internal wildcard certificate from 'internal' to 'cert-manager'.
- Adjusted the DNS zone selectors in Let's Encrypt configurations to use CLOUDFLARE_DOMAIN consistently.
- Changed the namespace for the wildcard certificate from 'default' to 'cert-manager'.
- Modified ExternalDNS configuration to use OWNER_ID instead of CLUSTER_ID for TXT owner ID.
- Cleaned up setup-cert-manager.sh by removing unnecessary internal namespace creation and secret duplication.
- Updated certificate wait commands to reflect the new namespace structure.
- Simplified the copying of certificates to the example-admin namespace.
- Removed test service deployment from setup-externaldns.sh for a cleaner setup process.

bin/deploy-service

@@ -127,6 +127,9 @@ if [[ -n "$NAMESPACE" ]]; then
   # Create the namespace if it doesn't exist (using kubectl create which is idempotent with --dry-run=client)
   echo "Creating namespace $NAMESPACE if it doesn't exist..."
   kubectl create namespace "$NAMESPACE" --dry-run=client | kubectl create -f - 2>/dev/null || true
+  # Copy certificates to the namespace
+  copy-secret cert-manager:wildcard-internal-sovereign-cloud-tls $NAMESPACE
+  copy-secret cert-manager:wildcard-sovereign-cloud-tls $NAMESPACE
 fi
 
 # Apply the service