refactor(cli): Integrate standalone mode cert handling into Flags (#17419)

The way the standalone mode handles the `--cert` flag is different to
all other modes. This is because `--cert` takes a path to the
certificate file, which is directly added to the root cert store; except
for compile mode, where its byte contents are stored in the standalone
metadata, and they are added to the root cert store after the
`ProcState` is created.

This change instead changes `Flags::ca_file` (an `Option<String>`) into
`Flags::ca_data`, which can represent a `String` file path or a
`Vec<u8>` with the certificate contents. That way, standalone mode can
create a `ProcState` whose root cert store alreay contains the
certificate.

This change also adds a tests for certificates in standalone mode, since
there weren't any before.

This refactor will help with implementing web workers in standalone mode
in the future.

cli/lsp/language_server.rs

@@ -58,6 +58,7 @@ use super::tsc::AssetsSnapshot;
 use super::tsc::TsServer;
 use super::urls;
 use crate::args::get_root_cert_store;
+use crate::args::CaData;
 use crate::args::CacheSetting;
 use crate::args::CliOptions;
 use crate::args::ConfigFile;
@@ -579,7 +580,7 @@ impl Inner {
     let root_cert_store = Some(get_root_cert_store(
       maybe_root_path,
       workspace_settings.certificate_stores,
-      workspace_settings.tls_certificate,
+      workspace_settings.tls_certificate.map(CaData::File),
     )?);
     let client = HttpClient::new(
       root_cert_store,
@@ -2952,7 +2953,7 @@ impl Inner {
       Flags {
         cache_path: self.maybe_cache_path.clone(),
         ca_stores: None,
-        ca_file: None,
+        ca_data: None,
         unsafely_ignore_certificate_errors: None,
         // this is to allow loading npm specifiers, so we can remove this
         // once stabilizing them