fix(kura): install rustls provider for gRPC TLS

Resolves Sentry issue 126476031.

This fixes a production panic in Kura’s gRPC TLS startup. rustls could not infer the process-level crypto provider because the final binary can enable both aws-lc and ring through transitive TLS features. The peer and public TLS paths already installed Kura’s aws-lc provider explicitly, but the gRPC TLS path went through tonic before doing that.

Changes:

• Reuse Kura’s rustls provider installer before tonic builds the gRPC server TLS config.
• Align Kura’s direct tonic TLS feature with tls-aws-lc, matching the provider selected by the rest of the Kura TLS code.

How to test locally

• cd kura && mise exec -- cargo check
• cd kura && mise exec -- cargo test
• cd kura && mise exec -- cargo clippy --all-targets -- -D warnings

No GitHub comments yet.