outposts: Enhance config options for k8s outposts

[PKizzle]

Details

Now by leaving kubernetes_ingress_secret_name empty no TLS section will be added to the ingress.
This is useful for ingress configurations where a default TLS secret is used if none is specified.

Additionally, kubernetes_service_ip_family_policy and kubernetes_service_ip_families add more detailed control over the created service i.e. when running Authentik in a dual-stack k8s cluster setup.

Todo

• Add missing tests

[netlify]

✅ Deploy Preview for authentik-storybook canceled.

Name	Link
🔨 Latest commit	0848f8b
🔍 Latest deploy log	https://app.netlify.com/sites/authentik-storybook/deploys/6567fad15142510008f0b9a4

[netlify]

✅ Deploy Preview for authentik ready!

Name	Link
🔨 Latest commit	27922b6
🔍 Latest deploy log	https://app.netlify.com/sites/authentik/deploys/6567c19c16c8b30007ac9356
😎 Deploy Preview	https://deploy-preview-7363--authentik.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
Lighthouse	1 paths audited Performance: 97 (🟢 up 3 from production) Accessibility: 90 (no change from production) Best Practices: 100 (no change from production) SEO: 80 (no change from production) PWA: - View the detailed breakdown and full score reports

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (f559d25) 92.62% compared to head (0848f8b) 92.65%.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #7363      +/-   ##
==========================================
+ Coverage   92.62%   92.65%   +0.03%     
==========================================
  Files         588      588              
  Lines       29141    29143       +2     
==========================================
+ Hits        26991    27002      +11     
+ Misses       2150     2141       -9     

Flag	Coverage Δ
e2e	50.73% <0.00%> (+0.03%)	⬆️
integration	25.95% <100.00%> (+<0.01%)	⬆️
unit	89.71% <0.00%> (-0.01%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[BeryJu]

The bugfixes for TLS and service type make sense, but for the other options kubernetes_json_patches should be used, we don't want to add specific config options for every single K8s option; see #5908 (comment)

[PKizzle]

I have removed the IP family configuration options in favor of kubernetes_json_patches.

[PKizzle]

I was not able to find examples in the documentation for the kubernetes_json_patches feature just a link to a RFC document. Is this something that will be added in the future? The only example is currently available in the PR that introduced the feature.

[BeryJu]

I was not able to find examples in the documentation for the kubernetes_json_patches feature just a link to a RFC document. Is this something that will be added in the future? The only example is currently available in the PR that introduced the feature.

@PKizzle It should probably link to something like https://github.com/kubernetes-sigs/kustomize/blob/master/examples/jsonpatch.md which better demos how the JSON patches work (also feel free to add examples to the config if you want to)

[PKizzle]

I will update the documentation in another PR.

[PKizzle]

@BeryJu Is there anything I should change in this PR before it can get merged?