Add extraContainers possibility in deployments

[FernandezBenjamin]

Signed-off-by: Benjamin Fernandez [email protected]

Overview
Provide a way to use sidecar container (for example nginx)
This Pull Request is complementary of the pull request on dex app :
dexidp/dex#2266
We are facing an issue with dex which seems to be vulnerable to clickjacking. We would like to get a way to configure the Content Security Policy frame-ancestor context to prevent clickjacking.

What this PR does / why we need it
This PR will permit to put a proxy sidecar container to be able to enables the configuration of the Content-Security policy to prevent clickjacking. By filling sidecar container configuration with the specific fields the application will send csp headers in responses defining the content security policy.
To do so we try to use an nginx sidecar container which work really well with proper headers.

The sidecar container is not required so if the sidecar container is not set the sidecar upgrade in helm charts will not impact other users

Special notes for your reviewer
The most critical endpoints for clickjacking is the /dex/auth one (as a user interaction is needed to provide credential) but by default it is a good point to apply the same policy for all endpoints

Does this PR introduce a user-facing change?
NONE

Checklist

• Change log updated in Chart.yaml (see the contributing guide for details)
• Chart version bumped in Chart.yaml (see the contributing guide for details)
• Documentation regenerated by running make docs

[jkroepke]

@FernandezBenjamin does your ingress controller not supporting custom headers through annotations?

[FernandezBenjamin]

@FernandezBenjamin does your ingress controller not supporting custom headers through annotations?

We doesn't use ingress controller

[FernandezBenjamin]

Hi team
Is there any chance to get an update about my request ? :)
Thanks a lot