Add support for Google CDN within Registry

Summary

The Registry team is implementing support for utilizing the Google CDN to reduce costs than direct object storage downloads: https://gitlab.com/gitlab-org/container-registry/-/issues/535. An MR for Omnibus has been opened here: gitlab-org/omnibus-gitlab!5807 (merged).

This issue is to also add support within our Charts, which will be required for the .com deployment.

Details

Upstream configuration describing use of middleware for CDN
Complete upstream documentation of middleware configuration directive

Common threads across providers:

Signing key pairs, with the Registry instances having the private key, are configured by "name" or "id"
PEM format certificates are required, without password.
The certificate must be mounted to a known location, which the registry can read from.

The one true secret which is common across all drivers is privatekey, so we can limit impact of what we need to inject via Secret to this. We'll need to determine / control the secret name & key so that we can generate this within the volume & volumeMounts.

Edited Dec 22, 2021 by Jason Plum