[NovaAPI]Fix www_authenticate_uri configuration

[gibizer]

According to the keystone middleware doc we have to set www_authenticate_uri to the public keystone endpoint as an unauthenticated user is redirected to this URL.

Our service uses the internal endpoint for auth and so far it used the internal endpoint for www_authenticate_uri as well. But this will not work for external users.

A new field is added to the NovaAPI CR to allow configuring not just the internal endpoint but also the public endpoint.

Closes: #217

[gibizer]

/test nova-operator-build-deploy

{  failed to wait for the created cluster claim to become ready: timed out waiting for the condition}

[SeanMooney]

dumb question but can we look this up form the keystone catalog?

I'm not nessisarly against adding this just wondering if it is needed

[gibizer]

We can. We can look for KeystoneEndpoint CRs (how the Nova controller does it to fill this value), or we can use the golang sdk and call keytone internal api to get the catalog and get the public URL. I went with the former in the nova controller as we already looking for KeystoneEndpoints there.

[gibizer]

We know that tempest will only be green again after openstack-k8s-operators/openstack-operator#457 is landed.

[gibizer]

/test nova-operator-build-deploy-tempest

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: gibizer, SeanMooney

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [SeanMooney,gibizer]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment