Restrict access from K8s ingresses using HTTP header authentication

[lucamilanesio]

Background: When using Registry in a K8s environment, it is possible to expose the service through different ingresses. However, not all ingresses should be allowed to change and/or use some of the API.

Acceptance criteria: GIVEN a registry deployed in a protected environment and exposed through external reverse proxies WHEN an external user is reaching the service through an external name THEN the registry should allow only certain HTTP operations and not others AND the registry administrator should be able to configure what is and isn't allowed